1. 47
  1.  

  2. 10

    The web has ballooned to a point where even parties like Microsoft have a hard time keeping up with the pace and keep on top of everything you need to maintain, which is a lot. This is especially true when Google has a dominant share and can essentially dictate the direction and pace of standards. (In particular, it’s also one designed to undermine the native platforms. Would an OS vendor want things like NaCl and WebUSB, unless your OS is a thin wrapper around a browser?)

    1. 4

      leaving every Web user vulnerable to vulnerabilities whose disclosure can only safely take place if the affected company decides to permit it.

      I’m going to dispute this because I think it’s an important point with some subtle but crucial details.

      1. There’s good reason to decline to imdemnify “researchers” in case you accidentally protect attackers too. The weev defense: I didn’t know if a million browsers were vulnerable until I exploited a million users. Just researching, you know.

      2. The DMCA does have anti circumvention language, but the standard browser exploit PoC is to pop open calc.exe. That’s not DRM circumvention. The only “users” left vulnerable by forbidding disclosure of DRM circumvention are… DRM vendors.

      1. 6

        “That’s because EME is designed to trigger liability under section 1201 of the Digital Millennium Copyright Act (DMCA), which says that removing a digital lock that controls access to a copyrighted work without permission is an offense, even if the person removing the lock has the right to the content it restricts. In other words, once a video is sent with EME, a new company that unlocks it for its users can be sued, even if the users do nothing illegal with that video.”

        Because every site is served from America by American companies to American people. In Australia for example they have an allowance for “reverse engineering for compatibility”. Oh, hi, TPP :(

        1. 3

          Because every site is served from America by American companies to American people. In Australia for example they have an allowance for “reverse engineering for compatibility”.

          This. It’s a huge problem that even people working on internet rights for the last 20 years are bad at thinking outside of the framework of their local laws and regulations.

          1. 6

            The article specifically acknowledges that not every country has the same laws, but it also specifically notes that many countries have been strong-armed into passing compatible laws through “trade” negotiations with the US. Thus, the DMCA has spread to a large part of the world.

          2. 2

            The last time I checked we had the same allowance in Poland.

          3. 1

            It’s a joke they are asking for more diversity in browsers while Mozilla went out of their way to effectively turn Firefox into a Chrome clone.

            If you want to be influential as a browser vendor nowadays, you need to have a big market share, so the quality of a software really is an important aspect. Instead of trying to add all the web “standards” the W3C spits out literally weekly, the Firefox developers really need to look back and see why so many people used Firefox in the first place, and the reasons were

            • Firefox was lightweight
            • Firefox was very extensible

            In the last few years, Firefox turned into a crawling mess, and I’m looking forward to what the new Servo engine. However, also the user interface needs to be simplified so it makes fun to use it again. It would be a huge plus over Chrome, which despite thousands of people working on optimizing it is still slow.

            They should also remove artificial limitations on extensions in the interest of a “consistent” experience. If people decide to install extensions, it should be their decision on how much they change.

            If you design a program for retards only retards will use it and those smarter people move on to software which at least gives the illusion it cares about the intellect of their users.

            By making Firefox a great, streamligned and lightweight browser again, with more people adopting it (third world anybody? they have slow computers needing a lean browser), Mozilla can put more leverage on the W3C. They could just say: “No, fuck off W3C, we don’t want to implement WebUSB”. And if developers see that they’ll say: “Oh, 40% of users won’t be able to use it! Well then, skip that.”.

            Use real applications for your work and stop abusing the web as an app platform. Then we also wouldn’t have this discussion about WebDRM.

            1. 22

              If you design a program for retards only retards will use it and those smarter people move on to software which at least gives the illusion it cares about the intellect of their users.

              I’m pretty sad to see such language used, especially when we are talking about a program that is explicitly targeted to literally everyone.

              By making Firefox a great, streamligned and lightweight browser again, with more people adopting it (third world anybody? they have slow computers needing a lean browser), Mozilla can put more leverage on the W3C. They could just say: “No, fuck off W3C, we don’t want to implement WebUSB”. And if developers see that they’ll say: “Oh, 40% of users won’t be able to use it! Well then, skip that.”.

              Even people in the third world have quite capable machines. Network is the huge problem. Clean Firefox is moving towards leaner anyways.

              One of the big problems of Firefox in the recent years was unconstrained addons turning the thing into a memory hog. What’s your solution for that?

              Use real applications for your work and stop abusing the web as an app platform. Then we also wouldn’t have this discussion about WebDRM.

              This argument drops dead once you try to define “real” here.

              1. 14

                If you design a program for retards only retards will use it and those smarter people move on to software which at least gives the illusion it cares about the intellect of their users.

                I’m pretty sad to see such language used, especially when we are talking about a program that is explicitly targeted to literally everyone.

                Thank you for finding a constructive way to say that.

              2. 4

                Except that people would slowly drift if publishers cut FF off and directed people towards Chrome.

                1. 4

                  Of course it’s like playing with fire. However, I’m sure if the Firefox developers did a good enough job making the user experience better in 99% of the cases, the 1% case for “special web-apps” wouldn’t weigh too much.

                  Web developers also know that the user is unlikely to install another browser just to use his web-application. Instead, it would be much more likely the user would switch over to a competitor. Major players (Netflix and stuff) are also aware that, even though they also have more leverage. However, I don’t see how Netflix or some other major player would implement WebUSB in their lineup, despite WebDRM being definitely another topic.

                  All people I know watch Netflix using apps and not in the browser, so at least this example is not an issue, however, you might know of a better example.

                  1. 2

                    I watch Netflix in Chrome, and it works perfectly! From my point of view, it’s really great to be able to watch something like Netflix without having to install another runtime. I prefer that a lot over having to download and install an Electron runtime bundled with each new app.

                    1. 1

                      Web developers also know that the user is unlikely to install another browser just to use his web-application.

                      At least in my experience, this simply isn’t true. Many people go between Chrome, Fx, and IE for better experiences on various sites. I haven’t seen this so much recently, but that may be because the web is much more standardized.

                  2. 3

                    Keep in mind they doo have justification for the extension changes, that is, security. An XPI can reconfigure almost any aspect of the browser. If a malicious one gets installed, especially if it gets privilege escalation and tries to install globally, can be very bad. (I’m not pleased with the solution though - I think there could have been some kind of better compromise.)

                    There’s also the issue of the API. XPI relies heavily on Mozilla’s XPCOM and XUL, which makes extension very powerful, but also very unportable. WebExtensions promises to provide a cross-browser extension API, but it’s still pretty weak. Until it can implement things like tree tabs, I wouldn’t migrate it to it just yet.

                    1. [Comment removed by author]

                      1. 2

                        Firefox itself shouldn’t be able to touch the kernel

                        Could you elaborate on this? I feel like there’s a logical jump here that I missed.

                    2. 3

                      I ended up switching back to Firefox about 2 years ago after using Chrome for a few years. I don’t think chrome and firefox are overly similar, but I can say that barebones firefox runs much more smoothly for me than chrome does. UI-wise, I guess they have the similar tabs-on-bar thing, but opera had that first anyway. I’d say FF turned more into Opera than anything else.

                    3. 1

                      I run Firefox both in Debian and OS X. The experience on Debian is really good, not a single problem since I installed Debian Jessie. But in OS X, Firefox is getting worse with each release. UI sluggish if even you switching to the next tab and performance drops if you open 6 apps or more. Even in Android, the experience is much smoother. This is a huge concern since users are constantly moving to OS X, especially in US and Europe.

                      If Mozilla wants leverage it needs to make the experience sublime for everyone, across platforms and device ranges.

                      P.S.: I don’t know how Firefox runs on Windows, but maybe some user can enlighten me.

                      1. 2

                        The worst part for me is, Firefox on OS X is currently sitting at 277.7 on the Energy Impact meter (in the background with one tab open) and Safari (the browser I’m posting this from) is 2.5. Firefox has zero extensions installed, Safari has three. That’s a massive difference, and I can feel it in the battery life. Safari gets me 8 hours easily, Firefox drops that to 6 at best.

                      2. 1

                        While I think this is an important issue, I found the headline hyperbolic.