Still excuse after excuse after excuse to just not use Firefox. I literally don't care if you have to hold up your nose, there's only one actual alternative browser engine, and it's a matter of survival for anyone who doesn't want the whole internet controlled by google.
It could be half as fast (it isn't) and use twice as much RAM (it doesn't) and ask for a damn nude photo of me and I'd still be using it right now.
Using a google owned browser engine is like growing cavendish bananas while you know the neighbor's farm has the blight already. Change over and try to get good at the new strain while you have a choice, because soon you won't and it will be out of your hands what happens after that.
Unfortunately, for many people those are very important sites.
The Internet desperately needs some government to step in and force Google to spin off Chrome as an independent company. It's the only hope we have of stopping Google from completely ruining the Internet.
There is no "it's slow" excuse to not use firefox. Even if it took a full second longer per page load, WHICH IT EMPIRICALLY DOES NOT, that would still be an acceptable price to pay to not HELP ONE MEGACORP LITERALLY HAVE FINAL SAY OVER ANYTHING THAT HAPPENS ON THE INTERNET
Although currently I am mostly using Chrome for web dev, and Firefox for everything else. On my current project, FF just couldn't seem to handle the churn of constantly loading heavy pages, dev tools etc.
I should switch to a chromium really.
- Terrible font kerning on canvas (Google Docs, Spreadsheets) (probably a decade old bug)
- Doesn't sync icons in favorites bar (which I use without accompanying text, so, big deal)
Jeeze. C'mon, this is exactly what I'm bitching about. How horrific would Google have to be in their position of power over the web before you finally are willing to suffer even a minimal drawback to prevent it?
Apple because of Safari (duh) and Microsoft because they are possibly the only company that could reasonably maintain a hard Chromium fork in the case of Google going crazy.
Unfortunately all three of them are more or less aligned on this issue of remote attestation so I don't really see a path forward.
Firefox just doesn't have the market share to matter. If everyone had switched to it 10 years ago there might have been a chance but the goose is cooked.
What happens when Firefox refuses to implement WEI - then <insert large social media companies> start to require it?
If WEI becomes a common requirement then Firefox will effectively be forced to implement it or it won't be usable as a web browser at that point for the average consumer
It's tough for Goog. They're playing the end-game card here. It's tough, because it's the game winner. On the one hand, total and complete domination of the web. On the other.. Kahn's FTC and the pesky EU technocrats shaking those tired old antitrust lawsuits..
I love FF. But if WEI or whatever future version of WEI gets up, FF will join the party or consign itself to eventual irrelevance. "I use FF for the web, except banking, most major corp sites, paid content, and an increasing bunch of other stuff - but those four bloggers who still post plain HTML pages, FF all the way, go indie web!"
Those of us who currently recommend Firefox are hoping that there's still enough time to do something about this.
Maybe it's already too late, but you might as well try, you know?
The fight was lost long ago, several times (once when they decided to throw out thousands of developer work years by gimping all the addons)
Same. I mostly use Firefox (I still use Chrome for testing) and it's a good browser in itself: not just because it's not Chrome/Edge.
I see people complaining Firefox having subpar font rendering, in sufficient tab management, Mozilla not acting up to their standards, but lack on some fronts.
So what? You won't make compromises on some of your convenience and still use a user hostile company's software, or forks of it which strongholds you to their whims? And expect everything to play in your favor? Silicon Valley is trying to profit against your best interests.
I don't really say you should be using Firefox, but saying you should use some other browser which is not depending on Chromium, or forks.
I also can say Safari would not be the best choice here. As Apple is the Pioneer on restricting you, the users.
There's lots of reasons to use FF, this isn't one of them.
I’ve started myself in the past, and am picking that back up again. But by all means it’s quite possible.
Cool.
Using "political" like a slur is childish and naive.
I am not asserting that FF is bad and nobody should use it. I'm asserting that there are some people (at least one, anyway) who can't use it. Shaming people for not using FF is, therefore, uncalled for.
You should post to firefox support/some stackexchange site or whatever to fix your problem, not comment on the quality of a product you have failed to properly evaluate.
> You should post to firefox support/some stackexchange site or whatever
Interesting that you assume I haven't done these things already.
Also interesting is the level of hostility in your reply, plus the downvotes my original comment got. The FF fanbase seems to have become a bit irrational and intolerant of anything said about FF that isn't fawning praise. That's disappointing.
It should only lend urgency to leave the “old web” for those of us who are builders, makers and evangelizers.
They’re after encryption, they’re attacking anonymity, they want all of finance for themselves, and they want to kill privacy too -- I for one say NO thank you.
There is a level — almost a treble —- in these comments on how “it’s inevitable” or “already cooked” but only if you see these fights in isolation. It most assuredly it is not inevitable.
Let’s get positively focused and make hay while the sun shines and it’s not too late. There’s so much intelligence, compassion and love for humanity in this community. Let’s use it.
It is, in fact, over.
Commodity hardware has no "escape hatch" anymore. If you want to, say, implement custom encryption or ensure anonymity/financial independence for yourself, you cannot stop the Powers That Be. You are helpless to resist Apple or Google or Microsoft if they tell you "no".
The fight was lost when we decided that we didn't need computing rights. The rest, as they say, is history.
We need a list od pages that supports it and we need to same the for their support of WEI
So, sure... they clearly don't want to be prevented from blocking other peoples' ads (a big part of their pitch); but, blocking their ads while still getting paid--which is, of course, extremely easy to pull off on an unrestricted computer--is an existential threat to their only actual revenue stream which they want to protect against.
The ramification: Brave's product managers--and even Brendan Eich himself (whom all of the later quotes I have in this comment were taken from, directly or indirectly)--have often talked about using the very same remote attestation technology to protect their SDK and even their browser for the same reasons as Google.
https://www.reddit.com/r/BATProject/comments/bw6sek/
https://www.reddit.com/r/BATProject/comments/b7rwbx/
> 1/ native C++/Rust code, no JS tags on page that have zero integrity. That means ability to use SGX/TrustZone to check integrity and develop private user score from all sensor inputs in the enclave; ...
> We already have to deal w/ fraud. That is inherent in any system with users and revenue shares or grants. We do it better via C++ and (under way) SGX or TrustZone integrity checking + OS sensor APIs, vs today’s antifraud scripts that are routinely fooled.
> What Brave offers that's far better than today's joke of an antifraud system for ads is as follows: 1/ integrity-checked open source native code, which cannot be fooled by other JS on page; ... (1) requires SGX or ARM equivalent, widespread on mobile.
https://www.reddit.com/r/BATProject/comments/
https://www.reddit.com/r/BATProject/comments/97trex/comment/...
> Part of the roadmap (details in update) is a BAT SDK. Obviously it would be open source, but more: we would require Secure Remote Attestation (Intel SGX broken but ARM TrustZone as used by Trustonic may be ok) to prove integrity of the SDK code in app.
...and, frankly, Brave isn't going to have any choice in implementing Google's plot: the web simply isn't going to work in Brave anymore if they don't, as web pages will just start refusing to give Brave any content.
The real issues are the very existence of remote attestation technology and advertisements as a business model / corporate incentive structure; imagine living in a world where we made both of these illegal.
We want our SDK (if we manage to build it) by which revenue share is distributed to be tamperproof and used by humans. You don't like this, turn off the BAT support in the SDK-using app, or use a different app.
Contrast this with Google WEI, which proposes that web pages (esp. the big ones, including Google's) can do this to all browser users, who get zero revshare, just battery draining ad-tech requests and malvertising risk.
See the difference? I have said openly that I'm a fan of Secure Remote Attestation but it has to be opt-in and user-first. WEI as a tool for Chrome supremacy on the browser side and Google on the ad-tech side is pretty much the opposite.
Several of these either can't be done via a js extension to chrome, or can be detected/bypassed. Brave does them in-engine which is the better way to do it.
https://github.com/brave/brave-browser/wiki/Fingerprinting-P...
They don't maintain a separate Chromium codebase, nor do they refer to it as a fork anywhere on GitHub. They do refer to it as a customised Chromium, which I think is a far more accurate description:
> Brave Core is a set of changes, APIs, and scripts used for customizing Chromium to make the Brave browser.
I also think of Chrome as a customised Chromium, not a fork of Chromium.
If the goal is to maintain compatibility with what you've forked, there are not a lot of other ways to do what Brave is doing... when you do the classic fork, the code tends to diverge and compatibility decays.
> I also think of Chrome as a customised Chromium, not a fork of Chromium.
I've started viewing Chromium based browsers as distributions instead of forks.
With me that's a straw man, I haven't been using the word "reskinned".
The way he mentions Chromium proves my point that it's a distribution of Chromium.
Chrome is a browser because Google has Chromium, and they've chosen Chrome as the name for their distribution of Chromium. But it is also a distribution of Chromium.
"Chromium" is not a distributable binary blob, so you're wrong in your essential claim. We don't distribute the same Chromium bits in Brave as Google does in Chrome. Chromium is open source software. We disable and nullify a lot, as the first document linked in my tweet details:
1) Doesn’t innovate on anything, social media accounts are plagued with pointing fingers at others while using a Chromium fork themselves, ignorance at its finest.
2) Has been accused of selling copyrighted data for AI training and has not made a public statement.
3) Has a history of making stupid decisions and only apologizing when a big news outlet calls them out.
lol, what a great innovation!
It's also surprising to me how almost no one has commented on Private Access Tokens shipping for Apple. Which do the same thing. Here's them bragging about being able to avoid catchpa's since the devices are all vouched for by Apple as unmodified & controlled by Apple: https://developer.apple.com/videos/play/wwdc2022/10077/
There was a decent submission on this recently, but not much engagement. https://www.snellman.net/blog/archive/2023-07-25-web-integri... https://news.ycombinator.com/item?id=36866355
I think this is absolutely the worst shit, almost as bad as MV3 being a utterly neutered shitty hell hole version of what web extensions were. But it's notable to me that both Google didn't start this particular trend, Apple did, and more broadly - I have such a hard time picking words here - it feels like the stark polemics have been on overdrive to create a reality distortion field, where Chrome is purely bad/evil/awful/no-good everywhere. We should be upset & mad! But I feel like we're pretty far into losing our minds territory, and slipping into strokes of broadsweeping public madness.
Google is trying to make it impossible not to see the ads it’s selling. Apple’s intent seems to be lock down the Apple platform…? I know Apple is blatantly abusive in lots of spaces, but Chrome is a super-majority of the browsers in use. It’s an odd take to spin this into “they started it” finger pointing.
The reason Chrome is getting all the hate is that Google finally realized its power, position, and needs and became self-serving. Apple is just a lesser demigod is this fight.
You're just assuming that they're both lying about the motives, and making up the worst possible motives you can think of for each. I think in both cases you're wrong, and the stated goal is the actual goal. (Apple is not looking to lock down their platform with this, and Google is not thinking about ad blockers at all here.)
Their reasons for needing such an anti-abuse primitive are not the same, but the mechanisms are very similar, and the range of attestations they could provide without public opinion or regulatory backlash is probably almost identical.
The first example in the WEI doc is enforcing that ads are viewed by humans: https://github.com/RupertBenWiser/Web-Environment-Integrity/...
Whether it's their goal or not to exclude competing/upstart browsers and operating systems, that will be the end result given the content of the proposed standard.
This comment is a return to what kind of disturbs me, of using a very narrow focus on one specific thing: one specific thing I already said is the very worst shit.
