Firefox’s Fight for the Future of the Web (opens in new tab)

(theguardian.com)

571 pointsinception446y ago283 comments

283 comments

The article once more reiterates the fact that Apple doesn't allow other browser engines. You cannot even fight, there is no future ;-) on iOS.

ken6y ago

That's a convenient excuse on iOS, but Firefox is doing poorly on macOS, too, where no such restriction exists. According to the first statistics I found, Firefox is only about half as popular on the Mac as it in on Windows -- and it's still under 10% there, too.

Privacy-compromising systems aren't winning today because people seek out systems that compromise their privacy. They're winning because these companies focused on making the user interface good. Firefox will win big again when they stop talking about privacy and start making a UI that isn't lousy.

True, Apple is talking about privacy a lot these days, but they've been focusing on UX first for decades. You can't start with "here is an abstract principle that's good for you, and you should use our systems because of it". The Free Software Foundation tried that for years. It doesn't work.

Privacy is important, but it's a feature, not a product. You still need to have a great product.

MaxBarraclough6y ago

> Privacy is important, but it's a feature, not a product. You still need to have a great product.

Do you consider Firefox to be a less-than-great product?

I use it as my main browser, from Windows 10. No complaints. I don't experience performance issues or UI issues. Chrome and Firefox are both solid browsers, on Windows at least.

Perhaps Firefox for Mac is a weaker product, and loses to Safari 'fair and square' on quality grounds?

3 more replies

alwillis6y ago

Actually, Apple is giving privacy the product treatment: https://www.apple.com/privacy/

1 more reply

ragequitta6y ago

I'm trying to think of a UI difference in chrome or safari that is meaningful, can't come up with one. Can you elaborate?

2 more replies

Krasnol6y ago

> According to the first statistics I found, Firefox is only about half as popular on the Mac as it in on Windows

Wich is not much of a surprise. If you educate your customer base to use one browser, many won't switch. See the lawsuits against Microsoft because of IE.

1 more reply

nfriedly6y ago

If Apple allowed Firefox on iOS - real Firefox with the rendering engine and extensions and everything, just like Android - I probably would have switched already.

As it stands, I stay on Android mostly for Firefox.

notduncansmith6y ago

Just curious, why does using “real Firefox” hold so much weight for you? Also, what steps have you taken to secure your device?

One reason I haven’t switched from iPhone is that I’m not confident in my ability to secure an Android, and I’d rather trust Apple than Google.

4 more replies

radarsat16y ago

How is it technically enforced though, I am curious. I mean, if I wrote an application that downloaded text files and rendered the text to the screen, I am sure that would be possible. If I wanted to add images to draw next to the text I am sure it is feasible. So how can one technically prohibit doing that? Implementation-wise, how is a web browser really that different from e.g. a video game?

Or is it only policy-enforced? Reviewers see something in an app that resembles a "browser" too much and take you down?

capableweb6y ago

My guess would be that it's policy-enforced and what Apple really has problems with is not browsers as a concept (dynamically loading and rendering data) but rather the execution engine that websites usually use (JavaScript) and seeing that as a too-large-to-review area where they want to avoid having vulnerabilities in applications published on App Store.

Or it's a anti-competitive move disguised as a "avoid vulnerabilities" but in reality they just really want to make sure iOS users keep using the one and only browser (Safari).

2 more replies

sharpneli6y ago

One cannot have writeable executable memory on iOS (apple can, we cannot).

Thus one cannot make a JIT compiler for js and thus pages are slow.

Game engines such as Unity use il2cpp to go from the C# stuff into C++ that can be statically compiled as running the C# as bytecode would be too slow without a jitter.

3 more replies

reubenmorais6y ago

I don't know the details first hand, so take this with a grain of salt, but this is what I remember from talking to engineers who explored this possibility over the years:

You can't ship a native JIT (execute native code from the heap), I think it's enforced automatically by the App Store. So shipping your own JavaScript engine is out.

You can't download and interpret third-party code, I think this is enforced by human reviews, so shipping your own Web rendering stack is out.

You can use your own network stack with WebKit on top, which would let you offer some value to users like more advanced ad/tracker blocking.

2 more replies

saagarjha6y ago

Web content must be rendered through WebKit as per the App Store Review Guidelines (https://developer.apple.com/app-store/review/guidelines/). This is supposed to be enforced by App Store Review by inspection. In addition to this, there are technical reasons why your “browser” will be inferior to Apple’s web view performance-wise, mainly having to do with apps that generate code dynamically in-process needing entitlements that prevent submission to the review process.

Yoric6y ago

Policy-enforced.

Mozilla ported the true Firefox to iOS many, many years ago and Apple just rejected it from the store.

krzyk6y ago

I wonder why no antimonopolist issue was raised there by e.g. EU. Like they did for NFC in Germany - they forced all phones with NFC to be open to use by different apps, which might finally bring other pay solutions to iOS (or non NFC capable iphones to Germany).

Despegar6y ago

The NFC issue isn't related to antitrust. If they thought they could make an antitrust case against Apple they would. But their market share is so low in Germany, and the EU, that they just passed a law instead (specifically an amendment to an anti-money laundering law). It remains to be seen if it's even constitutional.

Chirael6y ago

It’s nowhere as good or fine-grained as uBlock origin, but I’m surprised no one ever seems to mention (or use?) Firefox Focus and it’s associated Safari content blocker. Seems to work really well for me on my iPad and iPhone, at least for general ad blocking.

decasteve6y ago

Anti-trust? Or have the lawyers for Apple (and Google) found the legalese to prevent this possibility?

Macha6y ago

Apple is only a monopoly if the market is iOS devices so they're quick to point out the market is all mobile devices.

Google allows sideloading, and allows competitors on the play store

1 more reply

sebazzz6y ago

Technically I think you are free to build have other browser engines on iOS. However, JIT or other dynamically compiled code is not allowed because that's a security risk. You can't have a browser in 2019 with interpreted javascript.

MaxBarraclough6y ago

> I think you are free to build have other browser engines on iOS

I believe this is false, see 2.5.6 and 4.7 of https://developer.apple.com/app-store/review/guidelines/

But they do allow Opera Mini, a 'browser' for iOS where rendering is done in the cloud.

fauigerzigerk6y ago

But why is JavaScript JIT compilation tied to the rendering engine?

1 more reply

thekingofh6y ago

I think you mean that you can have interpreted javascript, just not JIT compilers. They don't allow you to mark memory as executable. That syscall is completely disabled on their systems.

2 more replies

iforgotpassword6y ago

Yes, however, even as a Firefox advocate, I think in this case it's actually a good thing, since the majority of people would probably switch to Chrome then, contributing to the Blink monoculture.

jraph6y ago

It's not a good thing, only a bad thing with a good side effect ;-)

mr__y6y ago

You could run the browser on other machine and use VNC to access this from a iphone (or any other mobile device). While this is rather complicated and probably less reliable solution, the bonus points would be (almost) perfect isolation of the browser process.

jrs956y ago

It would be a lot more difficult than it sounds for Apple to allow 3rd party browsers and allow them to be good. Even on macOS now, Chrome depends on internal OS APIs which prevent it (or Electron apps) from being in the Mac App Store -- and for good reason, those things could break at any time. So in order to allow 3rd party browser engines that can compete with Safari in terms of performance etc they would need to make the APIs that are used to optimize them public.

EvanAnderson6y ago

If these non-public APIs are so useful it feels to me that Apple is acting in an anti-competitive manner. They're allowed to use them for their own applications but deny third-parties the right to sell in the "Store" if they use the APIs. Sounds a lot like MSFT in the 90's...

alwillis6y ago

As Apple has reiterated, browser engines require low-level access and for security reasons, other rendering engines aren’t allowed.

You can see from Apple’s updates that keeping up with the vulnerabilities for WebKit and iOS, etc. is already keeping them plenty busy:

https://support.apple.com/kb/HT210725 https://support.apple.com/kb/HT210721 https://support.apple.com/kb/HT210624 https://support.apple.com/kb/HT210603

alwillis6y ago

My point is this gets dramatically worse if every browser engine has low-level access to iOS.

lcall6y ago

I hope Firefox succeeds, as I like the idea of not concentrating yet more power in few hands, but, on OpenBSD, I use Iridium (Chromium derivative), so I see these benefits, and am wondering what Firefox would add for me, privacy- and security-wise: 1) Iridium doesn't send info to Google like Chrome does (or that is the idea);

2) It is easier (last I checked) than with Firefox to leave some config tabs open so I can quickly turn on/off javascript, images, and/or cookies for those sites where I need them (by exception list or temporary exception, and easy to manage it without a mouse once the tab is open; separately, I do change the search engine also, and create search keywords), and

3) OpenBSD adds pledge/unveil system calls from the browser, to prevent it from reading/writing files where it should not (plus I browse under a different user than I do other things with high confidence there will not be a privilege escalation; also they say the pledge/unveil support is easier to implement in Chrome/Iridium than in Firefox because of the cleaner separations of concerns in the code organization (my wording; though they have probably also put pledge/unveil in FF also for all I know),

4) Maybe the security of Chrome/Iridium benefits from Google's bug bounties, more than what Firefox has done (ie, the security track record of each, frequency of major holes over, say, the last 1-3 years). I don't really know but I'm glad they try.

Given those things, what are the remaining biggest reasons I might prefer Firefox? (I am aware of OBSD removing DNS-over-HTTP from Firefox, indicating that is a choice that should be made by the user at the system level instead).

gst6y ago

> Given those things, what are the remaining biggest reasons I might prefer Firefox?

Iridium seems to be quite outdated - the latest release that's listed on the website is from April. Given that there have been multiple critical security issues fixed since then - with some of them allowing for arbitrary code execution (https://www.cisecurity.org/advisory/multiple-vulnerabilities...) - I personally would consider using Iridium too risky.

lcall6y ago

I currently limit its use to an account on my computer that doesn't do the things where I care as much about security (and limit JS use), and the pledge/unveil OBSD stuff prevent it from reading or writing in directories not explicitly named as allowed. Still, you make a good point and I plan to think about it.

Maybe the question is which is more risk: a local and limited compromise to a low-privilege account on OBSD, or sharing more info with Google (sounds like Google is the lower risk maybe -- hard to say...). (On the other hand, it is becoming easier to upgrade packages on OBSD between releases and so if Iridium started releasing more often it could take advantage of that--but that is just speculative.)

mormegil6y ago

> 2) It is easier (last I checked) than with Firefox to leave some config tabs open so I can quickly turn on/off javascript, images, and/or cookies for those sites where I need them (by exception list or temporary exception, and easy to manage it without a mouse once the tab is open; separately, I do change the search engine also, and create search keywords), and

I wouldn't want to switch everything on/off manually. I use the uMatrix extension which allows you to enable disable cookies, images, Javascript, iframes, etc. for each domain separately, and configure the exceptions permanently or temporarily. I have JS disabled by default, and enable it only for trusted sites or temporarily. Even on the sites I trust, Google Analytics scripts, etc. are disabled.

lcall6y ago

Thanks. I have been avoiding extensions & plugins in browsers because of how they increase the attack surface (including some that get new maintainers) with perhaps less code review. That may or may not have a significant risk level in a given case, hard for me to say. But do you know if there is a way to make exeption lists for this things in FF w/o any extensions? (built-in in chrome, so that one aspect is convenient)

1 more reply

soulofmischief6y ago

> what are the remaining biggest reasons I might prefer Firefox?

Neither Firefox nor Chromium let you reassign hotkeys without recompiling, and while Firefox's defaults could use some tweaking, Chromium's default keybindings are insane and counter-productive.

Of course, Mozilla's organization is in shambles atm so Firefox has been getting worse in many regards, even if its speed has caught up with Chrome.

> It is easier (last I checked) than with Firefox to leave some config tabs open

Not sure when you last checked, but about:config is its own tab.

Instead of changing the search engine, Firefox lets you define multiple search engines and choose between them with the cursor or tab key before searching.

> OpenBSD adds pledge/unveil system calls from the browser, to prevent it from reading/writing files where it should not

Anything this offers over Linux containers / AppArmor / SELinux+permissions on a theoretical level, implementation nonwithstanding? Also, most Linux distributions offer their own compiled version of Firefox, because ultimately it can be forked like Chromium, which really removes much of the differences you've described.

> Maybe the security of Chrome/Iridium benefits from Google's bug bounties, more than what Firefox has done

Maybe. But you can't really infer much from that data point. I don't have any citation on hand (one would be welcome) but AFIAK Firefox typically has had less major 0-days than Chrome in the past, due to Chromium team's "move fast, break things, and don't communicate" policy.

lcall6y ago

> Not sure when you last checked, but about:config is its own tab.

It was last I checked also, but felt awkward to use, and then you have to know what settings to look for, as opposed to having them in the UI (all can be easily overcome, but it is a little more work i think, maybe not enough to matter for some use cases or if I just forced myself to get used to it).

Is it possible to define ongoing exception lists there? How easy? And how many options to they allow for cookies (always, never, save until exit, ...)?

> Anything this offers over Linux containers / AppArmor / SELinux+permissions on a theoretical level, implementation nonwithstanding?

I don't know fully, but for any of those I definitely have to think more, as the user, and there is (probably?) more room for error due to complexity.

> I don't have any citation on hand (one would be welcome) but AFIAK Firefox typically has had less major 0-days than Chrome in the past, due to Chromium team's "move fast, break things, and don't communicate" policy.

Thanks for pointing that out.

1 more reply

AsyncAwait6y ago

You're still on Blink. Contributing to that monoculture is no win.

lcall6y ago

I think this is among the best reasons I've heard in this discussion to avoid Chrome. The other reasons to not use firefox (at least for me on OBSD for now, given that pledge/unveil support for FF are still in progress, and no way I know to use exception lists for images/cookies/javascript without an external plugin), might still outweigh it.

santicalcagno6y ago

> 3) OpenBSD adds pledge/unveil system calls from the browser, to prevent it from reading/writing files where it should not (plus I browse under a different user than I do other things with high confidence there will not be a privilege escalation; also they say the pledge/unveil support is easier to implement in Chrome/Iridium than in Firefox because of the cleaner separations of concerns in the code organization (my wording; though they have probably also put pledge/unveil in FF also for all I know),

Just FTR, Firefox is adding pledge/unveil support for OpenBSD in version 72, see https://marc.info/?l=openbsd-ports&m=157325338020502&w=2

lcall6y ago

More I just saw, haven't read thoroughly yet: http://undeadly.org/cgi?action=article;sid=20191118055603

lcall6y ago

Good to know; thanks.

aembleton6y ago

Tree Style Tab [1]. That is the main reason I am on Firefox. My screen is wider than it is tall, so I can make use of this by displaying the tabs on the side. It is 'tree style' which means that it is nested. This allows me to have child tabs of say, hn for reading all of the different articles. This can be easily collapsed, expanded or removed altogether.

1. https://addons.mozilla.org/en-US/firefox/addon/tree-style-ta...

lcall6y ago

I thought of another way to put a reason I am not quite moving to FF yet: If I change my habits around browser use, over to FF, then switch platforms, I again get DNS-over-HTTP (or DoH) which I think I don't want the browser to decide for me, preferring to make that decision at the user or system level as I have done with my non-expert use of DNSSEC on my desktop, which is at the system level. Sending all DNS queries to a single location is another concentration of power. Or, is DoH user-configurable in FF?

So, summarizing, pros/cons as I see them for my usage:

Iridium/Chromium pros:

- ability to create exception lists by domain for JS, images, cookies is built in in a way I know of, without adding plugins or extensions that might get less code review or bought by a malicious maintainer w/o my knowledge (maybe rare, but has been reported for some).

- if I switch platforms and continue with my current usage habits I am not forced into DoH (yet?).

- has pledge/unveil support (limiting risk today on a platform I trust more to do that right, with fewer privilege escalation bugs etc and less complexity/knowledge required than SELinux etc. (many fewer zero-days at the OS level).

Firefox pros:

- avoids mononoculture (a big one).

- Maybe has fewer zero-day bugs than Chromium or the older Iridium (at the user and application level only).

- will probably have OBSD pledge/unveil support in the next OBSD release or sooner.

- Does not send metrics (or other tracking) to Google in the current version (true? I actually don't know, I might have read some accusation that I didn't investigate)? (Does not apply when comparing to Iridium, but that seems to lag Chromium bugfixes by some months.)

I plan to think about weighting these for myself. Corrections welcome on whatever I have missed or forgotten. Thanks much for the discussion.

neiman6y ago

I see a problem, though I have no alternative to offer, with the current model of organizations.

It seems you are either for-profit, and then you have no ethics and do everything you can to centralize the world around you with no concern for users or their benefits. Or you're a not-for-profit foundation or the Internet Archive, where you do good things but are destined to be "poor".

Are there are any "shades" between those two organization models?

nine_k6y ago

If you don't plan to be poor, then you need many paying customers.

For a browser, the customers could be either end users, corporations with many end users, or marketers who want to sell to the end users.

The latter case is Chrome, which works through a long chain of Google services.

The corporate case used to be IE, geared towards deep windows integration.

The case of the paying end users used to be the original Netscape. It did not work well for a number of reasons. Paying for a product when free-as-beer alternatives are available takes understanding, which is sorely lacking outside some segments of tech circles.

I personally buy Mozilla a figurative pizza by a yearly donation. I do it because I understand their importance and feel grateful for their products. If more people did that it would help, but most people who are to benefit from Mozilla's efforts are not technical.

oefrha6y ago

> Or you're a not-for-profit foundation or the Internet Archive, where you do good things but are destined to be "poor".

Not necessarily. Wikipedia is actually pretty damn rich with a large war chest.[1]

[1] https://en.wikipedia.org/wiki/Wikipedia:Fundraising_statisti...

cthor6y ago

Wikipedia is the single greatest website on the Internet. That's what it takes for donations to keep you afloat. $100MM revenue? Google makes that in a day.

That aside, it's not entirely clear that Wikipedia can live off donations forever.[0]

[0] https://en.wikipedia.org/wiki/User:Guy_Macon/Wikipedia_has_C...

3 more replies

Despegar6y ago

Profit or non-profit doesn't really have anything to do with it. The issue is market power. Chrome has 70-80% market share according to this article. That's monopoly levels of market power and it's maintained through Android, which also has 80% market share.

It's up to regulators to restore some semblance of balance to the market. If the browser market were less concentrated and there was more equal distribution, it wouldn't really matter whether you were a non-profit or not. In fact the web would be better off with competing interests jockeying over each other.

the84726y ago

There are many legal constructs that provide shades of gray. Mozilla itself is such an example, it's a for-profit corporation owned by a non-profit.

Additional examples: https://en.wikipedia.org/wiki/Public-benefit_corporation https://en.wikipedia.org/wiki/Social_purpose_corporation

mistrial96y ago

this -- but, the categories lack detail.. a real systems diagram would quickly show a hundred influences and variables affecting both models. Without enumerating and advocating the position, rather skip to the important results .. there must be ENFORCEMENT on the Corporate, and SUSTINANCE for the not-for-Profit, to hope for any balanced future.

beefield6y ago

Co-ops.

ppfrc6y ago

Firefox’s Fight for the Future of the Web, severely cramped by their complete economic dependency on Google and their inability to allocate their funds intelligently

phatfish6y ago

But they get shouted down whenever they try to monetise independently, can't have it both ways.

Either more users start donating $5-10 a month (seems worth it to me given the time I spend with their product) or they take the Google money and deal with the conflict of interest best they can.

A Shuttelworth style billionaire benefactor would work as well, but I doubt one will come from the tech community as Firefox is working against the anti-privacy data collection model that made them (or their friends) rich.

rpastuszak6y ago

This. Bear in mind that Mozilla is experimenting with different monetisation models, be it subs, donations, relying on Google for search as well as partnerships with companies such as Scroll (publisher content monetisation platforms).

Also, if you follow the discourse on anything published by Mozilla in the past 2-3 years—there's been a shift when it comes to how they speak about Googe. It's a marketing move, of course, but I think it's also a sign of the direction they are following.

I believe something will change here, for better, in the next couple of years. I'd sign for a Mozilla subscription if it included services such as better VPN, supporting those who cannot afford to pay directly, but pay with they data instead.

The move towards paid vs. non-paid services creates a risk that we'd end up with two types of internet users, with privacy being the currency of those who cannot afford an expensive mobile phone or a browser not trying to sell you things whether you want it or not.

The history of Guardian (in the past 5 years or so) shows that people are happy to pay for a valuable service just to allow the others to have access to it. Maybe I'm just being overly optimistic here, but I shudder every time I think about the alternatives.

1 more reply

tannhaeuser6y ago

Someone else said it already some time ago, but if Mozilla had just put the money they get from Google into a fund, they'd be able to develop browsers till the end of time. But they try to "innovate" and "re-invent the web" with WASM and also other completely unrelated ventures such as Rust, as nice as it may be (Rust not WASM that is).

Another aspect of the Mozilla Foundation is that they're basically acting as a fig leaf for the monopolist web Google has created in this decade, with Google financing them to prevent anti-trust investigations, and Mozilla also playing along with Google-financed WHATWG to white-wash "web standards" and prevent real and obvious innovations such as third-party script blocking, serving only Google's interests.

FF indeed does work against anti-privacy, and I'm applauding them for that, but OTOH FF also enables ad blockers. I've used uBlock just like most of you here, but ad blocking is also a factor turning the web into a privacy minefield. Eg. if you're indiscriminately block all ads whether targetted or not, there is no possible way to finance web content production; yet people also don't want to pay for content. So what people get is polarizing click-bait, propaganda, and low-quality content while content creators (other than some high-profile YouTubers maybe) can't earn a living.

We really should stop with "fighting for the future of the web" articles when the reality is that the web locks people into addictive behaviour, fake social interaction, and crap web frontends for oligopolist cloud-hosted services (completely antithetical to personal computing and site autonomy principles), and results into cultural loss due to the expectation that everything must always be available for free, all the time, a model only creating monopolies.

2 more replies

jeltz6y ago

The reason that they get shouted down is because every time they have tried to make money in other ways it has been done in shady ways. Like giving away the browsing data of their German users to Cliqz (would probably have been illegal post-GDPR) or running guerilla marketing for Mr Robot in Shield Studies (which reduces the trust from people who enabled Shield to help Mozilla with studies).

Almost nobody complains about the them taking money from Yahoo and Google for higher placement in the search engine list. And if their other revenue streams had been as transparent I think people had been fine.

1 more reply

hoptank6y ago

What do you suggest Mozilla do instead?

Mozilla don't just fund the development of their own products they also fund research [1] and other projects [2].

[1] https://research.mozilla.org/research-grants/ [2] https://www.mozilla.org/en-US/grants/

In a perfect world Mozilla would be funded by donations. I donate to Mozilla but it's a pittance compared to what they get from Google.

input_sh6y ago

I wouldn't suggest an alternative funding model as much as guess what will it be maybe a year or two from now. Key quote from the article:

> Mozilla has launched Monitor, a data-breach reporting service; Lockwise, a password manager; and Send, a privacy-focused alternative to services such as WeSendit. It’s also beta-testing a VPN (virtual private network) service, which it hopes to market to privacy-conscious users.

Once these web apps mature a bit, I expect to see them in a free tier + a premium behind the subscription (with the core browser of course remaining free). My hunch tells me that's why you'll see this front-and-centered if you open mozilla.org:

> Firefox is more than a browser. Meet our family of privacy-first products

2 more replies

idoubtit6y ago

All of the non-research grants were in 2006-2013. Has Mozilla stopped this policy of semi-random funding of external projects?

Some of these grants surprised me. For example, $270,000 for the translation and accessibility of the USA presidential election of 2012.

2 more replies

erikpukinskis6y ago

> What do you suggest Mozilla do instead?

Mozilla should sell two products:

1) Storage a la iCloud

2) Payment processing a la Paypal

And for marketing purposes they should get into discovery of free/open web services, a la old school Yahoo.

As a web site builder, I don't want to have to manage credit cards. As a user, I don't want to have to trust random web sites with my credit card info. I also don't want to be redirected to Paypal, I just want a secure wallet that can be used on web sites with a drop in <paymentframe recipient="foo@bar.com" usd="8999" description="BonsaiThing Pro 1 year subscription" /> or similar.

As a web user, I want to be able to store my photos, downloads, music, documents, etc conveniently in a little cloud-synced folder. I want to be able to quickly give fine-grained access to different web apps to different parts of that space. Photo app wants to access my photos? Great. Github wants to access my repos? Fine. Photo app wants to access my repos? No.

And the discovery thing... There's a ton of free software out there. Mozilla basically has shut the door behind it. "Thanks for the install. Good luck finding other Free tools to use with it." They should be building a directory of other free software that can be used with Firefox. I should be able to use my Mozilla account to post reviews, to discuss new apps that are voted up, etc. That will allow enthusiasts to start engaging socially with the brand in a way that Mozilla (not Twitter or Apple or Facebook) can control the identities.

From there maybe there is some social identity service, but if it's just a way to engage the community—great. Like Hacker News is to YCombinator, Mozilla should provide a place for us to discuss and share web services.

If they want to get into search, that's great. Write a new shitty open source search engine that any web site can federate with. Use Google for now, but use that money to dig us out of the hole Google put us in.

3 more replies

buboard6y ago

Integrate metamask by default in firefox before facebook pays them to integrate libra.

The_rationalist6y ago

Integrating chunks of chromium code into gecko should massively reduce their maintenance costs. E.g spidermonkey is sub-par to v8 since so many years. If mozilla invested the money it invest into spidermonkey, into v8, the web would be faster for everyone. Should I repeat? The web would be faster for everyone. Nodejs servers too and also electron apps. We would also get new js features, faster. But mozilla doesn't seems to get the point of open source. They have a reinventing the wheel cognitive disease that is going to stay.

3 more replies

mapgrep6y ago

The idea that Google would cut off Mozilla to advance Chrome seems to me at least rooted in a deep misunderstanding of how Google makes money.

Something like 75% or more of their revenue comes from AdWords - ads run against search. This is one of the most attractive streams for advertisers ever built. You have a prospect ready to buy (often) who is literally telling you in written software processable words what they want.

AdWords dwarfs all of Facebook in revenue, for context. It is the very foundation of Google. In a way, everything else they do is either support for AdWords or a side project.

The money they give to Firefox is not charity. It is to feed this cash cow. They have a similar arrangement with Apple for iPhone default search engine in mobile Safari. I would argue it is far far more valuable for Google to support Firefox in order to ensure search dominance than to waste that money to advance Chrome. Chrome exists to support AdWords not the other way around.

lern_too_spel6y ago

That money means that Firefox and Safari won't ship ad blocking by default because as soon as they do it, their users are worthless to Google, and Google will stop paying. It also means that their tracking prevention doesn't affect usage of first party cookies on other sites, increasing Google's and Facebook's advertising dominance.

1 more reply

dgudkov6y ago

I'd like to point out that it's still not possible to support the Firefox browser with donations directly, in a crowdsourcing fashion. Donations to Mozilla Foundation don't go to Firefox which is supported only by search/sponsorship payouts from large corporations.

carapace6y ago

Part of the problem is that the web has become so complicated that making a new web browser requires such resources.

Imagine a world where two or three people working for a couple of months could come up with a new browser?

acd6y ago

Mozilla is right to fight for a brighter future of the web!

First Internet was started as academic network with little to no advertisements. Then came the adtech model, personal data are sold for profit. News Papers does not fully get funded and totally free when they are founded by ads.

Thus we should fight to keep an open democratic internet where quality journalism gets paid by end users not ads.

I thinks its important with an free open Internet for our democracy to work.

We have to somehow get away from adtech and attentiontech towards a user funded internet. Attentiontech is were personal attention span is what corporations fight to keep. We should have content which is good for end users.

fauigerzigerk6y ago

I don't understand what subscriptions vs adverts has to do with being more or less democratic.

I also don't understand how subscriptions are compatible with privacy.

There is currently no widely used facility for making anonymous electronic payments. If there was, then governments (including democratic ones) would crack down on it hard.

Journalism has always been funded through advertising.

edpichler6y ago

Mozilla really has a big challenge. It is hard to compete with such powerful companies, creating a sustainable business with their mission without succumbing to ads or stopping to protect user privacy. It looks like an unfair game.

I like the Brave business model. I wish to have the same with Firefox.

jillesvangurp6y ago

Too bad they built Brave on Chromium instead of Firefox. Which of course given that the company is run by Mozilla co-founder Brendan Eich is a bit of a shame.

Firefox is showing that they are more than technically competent to keep up with Chromium and deliver great performance and functionality. With the work they are doing rewriting Firefox component by component in Rust, Google will have their work cut out keeping up in terms of performance using their C++ implementation. Competition is good.

oefrha6y ago

It’s very easy to build a new browser on top of Chromium/Blink, which is why there are hundreds of Chromium-based browsers out there. In contrast, building on top of Firefox/Gecko, pretty damn hard. Even Firefox devs have admitted this.

All too often I hear sentiments like “too bad they built... on Chromium instead of Firefox”, as if it’s a moral choice. It’s not. It’s an informed technical choice. If you want to change that, you should contribute to Firefox instead of blaming other browser makers.

2 more replies

saagarjha6y ago

> With the work they are doing rewriting Firefox component by component in Rust, Google will have their work cut out keeping up in terms of performance using their C++ implementation.

I would expect Blink’s C++ implementation to perform comparably; wouldn’t the main benefits would be security-related?

3 more replies

ignoramous6y ago

> Too bad they built Brave on Chromium instead of Firefox

Weren't the initial versions of Brave based on Firefox? I rem reading it somewhere that they later had to move to Chromium for one reason or the other.

1 more reply

orbital2236y ago

> Firefox is showing that they are more than technically competent to keep up with Chromium and deliver great performance and functionality.

Firefox's performance on android is atrocious.

1 more reply

zzzcpan6y ago

Nobody would fork Firefox today, as they are just following Google reimplementing Chromium and as a consequence always behind and catching up, just burning resources. While they could fork Chromium themselves and focus instead on features that create an advantage and attract users.

1 more reply

buboard6y ago

Firefox seems reluctant to innovate in the web though. You need to at least push for some change in order to see it. They 've barely wet their feet with that, very reluctantly and not with enthusiasm (like with Persona).

Karrot_Kream6y ago

These articles always seem to elide over the WHATWG/W3C fight. Firefox and other browser vendors chose a living, implementable HTML spec over a consensus-based standards body (with its own deep problems), and now we lament the lack of alternatives. If you let browsers create the standards and change them unchecked, the natural conclusion is to own the entire stack for yourself.

hellofunk6y ago

It would seem that the Brave browser and Firefox share similar goals on privacy. It’s hard to navigate the differences in their perspectives on this, why would one choose one of these browsers over the other if concerned about online tracking?

gatherhunterer6y ago

Brave stops ads from tracking you but the browser itself records your browsing behavior and allows ads to use that anonymized data to target ads to you. Their marketing always mentions the former and never mentions the latter. The goal of Brave is to build a model for web advertising that pays the user but gives Brave the lion’s share; this essentially replaces the search engines and social networks as the nexus of web advertising with a browser.

buboard6y ago

the data stays in your computer though, doesnt travel to their servers. that's very significant

I 'm not sure Brave's model will work, but at least they are giving websites more options , which is more important imho than fighting for who will have the fastest rendering engine.

doomlaser6y ago

Firefox has more power user features and a robust plugin system. One of my must-have features for a browser is the ability to define search engine macros for the address bar, to quickly and directly search sites like Wikipedia, Twitter, YouTube, Google Image Search, IMDB, Metacritic, RottenTomatoes, etc. It's a lot faster to type command-L t whatever - to do a search of Twitter than navigating in any other way. So far, Brave doesn't have this as a user-definable option, so Firefox is my main browser across platforms.

anonymousab6y ago

Chrome seems to have this - that is, you define a domain+query string and a keyword that, when typed, indicated that it should be used on that domain query. Did Brave remove that feature?

1 more reply

jimktrains26y ago

Brave still contributes to a chrome monoculture, and it still shows ads, so it has a different vision of privacy.

hellofunk6y ago

From the standpoint of privacy itself, I’m not sure how it’s different. The browser does not transmit any browsing behavior or history to any servers anywhere, which seems consistent with anyone’s vision of privacy.

That they figured out a way to still offer advertising despite this restriction, that’s just an orthogonal feature that doesn’t affect the stance of privacy.

OrgNet6y ago

It needs to fight for the present of the web, because it is getting worst.

miklax6y ago

Viva la Firefox :)

alwillis6y ago

Not only does Firefox have to worry about Chrome and Safari, now there’s Brave on Mac/Windows/Linux/iOS/Android.

Brave is co-founded by Brendan Eich, who co-founded Mozilla. Brave is doing all the things Firefox should have done: create a new ecosystem for a secure and private web, while Mozilla is still taking millions from Google in exchange for making Google the default search engine.

Although the invasive ads are blocked by default, users can opt-in to privacy preserving ads and get paid in Basic Attention Token, which can be used to support the over 300,000 and growing registered content creators.

On the desktop, Brave has Tor, IPFS and WebTorrent built-in—no additional plugins needed.

Yes, it’s based on Chromium, which feeds into the monoculture narrative. But there’s the irony of the guy who started Firefox using Chrome’s engine to attempt to kill Google’s surveillance capitalism system.

auslander6y ago

> Macs remain a fairly open system, although the increasing focus on the Mac app store, which Firefox isn’t on, bodes ill for the browser’s future.

Why not put FF in App Store? I'd even pay for clean, no "integrations", version.

barryvan6y ago

I suspect that it's because Firefox makes extensive use of "private" Apple APIs to be able to efficiently render on the platform, and Apple doesn't allow such uses for apps distributed through the app store. Similar issues apply to electron apps: https://news.ycombinator.com/item?id=21437255

j-pb6y ago

Never forget that mozilla puts meta bulls* before solving problems.

Their "spec hackers" decided to kill WebSQL, because of they feared that the available implementation was so HIGH quality that there wouldn't be any implementation diversity.

Instead they gave us the indexedDB garbage dump.

Firefox and Mozilla can go straight to oblivion for all I care.

detaro6y ago

No, because the spec did not actually specify enough to allow implementation diversity or even just the available implementation be updated to a new version that breaks backwards compatibility, and apparently none of the proposers cared enough about the spec to do the work of documenting the intended behavior.

WebSQL implementations later proved to be insecure by not limiting the kind of queries allowed, and strictly speaking any fix of that would have broken the proposed specification.

j-pb6y ago

Just use the SQLite implementation and documentation everywhere. SQLite is arguably the most well tested piece of software on the planet.

It would have been the only piece of every browser that 'just works'.

But hey having a "spec" on top to all the available documentation is super necessary so that some bloke on twitter can put it into their bio.

Even HTML doesn't have specs anymore, because they don't matter. They are a means to get all browsers to be compatible not the goal.

And Safari and Chrome still ship with WebSQL, so I don't think that "security issue" is actually there.

1 more reply

lllr_finger6y ago

On a free and open platform like OpenBSD, Firefox isn't even really an option due to performance issues. More than anything else, being forced to use Chromium for a decent browsing experience turned me away from using OpenBSD on a daily driver laptop.

danilocesar6y ago

How's that? Firefox is way better nowadays than it was a few years ago. I have been using as my main work browser for some time and I don't face any performance issues with it.

lllr_finger6y ago

On a BSD? It's great for me in Windows or Linux, but it's really choppy scrolling or watching videos in OpenBSD. There was a post on the mailing list somewhere that blamed excessive mallocs. This was with version 69, so not some ancient version either.

1 more reply

mscasts6y ago

Firefox is unfortunately becoming unrelevant. They have pretty much less than 5% global usage and it's not exactly increasing.

Mozilla needs to sharpen up in my view. I use Brave because I like Brendan Eich and I am not exactly a fan of Mozilla as an org. There is no way to fund Firefox development as a user and it seems like they have focused more on side products / services lately.

amiga_5006y ago

Firefox works great. I have to use chrome af work, so use both. Firefox lacks nothing.

k1m6y ago

The Guardian website is horrible when it comes to tracking. They don't tend to mention that in their privacy-focused articles.

Here's a tweet that sums it up:

'The irony is real... @Guardian headline, "The Guardian view on privacy online: a human right", while allowing trackers to spy on their readers.'

https://twitter.com/Ghostery/status/989543132349034499

TazeTSchnitzel6y ago

Isn't Ghostery the tracker-blocker that sold its users' data?

k1m6y ago

It is. I don't use them and recommend uBlock Origin to anyone who asks. But they are correct on this.

1 more reply

Krasnol6y ago

- The Guardian website is horrible when it comes to tracking.

- Here's a tweet

The irony is real indeed.

k1m6y ago

The irony they were highlighting was the Guardian's stated position on privacy, "The Guardian view on privacy online: a human right", and their own complete disregard for that position.

That's quite different from what you appear to be making the irony about.

madenine6y ago

Is there even a fight left?

Chrome was the newer, faster, better working option when the average user was acclimating to the web as a constant part of their lives. To a degree, Chrome became a status symbol - knowing to ditch IE and download chrome was a mark that you were minimally web and computer savvy.

For the average person to switch away from Chrome, FF would need to have an overwhelming advantage - and I'm not sure privacy is the place where the average user will register that advantage. With 100 other companies stealing and selling their data at any given time, why should they worry about their web browser?

Zealotux6y ago

For a long time, it was installing Firefox over IE that was regarded as the proof of being "computer savvy". I'll even admit that back in the days, I took great pride in introducing it to my whole family when most of them didn't even know there could be an alternative to IE. And back then, it was Firefox that was the fastest, safest, coolest kid in town.

Up until recently, I was sharing your pessimism over the crushing success of Chrome and how Firefox would never get back in the heart of people. This is why it amazed me when people – non-techies – around me not only did notice but were more than eager to know why I had stopped using Chrome. Small talk was enough, in many cases, to convert them back into Firefox, which isn't is what I wanted to as I never specifically advocate for personal software solutions.

It appears regular people are more aware of these issues than we, in the tech field, might think. Maybe it's because I live in Europe and we're being constantly bombarded with cookie compliance notices – which are obvious dark patterns 90% of the time – that acts as a systematic reminder that almost no website we ever visit "respect your privacy". I'll admit it's nothing more than empirical, biased observation, but maybe something's happening here, I believe we should at least try.

googthwy1236y ago

I think people are sometimes forgetting that Firefox is an ad-supported product. Firefox monetizes by sending people to Google. In some sense, Chrome is less directly funded by ads than Firefox, because Google (like Microsoft and Apple) has a reason to fund the development of a web browser even if it wasn't directly leading to ad revenue. On the other hand, Google is only paying for Firefox to the extent that Firefox users bring ad revenue to Google.

freediver6y ago

Perhaps the fight should start with:

- Not sending data to Google

- Finding a different business model that does not almost entirely rely on Google

- Not collecting user data

Source: https://firefoxvschrome.com

mthoms6y ago

Wow. This is so misleading that it borders on outright lying. What's your agenda?

freediver6y ago

Truth? I can understand 'unpopular', but 'misleading' without probably even looking at it?

1) This can be easilly reproduced.

https://twitter.com/jonathansampson/status/11658588961766604...

2) Over 95% of Mozilla revenue comes from Google for using Google as default search engine https://assets.mozilla.net/annualreport/2017/mozilla-fdn-201...

3) https://www.mozilla.org/en-US/privacy/firefox/#health-report - see first item

2 more replies

aledthemathguy6y ago

One new model Firefox can adopt (try) is being made possible by cryptocurrencies. Mozilla can follow Brave's path and "pay" clients in cryptocurrency for viewing ads (although I am not sure this is in line with Mozilla's interests or goals or even ethics).

This might be able to create a new incentive layer for the web. Most users really don't care about their browser (you'd be surprised how many downloaded Chrome because it was just "simpler" than Explorer and stuck with it for no prominent reason). Introducing an incentive to use Firefox might tilt the choice (why not use a browser that pays me a few bucks - which I will put back in the web).

I'll stop at this.

j / k navigate · click thread line to collapse

283 comments

chappi426y ago