It would be much simpler if Signal adopted something like RFC 9420 (Messaging Layer Security), but MLS doesn’t provide the metadata resistance that Signal prioritized.
I wonder what metadata resistance Signal offers that Wire, through its use of MLS, doesn’t?
The metadata resistance of signal is largely mythical anyway since the necessarily have the metadata via other channels and just pinky promise not to look or store it
You can derive it from necessity if you like. Signal server sees the message come in over a network connection from an app. The server must be able to deliver it to a target user. This is the metadata. That the message data on the wire doesn’t contain this metadata doesn’t prevent the server from knowing it, it must know it in order to function at all. Signal has never claimed otherwise they only claim that the server forgets right away. But of course that must be taken on trust
At best, that associates two IP addresses… not withstanding CGNAT, VPNs, MASQUE, and friends.
But it doesn’t associate them with accounts / contacts. That’s a stronger guarantee than Matrix or XMPP. It may also be a stronger guarantee than Wire?
But it doesn’t associate them with accounts / contacts.
That isn’t true. Signal messages need to be routed by account identifier, an IP address is not sufficient. And unless you have the “sealed sender” feature turned on, messages identify their senders.
There’s no mechanism for the Signal server to know the IP addresses of iOS clients because an iOS device only maintains one persistent connection to Apple for notifications. There’s no way a Signal client can keep track of the IP addresses of its contacts, because it isn’t a mesh network, it’s a star. Even for non-iOS devices, an IP address isn’t sufficient to identify a client because (for example) there are multiple clients in our house and our house has only one IP address.
So it is. As far as I can tell the official documentation for the feature is still this blog post https://signal.org/blog/sealed-sender/ which makes it sound like the feature is incomplete, but the last few paragraphs say they were (in 2018) rolling it out to everyone so I guess the preview was actually the main event.
I just checked in settings. There’s only “show when it’s used” and “allow for even unknown senders” preferences for me, which makes me conclude that it’s already enabled by default and can not be disabled.
Sealed sender is also not a good protection if Signal was to actually start keeping logs. There are two sources of metadata leakage with sealed sender:
You need to acquire a sender certificate before you can use sealed sender. If you do this from the same IP as you later use when sending a message, your IP and your identity can be linked.
When you send a message, the receiver sends a delivery notice back to you. This is a simple correlation, a sealed message to Person A on IP address X from IP address Y is immediately followed by a sealed message from IP address X to Person B on IP address Y.
Yes, and if you do have Sealed Sender turned on, the only metadata left on the server that’s needed for message delivery is a 96-bit “delivery token” derived from a “profile key” that conveniently rotates whenever you block an account.
My reading of the description of sealed sender is that the delivery token is used check that the sender is allowed to send to the recipient – it’s an anti-abuse mechanism. It is used when the server is deciding whether to accept a message, it isn’t used to decide where to deliver the message.
That is not my reading of the server code for either single or multi-recipient messages. And Signal iOS at least seems to use sealed sender by default, though it falls back to unsealed send if there’s an auth failure, which seems bad. (so the server can force the client to identify itself? … but I also can’t find anywhere that throws RequestMakerUDAuthError.udAuthFailure, so maybe it’s dead code…)
But I admit it’s a very casual reading of the code!
To say what sibling says in a different way, the connection the message is delivered to the server over must be authenticated. If it weren’t the server would not accept the message, due to spam reasons etc. so the server knows the account of the sender. And it needs to know the account of the receiver for delivery to be possible
That article specifically admits this is true. Signal doesn’t choose to write it down (assuming the published code is what they run) which means it cannot be recovered after the fact (if you trust the server to not have recorded this) of course any other operator could also not write this down and one could choose to trust that operator. It’s not specific to signal really.
I believe we agree that the server must know the recipient of a message. I believe we disagree about whether the server needs to know the sender of a message.
Erm, so what do you mean by authenticated?
That article notes the sender’s metadata is (e2e) encrypted. The server accepts and routes messages whose envelope includes a delivery token. And, similarly, that delivery token is shared via e2e encrypted sessions to all a recipient’s contacts.
It’s unclear to me how unknown senders / randos are handled, however. I haven’t read that deep into the code.
Sure, that’s fair.
But I was hoping your claim was more substantial than just this, since, as since child comment below says, almost all signal competitors suffer from this.
Not just almost all. It is fundamentally impossible for a communications system to operate if whoever does the routing doesn’t know sender and receiver identity at some point (and send/receive time, which is also metadata)
If you do onion routing you could make it so only one part knows sender and one part knows receiver, which is how the remailer network worked but that’s the only instance I’m aware of doing that. Everyone else has the metadata and it’s just various shades of promising not to write it down.
Aren’t there protocols for deniable drop offs on servers and similar? Those wouldn’t scale well, but AFAIK they work. So they are possible (just not practical).
There is SecureDrop, but as far as the technology is concerned it’s a web app accessed via Tor. The rest of the anonymity guarantees come from server-side opsec performed by the recipient org https://docs.securedrop.org/en/stable/what_is_securedrop.html
SimpleX is a chat system that does onion routing. Only two hops, and I am not vouching for anything about the app or its servers; just noting this feature.
No one claimed otherwise. The context is the claim expressed above that you get worse metadata resistance than Signal, which seems irrelevant given that Signal doesn’t really have it either.
Sorry. I hear this line of argument on Hacker News and Reddit a lot, only for the person to turn around and recommend XMPP or Matrix instead. I wanted to cut it off at the pass.
What’s your marketing budget? If you aren’t aligned with the marketing budget havers on this, how do you expect them to treat you when your goals diverge?
See also, fast expiring certificates making democratized CT logs infeasible, DNS over HTTPS consolidating formerly distributed systems on cloudflare. It’s not possible to set up a webpage in 2025 without interacting with a company that has enough money and accountability to untrustworthy governments to be a CA, and that sucks.
HTTPS is cool and all, but I wish there was a usable answer that wasn’t “just centralize the authority.”
Sigh. Lobsters won’t let me post. I must be getting rate limited? It seems a bit ridiculous, I’ve made one post in like… hours. And it just shows me “null” when I post. I need to bug report or something, this is quite a pain and this is going to need to be my last response as dealing with this bug is too frustrating.
See also, fast expiring certificates making democratized CT logs infeasible, DNS over HTTPS consolidating formerly distributed systems on cloudflare.
Can you tell me more about these? I think “infeasible” is not accurate but maybe I’m wrong. I don’t see how DoH consolidates anything as anyone can set up a DoH server.
t’s not possible to set up a webpage in 2025 without interacting with a company that has enough money and accountability to untrustworthy governments to be a CA, and that sucks.
You can definitely set up a webpage in 2025 pretty with HTTPS, especially as you can just issue your own CA certs, which your users are welcome to trust. But if your concern is that a government can exert authority within its jurisdiction I have no idea how you think HTTP is helping you with that or how HTTPS is enabling that specifically. These don’t feel like HTTPS issues, they feel like regulatory issues.
HTTPS is cool and all, but I wish there was a usable answer that wasn’t “just centralize the authority.”
There are numerous, globally distributed CAs, and you can set one up at any time.
Lobsters has been having some issues, I had the same trouble yesterday too.
The CT log thing is something i read on here iirc, basically that CT logs are already pretty enormous and difficult to maintain, if there are 5x as many cert transactions cause they expire in 1/5 the time the only people who will be able to keep them are people with big budgets
I suppose i could set up a DoH server, but the common wisdom is to use somebody else’s, usually cloudflare’s, the fact that something is technically possible doesnt matter in a world where nobody does it.
especially as you can just issue your own CA certs
Are you joking? “please install my CA cert to browse my webpage” may technically count as setting up a web page but the barrier to entry is so high I might as well not. Can iphones even do that?
There are numerous, globally distributed CAs, and you can set one up at any time.
That’s a lot more centralized than “I can do it without involving a third party at all.”
I dunno, maybe I’m just romanticizing the past but I miss being able to publish stuff on the internet without a Big Company helping me.
The CT log thing is something i read on here iirc, basically that CT logs are already pretty enormous and difficult to maintain, if there are 5x as many cert transactions cause they expire in 1/5 the time the only people who will be able to keep them are people with big budgets
Strange but I will have to learn more.
I suppose i could set up a DoH server, but the common wisdom is to use somebody else’s, usually cloudflare’s
Sure, because that’s by far the easiest option and most people don’t really care about centralizing on Cloudflare, but nothing is stopping people from using another DoH.
Are you joking? “please install my CA cert to browse my webpage” may technically count as setting up a web page but the barrier to entry is so high I might as well not. Can iphones even do that?
iPhones being able to do that isn’t really relevant to HTTPS. If you want to say that users should be admins of their own devices, that’s cool too.
As for joking, no I am not. You can create a CA, anyone can. You don’t get to decide who trusts your CA, that would require work. Some companies do that work. Most individuals aren’t interested. That’s why CAs are companies. If you’re saying you want a CA without involving any company, including non-profits that run CAs, then there is in fact an “open” solution - host your own. No one can stop you.
You can run your own internet if you want to. HTTPS is only going to come up when you take on the responsibility of publishing content to the internet that everyone else has to use. No one can stop you from running your own internet.
That’s a lot more centralized than “I can do it without involving a third party at all.”
As opposed to running an HTTP server without a third party at all? I guess technically you could go set up a server at your nearest Starbucks but I think “at all” is a bit hard to come by and always has been. Like I said, if you want to set up a server on your own local network no one is ever going to be able to stop you.
I dunno, maybe I’m just romanticizing the past but I miss being able to publish stuff on the internet without a Big Company helping me.
Which drawbacks? I ask not because I believe there are none, but I’m curious which concern you the most. I’m sympathetic to wanting things and not wanting their consequences haha that’s the tricky thing with life.
HTTPS: I want the authentication properties of HTTPS without being beholden to a semi-centralized and not necessarily trustworthy CA system. All proposed alternatives are, as far as I know, bad.
DNS: I want the convenience of globally unique host names without it depending on a centralized registry. All proposed alternatives are, as far as I know, bad.
These kind of accusations are posts that make me want to spend less on lobsters.
Who knows if it’s planned or accidental obsolescence? Many devices and services outlive their teams by much longer than anticipated. Everyone working in software for a long while has experienced situations like those.
I also find the accusation that HTTPS is leading to broken devices rather wild…
I want to offer a different view: How cool is it that the devices was fixable despite Google’s failure to extend/exchange their certificate. Go, tell your folks that the Chromecast is fixable and help them :)
For me, it’s takes like yours that irritate me. Companies that are some of the largest on the planet don’t need people like you to defend them, to make excuses for them, to try to squelch the frustration directed towards them because they’re either evil or incompetent.
By the way, there is no third option - either they’re evil and intended to force obsolescence upon these devices, or they’re incompetent and didn’t know this was going to happen because of this incompetence.
The world where we’re thinking it’s cool that these devices are fixable tidily neglects the fact that 99% of the people out there will have zero clue how to fix them. That it’s fixable means practically nothing.
For me, it’s takes like yours that irritate me. Companies that are some of the largest on the planet don’t need people like you to defend them, to make excuses for them, to try to squelch the frustration directed towards them because they’re either evil or incompetent.
Who cares? No one is defending Google. People are defending deploying HTTPS as a strategy to improve security. Who cares if it’s Google or anyone else? The person you’re responding to never defends Google, none of this has to do with Google.
By the way, there is no third option - either they’re evil and intended to force obsolescence upon these devices, or they’re incompetent and didn’t know this was going to happen because of this incompetence.
Who cares? Also, there is a very obvious 3rd option - that competent people can make a mistake.
Nothing you’ve said is relevant at all to the assertion that, quoting here:
This is the future the “HTTPS everywhere” crowd wants ;)
Even though you’re quoting me, you must be mistaken - this post is about Google, and my response was about someone who is defending Google’s actions (“Who knows if it’s planned or accidental obsolescence?”).
I haven’t a clue how you can think that a whole post about Google breaking Google devices isn’t about Google…
To the last point, “https everywhere” means things like this can keep being used as an excuse to make fully functional products in to ewaste over and over, and we’re left wondering if the companies responsible are evil or dumb (or both). People pretending to not get the connection aren’t really making a good case for Google not being shit, or for how the “https everywhere” comment is somehow a tangent.
Take what you want from my employment by said company, but I would guess absolutely no-one in private and security has any wish/intention/pressure to not renew a certificate.
I have no insider knowledge about what has happened (nor could I share it if I did! But I really don’t). But I do know that the privacy and security people take their jobs extremely seriously.
This isn’t about who you criticize, I would say the same if you picked the smallest company on earth. This is about the obvious negativity.
This is because the article isn’t “Chromecast isn’t working and the devices all need to go to the trash”.
Someone actually found out why and people replied with instructions how to fix these devices, which is rather brilliant. And all of that despite google’s announcements that it would discontinue it..
This is the future the “HTTPS everywhere” crowd wants ;)
I’m not exactly sure what you meant by that, and even the winky face doesn’t elide your intent and meaning much. I don’t think privacy and security advocates want this at all. I want usable and accessible privacy and security and investment in long term maintenance and usability of products. If that’s what you meant, it reads as a literal attack rather than sarcasm. Poe’s law and all.
Not all privacy and security advocates wanted ‘HTTPS everywhere’. Not all of the ‘HTTPS everywhere’ crowd wanted centralized control of privacy and encryption solutions. But the privacy and security discussion has been captured by corporate interests to an astonishing degree. And I think @gerikson is right to point that out.
Do you seriously think that a future law in the US forcing Let’s Encrypt (or any other CA) to revoke the certificates of any site the government finds objectionable is outside the realms of possibility?
HTTPS everywhere is handing a de facto publishing license to every site that can be revoked at will by those that control the levers of power.
I admit this is orthogonal to the issue at hand. It’s just an example I came up with when brewing some tea in the dinette.
In an https-less world the same people in power can just force ISPs to serve different content for a given domain, or force DNS providers to switch the NS to whatever they want, etc. Or worse, they can maliciously modify the content you want served, subtly.
Only being able to revoke a cert is an improvement.
Holding the threat of cutting off 99% of internet traffic over the head of media companies is a great way to enforce self-censorship. And the best part is that the victim does all the work themselves!
The original sin of HTTPS was wedding it to a centralized CA structure. But then, the drafters of the Weimar constitution also believed everything would turn out fine.
They’ve just explained to you that HTTPS changes nothing about what the government can do to enact censorship. Hostile governments can turn your internet off without any need for HTTPS. In fact, HTTPS directly attempts to mitigate what the government can do with things like CT logs, etc, and we have seen this work. And in the singular instance where HTTPS provides an attack (revoke cert) you can just trust the cert anyways.
edit: Lobsters is basically completely broken for me (anyone else just getting ‘null’ when posting?) so here is my response to the reply to this post. I’m unable to reply otherwise and I’m getting no errors to indicate why. Anyway…
Yeah, “trust the cert anyway” is going to be the fig leaf used to convince a compliant SCOTUS that revoking a certification is not a blatant violation of the 1st amendment. But at least the daily mandatory webcast from Dear Leader will be guaranteed not to be tampered with during transport!
This is getting ridiculous, frankly.
You’ve conveniently ignored everything I’ve said and focused instead of how a ridiculous attack scenario that has an obvious mitigation has 4 words that somehow you’re relating to SCOTUS and 1st amendment rights? Just glossing over that this attack makes almost no sense whatsoever, glossing over that the far easier attacks apply to HTTP at least as well (or often better) as HTTPS, glossing over the fact that even more attacks are viable against HTTP that aren’t viable against HTTPS, glossing over that we’ve seen CT logs actually demonstrate value against government attackers, etc etc etc. But uh, yeah, SCOTUS.
SCOTUS is going to somehow detect that I trusted a certificate? And… this is somehow worse under HTTPS? They can detect my device accepting a certificate but they can’t detect me accessing content over HTTP? Because somehow the government can’t attack HTTP but can attack HTTPS? This just does not make any sense and you’ve done nothing to justify your points. Users have been more than charitable in explaining this to you, even granting that an attack exists on HTTPS but helpfully explaining to you why it makes no sense.
In the near future, on the other side of an American Gleichschaltung, a law is passed requiring CAs to revoke specific certificates when ordered.
If the TLS cert for CNN.com is revoked, users will reach a scary warning page telling the user the site cannot be trusted. Depending on the status of “HTTPS Everywhere”, it might not be able to proceed past this page. But crucially, CNN.com remains up, it might be accessible via HTTP (depending on HSTS settings) and the government has done nothing to impede the publication.
But the end effect is that CNN.com is unreadable for the vast number of visitors. This will make the choice of CNN to tone down criticism of the government very easy to make.
The goal of a modern authoritarian regime is not to obsessively police speech to enforce a single worldview. It’s to make it uneconomical or inconvenient to publish content that will lead to opposition to the regime. Media will parrot government talking points or peddle harmless entertainment. There will be an opposition and it will be “protected” by free speech laws, but in practice accessing its speech online will be hard to impossible for the vast majority of people.
If the USA apparatus decides to censor CNN, revoking TLS cert wouldn’t be the way. It’ll be secret court orders (not unlike recent one British government has sent to Apple), and, should they not comply, apprehension of key staff.
And, even if such cert revocation happened, CNN would be able to get new one within seconds by contacting any other ACME CA, there are even some operating in EEA.
I think your whole argument is misguided, and not aimed at understanding failures of Google, but at lashing at only tangentially related problem space.
And my comment is not defence of Google or Cloudflare, I consider both to be malicious for plethora of reasons.
You’re still thinking like the USSR or China or any totalitarian government. The point isn’t to enforce a particular view. The point is to prevent CNN or any other media organization from publishing anything other than pablum, by threatening their ad revenue stream. They will cover government talking points, entertainment, even happily fake news. Like in Russia, “nothing is true and everything is possible”.
And, even if such cert revocation happened, CNN would be able to get new one within seconds by contacting any other ACME CA, there are even some operating in EEA.
Nothing is preventing the US from only allowing certs from US based issuers. Effectively, if you’re using a mainstream browser, the hypothetical law I have sketched out will also affect root CAs.[1]
I think your whole argument is misguided, and not aimed at understanding failures of Google, but at lashing at only tangentially related problem space.
I proposed a semi-plausible failure mode of the current CA-based certification system and suddenly I’ve gotten more flags than ever before. I find it really interesting.
[1] note that each and every one of these attempts to block access will have quite easy and trivial workarounds. That’s fine, because as stated above, having 100% control of some sort of “truth” is not the point. If nerds and really motivated people can get around a block by installing their own root store or similar, it will just keep them happy to have “cheated the system”. The point is having an atomized audience, incapable of organizing a resistance.
I proposed a semi-plausible failure mode of the current CA-based certification system and suddenly I’ve gotten more flags than ever before. I find it really interesting.
The flags are me and they’re because your posts have been overwhelmingly low quality, consisting of cherry picking, trolling, rhetoric, and failing to engage with anyone’s points. You also never proposed any such attack, other users did you the favor of explaining what attack exists.
The closest thing you’ve come to defining an attack (before others stepped in to hand you one) is this:
Holding the threat of cutting off 99% of internet traffic over the head of media companies
It’s not that interesting why you’re getting flagged. IMO flags should be required to have a reason + should be open, but that’s just me, and that’s why I virtually always add a comment when I flag a post.
This is one of the only posts where you’ve almost come close to saying what you think the actual problem is, which if I very charitably interpret and steel-man on your behalf I can take as essentially “The US will exert power over CAs in order to make it hard for news sites to publish content”. This utterly fails, to be clear (as so many people have pointed out that there are far more attacks on HTTP that would work just as well or infinitely better, and as I have pointed out that we have seen HTTPS explicitly add this threat model and try to address it WITH SUCCESS using CT Logs), but at least with enough effort I can extract a coherent point.
I have around 30 flags right now in these threads (plus some from people who took time off their busy schedule to trawl through older comments for semi-plausible ones to flag). You’re not the only one I have pissed off.[1]
(I actually appreciate you replying to my comments but to be honest I find your replies quite rambling and incoherent. I guess I can take some blame for not fully cosplaying as a Project 2025 lawyer, instead relying on vibes.)
It’s fine, though. I’ve grown disillusioned by the EFF style of encryption boosting[2]. I expect them to fold like a cheap suit if and when the gloves come off.
[1] but I’m still net positive on scores, so there are people on the other side too.
[2] they’ve been hyperfocussed on the threat of government threats to free speech, while giving corporations a free pass. They never really considered corporations taking over the government.
Hm, I see. No, I certainly have not flagged all of your posts or anything, just 2 or 3 that I felt were egregious. I think lobsters should genuinely ban more people for flag abuse, tbh, but such is the way.
It’s interesting that my posts come off as rambly. I suppose I just dislike tree-style conversations and lobsters bugs have made following up extremely annoying as my posts just disappear and show as “null”.
I’ve been getting the “null” response too. There’s nothing in the bug tracker right now, and I don’t have IRC access. Hopefully it will be looked at soon.
As to the flags, people might legitimately feel I’m getting too political.
Yeah, “trust the cert anyway” is going to be the fig leaf used to convince a compliant SCOTUS that revoking a certification is not a blatant violation of the 1st amendment. But at least the daily mandatory webcast from Dear Leader will be guaranteed not to be tampered with during transport!
The point of this hypothetical scenario would be that the threat of certificate revocation would be out in the open, to enforce self-censorship to avoid losing traffic/audience. See my comment here:
I’m not sure any of those are good examples of planned obsolescence. As far as I can tell, they’re all services that didn’t perform very well that Google didn’t want to support, tools that got subsumed into other tools, or ongoing projects that were halted.
I think it’s reasonable to still wish that some of those things were still going, or that they’d been open-sourced in some way so that people could keep them going by themselves, or even that Google themselves had managed them better. But planned obsolescence is quite specifically the idea that you should create things with a limited lifespan so that you can make money by selling their replacements. As far as I can tell, that doesn’t apply to any of those examples.
I get that it’s a tongue in cheek comment, but this is what falls out of “we want our non-https authentication certificates to chain through public roots”.
There is no reason for device authentication to be tied to PKI - it is inherently a private (as in “only relevant to the vendor” , not secret) authentication mechanism so should not be trying to chain through PKI, or PKI-like, roots.
Why is this a hyperbole? It is clear that even an enterprise the size of Google, famous for it’s leetcode-topping talent is unable to manage certificates at scale. This makes it a pretty good point against uncritical deployment of cryptographic solutions.
When Microsoft did that I wasn’t standing embarrassed in front of my family failing to cast cartoons on the TV. So it was their problem, not my problem.
Maybe. I think there are two ways to interpret it - “HTTPS Everywhere” means “literally every place” or it means “everywhere that makes sense, which is the vast majority of places”. But, to me, neither of these implies “you should deploy in a way that isn’t considered and that will completely destroy a product in the future”, it just means that you should very likely be aiming for a reliable, well supported deployment of HTTPS.
I was replying more to the “planned and enforced obsolescence” conspiracy theorizing.
It is true that managing certificates at scale is something not a lot of large organizations seem to be able to pull off, and that’s a legitimate discussion to have… but I didn’t detect any good faith arguments here, just ranting
Moreover, panic!()’s are hiding even in the most innocious places like unwrap() and expect() calls…
It would be valuable to have a non-panic mode of Rust – I think this would effectively be “Total Rust” – but the point of unwrap() and expect() is to accept a panic in the interest of focusing on other things. This is probably not a trade-off the author wants to make for codec development.
When I write an unwrap() or expect() in production code, I write a small comment giving evidence or a proof as to why this panic will never be hit - or if it will be hit, that termination of the application really is the desirable outcome.
Actually, the popcorn button on microwaves can potentially be offering functionality beyond what a time and power setting can accomplish. Some microwaves have ambient moisture sensors, and some have microphones.
What would be cool is if the full functionality of these sensors was available to the end user, who had a way to create and modify the preset functions. I don’t know if the market is ready for that however.
Yes. I think this falls into a different category of features. Also in most cases this setting is still power level X and then run for Y seconds after first steam detected, which could be programed by a user fairly easily.
Also most microwaves these days don’t actually have a steam sensor unfortunately. The majority of popcorn buttons just have a preset time.
OTOH all bags of microwave popcorn have “DO NOT USE THE POPCORN BUTTON” on them. Collectively, the microwave makers have failed to create a predictable, consistent popcorn button. The smart ones are smart in different ways, the dumb ones are dumb in their own ways, and it’s hard to even tell which is which.
But we have to be careful with our analogies. And sometimes… sometimes, there is more thought and effort into creating such a “nightmare bicycle” user interface than there may appear to be on the surface. And maybe there is a good reason for some design choices.
Not always, of course. As /u/kevincox mentions, some microwaves don’t have a moisture sensor, but present the same user interface as one that does. Which is very unfortunate.
I’ll make an attempt, with the caveat that this list seems so obvious to me that I’m worried I might be missing some nuance (imagine a similar list about cooking utensils with “people think knives can only be used for butter, but in reality they can also be used to cut bread, meat, and even vegetables!!!”).
Sentences in all languages can be templated as easily as in English: {user} is in {location} etc.
Both the substitutions and the surrounding text can depend on each other. The obvious example is languages where nouns have gender, but you might also have cases like Japanese where “in” might be へ, で, or に to indicate relative precision of the location.
Words that are short in English are short in other languages too.
German is the classic example of using lengthy compound words where English would use a shorter single-purpose word, “Rindfleisch” vs “beef” or “Lebensmittel” vs “food” (why yes I haven’t had lunch yet, why do you ask…?).
For any text in any language, its translation into any other language is approximately as long as the original.
See above – English -> German tends to become longer, English -> Chinese tends to become shorter.
For every lower-case character, there is exactly one (language-independent) upper-case character, and vice versa.
Turkish and German are famous counter-examples, with Turkish 'i' / 'I' being different letters, or German ß capitalizing to "SS" (though I think this is now considered somewhat old-fashioned?).
The lower-case/upper-case distinction exists in all languages.
Not true in Chinese, Japanese, Korean.
All languages have words for exactly the same things as English.
Every language has words that don’t exist in any other language. Sometimes because the concept is alien (English has no native word for 寿司), sometimes because a general concept has been subdivided in a different way (English has many words for overcast misty weather that don’t translate easily into languages from drier climates).
Every expression in English, however vague and out-of-context, always has exactly one translation in every other language.
I’m not sure what this means because many expressions in English don’t even have a single explanation in English, but in any case, idioms and double entendres often can’t be translated directly.
All languages follow the subject-verb-object word order.
If one’s English to SVO order is limited, limited too must their knowledge of literature be.
When words are to be converted into Title Case, it is always the first character of the word that needs to be capitalized, in all languages.
Even English doesn’t follow a rule of capitalizing the first character of every word. Title Casing The First Letter Of Every Word Is Bad Style.
Every language has words for yes and no.
One well-known counter-example being languages where agreement is by repeating a verb:
A: “Do you want to eat lunch together?”
B: “Eat.”
In each language, the words for yes and no never change, regardless of which question they are answering.
See above.
There is always only one correct way to spell anything.
Color / colour, aluminum / aluminium
Each language is written in exactly one alphabet.
Not sure exactly what this means – upper-case vs lower-case? Latin vs Cyrillic? 漢字 vs ひらがな カタカナ ? 简化字 vs 繁体字 ? Lots of counter-examples to choose from, Kazakh probably being a good one.
All languages (that use the Latin alphabet) have the same alphabetical sorting order.
Some languages special-case ordering of letter combinations, such as ij in Dutch.
And then there’s the dozens of European languages that have their own letters outside the standard 26. Or diacritics.
All languages are written from left to right.
Arabic, Hebrew.
Even in languages written from right to left, the user interface still “flows” from left to right.
Not sure what “flows” means here, but applications with good RtL support usually flip the entire UI – for example a navigational menu that’s on the right in English would be on the left in Arabic.
Every language puts spaces between words.
Segmenting a sentence into words is as easy as splitting on whitespace (and maybe punctuation).
Chinese, Japanese.
Segmenting a text into sentences is as easy as splitting on end-of-sentence punctuation.
English: "Dear Mr. Smith".
No language puts spaces before question marks and exclamation marks at the end of a sentence.
No language puts spaces after opening quotes and before closing quotes.
French famously has rules that differ from English regarding spacing around punctuation.
All languages use the same characters for opening quotes and closing quotes.
“ ” in English,「 」in Japanese, « » in French,
Numbers, when written out in digits, are formatted and punctuated the same way in all languages.
European languages that use '.' for thousands separator and ',' for the fractional separator, or languages that group by different sizes (like lakh/crore in Indian languages).
No two languages are so similar that it would ever be difficult to tell them apart.
Many languages are considered distinct for political reasons, even if a purely linguistic analysis would consider them the same language.
Languages that have similar names are similar.
English (as spoken in Pittsburgh), English (as spoken in Melbourne), and English (as spoken in Glasgow).
More seriously, Japanese and Javanese.
Icons that are based on English puns and wordplay are easily understood by speakers of other languages.
Often they’re difficult to understand even for English speakers (I once saw a literal hamburger used to signify a collapsable sidebar).
Geolocation is an accurate way to predict the user’s language.
Nobody who has ever travelled would think this. And yet. AND YET!
C’mon Google, I know that my IP is an airport in Warsaw but I really don’t want the Maps UI to switch to Polish when I’m trying to find a route to my hotel.
Country flags are accurate and appropriate symbols for languages.
You can roughly gauge where you are in the world by whether the local ATMs offer “🇬🇧 English”, “🇺🇸 English”, or “🇦🇺 English”.
Every country has exactly one “national” language.
Belgium, Luxembourg, Switzerland.
Every language is the “national” language of exactly one country.
Turkish and German are famous counter-examples, with Turkish ‘i’ / ‘I’ being different letters, or German ß capitalizing to “SS” (though I think this is now considered somewhat old-fashioned?).
The German ß has history.
The old rule is that ß simply has no uppercase. Capitalizing it as “SS” was the default fallback rule if you had to absolutely capitalize everything and the ß would look bad (such as writing “STRAßE” => “STRASSE”). Using “SZ” was also allowed in some cases.
The new rule is to use the uppercase ß: ẞ. So instead of “STRASSE” you now write “STRAẞE”.
The usage of “SZ” was disallowed in 2006, the East Germans had an uppercase ß since 1957, the West German rules basically said “Uppercase ß is in development” and that was doppred in 1984 for the rule to use SS or SZ as uppercase variant. The new uppercase ß is in the rules since 2017. And since 2024 the uppercase ß is now preferred over SS.
The ISO DIN 5008 was updated in 2020,
This means depending on what document you’re processing, based on when it was created and WHERE it was created, it’s writing of the uppercase ß may be radically different.
It should also be noted that if you’re in Switzerland, ß is not used at all, here the SS substitute is used even in lower case.
Family names may also have custom capitalization rules, where ß can be replaced by SS, SZ, ẞ
or even HS, so “Großman” can become “GROHSMANN”. Note that this depends on the person, while Brother Großmann may write “GROHSMANN”, Sister Großmann may write “GROSSMANN” and their mother may use “GROẞMANN” and these are all valid and equivalent.
Umlauts may also be uppercased without the diacritic umlaut and with an E suffix; ä becomes “AE”. In some cases even lowercase input does the translation because older systems can’t handle special characters, though this is not GDPR compliant.
No two languages are so similar that it would ever be difficult to tell them apart.
Many languages are considered distinct for political reasons, even if a purely linguistic analysis would consider them the same language.
If you ever want to have fun, the politics and regionality of German dialects could be enough to drive some linguists up the wall.
Bavarian is recognized as a language and dialect at the same time, it can be subdivided into dozens and dozens of subdialects, which are all similar but may struggle to understand eachother.
As someone who grew up in Swabian Bavaria, my dialect is a mix of both Swabian and Bavarian, I struggle to understand Northern Bavaria but I struggle much less with Basel Swiss Germany (which is distinct from Swiss German in that it originates from Lower Allemans instead of Higher Allemans) which is quite close in a lot of ways.
And the swiss then double down on making things confusing by sometimes using french language constructs in german words, or straight up importing french or italian words.
East Germany added the uppercase ß in 1957 and removed it in 1984. The spelling rules weren’t updated, so despite the presence of an uppercase ß, it would have been wrong to use it in any circumstances. Since Unicode 1.0 is somewhere around 1992, with some early drafts in 1988, it basically missed the uppercase ß being in the dictionary.
The uppercase ß itself has been around since 1905 and we’ve tried to get it into Unicode since roughly 2004.
Every expression in English, however vague and out-of-context, always has exactly one translation in every other language.
I’m not sure what this means because many expressions in English don’t even have a single explanation in English, but in any case, idioms and double entendres often can’t be translated directly.
A good example of this is a CMS I used to work on. The way it implemented translation was to define everything using English[0], then write translations as a mapping from those English snippets to the intended language. This is fundamentally flawed, e.g. by homonyms:
Subject From Flags Actions
----------------------------------------------------------------
Project update Alice Unread, Important [Read] [Delete]
Welcome HR Read [Read] [Delete]
Here, the “Read” flag means “this has been read”, whilst the “Read” button means “I want to read this”. Using the English as a key forces the same translation on both.
[0] We used British English, except for the word “color”; since we felt it was better to match the CSS keywords (e.g. when defining themes, etc.).
One trick is to use a different word on the asset: Reviewed(adj) and Review(v) don’t have the same problem that Read(adj) and Read(v) do. Seen(adj) and See(v); Viewed(adj) and View(v). And so on. Then you can “translate” to English to actually use Unread/Read/[Read] if you still like it without confusing the translator who need to know you want more like e.g. Lido/Ler or 阅读/显示 and so on.
The number of exceptions caused by the Hebrew calendar makes me shed a tear of joy.
Here’s one falsehood they missed: the length of a year varies by at most one day. True in Gregorian calendar, apparently true in the Islamic calendar, but not true in the Hebrew calendar: leap years are 30 days longer than regular years.
They sorta cover it on the “days” section, by way of mentioning that the Hebrew calendar has leap months.
They also miss Byzantine calendars which are still used by many churches, related to the Jewish Greek calendar from the Septuagint. It’s of course complicated by the fact that many churches & groups do not agree on what year was the start, so it’s complex to use (but still in somewhat fairly common liturgical use).
Here’s a fun (counter)example of (something like) this one from my heritage language:
In each language, the words for yes and no never change, regardless of which question they are answering.
(Context: the word for enjoy/like is the same in the language, so when translating to English, I choose whichever sounds most natural in each given example sentence.)
When someone says, “do you (enjoy/)like it?”, if you want to say “yes, I like it”, that’s fine, but if you want to say you don’t like it, you would say, “I don’t want it”; if you were to say, “I don’t like it” in that situation, it would mean, “I don’t want it”. The same reversal happens if they ask, “do you want it?”, and you want to respond in the negative.
So someone would say, “do you want a chocolate bar?”, and you’d say, “no, I don’t want it”, and that would mean, “no, (I already know) I don’t (usually/habitually) enjoy it (when I have it), (therefore I don’t want it)”, whereas, “no, I don’t enjoy it” would just straightforwardly mean, “I don’t want it”.
(You can also respond with just, “no!” instead of using a verb in the answer.)
This only happens in the habitual present form. Someone might ask, “do you like chocolate?” before they offer you some, and you can say, “no, I don’t want it”, but if they already gave you a chocolate bar to try, they may ask, “did you like it?” in the past tense, and you’d have to respond with, “I didn’t like it” instead of, “I didn’t want it”. And, “do you want chocolate?” would be met with, “no, I don’t like it”, but “did you want chocolate?” would be met with, “no, I didn’t want it”, and that second one would just mean what it straightforwardly sounds like in English.
(Strictly speaking, it doesn’t need to be a response to a question, I’m just putting it into a context to show that the verb used in the answer isn’t just a negative form of the same verb used in the question.)
(It’s hard to explain because if you were to translate this literalistically to English, it wouldn’t even be noticed, since saying, “no, I don’t like it” in response to, “do you want it?” is quite natural, but does literally just mean, “I don’t like it”, in the sense of, “no, (I already know) I don’t (usually/habitually) enjoy it (when I have it), (therefore I don’t want it)”. Even, “no, I don’t want it“ in response to, “do you like it?” is fairly natural in English, if a little presumptive-sounding.)
In Polish when someone asks you “Czy chcesz cukru do kawy?” (“Do you want coffee with sugar?”) and you can respond with “Dziękuję”, which can mean 2 opposite things “Yes, please” or “No, thank you”.
The first one gets a pass because it was the first one, and even then, I think it’s better to link people one of the many explainers people wrote about it.
The Mozilla lawyers say that CCPA and GDPR are not court-tested enough and they are making the ToU so broad such that the terms can prevent a lot of legal attacks. As someone who works for Mozilla, I have decided to trust them. But I can understand some people want to do their own reading…. ¯\_(ツ)_/¯
It must be stressful working for Mozilla and constantly being held to a higher standard.
Despite holding a pitchfork and having lost all faith in Mozilla’s leadership, I have nothing but respect for the people who have made Firefox a viable browser alternative for so long. Sorry you have to deal with this shit :/
Thank you. It would be a more realistic high standard if people contributed instead of complaining.
Filing bugs, finding duplicates, writing docs, everything counts. Not everyone has the necessary level of masochism to deal with a 20 year old C++/Rust/XHTML/CSS/JS codebase and that’s OK.
Heh, it’s not really masochistic if you just focus on an area that’s fairly isolated (for me it was platform stuff: kinetic scrolling for GTK, damage tracking for EGL, gamepad support with evdev, a couple little Wayland bugs, enabling stuff on FreeBSD…) – and what’s really amazing is the tooling, even just the fact that the build is literally just ./mach build and doesn’t take outrageous amounts of time nor memory (well, without LTO).
But I can understand some people want to do their own reading….
I mean, those terms are written for customers, who have to accept them, who are neither lawyers nor Mozilla employees. Legal writing for lawyers but for users to accept is malpractice.
It’s definitely a change in habit. I worked with Mozilla Legal around the GDPR compliance and documentation of crates.io and around the setup around the Foundation and they were very outside focused. Really loved it.
What I did find however is the classic that Mozilla is - curiously - very Californian, and not very international in their management and thinking. Peak of this was me observing someone trying to apply US case law to Germany, which doesn’t have case law.
All that said: I do trust Mozilla, but that’s because I have a privileged inside view through my work on Rust and in Tech Speakers and that can’t be what’s being asked of general users.
HOWEVER, I think it’s also the obligation of people criticizing to not spin the wildest legal theories. FOSS has a lot of armchair lawyers that can’t tell even tell personal information and copyrightable works apart.
license all content you transmit through Firefox to Mozilla (“When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox. -https://www.mozilla.org/en-US/about/legal/terms/firefox)
allow Mozilla to both sell your private information
If you’re already using Firefox, I can confirm that porting your profile over to Librewolf (https://librewolf.net) is relatively painless, and the only issues you’ll encounter are around having the resist fingerprinting setting turned on by default (which you can choose to just disable if you don’t like the trade-offs). I resumed using Firefox in 2016 and just switched away upon this shift in policy, and I do so sadly and begrudgingly, but you’d be crazy to allow Mozilla to cross these lines without switching away.
If you’re a macOS + Littlesnitch user, I can also recommend setting Librewolf to not allow communication to any Mozilla domain other than addons.mozilla.org, just in case.
👋 I respect your opinion and LibreWolf is a fine choice; however, it shares the same problem that all “forks” have and that I thought I made clear in the article…
Developing Firefox costs half a billion per year. There’s overhead in there for sure, but you couldn’t bring that down to something more manageable, like 100 million per year, IMO, without making it completely uncompetitive to Chrome, whose estimate cost exceeds 1 billion per year. The harsh reality is that you’re still using Mozilla’s work and if Mozilla goes under, LibreWolf simply ceases to exist because it’s essentially Firefox + settings. So you’re not really sticking it to the man as much as you’d like.
There are 3 major browser engines left (minus the experiments still in development that nobody uses). All 3 browser engines are, in fact, funded by Google’s Ads and have been for almost the past 2 decades. And any of the forks would become unviable without Apple’s, Google’s or Mozilla’s hard work, which is the reality we are in.
Not complaining much, but I did mention the recent controversy you’re referring to and would’ve preferred comments on what I wrote, on my reasoning, not on the article’s title.
I do what I can and no more, which used to mean occasionally being a Firefox advocate when I could, giving Mozilla as much benefit of the doubt as I could muster, paying for an MDN subscription, and sending some money their way when possible. Now it means temporarily switching to Librewolf, fully acknowledging how unsustainable that is, and waiting for a more sustainable option to come along.
I don’t disagree with the economic realities you mentioned and I don’t think any argument you made is bad or wrong. I’m just coming to a different conclusion: If Firefox can’t take hundreds of millions of dollars from Google every year and turn that into a privacy respecting browser that doesn’t sell my data and doesn’t prohibit me from visiting whatever website I want, then what are we even doing here? I’m sick of this barely lesser of two evils shit. Burn it to the fucking ground.
I think “barely lesser of two evils” is just way off the scale, and I can’t help but feel that it is way over-dramatized.
Also, what about the consequences of having a chrome-only web? Many websites are already “Hyrum’s lawed” to being usable only in Chrome, developers only test for Chrome, the speed of development is basically impossible to follow as is.
Firefox is basically the only thing preventing the most universal platform from becoming a Google-product.
Well there’s one other: Apple. Their hesitance to allow non-Safari browsers on iOS is a bigger bulwark against a Chrome-only web than Firefox at this point IMO.
I’m a bit afraid that the EU is in the process of breaking that down though. If proper Chrome comes over to iOS and it becomes easy to install, I’m certain that Google will start their push to move iOS users over.
I know it’s not exactly the same but Safari is also in the WebKit family and Safari is nether open source nor cross platform nor anywhere close to Firefox in many technical aspects (such as by far having the most functional and sane developer tools of any browser it there).
Pretty much the same here: I used to use Firefox, I have influenced some people in the past to at least give Firefox a shot, some people ended up moving to it from Chrome based on my recommendations. But Mozilla insists on breaking trust roughly every year, so when the ToS came around, there was very little goodwill left and I have permanently switched to LibreWolf.
Using a fork significantly helps my personal short-term peace of mind: whenever Mozilla makes whatever changes they’re planning to make which requires them to have a license to any data I input into Firefox, I trust that I will hear about those changes before LibreWolf incorporates them, and there’s a decent chance that LibreWolf will rip them out and keep them out for a few releases as I assess the situation. If I’m using Firefox directly, there’s a decent probability that I’ll learn about those changes after Firefox updates itself to include them. Hell, for all I know, Firefox is already sending enough telemetry to Mozilla that someone there decided to make money off it and that’s why they removed the “Mozilla will doesn’t and will never sell your data” FAQ item; maybe LibreWolf ripping out telemetry is protecting me against Mozilla right now, I don’t know.
Long term, what I personally do doesn’t matter. The fact that Mozilla has lost so much good-will that long-term Firefox advocates are switching away should be terrifying to Mozilla and citizens of the Web broadly, but my personal actions here have close to 0 effect on that. I could turn into a disingenuous Mozilla shill but I don’t exactly think I’d be able to convince enough people to keep using Firefox to cancel out Mozilla’s efforts to sink their own brand.
If Firefox is just one of three browsers funded by Google which don’t respect user privacy, then what’s the point of it?
People want Firefox and Mozilla to be an alternative to Google’s crap. If they’re not going to be the alternative, instead choosing to copy every terrible idea Google has, then I don’t see why Mozilla is even needed.
Well to be fair to Mozilla, they’re pushing back against some web standard ideas Google has. They’ve come out against things like WebUSB and WebHID for example.
How the heck do they spend that much? At ~20M LoC, they’re spending 25K per line of code a year. While details are hard to find, I think that puts them way above the industry norms.
I’m pretty sure that’s off by 3 orders of magnitude; OP’s figure would be half a US billion, i.e. half a milliard. That means 500M / 20M = 25 $/LOC. Not 25K.
I see your point, but by that same logic, shouldn’t we all then switch to Librewolf? If Firefox’s funding comes from Google, instead of its user base, then even if a significant portion of Firefox’s users switch, it can keep on getting funded, and users who switched can get the privacy non-exploitation they need?
TL;DR 90% of Mozilla’s revenue comes from ad partnerships (Google) and Apple received ca. 19 Bn $ per annum to keep Google as the default search engine.
Where did you get those numbers? Are you referring to the whole effort, (legal, engineering, marketing, administration, etc) ot just development?
That’s an absolutely bonkers amount of money, and while i absolutely believe it, im also kind of curious what other software products are in a similar league
Yeah, that seems like legal butt-covering. If someone in a criminalizing jurisdiction accesses these materials and they try to sue to the browser, Mozilla can say the user violated TOS.
This is just a lie. It’s just a lie. Firefox is gratis, and it’s FLOSS. These stupid paragraphs about legalese are just corporate crap every business of a certain size has to start qualifying so they can’t get their wallet gaped by lawyers in the future. Your first bullet point sucks - you don’t agree to the Acceptable Use Policy to use Firefox, you agree to it when using Mozilla services, i.e. Pocket or whatever. Similarly, your second bulletpoint is completely false, that paragraph doesn’t even exist:
You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.
The text was recently clarified because of the inane outrage over basic legalese. And Mozilla isn’t selling your information. That’s not something they can casually lie about and there’s no reason to lie about it unless they want to face lawsuits from zealous legal types in the future. Why constantly lie to attack Mozilla? Are you being paid to destroy Free Software?
Consciously lying should be against Lobsters rules.
Let’s really look at what’s written here, because either u/altano or u/WilhelmVonWeiner is correct, not both.
The question we want to answer: do we “agree to an acceptable use policy” when we use Firefox? Let’s look in the various terms of service agreements (Terms Of Use, Terms Of Service, Mozilla Accounts Privacy). We see that it has been changed. It originally said:
“When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.”
Note that this makes no distinction between Firefox as a browser and services offered by Mozilla. The terms did make a distinction between Firefox as distributed by Mozilla and Firefox source code, but that’s another matter. People were outraged, and rightfully so, because you were agreeing to an acceptable use policy to use Firefox, the binary from Mozilla. Period.
That changed to:
“You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.”
Are the legally equivalent, but they’re just using “nicer”, “more acceptable” language? No. The meaning is changed in important ways, and this is probably what you’re referring to when you say, “you don’t agree to the Acceptable Use Policy to use Firefox, you agree to it when using Mozilla services”
However, the current terms still say quite clearly that we agree to the AUP for Mozilla Services when we use Firefox whether or not we use Mozilla Services. The claim that “you don’t agree to the Acceptable Use Policy to use Firefox” is factually incorrect.
So is it OK for u/WilhelmVonWeiner to say that u/altano is lying, and call for censure? No. First, it’s disingenuous for u/WilhelmVonWeiner to pretend that the original wording didn’t exist. Also, the statement, “Similarly, your second bulletpoint is completely false, that paragraph doesn’t even exist:” is plainly false, because we can see that paragraph verbatim here:
So if u/WilhelmVonWeiner is calling someone out for lying, they really shouldn’t lie themselves, or they should afford others enough benefit of the doubt to distinguish between lying and being mistaken. After all, is u/WilhelmVonWeiner lying, or just mistaken here?
I’m all for people venting when someone is clearly in the wrong, but it seems that u/WilhelmVonWeiner is not only accusing others of lying, but is perhaps lying or at very least being incredibly disingenuous themselves.
Oh - and I take exception to this in particular:
“every business of a certain size has to start qualifying so they can’t get their wallet gaped by lawyers”
Being an apologist for large organizations that are behaving poorly is the kind of behavior we expect on Reddit or on the orange site, but not here. We do not want to or should we need to engage with people who do not make good faith arguments.
Consciously lying should be against Lobsters rules.
This is a pretty rude reply so I’m not going to respond to the specifics.
Mozilla has edited their acceptable use policy and terms of service to do damage control and so my exact quotes might not be up anymore, but yeah sure, assume that everyone quoting Mozilla is just a liar instead of that explanation if you want.
Sorry for being rude. It was unnecessary of me and I apologise, I was agitated. I strongly disagree with your assessment of what Mozilla is doing as “damage control” - they are doing what is necessary to legally protect the Mozilla Foundation and Corporation from legal threats by clarifying how they use user data. It is false they are selling your private information. It is false they have a nonexclusive … license to everything you do using Firefox. It is false that you have to agree to the Acceptable Use Policy to use Firefox. It’s misinformation, it’s FUD and it’s going to hurt one of the biggest FLOSS nonprofits and alternate web browsers.
It is false that you have to agree to the Acceptable Use Policy to use Firefox.
So people can judge for them selves, the relevant quote from the previous Terms of Use was:
Your use of Firefox must follow Mozilla’s Acceptable Use Policy, and you agree that you will not use Firefox to infringe anyone’s rights or violate any applicable laws or regulations.
This is a pretty incendiary comment and I would expect any accusation of outright dishonesty to come with evidence that they know they’re wrong. I am not taking a position on who has the facts straight, but I don’t see how you could prove altano is lying. Don’t attribute to malice what can be explained by…simply being incorrect.
FYI this is a change made in response to the recent outrage, the original version of the firefox terms included
Your use of Firefox must follow Mozilla’s Acceptable Use Policy, and you agree that you will not use Firefox to infringe anyone’s rights or violate any applicable laws or regulations.
Your locale is forced to en-US, your timezone is UTC, your system is set to Windows. It will put canvas behind a prompt and randomizes some pixels such that fingerprinting based on rendering is a bit harder. It will also disable using SVG and fonts that you have installed on your systems
Btw, I don’t recommend anyone using resist fingerprinting. This is the “hard mode” that is known to break a lot of pages and has no site-specific settings. Only global on or off. A lot of people turn it on and then end up hating Firefox and switching browsers because their web experience sucks and they don’t know how to turn it off. This is why we now show a rather visible info bar in settings under privacy/security when you turn this on and that’s also why we are working on a new mode that can spoof only specific APIs and only on specific sites. More to come.
Yes, if everyone is running a custom set of spoofs you’d end up being unique again. The intent for the mechanism is for us to be able to experiment and test out a variety of sets before we know what works (in terms of webcompat). In the end, we want everyone to look as uniform as possible
It breaks automatic dark mode and sites don’t remember their zoom setting. Dates are also not always localized correctly. That’s what I’ve noticed so far at least.
So, look. Every single internet-connected thing that involves anything that could even be considered user-generated content, and has lawyers, sooner or later inserts a clause into its terms saying you grant them a royalty-free, non-exclusive, non-revocable (etc. etc.) license to copy and distribute things you, the user, input into it.
This is like the most standard boilerplate-y clause there is for user-generated content. It’s a basic cover-your-ass to prevent someone suing you for copyright violation because, say, they just found out that when you type something in the built-in search box it makes a copy (Illegal! I’ll sue!) and transmits the copy (Illegal! I’ll sue!) to a third party.
But about every six months someone notices once of these clauses, misinterprets it, and runs around panicking and screaming OH MY GOD THEY CLAIM COPYRIGHT OVER EVERYTHING EVERYONE DOES WHY WOULD THEY NEED THAT PANIC PANIC PANIC PANIC PANIC OUTRAGE OUTRAGE PANIC.
And then it sweeps through the internet with huge highly-upvoted threads full of angry comments from people who have absolutely no clue what the terms actually mean but who know from the tone of discussion that they’re supposed to be outraged about it.
After a few days it blows over, but then about six months later someone notices once of these clauses, misinterprets it, and runs around panicking and screaming OH MY GOD THEY CLAIM COPYRIGHT OVER EVERYTHING EVERYONE DOES WHY WOULD THEY NEED THAT PANIC PANIC PANIC PANIC PANIC OUTRAGE OUTRAGE PANIC.
And then…
@pushcx this should not be allowed on lobste.rs. It’s 100% outrage-mob baiting.
That’s the point. GDPR has not been that well tested in court. As long as it hasn’t, people will stick to legal boilerplate to make it as broad as possible. This is why all terms of services look like copypasta.
Saying that everyone else does it does not make it okay.
Putting words in my mouth doesn’t make a counterargument.
What do you think is not OK about this boilerplate CYA clause? Computers by their nature promiscuously copy data. Online systems copy and transmit it. The legal world has settled on clauses like this as an alternative to popping up a request for license every time you type into an online form or upload a file, because even if nobody ever actually would sue they don’t want to trust to that and want an assurance that if someone sues that person will lose, quickly. They’ve settled on this because copy/pasting a standard clause to minimize risk is a win from their perspective.
Why is this evil and bad and wrong from your perspective? Provide evidence.
The system we currently have may be structured in a way which makes clauses like this necessary or expedient in order to do business, but the validity of such a clause for that reason doesn’t excuse the system that created it.
Every single internet-connected thing that involves anything that could even be considered user-generated content, and has lawyers, sooner or later inserts a clause into its terms saying you grant them a royalty-free, non-exclusive, non-revocable (etc. etc.) license to copy and distribute things you, the user, input into it.
But Firefox isn’t a web service. It’s a program that runs on my computer and sends data to websites I choose to visit. Those websites may need such legal language for user generated content, but why does Mozilla need a license to copy anything I type into Firefox?
This. I’ve chatted with a few lawyers in the space and this is literally the first time we’re seeing that interpretation to apply to a local program you choose to run that is your agent.
Firefox integrates with things that are not purely your “local agent”, including online services and things not owned by Mozilla. And before you decide this means some sort of sinister data-stealing data-selling privacy violation, go back and look at my original example.
When you upload something to the python package index you do so because you intend for the python package index to create copies of it and distribute it, which needs a license.
When you make a comment on pull request for work you don’t intend for Mozilla to have anything to do with that. You don’t intend for Mozilla to receive your post. Nor to have any special rights to view it, distribute it, make copies of it, etc. They do not need a license because they shouldn’t be seeing it. Moreover you don’t even necessarily have the right to grant them said rights - someone else might own the copyright to the material you are legitimately working with.
When you make a comment on pull request for work you don’t intend for Mozilla to have anything to do with that.
If you use their integrated search which might send things you type to a third party, Mozilla needs your permission to do that.
If you use their Pocket service which can offer recommendations of articles you might like, Mozilla needs your permission to analyze things you’ve done, which may require things like making copies of data.
If you use their VPN service you’re passing a lot of stuff through their servers to be transmitted onward.
There’s a ton of stuff Mozilla does that could potentially be affected by copyright issues with user-generated/user-submitted content. So they have the standard boilerplate “you let us do the things with that content that are necessary to support the features you’re using” CYA clause.
you grant them a royalty-free, non-exclusive, non-revocable (etc. etc.) license to copy and distribute things you, the user, input into it.
The question for random people reading these clauses is what does that mean? Legalese can be hard for lawyers to understand. It’s much harder for mere mortals.
I think everyone is OK with Firefox (the browser) processing text which you enter it into. This processing includes uploading the text to web sites (which you ask it to, when you ask it to), etc.
What is much more concerning for the average user is believing that the “ royalty-free, non-exclusive, non-revocable (etc. etc.) license” is unrestricted.
Let’s say I write the worlds most beautiful poem, and then submit it to an online poem contest via FireFox. Will Mozilla then go “ha ha! Firefox made a copy, and uploaded it to the Mozilla servers. We’re publishing our own book of your work, without paying you royalties. And oh, by the way, you also used Firefox to upload intimate pictures of you and your spouse to a web site, so we’re going to publish those, too!”
The average person doesn’t know. Reading the legalese doesn’t help them, because legalese is written in legalese (an English-adjacent language which isn’t colloquial English). Legalese exists because lawsuits live and die based on minutiae such as the Oxford Comma. So for Mozillas protection, they need it, but these needs are in conflict with the users need to understand the notices.
The Mozilla blog doesn’t help, because the italicized text at the top says: It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice
OK, what does the Privacy Notice say?
(your) …data stays on your device and is not sent to Mozilla’s servers unless it says otherwise in this Notice
Which doesn’t help. So now the average person has to read pages of legal gobbledygook. And buried in it is the helpful
Identifying, investigating and addressing potential fraudulent activities,
Which is a huge loophole. “We don’t know what’s potentially fraudulent, so we just take all of the data you give to FireFox, upload to our US-based servers, and give the DoJ / FBI access to it all without a warrant”. A lawyer could make a convincing and possibly winning argument that such use-cases are covered.
The psychological reason for being upset is that they are confused by complicated things which affect them personally, which they don’t understand, and which they have no control over. You can’t address that panic by telling them “don’t panic”.
The psychological reason for being upset is that they are confused by complicated things which affect them personally, which they don’t understand, and which they have no control over. You can’t address that panic by telling them “don’t panic”.
Could you explain why the concern is necessarily born of confusion rather than accurate understanding?
you said the reason for being upset is that they are confused. sorry if I was changing your meaning by adding “necessarily.” why do you say the concern is because of confusion or lack of understanding? what understanding would alleviate the concerns?
I don’t see a lot of difference between confusion and lack of understanding. Their upset is because the subject affects them, and they’re confused about it / don’t understand it, and they have no control over it.
This is entirely normal and expected. Simply being confused isn’t enough.
What would alleviate the concerns is to address all three issues, either singly, or jointly. If people don’t use Firefox, then it doesn’t affect them, and they’re not upset. If they understand what’s going on and make informed decisions, then they’re not upset. And then if they can make informed decisions, they have control over the situation, and they’re not upset.
The solution is a clear message from Mozilla. However, for reasons I noted above, Mozilla has to write their policies in legalese, when then makes it extremely difficult for anyone to understand them.
but who does “they” refer to? are you saying this describes people in general who are concerned about the policy, or are you just supposing that there must be someone somewhere for whom it is true?
what about people who have an accurate layman’s understanding of what the policy means, and are nonetheless concerned?
The psychological reason for being upset is that they are confused by complicated things which affect them personally, which they don’t understand, and which they have no control over. You can’t address that panic by telling them “don’t panic”.
The actual reason for them being upset is that someone told them to be afraid of the supposedly scary thing and told them a pack of lies about what the supposedly scary thing meant.
I propose to deal with that at the source: cut off the outrage-baiting posts that start the whole sordid cycle. Having a thread full of panicked lies at the top of the front page is bad and can be prevented.
And if you really want to comfort the frightened people and resolve their confusion, you should be talking to them, shouldn’t you? The fact that your pushback is against the person debunking the fearmongering says a lot.
The actual reason for them being upset is that someone told them to be afraid of the supposedly scary thing and told them a pack of lies about what the supposedly scary thing meant.
i.e. you completely ignored my long and reasoned explanation as to why people are upset.
which explains clearly just how nefarious and far-reaching the new policy is.
At best that comment points out that a consolidated TOS for Mozilla “services” is confusingly being linked for the browser itself. Nothing has been proven in the slightest about it being “nefarious”, and the fact that you just assert malicious intent as the default assumption is deeply problematic.
So your position is completely unconvincing and I feel no need to address it any further.
But you’re not debunking the fear mongering. You’re conspicuously ignoring any comment that explains why the concern is valid. Don’t hapless readers deserve your protection from such disinformation?
You’re largely describing boilerplate for web services, where the expectation is that users input content, and a service uses that content to provide service.
Firefox is a user agent, where the expectation is that users input content and the agent passes that content through to the intended service or resource.
When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information
You can call this boilerplate if you like, but it certainly gives Mozilla unambiguous rights relative to what you put into it.
This is like the most standard boilerplate-y clause there is for user-generated content. It’s a basic cover-your-ass to prevent someone suing you for copyright violation because, say, they just found out that when you type something in the built-in search box it makes a copy (Illegal! I’ll sue!) and transmits the copy (Illegal! I’ll sue!) to a third party.
This really does beg the question: Firefox is 20 years old. Why did they only feel the need to add this extremely standard boilerplate-y clause now?
what exactly does that mean? Were they already actively doing this, and the lawyers “won” by updating the TOS to cover that behavior? Or did the lawyers “win” because they were pushing for a business decision to change Firefox’s data gathering activities?
I disagree. I think this is actionable, relevant, and very on-topic. I’d even argue about that with you here, except that you in particular have a very solid history of bad-faith arguing, and I have better things to do.
Anyway, so far 84 of us have upvoted it, vs 7 “off-topic” flags and 8 hides, for a ratio of about 5:1, if we care about user opinions. Your paternalism isn’t a good look. Just hide it, flag it, and move on!
I wouldn’t say that the site rules don’t mean anything–I would say that many users and even admins have disregarded them for political expediency.
The long-term effects of this, of course, are deleterious…but that doesn’t matter when gosh darnit, the outgroup is wrong right now.
In the case of Apple, there’s a weird sort of thing where a release tag covers what is technically marketing. They also are both a large software and hardware vendor and, like it or not, have a large userbase. I’m not saying we should see a constant dripfeed of Apple propaganda, but it isn’t entirely without precedent.
I wouldn’t say that the site rules don’t mean anything–I would say that many users and even admins have disregarded them for political expediency.
Of course. I adopted the parent comment’s hyperbole to avoid getting bogged down in minutia. But there’s nothing wrong with more clarity and precision.
I’m really surprised to see anyone pay even the slightest of attention to this on Lobsters. It’s something my granddad would post to Facebook (example)
chicken-egg problem now. Who would want to use a QR code encoding that won’t work with the majority of QR code readers for only a very small gain, and how many reader implementations are actively maintained and will add support for something nobody uses yet?
The “byte” encoding works well for that. Don’t forget, URls can contain the full range of Unicode, so a restricted set is never going to please everyone. Given that QR codes can contain ~4k symbols, I’m not sure there’s much need for an entirely new encoding.
Yes, although… there’s some benefit to making QR codes smaller even when nowhere near the limits. Smaller ones scan faster and more reliably. I find it difficult to get a 1kB QR code to scan at all with a phone.
QR codes also let you configure the amount of error correction. For small amounts of data, you often turn up the error correction which makes them possible to scan with a very poor image, so they can often scan while the camera is still trying to focus.
URIs can contain the full Unicode range, but the average URL does not. Given that’s become a major use case for qrcodes it’s definitely a shame it does not have a better mode for them: binary mode needs a byte per byte while alnum only needs 5.5 bits per byte.
All non-ascii characters in URLs can be %-encoded so unicode isn’t a problem. A 6-bit code has room for lower case, digits, and all the URL punctuation, plus room to spare for space and an upper-case shift and a few more.
So ideally a QR encoder should ask the user whether the text is a URL, and should check which encoding is the smallest (alnum with %-encoding, or binary mode). Of course this assumes that any paths in the URL are also case-insensitive (which depends on the server).
Btw. can all HTTP servers correctly handle requests with uppercase domain names? I’m thinking about SNI, maybe certificate entries…? Or do browsers already “normalize” the domain name part of a URL into lowercase?
The spec says host names are case-insensitive. In practice I believe all (?) browsers normalize to lowercase so I’m not sure if all servers would handle it correctly but a lot certainly do. I just checked and curl does not normalize, so it would be easy to test a particular server that way.
Host name yes, but not path. So if you are making a URL that includes a path the path should be upper case (or case insensitive but encoded as upper case for the QR code).
No, a URI consists of ASCII characters only. A particular URI scheme may define how non-ASCII characters are encoded as ASCII, e.g. via percent-encoding their UTF-8 bytes.
Byte encoding is fun in practice, as I recently discovered, because Android’s default QR code API returns the result as a Java String. But aren’t Java Strings UTF-16? Why yes, and so the byte data is interpreted as UTF-8, then converted to UTF-16, and then provided as a string.
The work around, apparently, if you want raw byte data, is to use an undocumented setting to tell the API that the data is in an 8-bit code page that can be safely round tripped through Unicode, and then extract the data from the string by exporting it in that encoding.
I read somewhere that the EU’s COVID passes used text mode with base45 encoding because of this tendency for byte mode QR codes to be interpreted as UTF-8.
How do you like to run your bookmarklets? I have the bookmarks navbar hidden to save screen space and so bookmarklets are always hidden enough for me not to think about them.
I have a couple that I use all the time, like ‘scroll to top/bottom’, so I have them on my bookmarks toolbar itself. For the rest, I have them in a subfolder inside my bookmarks toolbar.
Not available on typical Mac laptop keyboards, and even if they were, often my hand is on the touchpad so it’s just more convenient to tap on a button instead of moving my head to a key.
I wonder… does something like that exist in rust? I wouldn’t mind starting a crate like that as a side project :)
There is safe-path that I think is technically it, but it gives impression of being container-specific, and the crate has only a single 0.1.0 release.
There’s also fs_at building block.
This reminded me about a throwaway paragraph in the Signal crypto review (previously):
I wonder what metadata resistance Signal offers that Wire, through its use of MLS, doesn’t?
The metadata resistance of signal is largely mythical anyway since the necessarily have the metadata via other channels and just pinky promise not to look or store it
A source for this claim would be appreciated.
You can derive it from necessity if you like. Signal server sees the message come in over a network connection from an app. The server must be able to deliver it to a target user. This is the metadata. That the message data on the wire doesn’t contain this metadata doesn’t prevent the server from knowing it, it must know it in order to function at all. Signal has never claimed otherwise they only claim that the server forgets right away. But of course that must be taken on trust
At best, that associates two IP addresses… not withstanding CGNAT, VPNs, MASQUE, and friends.
But it doesn’t associate them with accounts / contacts. That’s a stronger guarantee than Matrix or XMPP. It may also be a stronger guarantee than Wire?
That isn’t true. Signal messages need to be routed by account identifier, an IP address is not sufficient. And unless you have the “sealed sender” feature turned on, messages identify their senders.
There’s no mechanism for the Signal server to know the IP addresses of iOS clients because an iOS device only maintains one persistent connection to Apple for notifications. There’s no way a Signal client can keep track of the IP addresses of its contacts, because it isn’t a mesh network, it’s a star. Even for non-iOS devices, an IP address isn’t sufficient to identify a client because (for example) there are multiple clients in our house and our house has only one IP address.
Sealed sender is enabled by default, no?
So it is. As far as I can tell the official documentation for the feature is still this blog post https://signal.org/blog/sealed-sender/ which makes it sound like the feature is incomplete, but the last few paragraphs say they were (in 2018) rolling it out to everyone so I guess the preview was actually the main event.
I just checked in settings. There’s only “show when it’s used” and “allow for even unknown senders” preferences for me, which makes me conclude that it’s already enabled by default and can not be disabled.
Sealed sender is also not a good protection if Signal was to actually start keeping logs. There are two sources of metadata leakage with sealed sender:
You need to acquire a sender certificate before you can use sealed sender. If you do this from the same IP as you later use when sending a message, your IP and your identity can be linked.
When you send a message, the receiver sends a delivery notice back to you. This is a simple correlation, a sealed message to Person A on IP address X from IP address Y is immediately followed by a sealed message from IP address X to Person B on IP address Y.
Yes, and if you do have Sealed Sender turned on, the only metadata left on the server that’s needed for message delivery is a 96-bit “delivery token” derived from a “profile key” that conveniently rotates whenever you block an account.
My reading of the description of sealed sender is that the delivery token is used check that the sender is allowed to send to the recipient – it’s an anti-abuse mechanism. It is used when the server is deciding whether to accept a message, it isn’t used to decide where to deliver the message.
I was going off the above-linked blog post that dives into the Signal internals.
That is not my reading of the server code for either single or multi-recipient messages. And Signal iOS at least seems to use sealed sender by default, though it falls back to unsealed send if there’s an auth failure, which seems bad. (so the server can force the client to identify itself? … but I also can’t find anywhere that throws
RequestMakerUDAuthError.udAuthFailure, so maybe it’s dead code…)But I admit it’s a very casual reading of the code!
edit: found it!
To say what sibling says in a different way, the connection the message is delivered to the server over must be authenticated. If it weren’t the server would not accept the message, due to spam reasons etc. so the server knows the account of the sender. And it needs to know the account of the receiver for delivery to be possible
I strongly suspect you’ve misunderstood how Signal works. What do you think about https://soatok.blog/signal-crypto-review-2025-part-8/, specifically the addendum section?
That article specifically admits this is true. Signal doesn’t choose to write it down (assuming the published code is what they run) which means it cannot be recovered after the fact (if you trust the server to not have recorded this) of course any other operator could also not write this down and one could choose to trust that operator. It’s not specific to signal really.
I believe we agree that the server must know the recipient of a message. I believe we disagree about whether the server needs to know the sender of a message.
Erm, so what do you mean by authenticated?
That article notes the sender’s metadata is (e2e) encrypted. The server accepts and routes messages whose envelope includes a delivery token. And, similarly, that delivery token is shared via e2e encrypted sessions to all a recipient’s contacts.
It’s unclear to me how unknown senders / randos are handled, however. I haven’t read that deep into the code.
Sure, that’s fair.
But I was hoping your claim was more substantial than just this, since, as since child comment below says, almost all signal competitors suffer from this.
Not just almost all. It is fundamentally impossible for a communications system to operate if whoever does the routing doesn’t know sender and receiver identity at some point (and send/receive time, which is also metadata)
If you do onion routing you could make it so only one part knows sender and one part knows receiver, which is how the remailer network worked but that’s the only instance I’m aware of doing that. Everyone else has the metadata and it’s just various shades of promising not to write it down.
Aren’t there protocols for deniable drop offs on servers and similar? Those wouldn’t scale well, but AFAIK they work. So they are possible (just not practical).
There is SecureDrop, but as far as the technology is concerned it’s a web app accessed via Tor. The rest of the anonymity guarantees come from server-side opsec performed by the recipient org https://docs.securedrop.org/en/stable/what_is_securedrop.html
SimpleX is a chat system that does onion routing. Only two hops, and I am not vouching for anything about the app or its servers; just noting this feature.
They were also recently audited by Trail of Bits, so SimpleX is probably not clownshoes.
This level of metadata leakage (IP addresses) is also true of nearly every so-called Signal competitor too.
No one claimed otherwise. The context is the claim expressed above that you get worse metadata resistance than Signal, which seems irrelevant given that Signal doesn’t really have it either.
Sorry. I hear this line of argument on Hacker News and Reddit a lot, only for the person to turn around and recommend XMPP or Matrix instead. I wanted to cut it off at the pass.
Look at zkgroup for a deep dive into that question.
Planned and enforced obsolescence via certificates.
This is the future the “HTTPS everywhere” crowd wants ;)
It will be interesting to see if Google fixes this. On the one hand, brand value. On the other, it’s a chance to force purchase of new hardware!
Not me. I want HTTPS Everywhere and I also don’t want this.
What’s your marketing budget? If you aren’t aligned with the marketing budget havers on this, how do you expect them to treat you when your goals diverge?
See also, fast expiring certificates making democratized CT logs infeasible, DNS over HTTPS consolidating formerly distributed systems on cloudflare. It’s not possible to set up a webpage in 2025 without interacting with a company that has enough money and accountability to untrustworthy governments to be a CA, and that sucks.
HTTPS is cool and all, but I wish there was a usable answer that wasn’t “just centralize the authority.”
Sigh. Lobsters won’t let me post. I must be getting rate limited? It seems a bit ridiculous, I’ve made one post in like… hours. And it just shows me “null” when I post. I need to bug report or something, this is quite a pain and this is going to need to be my last response as dealing with this bug is too frustrating.
Can you tell me more about these? I think “infeasible” is not accurate but maybe I’m wrong. I don’t see how DoH consolidates anything as anyone can set up a DoH server.
You can definitely set up a webpage in 2025 pretty with HTTPS, especially as you can just issue your own CA certs, which your users are welcome to trust. But if your concern is that a government can exert authority within its jurisdiction I have no idea how you think HTTP is helping you with that or how HTTPS is enabling that specifically. These don’t feel like HTTPS issues, they feel like regulatory issues.
There are numerous, globally distributed CAs, and you can set one up at any time.
Lobsters has been having some issues, I had the same trouble yesterday too.
The CT log thing is something i read on here iirc, basically that CT logs are already pretty enormous and difficult to maintain, if there are 5x as many cert transactions cause they expire in 1/5 the time the only people who will be able to keep them are people with big budgets
I suppose i could set up a DoH server, but the common wisdom is to use somebody else’s, usually cloudflare’s, the fact that something is technically possible doesnt matter in a world where nobody does it.
Are you joking? “please install my CA cert to browse my webpage” may technically count as setting up a web page but the barrier to entry is so high I might as well not. Can iphones even do that?
That’s a lot more centralized than “I can do it without involving a third party at all.”
I dunno, maybe I’m just romanticizing the past but I miss being able to publish stuff on the internet without a Big Company helping me.
Strange but I will have to learn more.
Sure, because that’s by far the easiest option and most people don’t really care about centralizing on Cloudflare, but nothing is stopping people from using another DoH.
iPhones being able to do that isn’t really relevant to HTTPS. If you want to say that users should be admins of their own devices, that’s cool too.
As for joking, no I am not. You can create a CA, anyone can. You don’t get to decide who trusts your CA, that would require work. Some companies do that work. Most individuals aren’t interested. That’s why CAs are companies. If you’re saying you want a CA without involving any company, including non-profits that run CAs, then there is in fact an “open” solution - host your own. No one can stop you.
You can run your own internet if you want to. HTTPS is only going to come up when you take on the responsibility of publishing content to the internet that everyone else has to use. No one can stop you from running your own internet.
As opposed to running an HTTP server without a third party at all? I guess technically you could go set up a server at your nearest Starbucks but I think “at all” is a bit hard to come by and always has been. Like I said, if you want to set up a server on your own local network no one is ever going to be able to stop you.
What did that look like?
I want the benefits of HTTPS without the drawbacks. I also want the benefits of DNS without the drawbacks.
On the one hand, I am completely sincere about this. On the other, I feel kind of foolish for wanting things without wanting their consequences.
Which drawbacks? I ask not because I believe there are none, but I’m curious which concern you the most. I’m sympathetic to wanting things and not wanting their consequences haha that’s the tricky thing with life.
HTTPS: I want the authentication properties of HTTPS without being beholden to a semi-centralized and not necessarily trustworthy CA system. All proposed alternatives are, as far as I know, bad.
DNS: I want the convenience of globally unique host names without it depending on a centralized registry. All proposed alternatives are, as far as I know, bad.
These kind of accusations are posts that make me want to spend less on lobsters. Who knows if it’s planned or accidental obsolescence? Many devices and services outlive their teams by much longer than anticipated. Everyone working in software for a long while has experienced situations like those. I also find the accusation that HTTPS is leading to broken devices rather wild…
I want to offer a different view: How cool is it that the devices was fixable despite Google’s failure to extend/exchange their certificate. Go, tell your folks that the Chromecast is fixable and help them :)
For me, it’s takes like yours that irritate me. Companies that are some of the largest on the planet don’t need people like you to defend them, to make excuses for them, to try to squelch the frustration directed towards them because they’re either evil or incompetent.
By the way, there is no third option - either they’re evil and intended to force obsolescence upon these devices, or they’re incompetent and didn’t know this was going to happen because of this incompetence.
The world where we’re thinking it’s cool that these devices are fixable tidily neglects the fact that 99% of the people out there will have zero clue how to fix them. That it’s fixable means practically nothing.
Who cares? No one is defending Google. People are defending deploying HTTPS as a strategy to improve security. Who cares if it’s Google or anyone else? The person you’re responding to never defends Google, none of this has to do with Google.
Who cares? Also, there is a very obvious 3rd option - that competent people can make a mistake.
Nothing you’ve said is relevant at all to the assertion that, quoting here:
Even though you’re quoting me, you must be mistaken - this post is about Google, and my response was about someone who is defending Google’s actions (“Who knows if it’s planned or accidental obsolescence?”).
I haven’t a clue how you can think that a whole post about Google breaking Google devices isn’t about Google…
To the last point, “https everywhere” means things like this can keep being used as an excuse to make fully functional products in to ewaste over and over, and we’re left wondering if the companies responsible are evil or dumb (or both). People pretending to not get the connection aren’t really making a good case for Google not being shit, or for how the “https everywhere” comment is somehow a tangent.
Nope, not mistaken. I think my points all stand as-is.
Take what you want from my employment by said company, but I would guess absolutely no-one in private and security has any wish/intention/pressure to not renew a certificate.
I have no insider knowledge about what has happened (nor could I share it if I did! But I really don’t). But I do know that the privacy and security people take their jobs extremely seriously.
Google has form in these matters, and the Chromecast as a brand even has an entry here:
https://killedbygoogle.com/
But in the future I’ll be more polite in criticizing one of the world’s biggest companies so that this place is more welcoming to you.
This isn’t about who you criticize, I would say the same if you picked the smallest company on earth. This is about the obvious negativity.
This is because the article isn’t “Chromecast isn’t working and the devices all need to go to the trash”. Someone actually found out why and people replied with instructions how to fix these devices, which is rather brilliant. And all of that despite google’s announcements that it would discontinue it..
I’m not exactly sure what you meant by that, and even the winky face doesn’t elide your intent and meaning much. I don’t think privacy and security advocates want this at all. I want usable and accessible privacy and security and investment in long term maintenance and usability of products. If that’s what you meant, it reads as a literal attack rather than sarcasm. Poe’s law and all.
Not all privacy and security advocates wanted ‘HTTPS everywhere’. Not all of the ‘HTTPS everywhere’ crowd wanted centralized control of privacy and encryption solutions. But the privacy and security discussion has been captured by corporate interests to an astonishing degree. And I think @gerikson is right to point that out.
Do you seriously think that a future law in the US forcing Let’s Encrypt (or any other CA) to revoke the certificates of any site the government finds objectionable is outside the realms of possibility?
HTTPS everywhere is handing a de facto publishing license to every site that can be revoked at will by those that control the levers of power.
I admit this is orthogonal to the issue at hand. It’s just an example I came up with when brewing some tea in the dinette.
In an https-less world the same people in power can just force ISPs to serve different content for a given domain, or force DNS providers to switch the NS to whatever they want, etc. Or worse, they can maliciously modify the content you want served, subtly.
Only being able to revoke a cert is an improvement.
Am I missing something?
Holding the threat of cutting off 99% of internet traffic over the head of media companies is a great way to enforce self-censorship. And the best part is that the victim does all the work themselves!
The original sin of HTTPS was wedding it to a centralized CA structure. But then, the drafters of the Weimar constitution also believed everything would turn out fine.
They’ve just explained to you that HTTPS changes nothing about what the government can do to enact censorship. Hostile governments can turn your internet off without any need for HTTPS. In fact, HTTPS directly attempts to mitigate what the government can do with things like CT logs, etc, and we have seen this work. And in the singular instance where HTTPS provides an attack (revoke cert) you can just trust the cert anyways.
edit: Lobsters is basically completely broken for me (anyone else just getting ‘null’ when posting?) so here is my response to the reply to this post. I’m unable to reply otherwise and I’m getting no errors to indicate why. Anyway…
This is getting ridiculous, frankly.
You’ve conveniently ignored everything I’ve said and focused instead of how a ridiculous attack scenario that has an obvious mitigation has 4 words that somehow you’re relating to SCOTUS and 1st amendment rights? Just glossing over that this attack makes almost no sense whatsoever, glossing over that the far easier attacks apply to HTTP at least as well (or often better) as HTTPS, glossing over the fact that even more attacks are viable against HTTP that aren’t viable against HTTPS, glossing over that we’ve seen CT logs actually demonstrate value against government attackers, etc etc etc. But uh, yeah, SCOTUS.
SCOTUS is going to somehow detect that I trusted a certificate? And… this is somehow worse under HTTPS? They can detect my device accepting a certificate but they can’t detect me accessing content over HTTP? Because somehow the government can’t attack HTTP but can attack HTTPS? This just does not make any sense and you’ve done nothing to justify your points. Users have been more than charitable in explaining this to you, even granting that an attack exists on HTTPS but helpfully explaining to you why it makes no sense.
Going along with your broken threading
My scenario was hypothetical.
In the near future, on the other side of an American Gleichschaltung, a law is passed requiring CAs to revoke specific certificates when ordered.
If the TLS cert for CNN.com is revoked, users will reach a scary warning page telling the user the site cannot be trusted. Depending on the status of “HTTPS Everywhere”, it might not be able to proceed past this page. But crucially, CNN.com remains up, it might be accessible via HTTP (depending on HSTS settings) and the government has done nothing to impede the publication.
But the end effect is that CNN.com is unreadable for the vast number of visitors. This will make the choice of CNN to tone down criticism of the government very easy to make.
The goal of a modern authoritarian regime is not to obsessively police speech to enforce a single worldview. It’s to make it uneconomical or inconvenient to publish content that will lead to opposition to the regime. Media will parrot government talking points or peddle harmless entertainment. There will be an opposition and it will be “protected” by free speech laws, but in practice accessing its speech online will be hard to impossible for the vast majority of people.
I feel like your entire argument hinges on this and it just isn’t true.
If the USA apparatus decides to censor CNN, revoking TLS cert wouldn’t be the way. It’ll be secret court orders (not unlike recent one British government has sent to Apple), and, should they not comply, apprehension of key staff.
And, even if such cert revocation happened, CNN would be able to get new one within seconds by contacting any other ACME CA, there are even some operating in EEA.
I think your whole argument is misguided, and not aimed at understanding failures of Google, but at lashing at only tangentially related problem space.
And my comment is not defence of Google or Cloudflare, I consider both to be malicious for plethora of reasons.
You’re still thinking like the USSR or China or any totalitarian government. The point isn’t to enforce a particular view. The point is to prevent CNN or any other media organization from publishing anything other than pablum, by threatening their ad revenue stream. They will cover government talking points, entertainment, even happily fake news. Like in Russia, “nothing is true and everything is possible”.
Nothing is preventing the US from only allowing certs from US based issuers. Effectively, if you’re using a mainstream browser, the hypothetical law I have sketched out will also affect root CAs.[1]
I proposed a semi-plausible failure mode of the current CA-based certification system and suddenly I’ve gotten more flags than ever before. I find it really interesting.
[1] note that each and every one of these attempts to block access will have quite easy and trivial workarounds. That’s fine, because as stated above, having 100% control of some sort of “truth” is not the point. If nerds and really motivated people can get around a block by installing their own root store or similar, it will just keep them happy to have “cheated the system”. The point is having an atomized audience, incapable of organizing a resistance.
The flags are me and they’re because your posts have been overwhelmingly low quality, consisting of cherry picking, trolling, rhetoric, and failing to engage with anyone’s points. You also never proposed any such attack, other users did you the favor of explaining what attack exists.
The closest thing you’ve come to defining an attack (before others stepped in to hand you one) is this:
It’s not that interesting why you’re getting flagged. IMO flags should be required to have a reason + should be open, but that’s just me, and that’s why I virtually always add a comment when I flag a post.
This is one of the only posts where you’ve almost come close to saying what you think the actual problem is, which if I very charitably interpret and steel-man on your behalf I can take as essentially “The US will exert power over CAs in order to make it hard for news sites to publish content”. This utterly fails, to be clear (as so many people have pointed out that there are far more attacks on HTTP that would work just as well or infinitely better, and as I have pointed out that we have seen HTTPS explicitly add this threat model and try to address it WITH SUCCESS using CT Logs), but at least with enough effort I can extract a coherent point.
I have around 30 flags right now in these threads (plus some from people who took time off their busy schedule to trawl through older comments for semi-plausible ones to flag). You’re not the only one I have pissed off.[1]
(I actually appreciate you replying to my comments but to be honest I find your replies quite rambling and incoherent. I guess I can take some blame for not fully cosplaying as a Project 2025 lawyer, instead relying on vibes.)
It’s fine, though. I’ve grown disillusioned by the EFF style of encryption boosting[2]. I expect them to fold like a cheap suit if and when the gloves come off.
[1] but I’m still net positive on scores, so there are people on the other side too.
[2] they’ve been hyperfocussed on the threat of government threats to free speech, while giving corporations a free pass. They never really considered corporations taking over the government.
Hm, I see. No, I certainly have not flagged all of your posts or anything, just 2 or 3 that I felt were egregious. I think lobsters should genuinely ban more people for flag abuse, tbh, but such is the way.
It’s interesting that my posts come off as rambly. I suppose I just dislike tree-style conversations and lobsters bugs have made following up extremely annoying as my posts just disappear and show as “null”.
I’ve been getting the “null” response too. There’s nothing in the bug tracker right now, and I don’t have IRC access. Hopefully it will be looked at soon.
As to the flags, people might legitimately feel I’m getting too political.
Genuine question, is this aimed at me?
Nope. Unless you are a lawyer for Project 2025.
Yeah, “trust the cert anyway” is going to be the fig leaf used to convince a compliant SCOTUS that revoking a certification is not a blatant violation of the 1st amendment. But at least the daily mandatory webcast from Dear Leader will be guaranteed not to be tampered with during transport!
Wouldn’t you agree that certificate transparency does a better job detecting this kind of thing than surreptitiously redirecting DNS would?
The point of this hypothetical scenario would be that the threat of certificate revocation would be out in the open, to enforce self-censorship to avoid losing traffic/audience. See my comment here:
https://lobste.rs/s/mxy0si/chromecast_2_s_device_authentication#c_lyenlf
Flagged as trolling. I’m also extremely critical of Google’s killing of various services.
I’m not sure any of those are good examples of planned obsolescence. As far as I can tell, they’re all services that didn’t perform very well that Google didn’t want to support, tools that got subsumed into other tools, or ongoing projects that were halted.
I think it’s reasonable to still wish that some of those things were still going, or that they’d been open-sourced in some way so that people could keep them going by themselves, or even that Google themselves had managed them better. But planned obsolescence is quite specifically the idea that you should create things with a limited lifespan so that you can make money by selling their replacements. As far as I can tell, that doesn’t apply to any of those examples.
Trust Google to not even manage to do planned obsolescence right either…
Please refrain from smirky, inflammatory comments.
I get that it’s a tongue in cheek comment, but this is what falls out of “we want our non-https authentication certificates to chain through public roots”.
There is no reason for device authentication to be tied to PKI - it is inherently a private (as in “only relevant to the vendor” , not secret) authentication mechanism so should not be trying to chain through PKI, or PKI-like, roots.
Hyperbole much? Sometimes an expired certificate is just an expired certificate
Why is this a hyperbole? It is clear that even an enterprise the size of Google, famous for it’s leetcode-topping talent is unable to manage certificates at scale. This makes it a pretty good point against uncritical deployment of cryptographic solutions.
Microsoft let microsoft.com lapse that one time. Should we give up on DNS?
When Microsoft did that I wasn’t standing embarrassed in front of my family failing to cast cartoons on the TV. So it was their problem, not my problem.
(It is still bricked today btw)
No one has ever argued for “uncritical deployment” of any solution, let alone cryptographic ones.
Maybe I’m reading too much into “HTTPS everywhere” then.
Maybe. I think there are two ways to interpret it - “HTTPS Everywhere” means “literally every place” or it means “everywhere that makes sense, which is the vast majority of places”. But, to me, neither of these implies “you should deploy in a way that isn’t considered and that will completely destroy a product in the future”, it just means that you should very likely be aiming for a reliable, well supported deployment of HTTPS.
I was replying more to the “planned and enforced obsolescence” conspiracy theorizing.
It is true that managing certificates at scale is something not a lot of large organizations seem to be able to pull off, and that’s a legitimate discussion to have… but I didn’t detect any good faith arguments here, just ranting
Kudos to bleepingcomputer for changing the headline. (And apologies for sharing such a misleading article in the first place!)
The animations don’t seem to work for me (I tried enabling JS, still no luck)
Firefox doesn’t support css view transitions.
Yet.
Oh, thanks
Anyone here remember XUL? 👴
I was perplexed by this passage:
It would be valuable to have a non-panic mode of Rust – I think this would effectively be “Total Rust” – but the point of
unwrap()andexpect()is to accept a panic in the interest of focusing on other things. This is probably not a trade-off the author wants to make for codec development.Calling the panic in unwrap unexpected was itself rather unexpected.
What else would it do on failure?
Throw an exception /s
When I write an
unwrap()orexpect()in production code, I write a small comment giving evidence or a proof as to why this panic will never be hit - or if it will be hit, that termination of the application really is the desirable outcome.I do similarly with
expect,unwrapI treat as a variant oftodo!, code to be revisited to determine how to handle the condition.This comes up regularly, including in the Rust-for-Linux discussions.
https://blog.reverberate.org/2025/02/03/no-panic-rust.html
There is https://docs.rs/no-panic/latest/no_panic/ (which seems like a terrible, but potentially very useful, hack).
Actually, the popcorn button on microwaves can potentially be offering functionality beyond what a time and power setting can accomplish. Some microwaves have ambient moisture sensors, and some have microphones.
Technology Connections tells you all about it: https://www.youtube.com/watch?v=Limpr1L8Pss
What would be cool is if the full functionality of these sensors was available to the end user, who had a way to create and modify the preset functions. I don’t know if the market is ready for that however.
Yes. I think this falls into a different category of features. Also in most cases this setting is still power level X and then run for Y seconds after first steam detected, which could be programed by a user fairly easily.
Also most microwaves these days don’t actually have a steam sensor unfortunately. The majority of popcorn buttons just have a preset time.
OTOH all bags of microwave popcorn have “DO NOT USE THE POPCORN BUTTON” on them. Collectively, the microwave makers have failed to create a predictable, consistent popcorn button. The smart ones are smart in different ways, the dumb ones are dumb in their own ways, and it’s hard to even tell which is which.
I bet you watched this Technology Connections video https://youtu.be/Limpr1L8Pss
You’re aware the article is not about popcorn or popcorn buttons on microwaves, aren’t you? :=
Yes, I know.
But we have to be careful with our analogies. And sometimes… sometimes, there is more thought and effort into creating such a “nightmare bicycle” user interface than there may appear to be on the surface. And maybe there is a good reason for some design choices.
Not always, of course. As /u/kevincox mentions, some microwaves don’t have a moisture sensor, but present the same user interface as one that does. Which is very unfortunate.
A good “falsehoods” list needs to include specific examples of every falsehood.
Yours doesn’t! And I maintain that it’s still a good
boylist.That doesn’t look to me like it’s meant to be an example of a good falsehoods list.
My point stands. Dogs.
In addition, it’s worth knowing that dogs up to 2 years of age exhibit the halting problem.
I’ll make an attempt, with the caveat that this list seems so obvious to me that I’m worried I might be missing some nuance (imagine a similar list about cooking utensils with “people think knives can only be used for butter, but in reality they can also be used to cut bread, meat, and even vegetables!!!”).
Both the substitutions and the surrounding text can depend on each other. The obvious example is languages where nouns have gender, but you might also have cases like Japanese where “in” might be へ, で, or に to indicate relative precision of the location.
German is the classic example of using lengthy compound words where English would use a shorter single-purpose word, “Rindfleisch” vs “beef” or “Lebensmittel” vs “food” (why yes I haven’t had lunch yet, why do you ask…?).
See above – English -> German tends to become longer, English -> Chinese tends to become shorter.
Turkish and German are famous counter-examples, with Turkish
'i'/'I'being different letters, or German ß capitalizing to"SS"(though I think this is now considered somewhat old-fashioned?).Not true in Chinese, Japanese, Korean.
Every language has words that don’t exist in any other language. Sometimes because the concept is alien (English has no native word for 寿司), sometimes because a general concept has been subdivided in a different way (English has many words for overcast misty weather that don’t translate easily into languages from drier climates).
I’m not sure what this means because many expressions in English don’t even have a single explanation in English, but in any case, idioms and double entendres often can’t be translated directly.
If one’s English to SVO order is limited, limited too must their knowledge of literature be.
Even English doesn’t follow a rule of capitalizing the first character of every word. Title Casing The First Letter Of Every Word Is Bad Style.
One well-known counter-example being languages where agreement is by repeating a verb:
A: “Do you want to eat lunch together?” B: “Eat.”
See above.
Color / colour, aluminum / aluminium
Not sure exactly what this means – upper-case vs lower-case? Latin vs Cyrillic? 漢字 vs ひらがな カタカナ ? 简化字 vs 繁体字 ? Lots of counter-examples to choose from, Kazakh probably being a good one.
Lithuanian sorts
'y'between'i'and'j': https://stackoverflow.com/questions/14458314/letter-y-comes-after-i-when-sorting-alphabeticallySome languages special-case ordering of letter combinations, such as
ijin Dutch.And then there’s the dozens of European languages that have their own letters outside the standard 26. Or diacritics.
Arabic, Hebrew.
Not sure what “flows” means here, but applications with good RtL support usually flip the entire UI – for example a navigational menu that’s on the right in English would be on the left in Arabic.
Chinese, Japanese.
English:
"Dear Mr. Smith".French famously has rules that differ from English regarding spacing around punctuation.
“ ” in English,「 」in Japanese, « » in French,
European languages that use
'.'for thousands separator and','for the fractional separator, or languages that group by different sizes (like lakh/crore in Indian languages).Many languages are considered distinct for political reasons, even if a purely linguistic analysis would consider them the same language.
English (as spoken in Pittsburgh), English (as spoken in Melbourne), and English (as spoken in Glasgow).
More seriously, Japanese and Javanese.
Often they’re difficult to understand even for English speakers (I once saw a literal hamburger used to signify a collapsable sidebar).
Nobody who has ever travelled would think this. And yet. AND YET!
C’mon Google, I know that my IP is an airport in Warsaw but I really don’t want the Maps UI to switch to Polish when I’m trying to find a route to my hotel.
You can roughly gauge where you are in the world by whether the local ATMs offer “🇬🇧 English”, “🇺🇸 English”, or “🇦🇺 English”.
Belgium, Luxembourg, Switzerland.
English, again.
The German ß has history.
The old rule is that ß simply has no uppercase. Capitalizing it as “SS” was the default fallback rule if you had to absolutely capitalize everything and the ß would look bad (such as writing “STRAßE” => “STRASSE”). Using “SZ” was also allowed in some cases.
The new rule is to use the uppercase ß: ẞ. So instead of “STRASSE” you now write “STRAẞE”.
The usage of “SZ” was disallowed in 2006, the East Germans had an uppercase ß since 1957, the West German rules basically said “Uppercase ß is in development” and that was doppred in 1984 for the rule to use SS or SZ as uppercase variant. The new uppercase ß is in the rules since 2017. And since 2024 the uppercase ß is now preferred over SS.
The ISO DIN 5008 was updated in 2020,
This means depending on what document you’re processing, based on when it was created and WHERE it was created, it’s writing of the uppercase ß may be radically different.
It should also be noted that if you’re in Switzerland, ß is not used at all, here the SS substitute is used even in lower case.
Family names may also have custom capitalization rules, where ß can be replaced by SS, SZ, ẞ or even HS, so “Großman” can become “GROHSMANN”. Note that this depends on the person, while Brother Großmann may write “GROHSMANN”, Sister Großmann may write “GROSSMANN” and their mother may use “GROẞMANN” and these are all valid and equivalent.
Umlauts may also be uppercased without the diacritic umlaut and with an E suffix; ä becomes “AE”. In some cases even lowercase input does the translation because older systems can’t handle special characters, though this is not GDPR compliant.
If you ever want to have fun, the politics and regionality of German dialects could be enough to drive some linguists up the wall.
Bavarian is recognized as a language and dialect at the same time, it can be subdivided into dozens and dozens of subdialects, which are all similar but may struggle to understand eachother.
As someone who grew up in Swabian Bavaria, my dialect is a mix of both Swabian and Bavarian, I struggle to understand Northern Bavaria but I struggle much less with Basel Swiss Germany (which is distinct from Swiss German in that it originates from Lower Allemans instead of Higher Allemans) which is quite close in a lot of ways.
And the swiss then double down on making things confusing by sometimes using french language constructs in german words, or straight up importing french or italian words.
What should I read to learn more about this? Why wasn’t the character in Unicode 1.0, then?
East Germany added the uppercase ß in 1957 and removed it in 1984. The spelling rules weren’t updated, so despite the presence of an uppercase ß, it would have been wrong to use it in any circumstances. Since Unicode 1.0 is somewhere around 1992, with some early drafts in 1988, it basically missed the uppercase ß being in the dictionary.
The uppercase ß itself has been around since 1905 and we’ve tried to get it into Unicode since roughly 2004.
Is this more like there being an attested occurrence in a particular dictionary in East Germany in 1957 rather than common usage in East Germany?
A good example of this is a CMS I used to work on. The way it implemented translation was to define everything using English[0], then write translations as a mapping from those English snippets to the intended language. This is fundamentally flawed, e.g. by homonyms:
Here, the “Read” flag means “this has been read”, whilst the “Read” button means “I want to read this”. Using the English as a key forces the same translation on both.
[0] We used British English, except for the word “color”; since we felt it was better to match the CSS keywords (e.g. when defining themes, etc.).
One trick is to use a different word on the asset: Reviewed(adj) and Review(v) don’t have the same problem that Read(adj) and Read(v) do. Seen(adj) and See(v); Viewed(adj) and View(v). And so on. Then you can “translate” to English to actually use Unread/Read/[Read] if you still like it without confusing the translator who need to know you want more like e.g. Lido/Ler or 阅读/显示 and so on.
Much better than the original article. Also love how many of the counter examples come from English.
My bar for these lists is https://yourcalendricalfallacyis.com/ and most “falsehoods programmers believe” lists don’t meet it.
The number of exceptions caused by the Hebrew calendar makes me shed a tear of joy.
Here’s one falsehood they missed: the length of a year varies by at most one day. True in Gregorian calendar, apparently true in the Islamic calendar, but not true in the Hebrew calendar: leap years are 30 days longer than regular years.
They sorta cover it on the “days” section, by way of mentioning that the Hebrew calendar has leap months.
They also miss Byzantine calendars which are still used by many churches, related to the Jewish Greek calendar from the Septuagint. It’s of course complicated by the fact that many churches & groups do not agree on what year was the start, so it’s complex to use (but still in somewhat fairly common liturgical use).
Wow 30? I need to red more about this
Here’s a fun (counter)example of (something like) this one from my heritage language:
(Context: the word for enjoy/like is the same in the language, so when translating to English, I choose whichever sounds most natural in each given example sentence.)
When someone says, “do you (enjoy/)like it?”, if you want to say “yes, I like it”, that’s fine, but if you want to say you don’t like it, you would say, “I don’t want it”; if you were to say, “I don’t like it” in that situation, it would mean, “I don’t want it”. The same reversal happens if they ask, “do you want it?”, and you want to respond in the negative.
So someone would say, “do you want a chocolate bar?”, and you’d say, “no, I don’t want it”, and that would mean, “no, (I already know) I don’t (usually/habitually) enjoy it (when I have it), (therefore I don’t want it)”, whereas, “no, I don’t enjoy it” would just straightforwardly mean, “I don’t want it”.
(You can also respond with just, “no!” instead of using a verb in the answer.)
This only happens in the habitual present form. Someone might ask, “do you like chocolate?” before they offer you some, and you can say, “no, I don’t want it”, but if they already gave you a chocolate bar to try, they may ask, “did you like it?” in the past tense, and you’d have to respond with, “I didn’t like it” instead of, “I didn’t want it”. And, “do you want chocolate?” would be met with, “no, I don’t like it”, but “did you want chocolate?” would be met with, “no, I didn’t want it”, and that second one would just mean what it straightforwardly sounds like in English.
(Strictly speaking, it doesn’t need to be a response to a question, I’m just putting it into a context to show that the verb used in the answer isn’t just a negative form of the same verb used in the question.)
(It’s hard to explain because if you were to translate this literalistically to English, it wouldn’t even be noticed, since saying, “no, I don’t like it” in response to, “do you want it?” is quite natural, but does literally just mean, “I don’t like it”, in the sense of, “no, (I already know) I don’t (usually/habitually) enjoy it (when I have it), (therefore I don’t want it)”. Even, “no, I don’t want it“ in response to, “do you like it?” is fairly natural in English, if a little presumptive-sounding.)
In Polish when someone asks you “Czy chcesz cukru do kawy?” (“Do you want coffee with sugar?”) and you can respond with “Dziękuję”, which can mean 2 opposite things “Yes, please” or “No, thank you”.
The original ones, like “…Names”, don’t; part of what I find fun about them is trying to think of counterexamples.
I think if you want them to be useful they need to include counterexamples. If it’s just a vent post then it’s fine to leave them.
The first one gets a pass because it was the first one, and even then, I think it’s better to link people one of the many explainers people wrote about it.
Are there any actual lawyers here who could weigh in?
I’ve largely given up on techies correctly interpreting legalese.
The Mozilla lawyers say that CCPA and GDPR are not court-tested enough and they are making the ToU so broad such that the terms can prevent a lot of legal attacks. As someone who works for Mozilla, I have decided to trust them. But I can understand some people want to do their own reading….
¯\_(ツ)_/¯It must be stressful working for Mozilla and constantly being held to a higher standard.
Despite holding a pitchfork and having lost all faith in Mozilla’s leadership, I have nothing but respect for the people who have made Firefox a viable browser alternative for so long. Sorry you have to deal with this shit :/
Thank you. It would be a more realistic high standard if people contributed instead of complaining.
Filing bugs, finding duplicates, writing docs, everything counts. Not everyone has the necessary level of masochism to deal with a 20 year old C++/Rust/XHTML/CSS/JS codebase and that’s OK.
Heh, it’s not really masochistic if you just focus on an area that’s fairly isolated (for me it was platform stuff: kinetic scrolling for GTK, damage tracking for EGL, gamepad support with evdev, a couple little Wayland bugs, enabling stuff on FreeBSD…) – and what’s really amazing is the tooling, even just the fact that the build is literally just
./mach buildand doesn’t take outrageous amounts of time nor memory (well, without LTO).I mean, those terms are written for customers, who have to accept them, who are neither lawyers nor Mozilla employees. Legal writing for lawyers but for users to accept is malpractice.
It’s definitely a change in habit. I worked with Mozilla Legal around the GDPR compliance and documentation of crates.io and around the setup around the Foundation and they were very outside focused. Really loved it.
What I did find however is the classic that Mozilla is - curiously - very Californian, and not very international in their management and thinking. Peak of this was me observing someone trying to apply US case law to Germany, which doesn’t have case law.
All that said: I do trust Mozilla, but that’s because I have a privileged inside view through my work on Rust and in Tech Speakers and that can’t be what’s being asked of general users.
HOWEVER, I think it’s also the obligation of people criticizing to not spin the wildest legal theories. FOSS has a lot of armchair lawyers that can’t tell even tell personal information and copyrightable works apart.
Fair point. I can agree that this has been blundered in a variety of ways and I’m sorry that it appalled so, so many people.
The ideals of this post are dead. Firefox is neither private nor free. Do not use Firefox in 2025.
Mozilla has done an about face and now demands that Firefox users:
See https://lobste.rs/s/de2ab1/firefox_adds_terms_use for more discussion.
If you’re already using Firefox, I can confirm that porting your profile over to Librewolf (https://librewolf.net) is relatively painless, and the only issues you’ll encounter are around having the resist fingerprinting setting turned on by default (which you can choose to just disable if you don’t like the trade-offs). I resumed using Firefox in 2016 and just switched away upon this shift in policy, and I do so sadly and begrudgingly, but you’d be crazy to allow Mozilla to cross these lines without switching away.
If you’re a macOS + Littlesnitch user, I can also recommend setting Librewolf to not allow communication to any Mozilla domain other than addons.mozilla.org, just in case.
👋 I respect your opinion and LibreWolf is a fine choice; however, it shares the same problem that all “forks” have and that I thought I made clear in the article…
Developing Firefox costs half a billion per year. There’s overhead in there for sure, but you couldn’t bring that down to something more manageable, like 100 million per year, IMO, without making it completely uncompetitive to Chrome, whose estimate cost exceeds 1 billion per year. The harsh reality is that you’re still using Mozilla’s work and if Mozilla goes under, LibreWolf simply ceases to exist because it’s essentially Firefox + settings. So you’re not really sticking it to the man as much as you’d like.
There are 3 major browser engines left (minus the experiments still in development that nobody uses). All 3 browser engines are, in fact, funded by Google’s Ads and have been for almost the past 2 decades. And any of the forks would become unviable without Apple’s, Google’s or Mozilla’s hard work, which is the reality we are in.
Not complaining much, but I did mention the recent controversy you’re referring to and would’ve preferred comments on what I wrote, on my reasoning, not on the article’s title.
I do what I can and no more, which used to mean occasionally being a Firefox advocate when I could, giving Mozilla as much benefit of the doubt as I could muster, paying for an MDN subscription, and sending some money their way when possible. Now it means temporarily switching to Librewolf, fully acknowledging how unsustainable that is, and waiting for a more sustainable option to come along.
I don’t disagree with the economic realities you mentioned and I don’t think any argument you made is bad or wrong. I’m just coming to a different conclusion: If Firefox can’t take hundreds of millions of dollars from Google every year and turn that into a privacy respecting browser that doesn’t sell my data and doesn’t prohibit me from visiting whatever website I want, then what are we even doing here? I’m sick of this barely lesser of two evils shit. Burn it to the fucking ground.
I think “barely lesser of two evils” is just way off the scale, and I can’t help but feel that it is way over-dramatized.
Also, what about the consequences of having a chrome-only web? Many websites are already “Hyrum’s lawed” to being usable only in Chrome, developers only test for Chrome, the speed of development is basically impossible to follow as is.
Firefox is basically the only thing preventing the most universal platform from becoming a Google-product.
Well there’s one other: Apple. Their hesitance to allow non-Safari browsers on iOS is a bigger bulwark against a Chrome-only web than Firefox at this point IMO.
I’m a bit afraid that the EU is in the process of breaking that down though. If proper Chrome comes over to iOS and it becomes easy to install, I’m certain that Google will start their push to move iOS users over.
I know it’s not exactly the same but Safari is also in the WebKit family and Safari is nether open source nor cross platform nor anywhere close to Firefox in many technical aspects (such as by far having the most functional and sane developer tools of any browser it there).
Pretty much the same here: I used to use Firefox, I have influenced some people in the past to at least give Firefox a shot, some people ended up moving to it from Chrome based on my recommendations. But Mozilla insists on breaking trust roughly every year, so when the ToS came around, there was very little goodwill left and I have permanently switched to LibreWolf.
Using a fork significantly helps my personal short-term peace of mind: whenever Mozilla makes whatever changes they’re planning to make which requires them to have a license to any data I input into Firefox, I trust that I will hear about those changes before LibreWolf incorporates them, and there’s a decent chance that LibreWolf will rip them out and keep them out for a few releases as I assess the situation. If I’m using Firefox directly, there’s a decent probability that I’ll learn about those changes after Firefox updates itself to include them. Hell, for all I know, Firefox is already sending enough telemetry to Mozilla that someone there decided to make money off it and that’s why they removed the “Mozilla will doesn’t and will never sell your data” FAQ item; maybe LibreWolf ripping out telemetry is protecting me against Mozilla right now, I don’t know.
Long term, what I personally do doesn’t matter. The fact that Mozilla has lost so much good-will that long-term Firefox advocates are switching away should be terrifying to Mozilla and citizens of the Web broadly, but my personal actions here have close to 0 effect on that. I could turn into a disingenuous Mozilla shill but I don’t exactly think I’d be able to convince enough people to keep using Firefox to cancel out Mozilla’s efforts to sink their own brand.
If Firefox is just one of three browsers funded by Google which don’t respect user privacy, then what’s the point of it?
People want Firefox and Mozilla to be an alternative to Google’s crap. If they’re not going to be the alternative, instead choosing to copy every terrible idea Google has, then I don’t see why Mozilla is even needed.
Well to be fair to Mozilla, they’re pushing back against some web standard ideas Google has. They’ve come out against things like WebUSB and WebHID for example.
How the heck do they spend that much? At ~20M LoC, they’re spending 25K per line of code a year. While details are hard to find, I think that puts them way above the industry norms.
I’m pretty sure that’s off by 3 orders of magnitude; OP’s figure would be half a US billion, i.e. half a milliard. That means 500M / 20M = 25 $/LOC. Not 25K.
I see your point, but by that same logic, shouldn’t we all then switch to Librewolf? If Firefox’s funding comes from Google, instead of its user base, then even if a significant portion of Firefox’s users switch, it can keep on getting funded, and users who switched can get the privacy non-exploitation they need?
I gathered some numbers on that here: https://untested.sonnet.io/notes/defaults-matter-dont-assume-consent/#h-dollar510000000
TL;DR 90% of Mozilla’s revenue comes from ad partnerships (Google) and Apple received ca. 19 Bn $ per annum to keep Google as the default search engine.
Where did you get those numbers? Are you referring to the whole effort, (legal, engineering, marketing, administration, etc) ot just development?
That’s an absolutely bonkers amount of money, and while i absolutely believe it, im also kind of curious what other software products are in a similar league
doesn’t seem like a particularly grave concern to me
That page says “Services”. Does it apply to Firefox or the VPN?
The sexuality and violence thing I suspect is so that they are covered for use in Saudi Arabia and Missouri.
Yeah, that seems like legal butt-covering. If someone in a criminalizing jurisdiction accesses these materials and they try to sue to the browser, Mozilla can say the user violated TOS.
i assume it applies mostly to Bugzilla / Mozilla Connect / Phabricator / etc
This is just a lie. It’s just a lie. Firefox is gratis, and it’s FLOSS. These stupid paragraphs about legalese are just corporate crap every business of a certain size has to start qualifying so they can’t get their wallet gaped by lawyers in the future. Your first bullet point sucks - you don’t agree to the Acceptable Use Policy to use Firefox, you agree to it when using Mozilla services, i.e. Pocket or whatever. Similarly, your second bulletpoint is completely false, that paragraph doesn’t even exist:
The text was recently clarified because of the inane outrage over basic legalese. And Mozilla isn’t selling your information. That’s not something they can casually lie about and there’s no reason to lie about it unless they want to face lawsuits from zealous legal types in the future. Why constantly lie to attack Mozilla? Are you being paid to destroy Free Software?
Consciously lying should be against Lobsters rules.
Let’s really look at what’s written here, because either u/altano or u/WilhelmVonWeiner is correct, not both.
The question we want to answer: do we “agree to an acceptable use policy” when we use Firefox? Let’s look in the various terms of service agreements (Terms Of Use, Terms Of Service, Mozilla Accounts Privacy). We see that it has been changed. It originally said:
“When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.”
Note that this makes no distinction between Firefox as a browser and services offered by Mozilla. The terms did make a distinction between Firefox as distributed by Mozilla and Firefox source code, but that’s another matter. People were outraged, and rightfully so, because you were agreeing to an acceptable use policy to use Firefox, the binary from Mozilla. Period.
That changed to:
“You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.”
Are the legally equivalent, but they’re just using “nicer”, “more acceptable” language? No. The meaning is changed in important ways, and this is probably what you’re referring to when you say, “you don’t agree to the Acceptable Use Policy to use Firefox, you agree to it when using Mozilla services”
However, the current terms still say quite clearly that we agree to the AUP for Mozilla Services when we use Firefox whether or not we use Mozilla Services. The claim that “you don’t agree to the Acceptable Use Policy to use Firefox” is factually incorrect.
So is it OK for u/WilhelmVonWeiner to say that u/altano is lying, and call for censure? No. First, it’s disingenuous for u/WilhelmVonWeiner to pretend that the original wording didn’t exist. Also, the statement, “Similarly, your second bulletpoint is completely false, that paragraph doesn’t even exist:” is plainly false, because we can see that paragraph verbatim here:
https://www.mozilla.org/en-US/about/legal/terms/firefox/
So if u/WilhelmVonWeiner is calling someone out for lying, they really shouldn’t lie themselves, or they should afford others enough benefit of the doubt to distinguish between lying and being mistaken. After all, is u/WilhelmVonWeiner lying, or just mistaken here?
I’m all for people venting when someone is clearly in the wrong, but it seems that u/WilhelmVonWeiner is not only accusing others of lying, but is perhaps lying or at very least being incredibly disingenuous themselves.
Oh - and I take exception to this in particular:
“every business of a certain size has to start qualifying so they can’t get their wallet gaped by lawyers”
Being an apologist for large organizations that are behaving poorly is the kind of behavior we expect on Reddit or on the orange site, but not here. We do not want to or should we need to engage with people who do not make good faith arguments.
This is a pretty rude reply so I’m not going to respond to the specifics.
Mozilla has edited their acceptable use policy and terms of service to do damage control and so my exact quotes might not be up anymore, but yeah sure, assume that everyone quoting Mozilla is just a liar instead of that explanation if you want.
EDIT:
https://blog.mozilla.org/en/products/firefox/update-on-terms-of-use/
Sorry for being rude. It was unnecessary of me and I apologise, I was agitated. I strongly disagree with your assessment of what Mozilla is doing as “damage control” - they are doing what is necessary to legally protect the Mozilla Foundation and Corporation from legal threats by clarifying how they use user data. It is false they are selling your private information. It is false they have a nonexclusive … license to everything you do using Firefox. It is false that you have to agree to the Acceptable Use Policy to use Firefox. It’s misinformation, it’s FUD and it’s going to hurt one of the biggest FLOSS nonprofits and alternate web browsers.
So people can judge for them selves, the relevant quote from the previous Terms of Use was:
Source: http://archive.today/btoQM
The updated terms make no mention of the Acceptable Use Policy.
This is a pretty incendiary comment and I would expect any accusation of outright dishonesty to come with evidence that they know they’re wrong. I am not taking a position on who has the facts straight, but I don’t see how you could prove altano is lying. Don’t attribute to malice what can be explained by…simply being incorrect.
that’s not binding to firefox. that’s binding to mozilla services like websites and other services. https://www.mozilla.org/en-US/about/legal/terms/mozilla/ links to the acceptable use page for instance. whereas the firefox one does not. https://www.mozilla.org/en-US/about/legal/terms/firefox/
firefox is fine. your other points are also largely incorrect.
FYI this is a change made in response to the recent outrage, the original version of the firefox terms included
Which has now been removed.
What are the trade-offs for resisting fingerprinting? Does it disable certain CSS features, or?
Your locale is forced to en-US, your timezone is UTC, your system is set to Windows. It will put canvas behind a prompt and randomizes some pixels such that fingerprinting based on rendering is a bit harder. It will also disable using SVG and fonts that you have installed on your systems
Btw, I don’t recommend anyone using resist fingerprinting. This is the “hard mode” that is known to break a lot of pages and has no site-specific settings. Only global on or off. A lot of people turn it on and then end up hating Firefox and switching browsers because their web experience sucks and they don’t know how to turn it off. This is why we now show a rather visible info bar in settings under privacy/security when you turn this on and that’s also why we are working on a new mode that can spoof only specific APIs and only on specific sites. More to come.
Now that I know about it, I’m really looking forward to the new feature!
I’m using CanvasBlocker but its performance and UX could use some love.
This is the kind of thing Mozilla still does that sets it very far appart from the rest. Thanks!
heh, I wonder how many bits of entropy will be there in roughly “which of the spoofs are enabled”? :D
Yes, if everyone is running a custom set of spoofs you’d end up being unique again. The intent for the mechanism is for us to be able to experiment and test out a variety of sets before we know what works (in terms of webcompat). In the end, we want everyone to look as uniform as possible
It breaks automatic dark mode and sites don’t remember their zoom setting. Dates are also not always localized correctly. That’s what I’ve noticed so far at least.
Duplicate of https://lobste.rs/s/pgwyrc/announcing_interop_2025
Oh, it’s this again.
So, look. Every single internet-connected thing that involves anything that could even be considered user-generated content, and has lawyers, sooner or later inserts a clause into its terms saying you grant them a royalty-free, non-exclusive, non-revocable (etc. etc.) license to copy and distribute things you, the user, input into it.
This is like the most standard boilerplate-y clause there is for user-generated content. It’s a basic cover-your-ass to prevent someone suing you for copyright violation because, say, they just found out that when you type something in the built-in search box it makes a copy (Illegal! I’ll sue!) and transmits the copy (Illegal! I’ll sue!) to a third party.
But about every six months someone notices once of these clauses, misinterprets it, and runs around panicking and screaming OH MY GOD THEY CLAIM COPYRIGHT OVER EVERYTHING EVERYONE DOES WHY WOULD THEY NEED THAT PANIC PANIC PANIC PANIC PANIC OUTRAGE OUTRAGE PANIC.
And then it sweeps through the internet with huge highly-upvoted threads full of angry comments from people who have absolutely no clue what the terms actually mean but who know from the tone of discussion that they’re supposed to be outraged about it.
After a few days it blows over, but then about six months later someone notices once of these clauses, misinterprets it, and runs around panicking and screaming OH MY GOD THEY CLAIM COPYRIGHT OVER EVERYTHING EVERYONE DOES WHY WOULD THEY NEED THAT PANIC PANIC PANIC PANIC PANIC OUTRAGE OUTRAGE PANIC.
And then…
@pushcx this should not be allowed on lobste.rs. It’s 100% outrage-mob baiting.
Saying that everyone else does it does not make it okay. Are there court cases or articles describing the limits you say are implicit?
If you are as right as you think you are, then you could be educating instead of complaining to moderators.
That’s the point. GDPR has not been that well tested in court. As long as it hasn’t, people will stick to legal boilerplate to make it as broad as possible. This is why all terms of services look like copypasta.
Putting words in my mouth doesn’t make a counterargument.
What do you think is not OK about this boilerplate CYA clause? Computers by their nature promiscuously copy data. Online systems copy and transmit it. The legal world has settled on clauses like this as an alternative to popping up a request for license every time you type into an online form or upload a file, because even if nobody ever actually would sue they don’t want to trust to that and want an assurance that if someone sues that person will lose, quickly. They’ve settled on this because copy/pasting a standard clause to minimize risk is a win from their perspective.
Why is this evil and bad and wrong from your perspective? Provide evidence.
The system we currently have may be structured in a way which makes clauses like this necessary or expedient in order to do business, but the validity of such a clause for that reason doesn’t excuse the system that created it.
But Firefox isn’t a web service. It’s a program that runs on my computer and sends data to websites I choose to visit. Those websites may need such legal language for user generated content, but why does Mozilla need a license to copy anything I type into Firefox?
This. I’ve chatted with a few lawyers in the space and this is literally the first time we’re seeing that interpretation to apply to a local program you choose to run that is your agent.
Firefox integrates with things that are not purely your “local agent”, including online services and things not owned by Mozilla. And before you decide this means some sort of sinister data-stealing data-selling privacy violation, go back and look at my original example.
So clearly rejecting their TOS should just toggle off all of those services, right?
None of these are activities falling under copyright, so a license is meaningless.
The list of data subprocessors is short and well documented: https://support.mozilla.org/en-US/kb/firefox-subprocessor-list
So it also can’t be an issue of “let’s be blanket because we can’t give you the list”.
The Python Package Index has almost exactly the same clause in its terms of service for things you voluntarily choose to send to them.
I guess their legal advisers are just bad or something. Maybe you could go see about getting hired to replace them.
When you upload something to the python package index you do so because you intend for the python package index to create copies of it and distribute it, which needs a license.
When you make a comment on pull request for work you don’t intend for Mozilla to have anything to do with that. You don’t intend for Mozilla to receive your post. Nor to have any special rights to view it, distribute it, make copies of it, etc. They do not need a license because they shouldn’t be seeing it. Moreover you don’t even necessarily have the right to grant them said rights - someone else might own the copyright to the material you are legitimately working with.
These scenarios are not even remotely similar.
If you use their integrated search which might send things you type to a third party, Mozilla needs your permission to do that.
If you use their Pocket service which can offer recommendations of articles you might like, Mozilla needs your permission to analyze things you’ve done, which may require things like making copies of data.
If you use their VPN service you’re passing a lot of stuff through their servers to be transmitted onward.
There’s a ton of stuff Mozilla does that could potentially be affected by copyright issues with user-generated/user-submitted content. So they have the standard boilerplate “you let us do the things with that content that are necessary to support the features you’re using” CYA clause.
More specifically, their recommendations are at odds with the interests of users.
The question for random people reading these clauses is what does that mean? Legalese can be hard for lawyers to understand. It’s much harder for mere mortals.
I think everyone is OK with Firefox (the browser) processing text which you enter it into. This processing includes uploading the text to web sites (which you ask it to, when you ask it to), etc.
What is much more concerning for the average user is believing that the “ royalty-free, non-exclusive, non-revocable (etc. etc.) license” is unrestricted.
Let’s say I write the worlds most beautiful poem, and then submit it to an online poem contest via FireFox. Will Mozilla then go “ha ha! Firefox made a copy, and uploaded it to the Mozilla servers. We’re publishing our own book of your work, without paying you royalties. And oh, by the way, you also used Firefox to upload intimate pictures of you and your spouse to a web site, so we’re going to publish those, too!”
The average person doesn’t know. Reading the legalese doesn’t help them, because legalese is written in legalese (an English-adjacent language which isn’t colloquial English). Legalese exists because lawsuits live and die based on minutiae such as the Oxford Comma. So for Mozillas protection, they need it, but these needs are in conflict with the users need to understand the notices.
The Mozilla blog doesn’t help, because the italicized text at the top says: It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice
OK, what does the Privacy Notice say?
(your) …data stays on your device and is not sent to Mozilla’s servers unless it says otherwise in this Notice
Which doesn’t help. So now the average person has to read pages of legal gobbledygook. And buried in it is the helpful
Identifying, investigating and addressing potential fraudulent activities,
Which is a huge loophole. “We don’t know what’s potentially fraudulent, so we just take all of the data you give to FireFox, upload to our US-based servers, and give the DoJ / FBI access to it all without a warrant”. A lawyer could make a convincing and possibly winning argument that such use-cases are covered.
The psychological reason for being upset is that they are confused by complicated things which affect them personally, which they don’t understand, and which they have no control over. You can’t address that panic by telling them “don’t panic”.
Could you explain why the concern is necessarily born of confusion rather than accurate understanding?
I didn’t say the concern is necessarily born of confusion. I said that the concern was because they didn’t understand the issues.
you said the reason for being upset is that they are confused. sorry if I was changing your meaning by adding “necessarily.” why do you say the concern is because of confusion or lack of understanding? what understanding would alleviate the concerns?
I don’t see a lot of difference between confusion and lack of understanding. Their upset is because the subject affects them, and they’re confused about it / don’t understand it, and they have no control over it.
This is entirely normal and expected. Simply being confused isn’t enough.
What would alleviate the concerns is to address all three issues, either singly, or jointly. If people don’t use Firefox, then it doesn’t affect them, and they’re not upset. If they understand what’s going on and make informed decisions, then they’re not upset. And then if they can make informed decisions, they have control over the situation, and they’re not upset.
The solution is a clear message from Mozilla. However, for reasons I noted above, Mozilla has to write their policies in legalese, when then makes it extremely difficult for anyone to understand them.
but who does “they” refer to? are you saying this describes people in general who are concerned about the policy, or are you just supposing that there must be someone somewhere for whom it is true?
what about people who have an accurate layman’s understanding of what the policy means, and are nonetheless concerned?
The actual reason for them being upset is that someone told them to be afraid of the supposedly scary thing and told them a pack of lies about what the supposedly scary thing meant.
I propose to deal with that at the source: cut off the outrage-baiting posts that start the whole sordid cycle. Having a thread full of panicked lies at the top of the front page is bad and can be prevented.
And if you really want to comfort the frightened people and resolve their confusion, you should be talking to them, shouldn’t you? The fact that your pushback is against the person debunking the fearmongering says a lot.
i.e. you completely ignored my long and reasoned explanation as to why people are upset.
Alternatively, you could look at the comment above in https://lobste.rs/s/de2ab1/firefox_adds_terms_use#c_yws3nv, which explains clearly just how nefarious and far-reaching the new policy is.
I haven’t seen you debunk anything. In order to “debunk” my argument, you would have to address it. Instead, you simply re-stated your position.
I explained why your position wasn’t convincing. If you’re not going to address those arguments, I don’t need to respond to your “debunking”.
At best that comment points out that a consolidated TOS for Mozilla “services” is confusingly being linked for the browser itself. Nothing has been proven in the slightest about it being “nefarious”, and the fact that you just assert malicious intent as the default assumption is deeply problematic.
So your position is completely unconvincing and I feel no need to address it any further.
But you’re not debunking the fear mongering. You’re conspicuously ignoring any comment that explains why the concern is valid. Don’t hapless readers deserve your protection from such disinformation?
You’re largely describing boilerplate for web services, where the expectation is that users input content, and a service uses that content to provide service.
Firefox is a user agent, where the expectation is that users input content and the agent passes that content through to the intended service or resource.
You can call this boilerplate if you like, but it certainly gives Mozilla unambiguous rights relative to what you put into it.
This really does beg the question: Firefox is 20 years old. Why did they only feel the need to add this extremely standard boilerplate-y clause now?
Their lawyers won the debate this time.
why though?
what exactly does that mean? Were they already actively doing this, and the lawyers “won” by updating the TOS to cover that behavior? Or did the lawyers “win” because they were pushing for a business decision to change Firefox’s data gathering activities?
Please, If you could reflect for a moment on your own comment that you have written could you determine if comes off as outraged?
I am incredibly tired of this sort of thing sparking ignorant outrage on a regular basis. It should not be permitted on this site.
There’s a “hide” button just for you. You can be the ninth lobster to click it!
This post is
Many much more mild examples have been removed on this site without hesitation. This one has to be, too, if the site rules mean anything.
I disagree. I think this is actionable, relevant, and very on-topic. I’d even argue about that with you here, except that you in particular have a very solid history of bad-faith arguing, and I have better things to do.
Anyway, so far 84 of us have upvoted it, vs 7 “off-topic” flags and 8 hides, for a ratio of about 5:1, if we care about user opinions. Your paternalism isn’t a good look. Just hide it, flag it, and move on!
I will note that we have both a
privacytag andlawtag, which are explicit carveouts for this sort of content.Now, whether or not we should retire those or not is a bigger question.
We already know the site rules don’t mean anything. The same rules are regularly violated for Apple marketing presentations.
What would a post that is not meant to whip up outrage look like? Presumably the blog author did their best to write such a post.
I wouldn’t say that the site rules don’t mean anything–I would say that many users and even admins have disregarded them for political expediency.
The long-term effects of this, of course, are deleterious…but that doesn’t matter when gosh darnit, the outgroup is wrong right now.
In the case of Apple, there’s a weird sort of thing where a
releasetag covers what is technically marketing. They also are both a large software and hardware vendor and, like it or not, have a large userbase. I’m not saying we should see a constant dripfeed of Apple propaganda, but it isn’t entirely without precedent.Of course. I adopted the parent comment’s hyperbole to avoid getting bogged down in minutia. But there’s nothing wrong with more clarity and precision.
then don’t express the ignorant outrage?
I’m really surprised to see anyone pay even the slightest of attention to this on Lobsters. It’s something my granddad would post to Facebook (example)
Such an ad-hominem argument is something my grandma would post on Instagram.
It’s not an ad hominem. I’m not attacking anyone instead of their argument.
A good argument in favor of supporting https is NOT an argument for banning http.
For instance, I use https all the time as a web developer who tests out servers before putting them behind SSL.
I don’t think anyone wants to ban localhost :)
If encoding of typical URLs doesn’t work really well, shouldn’t they make a new encoding version that is specialized for alphanumeric, / : ? & etc?
chicken-egg problem now. Who would want to use a QR code encoding that won’t work with the majority of QR code readers for only a very small gain, and how many reader implementations are actively maintained and will add support for something nobody uses yet?
The encoding could be invented for internal use by a very large company, kinda like UPS’s MaxiCode: https://en.m.wikipedia.org/wiki/MaxiCode
What you’re describing is the problem for all new standards. How do they ever work? ;-)
Better in environments that are not as fragmented and/or can provide backwards compatibility? ;)
The “byte” encoding works well for that. Don’t forget, URls can contain the full range of Unicode, so a restricted set is never going to please everyone. Given that QR codes can contain ~4k symbols, I’m not sure there’s much need for an entirely new encoding.
Yes, although… there’s some benefit to making QR codes smaller even when nowhere near the limits. Smaller ones scan faster and more reliably. I find it difficult to get a 1kB QR code to scan at all with a phone.
QR codes also let you configure the amount of error correction. For small amounts of data, you often turn up the error correction which makes them possible to scan with a very poor image, so they can often scan while the camera is still trying to focus.
IME small QR codes scan very fast even with the FEC at minimum.
URIs can contain the full Unicode range, but the average URL does not. Given that’s become a major use case for qrcodes it’s definitely a shame it does not have a better mode for them: binary mode needs a byte per byte while alnum only needs 5.5 bits per byte.
All non-ascii characters in URLs can be %-encoded so unicode isn’t a problem. A 6-bit code has room for lower case, digits, and all the URL punctuation, plus room to spare for space and an upper-case shift and a few more.
So ideally a QR encoder should ask the user whether the text is a URL, and should check which encoding is the smallest (alnum with %-encoding, or binary mode). Of course this assumes that any paths in the URL are also case-insensitive (which depends on the server).
Btw. can all HTTP servers correctly handle requests with uppercase domain names? I’m thinking about SNI, maybe certificate entries…? Or do browsers already “normalize” the domain name part of a URL into lowercase?
The spec says host names are case-insensitive. In practice I believe all (?) browsers normalize to lowercase so I’m not sure if all servers would handle it correctly but a lot certainly do. I just checked and curl does not normalize, so it would be easy to test a particular server that way.
Host name yes, but not path. So if you are making a URL that includes a path the path should be upper case (or case insensitive but encoded as upper case for the QR code).
No, a URI consists of ASCII characters only. A particular URI scheme may define how non-ASCII characters are encoded as ASCII, e.g. via percent-encoding their UTF-8 bytes.
Ok? You see how that makes the binary/byte encoding even worse right?
Furthermore, the thing that’s like a URI but not limited to ASCII is a IRI (Internationalized Resource Identifier).
You’re right (oh and I should know that URLs can contain anything…. Let’s blame it on Sunday :-))
Byte encoding is fun in practice, as I recently discovered, because Android’s default QR code API returns the result as a Java String. But aren’t Java Strings UTF-16? Why yes, and so the byte data is interpreted as UTF-8, then converted to UTF-16, and then provided as a string.
The work around, apparently, if you want raw byte data, is to use an undocumented setting to tell the API that the data is in an 8-bit code page that can be safely round tripped through Unicode, and then extract the data from the string by exporting it in that encoding.
I read somewhere that the EU’s COVID passes used text mode with base45 encoding because of this tendency for byte mode QR codes to be interpreted as UTF-8.
Do you really mean base45 or was that a typo for base64? I’m confused because base64 fits fine into utf8’s one-byte-per-character subset. :)
There’s an RFC: https://datatracker.ietf.org/doc/rfc9285/ and yes, base45, which is numbers and uppercase and symbols that matches the QR code “alphanumeric” set.
ahhh ty
Slightly off topic, but really struggled to find the right tag for an article about encoding. Glad it’s about encoding a URL, do “web” it is… :)
How do you like to run your bookmarklets? I have the bookmarks navbar hidden to save screen space and so bookmarklets are always hidden enough for me not to think about them.
You can tag them and search the address bar by tag. I think defining them with a meaningful function name also helps the address bar search. Like so:
Thank you!
I have a couple that I use all the time, like ‘scroll to top/bottom’, so I have them on my bookmarks toolbar itself. For the rest, I have them in a subfolder inside my bookmarks toolbar.
What’s wrong with Home/End buttons?
Not available on typical Mac laptop keyboards, and even if they were, often my hand is on the touchpad so it’s just more convenient to tap on a button instead of moving my head to a key.
We are this 🤏 close to re-inventing XUL. (JSX is already reinventing E4X, so we are doing quite well on that front)
20% of page loads is a lot. The US numbers are meaningless in this discussion IMO, unless your worldview ignores the majority of the planet.
I’m a big fan of using HTTPS for everything, but just like ipv6, it’s a fools errand to think we can or should mandate it.
For context, browser usually don’t remove/deprecate features as long as they are above the 0.1% threshold.
Boblord used to (don’t know current situation) work at CISA. He is paid to not care for outside the US.
Did anyone else read the privacy policy https://crustacean.optionalstudio.work/privacy/?
Nice.
I for myself will forever be contend with using a web browser as the app to browse web sites, but whatever floats your boat :)