It's been 2-3 years since I switched back to Firefox ever since I cut around 90% of Google out of my life, sadly I still can't find a good search engine where I don't spend more than 5 mins trying different keywords to get the results google gives me.
Out of all the browsers I like that Mozilla were the first to point the finger to the elephant in the room while Microsoft, Google, Opera just turned a blind eye on privacy, although I don't think anyone expects much from Google these days.
Firefox has once again became my default browser on all my devices after like 6-8 years since I last used it. I guess as far as privacy concerns goes, if you are looking for a company/browser that will continue working on protecting you from trackers by default that'd be Mozilla.
Random observations that doesn't necessarily have anything to do with the topic: Firefox for windows is perfect. I actually think it's faster on Windows than on OSX for whatever reason. Playing videos, like using Netflix or Youtube is extremely sluggish on Firefox OSX, but is fine on Windows. I always end up using Safari if I want to watch a video on a higher resolution because the performance drags a lot on Firefox, especially it Netflix's overlay UI you can literally observe it's lagging behind but not in Safari.
In the past couple of years, search has reverted to late 90s levels of result quality. Google used to get you exactly what you wanted for close to 20 years. Now you have to cross reference several search engines to find something other than terrible blogspam and obvious advertisements disguised as reviews. Search seems primed for disruption again.
I appreciate DDG's privacy focus, but their results are often crap.
This is true. These days, Google does very poorly with the tail, and may not even index a lot of sites...definitely some older sites that are still up just drop out of the index, and cannot be found even with exact phrase searches.
If there was one open source project that I'd support would be an open search, but are there any serious, well funded efforts?
Try the semantic map of https://swisscows.ch/
While usually DDG is sufficient for my uses i'm noticing falling back more and more often to the swiss cows. This map thing really helps to separate that which is of interest to you, from unrelated things. Be it the same abbreviations used across different fields, names of persons or corporations across history, ...
I'd be very happy if DDG had that, since i'm so used to it.
But it doesn't.
I think https://www.qwant.com/ had something very simialar many years ago, but now it's gone, or i'm mistaking it for some other prototype/beta which had that.
They block certain results because of that, and there is no option to disable that. That's a big no to me. How do I know what results do they consider moral enough to show me?
I always use Safe Search when using Google. I've never watched porn and don't plan to start now, so I appreciate that I know my results from this site will be SFW.
They cite “family values” and have an illustration of a heteronormative family on the “morals” page. Does that mean they filter gay-related results? Gay marriage related results? Would you prefer them to filter it?
I have no idea if they do, but it’s foolish to even cause such questions and disambiguation with your brief (which you inevitably do when you do “morals”)
I was recently searching for information on how Slot Machines are programmed. I had questions about the OS that they run, the languages used to program them, information about the random number generators, etc.
There was a reddit post by someone in the industry that answered some of those questions. Unfortunately, it's quite old.
That makes me think, maybe I should write up a blog post about this as I find the answers I'm looking for. I'm certainly not an expert, but the information in search engines is lacking or I'm searching for the wrong things.
The most niche things I search for are typically career-related, so software questions. I'd guess more than 9 out of 10 queries, the result that I am looking for (i.e. the result that helps me) is on stackoverflow, github, or some apache mailing list.
A search engine just for software, that crawls a whitelisted set of platforms and provides more relevant results (github's search is very poor, for example) would be perfect. Google seems to be the "best" at this right now, so while I use DDG to search most of the time, when I'm working I end up routing most of my queries to Google.
Somewhat tangential, but the word "niche" made me think about this.
you should build this! building a search engine today is no doubt an uphill battle, but the move toward more specialized platforms feels inevitable as there gets to be more and more of the web to index, search, and discover.
I wonder how much of that is technology, and how much is actually inherent to the privacy.
Google collects your data to show you ads, but it also uses that to inform its search algorithm. Exactly how it does so is deliberately opaque, but it's no surprise that it knows that you probably mean the local restaurant rather than the one in Indiana by the same name -- and even that you mean that restaurant despite having mistyped it as the name of a different restaurant.
There is assuredly more to it than that, and it's not really a surprise that it can give you better search results if it knows who you are. Whether that's worth your privacy is up to you -- though many people don't really make that choice consciously.
So instead of returning a canonical list of the best results for a given subject, they use the copout that people want to see different things. IMHO this has led to problems like politicizing science to cover "both sides" when there is actually consensus. It's institutionalized ignorance.
I agree that search is primed for disruption though. The endgame for search is an artificial general intelligence (AGI) that acts as an oracle to answer any question put to it better than any human. Search is just a query over a very large search space, and is the basis for rational thought (or at least human memory). What we have today is more like a library of books where the user is forced to learn the categorization system and perform the librarian's job manually much of the time.
I've always thought that google had a conflicting business model - on the one hand search brings people in, but on the other it competes with ads. The better the search, the less useful the ads. Given this, google might be indirectly incentivized to only have search good enough to be better than competition, but not the best. Not saying they're actively doing that, but seems like something.
Recommending Cliqz that is owned by Hubert Burda, a global media conglomerate which couldn’t care less about your privacy, and where every player is sorely focused on getting a bite of Google’s cake, is also hypocrisy.
I mostly agree, although I think that isn't totally clear yet. I only mentioned Yandex because they're the most egregious example. They are significantly worse than Google in user privacy and general evilness, which I don't think you can clearly say about Cliqz, if only because they haven't mattered enough to have the chance to abuse real users.
> In the past couple of years, search has reverted to late 90s levels of result quality.
The problem is that despite google doing that (I wouldn't be as hard as you, but there was definitely a decrease in quality), they're still SO far ahead of everyone else ...
Just goes to show exactly how far ahead of the competition they were all that time.
Bad DDG results are a myth at this point. It was true a couple of years ago. But they’ve improved a lot and last few months I rarely use google as a fallback.
I've also seen DDG improve over the years but there are still cases where I can't find some obvious things I'm looking for. Unfortunately I can't provide an example. Sorry.
In that case I fallback to Google which is usually helpful even though I have the feeling that it's getting less good.
In the end, my default search engine is becoming Wikipedia... (Mostly kidding, of course, even though I rely to Wikipedia for an increasing number of searches.)
If you put the term in quotes, it disables the correcting of your term.
IMO, correction is a feature. I'm more likely to typo a search term (especially on mobile) than to actually be looking for something with a deliberate mispelling or strange set of letters/numbers.
I switched to DuckDuckgo a few months ago, and never looked back. The results used to be far inferior to Google's - but they seem to have caught up recently. If you haven't tried them out within the last couple of months, I strongly recommend that you give them a chance.
I switched to DuckDuckGo, made it maybe two weeks, and finally gave up and switched back to Google. Their search results are still vastly inferior to Google.
I'm still struggling. Out of principle I've set my default search engines (desktop/mobile) to DDG, but all too often I'm using the '!g' tag to get back to Google. Especially with programming-related queries I just don't get close to what I want in DDG. Google always seems to have the right information the first time. It's unfortunate, because I keep trying to use DDG as much as possible, but the quality just isn't there for me.
It may depend on your particular field of search. I have been using DDG for quite some time and pretty often I need to use !g due to the low quality of the results on DDG only to realize I'm presented with equally bad results from Google. It's possible that for my regular searches DDG is good enough, and the more targeted ones are just too difficult.
Startpage was acquired by targeted ad company System1 in December 2018 (but neither company announced the acquisition until November 2019, for some reason).
All true points, but I'd rather risk being tracked by a company that would be completely cratered even more than they've already been by being bought by Privacy One than just go straight to the devil himself, so I use the !s and just mentally treat it as if its a slightly better form of !g rather than before where startpage was all the benefits of Google search without most of the drawbacks.
I'm teaching Kleene's Recursion Theorem. This morning I tried "exercises for recursion theorem" in both. DDG's first page results were not useful, Google's were.
"ED survivor" is a tricky term to search for. Is "ed" an acronym or the name Ed? But still the first result gives you an instagram link about eating disorders and body dysphoria. Since you were trying to figure out what this term meant, I'm assuming you could figure this out from context.
I'll give you that the results aren't great[0] and that Google's results were __MUCH__ better here, but it did get you to the answer you wanted with the first link. Maybe we search different, but at least in my experience I don't frequently have results like this. Rarely do I reach for "!g" and usually when I do the searches are so niche that Google struggles too.
Excuse me? I didn't get an answer in the first link; there wasn't something pointing me towards the answer in any of the results on the first result page.
Incidentally, nowadays I'm using DDG much more than back then. I don't know whether the search results improved or whether I calibrated myself so that I know better how to phrase my searches. I'm still using many !g, but only maybe half of the time.
No? I don't have a list handy, and I’m not the QA department for DDG. The point is - and yes, this is somewhat subjective - I found the quality of the results inferior to Google, and grudgingly switched back after a few weeks of disappointment.
You're certainly not alone, but I've had such a wildly different experience. I switched to duckduckgo primarily because I preferred the search results. The privacy aspect was just a bonus.
The only time I ever find myself using the !g escape hatch is when I'm searching something brand new (e.g. a breaking news story). Duckduckgo has a recency filter but it seems to take them a few days to ingest the content.
Same here. I'm still using duckduckgo on my private devices (phone and home laptop), at work I'm using google. I suppose the reason this works for me is at work I need GOOD results, thus google search there. At home I just need a search now and again, so duckduckgo is good enough for this.
So, my private life stays my private life with duckduckgo. And at work — I don't really care what google does to my "js shortest path algorithm"-kind-of results history.
Same. I'm about 70% DDG and 30% Google right now. Honestly, with "!g", I'm okay with it. Even though I don't get 100% privacy, its better than 0% privacy.
I switched to DuckDuckGo a number of years ago and while yes, their results have become better there are times in my line of work where I've had to use !g search item as Google still seems have to have the best results sometimes.
Granted this is maybe once or twice in 3 - 4 months I end up using !g prefix.
Another helpful thing that can be done with Firefox is to add google.com to a container. One of the things google does that I really dislike is personalized search. Having a container specified for it lets me use the browser more naturally without having to open a private session.
Do you know if there's a way to get it to work with containers? Often, I'll use a container to remain logged in to a site and white list its cookies. It'd be good if non-container pages were in private mode by default.
> I still can't find a good search engine where I don't spend more than 5 mins trying different keywords to get the results google gives me.
I always hear this but myself have never had problems with DDG. I'm curious what you search for.(am I the odd one?) Image search is TERRIBLE, but web search I have no issues with. I actually like how DDG works with programming questions, how it gives the SO result on the side.
Whenever I try Google I never end up getting better results. But that may be because I've been off them for years and so they can't provide any advantage.
It's.... a bit hard to define my current workspace. I do software development but a lot of that development is on legacy applications using some obscure API, perhaps a super old version of a known open source project that nobody uses anymore, or simply dealing with an application written two decades ago in C and I have to know specific things.... and I'd have to say searching on Google is just handy when it comes to this.
It's not easy to describe I guess. For my normal "John Doe" usage I have no problems using DDG. But when it comes to work where I need to narrow it down the best I can I guess Google will always come to the rescue (but not always, haha.... nothing like dealing with undocumented libraries).
I wish it was just language-specific behaviors at least I know there's always plenty to search on but... it's a little bit of everything.
I find image search on Google to be terrible due to whatever it is that Pinterest is doing. It is awful trying to find something and repeatedly stumbling into their crapfest.
big fat disclaimer: I'm about to start working at a competitor to DDG
However I've found that DDG has a really hard time when you have minor typos in your query, or when it includes really common words
When I type in semi-remembered song lyrics into Google, I'm usually able to find the song. I haven't had the same luck with DDG (one example of semi-remembered lyrics I tried to look up was "streetlight reflect piss streets". DDG doesn't give anything useful. If you add the word "lyrics" to the query, it gives you a list of maybe a dozen songs about lights and even some songs about urine, but not the one I was looking for. Even without adding the word lyrics, Google's first result is an infobox saying "Fat Cats, Bigga Fish|Song by The Coup", with the full lyrics and some links to listen to it.
I also had a hard time trying to look up info on DDG regarding Google employee benefits. Maybe that's intentional :)
At one point, the top search result for "Google vision plan" was a link to google.fr/maps (DDG actually gives some useful results now, but it didn't when I looked previously)
Another interesting query to compare for me was "subaru outback gate OR garage opener"
DDG just gives links to Lowes, Home Depot, Walmart, and other places to buy garage door/gate openers. The first Google result is a video for how to teach a Subaru Outback how to open a gate/garage (which is what I actually wanted). Maybe I'm just used to the level of vagueness that lets Google give me useful results, which isn't explicit enough for DDG?
I've been using DDG as main search engine for 3 years, results for my queries are usually on par with Google in private mode, but if you're looking for results in any other language than English or non-tech stuff it falls behind big G
Searches in German (and probably other languages than English too) are pretty fucking horrible.
But on English searches it's my preferred search engine. It's definitely good enough in 98% of all cases and there's always !g if everything else breaks.
So I definitely accept the language limitation. Especially since I know what to expect. The privacy focus more than balances this out.
What I do is to use multiple search engines and specialize my searches.
I use "smart keywords" [1], which work similarly to DuckDuckGo's !bangs [2] and most of the time I noticed that I know what the source I want is — if I want a Wikipedia article, I search with "@w" in front, if I'm searching for a dictionary definition, I search with a "@define", if I want to search for a location I search with "@maps", if I want a StackOverflow answer I search with "@so", etc, etc.
I have bookmarks for such search engines, neatly being synchronized between my Firefox instances (works on mobile too) and I got quite used to them. I prefer my own bookmarks, b/c I can always add custom stuff and b/c I don't want an extra round trip to DDG anyway.
Also DuckDuckGo is fine for English results, I often find that searches yielding bad results on DDG will often lead bad results on Google too. When not finding what I'm looking for, sometimes I search on Google too ("@g"), in order to double check. But you won't catch me searching for very personal stuff on Google — e.g. I'll never search for health advice on Google and even if DDG's results are bad, it's either that versus nothing at all.
I'm also not super strict — we do use Gmail and Google Docs at work and that's fine, but I do prefer native clients for Gmail too and I prefer text files in my Dropbox for my own notes. I also pay for YouTube Premium, because otherwise my son is getting exposed to ads, plus I watch YouTube anyway and I'd rather have the ads-free experience on every device I own.
Right and the TL;DR of my reply is — if I spend 5 mins on DDG or other websites, then I would have spent 5 mins on Google too, because in my experience Google's search results have degraded too — due to spam, plus I noticed the results further degrading after I toggled off the search history in my profile, but that's another discussion.
I find some programming related things hard to find in DDG. Most recently anything related to Deno. I've found some other esoteric corners of programming that are only surfaced with Google.
If I want to search Wikipedia, I just directly search Wikipedia. I have a browser search bar shortcut “w ” for exactly that. So I type “w firefox” and it takes me to https://en.wikipedia.org/wiki/Firefox directly. Similarly for many other sites I use regularly.
Really there’s no point in asking a middle man to do that for you, whether they claim to track you or not.
On the contrary, my experience is that I prefer the Google results even when I want to search in a site that has an internal search engine, such as Wikipedia, StackOverflow and Reddit. Both the formatting and the quality of the results are better in Google.
I was responding to the DDG bangs (e.g. @w) usage. A custom search shortcut is strictly better by achieving the same effect without a middle man.
When I actually need to search Wikipedia, Reddit etc. I do use Google. I only use shortcuts when I know they will take me directly to relevant result(s), e.g. with many Wikipedia pages for well-known subjects.
Which is very helpful because with Google, in spite of some available settings, it's impossible to know what kind of custom/localized results being served.
In DDG, I turn it on (mine is Germany toggle as well) for finding restaurants and local support sites, and turn it off when I search anything programming related. Works well so far. I used the infamous "!g" rarely in the last few months.
I've found Startpage ( https://startpage.com ) to be a good compromise -- it delivers Google search results but proxies it through their servers for privacy / less-Google-tracking.
Another handy thing is that Duckduckgo has a flag for it so you can search DDG first then just add '!s ' in front of your search terms to have the search done in Startpage instead.
Also useful thing for iPhone is to set the default search engine for Safari to DDG instead of Google -- I can just type '!s' before my search terms to get Google results without the tracking.
Search is a privacy vulnerability anyhow; the better it is the more information about yourself you must have surrendered.
Before good search was available the use of bookmarks and bookmark sharing was far more widespread, and discovering new content was somewhat of a social experience.
Great point. The SearX documentation addresses your concern here [1] I run my own, for myself only (via WireGuard). Its easy to set one up, for example with Docker [2]. However, I recommend to try it out first. A list of public instances is available here [3]. These lists include Tor entries (if you require anonimity, don't enable JS and use e.g. Tor Browser!), and also mention where they are hosted (if on clearweb). You can try it out there. That being said, one which seems safe (because of the people behind it) is [4]. At least safe to test it.
Wouldn't running a private instance be the same as directly queryint google? Like, it queries through the same IP you use, and can build a profile just using that.
The sluggishness with video streaming in Firefox on macOS might be because Firefox supports VP9 so those services will use it to save bandwidth but macOS doesn't provide an API for hardware decoding of VP9 so it happens in software. Safari only supports h264 so that's what gets used and goes through hardware decoding. You can try extensions like h264ify on Firefox (and Chrome) to make it use h264 too.
Strongly agree with your random observations. Something about Firefox on Mac is just incredibly slow at even basic things like switching tabs. This is on a higher end 2019 15" Macbook Pro. Whereas on Windows 10 it feels just as fast as Chrome.
It is good on Debian flavors of Linux too. I think the issues with Mac OS X are well known and have been worked on for a long time. It used to be image rendering in the past, and it is now other problems with rendering (transparent windows).
Microsoft used to be very big in highlighting how much more privacy-minded they are. This was a massage pushed to policy makers across the world, and very significantly in Europe. This stopped 100% with the launch of Windows 10; I assume this is because of all the metrics it collects (often unknown to or explicitly against users' wishes).
The only option for privacy-minded search seems to be to use one of the bing wrappers, most notably duckduckgo.
Care to elaborate? Anonymity is part of privacy, which is part of security.
Security is a multi-perspective problem. Often, false dichotomies are drawn to convince people to give up their own security in order to benefit someone else's security - eg saying "privacy versus security" as if they're in opposition, being personally disassembled and molested at the airport, "national security" in general, etc.
I use Firefox because while Microsoft, Google, Facebook and other giants are working hard to take ownership of the Internet, Mozilla works to keep the web open and free.
I have a small SAS project, and I am sad that just 2% of my users use Firefox, while 80% of them uses Google Chrome.
How do you gather those analytics on browser usage? An outstanding number of Firefox users block analytics, so that may introduce a bias into those figures.
They may block analytics, but how many of them are spoofing their User-Agent string?
You can get a lot of analytics just by looking at the web request. If someone came from Google, the Referrer header will show what their search terms were.
We need to ban the word "creepy" - it's lazy and vague.
I could write an article about how, in order to buy something in a store, you're expected to queue up and present your chosen products to a human who picks them up and scans them - wow, "super creepy", right. An actual human running their hands over your stuff, glancing at your face and probably thinking about who you are, and why you're buying these particular products. The human might even get a look at your bank card. "What a bunch of weird nonsense" is the idea that is probably going through your head (see how I lazily assume you think like me, the article author).
The real world example would only be creepy if the cashier was keeping detailed notes of what you bought, and suggesting related products the next time you visited the store. It's not creepy because the vast majority of cashiers don't do that. The online example is creepy because almost all vendors are doing this, and even worse, they're sharing the data with each other to build detailed customer profiles so they can sell you more products.
You are basically relying on the cashiers poor memory to stop them from recognizing you. If you live in a small town, or even just an efficient city that sees you going to the same store often, people will recognize you.
This would be creepy if the cashier had an eidetic memory and after only visiting the store once while scanning items said: "Hi nmeofthestate, do you want to process this order on your card that ends with 1234 again?"
But we're aware of the employee's involvement in the transaction process. Imagine the same retail transaction but a manager is spying on the two of you (and every other transaction) from a peephole in the ceiling. That's why "creepy" is an effective word.
I would counter that you often think you know it when you see it, but may be incorrect. Knowing more about the circumstances and why something is done often reduces or eliminated the creepiness, in that what you assumed was the reason behind the behavior wasn't correct.
Creepy is a subjective descriptor. One person's creepy is another person's not-creepy. Things may be both creep and not-creepy at the same time, depending on who is observing it. I don't know that you can say someone's perception of creepiness is incorrect as that implies that there is an objectively correct label for creepiness.
ummm, human interaction is creepy? You have heard that we are a social species, yes?
The notion of "owning" something is a social construct.
The concept of transferring ownership from the store to you is likewise a social construct which requires a social action/interaction.
The stuff isn't your stuff until the transaction is complete. That would be after they "ran their hands all over it".
the concept of lining up imposes a standard of "fairness", another social construct which most apes seem to share. Because you aren't the only person buying stuff.
What is creepy is when a party deviates far from the norms established over roughly 100,000 years of trading/social interactions. Creepy is when one side uses a data collection asymmetry in ways which violate social expectations.
And yes, 100 years ago it was possible for a store clerk to be creepy. But back then, most store clerks weren't. Today, the company automates this data collection so every (large) store is effectively super creepy.
I think you misunderstood nmeofthestate's comment. They're not saying that they think human interaction is creepy. They're using it in an example where where creepy could be used in a sentence, but doesn't make sense if you think about the paragraph as a whole.
I love what Firefox stands for. They are not the only one but for sure they are keeping the balance of the web when it comes to privacy and security. Unfortunately as their market share drops, they have less and less say in the future of the platform.
Given firefox users massively block trackers, way more than chrome which actually links your google account with your browser login, I wonder how accurate are the stats.
Firefox did lose market shares, but it's possible we see lots of chrome users also because they are more visible.
Related, although a different problem, one of the biggest stat providers is Google analytics, and a lot of sites make decisions based on those, but Google has no incentive to check if they are missing some non chrome users.
The Monthly Active Users metric is more important, and it has been declining by around 10% each year. That’s very significant. Roughly 25k users lost every day.
Mozilla had to lay off almost 10% of its staff this year, and will probably have to keep doing that every year now (unless the decline in users stops). And firing your employees doesn’t usually lead to better products.
Indeed, however Firefox often masks its user agent as websites falsely report broken and missing features for non-chrome browsers. User agent is growingly meaningless as a metric.
One of the first things I do on a new Firefox install is add a user-agent switcher and set it up to tell sites I am using chrome for exactly this reason.
Somehow we have gone back to the dark ages of web where sites complain unless you are using one specific browser.
It was the more technical minded people who spread the word and mindshare of browser choice back then to get us out of that mess, and now the same group has gotten us back into it worse than ever.
A quick (though not very user friendly) method to change Firefox's User-Agent string is to create a new about:config pref (string type) called "general.useragent.override" wit the new User-Agent string.
The user agent header is passed to whatever server your browser originally talks to, that server is free to do whatever it wants with the header (including forwarding it or storing it in logs that are analyzed somewhere at some point). Blocking on the client or even client network level has no effect on that. If you receive any content at all, there is a chance the UA header will be looked at.
But as others pointed out, the header will be rather meaningless in the foreseeable future anyway.
Theoretically what you're saying is true, but practically speaking many websites are behind CDNs, like Cloudflare, Cloudfront or Akamai, with static content being cached aggressively to reduce costs and latency and it's pretty cheap and easy to do so nowadays, so most requests aren't even going to hit a backend.
You can work around this by installing a tracking pixel on every page you have, a pixel that always hits your backend, which can then generate a log line that can be analyzed. But this requires extra development and it's much easier to just install Google Analytics.
So I'm pretty sure that most browser stats are not coming from analyzing 1st party data that's logging the user agent.
And speaking from experience in this space, the error margin for such analytics is somewhere around 10% - 20%, which is roughly the percent of people having ad-blockers installed and this number is growing — you can extrapolate of course from those that don't have ad-blockers installed, but then you have a selection bias issue, because you're not talking about the same kind of user; e.g. people that use ad-blockers are the people that are more likely to be computer literate and capable of installing their own browser.
While you in turn are of course correct as well I wasn't trying to imply that every business out there is sitting in front of their server farm and analyzes httpd logs anymore.
With the prevalence of ads being served from the customer domain on larger sites these days I'd just think that enough parties have incentive enough to implement a tracking pixel or put a few lines of measurement protocol code somewhere to make sure that request data ends up in GA. But granted, I'm not in that space, the assumption that this data does not end up in the hands of some interested party for B2C sites just seemed weird, even in modern architectures.
Thanks for the error margin btw, that's far higher than I would have expected.
But Google Analytics is typically (always?) done through JavaScript in the browser. And if the browser blocks any call to the Google analytics servers, Google won't know the user agent.
Sure, but most people don't analyze their server logs, they rely entirely on analytics, and if not done correctly (noscript tag) won't fire even a tracking pixel. Even then, most blockers will block those requests too.
I'm not sure whether to agree with your last statement. While historically, Firefox lost troves of market share to Chrome, currently they seem to be fairly stable [1]. While tech boards are definitely a small fraction of users, the general notion around Firefox seems to be more positive recently than say, a few years ago, so I wouldn't be surprised to see them take back at least some of the lost share. While Chrome is currently a very dominant player, it's around the same level of usage that Internet Explorer was historically so market shifts of that scale are definitely possible.
Why, though? As far as I can tell the only part of Google that competes with Firefox is Chrome, and Chrome doesn't seem to be profitable, or even intended to be profitable. As far as I can tell Chrome's just a moat to keep people from using the Facebook app instead of a web browser. So... why? Tell me why I'm wrong, teach me something today.
They might face regulation e.g. in the EU (but also the US) based on antitrust or competition laws, as they would effectively be dominating the browser market. That would limit their freedom to operate, so I can believe that it's in their best interest to "allow" competitors like Firefox to capture a small market share. Effectively they could kill them easily as a large percentage of Mozilla's revenue (I think more than 50 %) comes from the Google search deal, and I don't think that deal is really vital to Google. Source: https://en.wikipedia.org/wiki/Mozilla_Corporation
But if Firefox only competes with Chrome, and the regulators are angry because of Chrome, why would Google not simply shut Chrome down? I mean that I don't see any reson why Chrome needs to compete against Firefox.
I can see arguments why Google needs to compete against Facebook: Those two compete for advertising customers. Funding one, two, a few browsers makes sense if the goal is to keep eyeballs on the web rather than letting Facebook tempt them into a walled garden. But why would Google care which of the browsers has most success? And if Google doesn't, why would regulators care?
Google keeps Chrome around because the alternative is just too risky for their core business. If (for example) everyone used IE then Microsoft would be able to shut out Google's ads.
It's not just ads. It's also Microsoft's ecosystem around Windows and Office. From Outlook, Sharepoint, to XBox, to 3rd party automation tools like BluePrism, UIPath, AutomationAnywhere that are tools built around IE and are getting a lot of traction in corporations at the moment. And probably a lot more tools I don't know about.
That's what I thought too (ie. that Google is critically dependent on web browsers that don't discriminate against Google somehow, and is paying for two such browsers). But so many people say that Chrome and Firefox are competitors that I'm curious to hear arguments for that.
Owning a browser is a business as every search engine wants to be the default. I think google is forking several billions a year to be the default on Safari and is probably Firefox’ primary source of revenues.
I don’t know if Microsoft has any other motivation for Edge other than being the front end for Bing.
Chrome is a strategic tool for Google that they use to funnel users to their services, collect data and influence web standards in their favor (among other things).
I may be stupid here. Please excuse if so. But I don't see why Google would lose market share in a market that provides income if Firefox' market share were higher and Chrome's lower.
firefox users are also much more likely to use a search engine other than google too, so more than just the browser is affected. Search is Google's primary money maker so firefox users not using google search would cut into their ad revenue. I would think Google would won't to eliminate firefox, but in doing so they would just prove firefox users' point as far as privacy/openness is concerned.
I had no idea Firefox users are much less likely than others to use Google as search engine. Interesting. How much is much — do you have numbers for it?
EDIT: I'd also like to know whether this is a robust difference, in the sense that someone who has both Firefox and Chrome is more likely to search using Google when running Chrome than when running Firefox. Do you know?
If Firefox keeps being relevant for software developers, by continuing to improve their dev tools and providing an API that yields more potent extensions (like the Tree Style Tabs), then I believe Firefox will continue to be very relevant, because its market share will continue to be made of users with the ability to influence policies, in corporations, public institutions and inside their own family, not to mention compatibility with Firefox will be preserved.
Firefox has nearly lost developers to Chrome, because (1) Chrome was designed for web apps and you can see this in their process per tab model and isolation, features which took a loooong time to be implemented by their competition, (2) Chrome's dev tools have been for a while superior and still are in some areas, (3) Chrome is popular, it makes sense to target the browser that's most popular, so might as well use it as a default and (4) Chrome really had better performance than Firefox, or at least perceived performance, especially when it comes to Google's own apps.
Nowadays Firefox has finally moved to having a permissions system for its add-ons and to using multiple processes for its tabs, while still being better in terms of memory usage, especially with a lot of tabs open, a use-case that was and is still viable on top of the latest Firefox.
I'm now more familiar with its dev tools and they've gotten better. Performance is sometimes on par with Chrome, sometimes better, sometimes worse ¯\_(ツ)_/¯ ... people complain about the performance of Gmail, but truth be told the performance of Gmail is now crap on top of Chrome too and I'd rather use native clients.
And I'm super pleased with many of the privacy changes they've been doing — built-in blocking of trackers, DoH (yes, I think DoH is great), multi-account containers which also allows for sandboxing Facebook or Google, plus I'm pretty sure they'll continue to support uBlock Origin, which isn't something we can say about Google and their deprecations in manifest v3.
They still have a lot to work on — better dev tools, battery life on MacOS could be better, a customizable interface that doesn't rely on "legacy stylesheets" (primarily thinking of hiding main tab bar while using the Tree Style Tabs add-on), etc, but I'm sure they'll get there and I'm happy with how it is right now.
I used to use Firefox because I wanted to keep them relevant, but nowadays I feel like Firefox is simply the better browser and it will continue to be relevant for as long as software developers such as myself keep using it.
It's also nice that on FF you can disable JS on a page (I use the Disable JavaScript addon) but still have addons run JS on that page. On Chrome, either you allow JS from any source, or you block it from all sources, which is a bummer.
Google never "sells" your data to third parties. They keep the data themselves for advertisement purpose. On the contrary, apple shares any collected data with advertisement partners. Apple fanboys don't realize this.
Apart from agressive and deceptive marketing, Apple is a shitty company that asserts patents on rounded corners of phones and optional chaining in programming languages (Swift). They are objectively more evil than Google in my book.
Apparently I am biased. I would not have been in CSE if Google didn't commoditize the market. My first encounter to programming was on an Android terminal. But that's another story.
You do not need to balance privacy with security. That is in most cases a false dichotomy. On the contrary, real security needs privacy and the other way around. Especially on the web there are nearly no exceptions to this.
Don't think too much of my ranting against the security argument, but I see it as a pure invention of politics from "hard liners" with a solid extroverted inferiority complex and a bad emotion driven risk assessment.
Otherwise I agree that Firefox stands for privacy and security.
I’ve noticed that Firefox dev tools are getting better over the last year or so.
They’ve got some neat things like their CSS Grid editor and websocket inspector.
I still find it easier to clear application data in Chrome and Google Hangouts echos for me in Firefox but I’m moving towards Firefox by default on every platform.
I am using Firefox as my main browser for almost 7 years now (exclusive for ~3 years). As I see it Firefox is the only reasonable choice if you are looking for a browser respecting its users privacy.
Personally I never had problems with Firefox breaking pages or having noticeable performance issues. Quite the opposite seems to be the case, since it feels faster and better with every update they released. I really can’t understand all the people constantly complaining about Firefox being slow and buggy. 90% of the time I had issues, it was because of poorly written browser extensions or ad-blockers breaking stuff.
It feels like most of the people complaining about Firefox are just looking for excuses to justify why they are too lazy to migrate.
The dangerous thing is when another new Chromium based browser, such as Brave or Edge, appears, which often makes it even worse for the user, since they just share your data with another company.
> Personally I never had problems with Firefox breaking pages
My experience has unfortunately been different, but the issues are mostly limited to "modern" over-engineered web apps. 90% I encounter one though, checking the console reveals that it's using non-standard Chromium-specific features (whether a FF counterpart exists or not) or just has a lazy browser == "Chrome" check instead of proper feature detection.
OK, but it's not Firefox's fault if web developers don't stick to standards and use Chromium-specific features.
The bad thing is, the less people using Firefox, the harder this problem becomes and Chrome defines the de-facto standards.
Of course not. That was basically my point - that while some pages are broken in FF, it's not actually their fault (although how much that matters is debatable as the end-users don't care).
I never really understood brave. It's basically chromium with some google tracking removed and with some inbuilt "extension".
You get the same with firefox plus ublock origin, while supporting a more open web by not using the monopolistic chrome engine.
Also, I doubt brave could fork the project for a long period after the adblocking becomes impossible with chromium
I never used Brave myself. The problem I see with Brave is is their business model being counterproductive for the web. If I understood correct, they block ads placed by the the content creators, just to replace them with their own monetization model... doesn't seem fair to me.
Just out of curiosity, do you primarily use a Windows machine? In my experience people using MacOS run into different types of slowness issues when they use Chrome or Firefox.
The rendering engine is largely irrelevant to me as a user on mobile. (Though of course having the actual one would be better.) Firefox sync is the meat of the deal.
Firefox sync really is neat, but be aware that for the last several years it has had a security flaw, one which the Firefox team has no interest in fixing (in fact, they consider it a feature!): your passwords and other private data are encrypted with your Firefox Account password. That would be fine so long as a) your Firefox Account password is truly secure and b) Mozilla can never see it. Unfortunately, they can: they serve an HTML page to log in to your Firefox account, which loads JavaScript from their servers. At any point they can start serving JavaScript which sends all passwords to their servers.
What is so very, truly disappointing is that they used to have a great, easy-to-use Sync security system which was immune to this sort of attack, but they removed it.
Anyway, I cannot advise using Firefox Sync for private information anymore.
What is your threat model in which somehow Mozilla's ability to serve you JavaScript is a problem because they might use it to attack you, but Mozilla having written the entire program you're running isn't a problem?
They can almost-indetectably target an individual user or group of users at any point in time in the former case while the latter case would leave traces in e.g. git histories.
I trust Mozilla to write Firefox and I trust Debian to package it. I do not trust Mozilla to be trustworthy on a live and ongoing basis.
Agreed, sync is a great feature, but last I checked iOS content blockers only work with Safari, not any other apps that use WKWebView. So stupidly, I have both Focus and Firefox on my iOS phone, but only Safari can use the Focus content blocker. It’s pretty terrible.
Does Lockwise support easy import/export of passwords from/to other password managers? I'd like to use it, but I really don't want to put all eggs in one basket.
Can I associate one login/password pair with multiple domains?
You don't enjoy the occasional white pizza? I'd say it's more like pizza without cheese...but you can do that too. Tomato Pie's are pretty good every now and then. How about pizza without toppings? Some restaurants even call toppings add-ons.
I think of it more like supporting a local pizzeria. Firefox gets me 100% there on my desktop and using it on iOS sends Apple some sort of number that I prefer using it over the stock browser.
I still remember Firefox around its version 1.5, where you literally couldn't use it without extensions, even some basic things like Tab Recovery was only available through them.
A thing that annoys me is that any browser in iOS except Safari doesn’t support getUserMedia to allow camera access to do things like scan qrcodes from the site. I'm wondering if it's an artificial limitation Apple imposed to encourage people to use Safari.
What's the alternative? Buy an Android device so that not only is Google stalking you but you also pay for it?
I agree that what Apple is doing here is wrong, but the alternative is worse on other fronts like privacy which is much more problematic (to me at least) than App Store restrictions.
Sadly.... this was my conclusion as well. I'd rather have an iPhone(which I do, an iPhone X) than actually get a Android device.
This is the case of going with the lesser evil.... and there's no way in my mind that Apple would be the greater evil than Google when it comes to tracking users and learning all their habits while using Android.
Apple is not perfect and I hate it for being so anti-consumer when it comes to repairing... and I'd love they would fully commit to a privacy-minded iOS if they have the guts to do it.
The real solution is regulation for privacy, so that stalking and tracking becomes illegal no matter who does it. Then, Android would become a viable choice for many.
Anti-trust regulations on Apple would also be very welcome, but irrelevant to the privacy problem.
I don't support the parent's use of name calling, but it is not necessarily the case that criticism of another's enthusiasm for a vender implies the critic also has enthusiasm for a vendor. Some of us dislike all of the dominant venders.
(Edit: And having the position that 'mere avoidable advertising' can be avoided is also not necessarily evidence of fanboyism)
The connotation is a thinly-veiled promotion of Google with skewed reasoning; that tracking you so they can advertise to you is benign, and we should submit to constantly being tracked, because that harms us less than patents and lock-in, without giving any reason why patents and lock-in are bad.
Tracking me and spamming me immediately makes my experience worse, with almost no exceptions (I've never seen an ad that was relevant or made me buy anything, but I often experience uncomfortable breaches of privacy), but patents and lock-in are often used to provide me with tangible benefits, with the only downside being that other companies are prevented from easily providing those same benefits.
I use Firefox on iOS. Most third party apps give you the option to switch so things like my rss reader, email client and calendar all open in it. The problem is they don’t really have enough granular control over things so they are missing key features like containers and debugging tools.
My absolutely largest issue with Firefox is how settings revert after updates without any notice. It is good that updates are frequent. It is bad that settings revert and defaults are not safe.
Out of curiosity, which settings are reverting for you? I can't recall settings reverting but I do occasionally get the "running slow" prompt to blow away my profile and start from scratch.
If anything, I've noticed more and more settings are getting pushed into Sync and automatically propagate across instances or upon new installation. Which is nice.
Recently i was promoted to refresh my ff settings, and upon restarting, all my settings and plugins were set back up 0. Not a pleasant experience rebuilding my ff instance, but i guess it's better now than before.
Yup, it's not pleasant but thankfully, apart from NTLM settings, I've managed to remove most of my custom about:config settings I had used over the years, so apart from dragging Add-On icons into the Overflow Menu I don't have much customization to do.
I had an issue with v73 being incompatible with whatever security software my Work PC was running and the main rendering thread crashing. After trying numerous things including rolling back to v72 and refreshing my profile, I came across a bug indicating it was scheduled to be fixed in an upcoming release which turned out to be v73.0.1 thankfully.
That's the first time I can recall where Firefox did me wrong.
Mozilla depends almost entirely on Google and other advertisement companies for revenue, whatever privacy posturing they put in place is just means to drive people away from extensions whose block lists Mozilla does not control.
Most users are going to use Google regardless. You could say that the user trusts Google, even if we know they shouldn't. Firefox cripples Google's ability to track the user either way, especially with uBlock Origin and Google Container installed.
Even better, it prevents ISPs and other parties that the user doesn't trust from tracking them.
Ok let's roll with this, although just between the cellular data carriers there are more choices than between web-scale search engines or smartphone platforms. If you had plenty of ISPs to choose from and all were in the habit of mining and monetizing your browsing data simply because that's legal and profitable should Mozilla recognize you as implicitly trusting the most dominant one that also happens to be paying them ?
It's a false analogy. Not all search engines track or monetize you. A user can choose DuckDuckGo. There is no DuckDuckGo for ISPs.
This hypothetical is even less relevant when you consider that Mozilla protects you from Google using blockers and also from ISPs using DNS over HTTPS.
On every single release they add new hidden options regarding tracking by mozilla (see Normandy and shield for example, which you have to go to about:config to disable).
In addition to that about:addons uses google analitics and does not allow for it to be blocked by extensions, plus mozilla sites use tracking scripts (googletagmanager etc) that need modifications in about:config to be blocked (extensions.webextensions.restrictedDomains).
Finally mozilla does not seem to be taking any measures to make firefox more resilient to tracking - in fact they support more and more technologies that diminish it. (web fonts, webgl, geolocation, user agent mentioning the version language and OS, etc)
Edit: Sorry, by "web fonts" I meant the ability for sites to read the fonts that you have installed. I do not know if actual web fonts can be used for tracking.
Perfect is the enemy of good. Firefox is pushing the Overton window in the right direction, which is good enough for me. Some of your complaints are legitimate but that doesn't mean Firefox isn't the best option for most people right now.
And Chrome tracks individual users by Chrome installation ID. It's sent to certain Google domains like Doubleclick [1]. All browsers are tracking us. It has to do with when, where, and what they do with it.
We're not dealing with a perfect world. Some of this has to do with intents and privacy protections outside of technology (i.e., policy). At least that's Mozilla's stance. For example, the analytics Mozilla collects on Firefox cannot be legally used by the analytics service for other things.
We need to be careful to not let perfect be the enemy of good in the way we praise the the _direction_ we want to go.
Correct me if I am wrong but aren't they including built-in tracker blocking with a 'strict' list that can be chosen, plus they are working on site-level isolation that is behind a config flag for now (1st party isolation) and as far as I know, they're the only browser that has multiple anti-fingerprinting measures that can be toggled by the resistFingerprinting config flag? If they default disabled web fonts, geolocation etc., they'd lose whatever little market share they have as those have become important web tech already. You can still disable all of them either by means of about:config toggles or through simple extensions like uMatrix. Not sure if Chrome even allows disabling any/all of them.
> aren't they including built-in tracker blocking with a 'strict' list that can be chosen
This is not in any way better than ublock origin. Anyone who knows to select the strict list also knows how to install an adblocker.
> If they default disabled web fonts, geolocation etc., they'd lose whatever little market share they have as those have become important web tech already
I am not saying that they should disable them by default, but they should at least make it easier for people who care about their privacy to disable them. (Although I do not think that any desktop user is going to miss geolocation)
In addition to that I am annoyed that they keep supporting such technologies that can be used for tracking in the working groups rather than push back on them.
I installed NoScript recently and was surprised to see so many sites linking to typekit or other centralized repos for JS related to rendering fonts. Why do sites using webfonts have JS dependencies? Is it something to do with licensing?
Between products like DTM and typekit, Adobe has been quietly positioning itself to be a tracking/advert power house.
> If they default disabled web fonts, geolocation etc., they'd lose whatever little market share they have as those have become important web tech already.
I doubt people would even notice the font side of things.
Agreed. I used panopticlick and it showed me that web fonts were one of the biggest discriminators. I disabled them and tested on a sample of normal end user type Web sites. The web got real ugly looking real fast. If Mozilla disabled web fonts by default, normal end users would draw the conclusion that Firefox couldn't properly render the web, and would flock back into the arms of Chrome.
They could ship web browser with all common web fonts to render them from disk without fetching. This would allow disabling of fetching of web fonts without breaking websites. Also could eliminate fonts as a fingerprinting vector altogether if system fonts were ignored as well.
What about fonts which are not licensed under an open source compatible license. What about fonts that are not "common" but are used by some popular Web site? Your request is doomed to failure. Like it or not, Web authors have been given the power by Web fonts to have total control of the fonts on their Web pages, and they ARE using that power. Any attempt by a low market share browser to change that fact is doomed to blow back on that browser.
I'm sure they can afford to buy rights to important non open source fonts or fund the design of similarly looking open source fonts to ship as aliases. There is no reason for the madness with fonts to continue.
That’s actually not a bad idea. Lots of sites do have custom fonts, so maybe it would be a good idea to still put some icon in the address bar when the site has web fonts that didn’t come with the browser.
The problem isn't analytics the problem is tracking. Brave is the perfect example. It may have no built in analytics but at the same time it is easier to track than Google Chrome due to fingerprinting. Do you care more about testing which features of a product are actually used (Firefox) or do you care about a company giving out your entire browsing history through a side.channel (Brave).
When I wanted to quickly add some analytics to my website to see if anyone's reading it and from where, I had a hard time with Google Analytics because neither Firefox nor Safari allowed me to check if it works. Had to open Chrome to ensure it does log viewers.
I've run a variety of non-Chrome browsers (currently Brave) as my default for most personal usage. But with all of them it seems like I run in to incompatibilities that cause me to fire up Chrome as a workaround. I use 5 SAAS applications to run my business and I run them all from Chrome because at one point or another I ran in to some kind of showstopper and it just wasn't practical to constantly switch to Chrome to unblock.
The issues are often weird and not obvious. Last weekend I stayed at a Hampton Inn and their Wifi authentication page kept refusing to accept my last name and room number. I called the front desk which ended up being a waste of time (I was hoping maybe there was a mix up in the data). I finally ended up hot spotting. Then the next day it occurred to me that maybe it was a browser issue. Sure enough, I was able to reproduce the problem in Brave, then copied to the url to Chrome and it worked fine.
Bottomline, these issues seem like a big impediment to a mainstream migration away from Chrome.
It likely involved us blocking a 3rd party script that the hotel embedded against its 1st party interests. If you click on the lion-icon in right end of address bar and lower shields you should be able to match Chrome's behavior, if such a 3rd party script block caused the symptom.
This is why it is very important that we complain when things don't work. It's the only way to slow non-Chrome browsers from becoming more and more marginalized. Hopefully we can turn the tide and eventually make using alternative browsers a pleasant experience for the non-technical users.
Now we'll see if Thunderbird will make saving sent mail opt-in for each message, for privacy.
How many of your email conversations need to be preserved forever?
We certainly don't walk around with an audio recorder to record every word we speak in person to people in case we want to refer back to them later.
Email defaulted to storing messages years ago because it seemed cheap and valuable. Some value remains, but we no live an era of doxing and data dumps where saved communications can be a liability as well.
For that to be useful, the recipients on the other end would need to also delete the email. Otherwise, you've completely given control of that email content to everyone but yourself.
https://github.com/gorhill/uMatrix/releases this is a good extension to block tracking elements. you can also block things like javascript & you can block them on a single page , a whole site or across the board. it's available for firefox & chrome.
I don't even care that much about privacy, but I started using Firefox full time in October after changing computers and I think it's great. I tried a couple of years ago and found it lacking compared to Chrome, but this time I'm good.
FF needs to straighten out memory usage issues. It was using 12GB of ram earlier before I had to kill it,i was running more tabs/workload on a webkit browser and it was using around 3GB.
The UI is a lot better but for some reason the memory hogging seems to just get worse. Why can't it pause tabs after a memory usage limit if it can't manage the leakage? I keep trying but even when putting up with it's slowness I can't have it basically freeze my system. This only applies to windows too. I think,maybe they test on Linux and Mac too much but most people are on windows.
Firefox has only recently really been in the same performance ballpark as Chrome, meaning to get this privacy you had to give up performance. These days the delta is small enough that it shouldn't matter.
Notable things still delaying my switch.
1. Linux. The Linux Firefox app is inferior to the Windows version. The same can't be said for Chrome.
2. Android. Firefox Preview should catch things up, and I think will be stable by the summer. Maybe I'll switch then.
Interesting. I've been using Firefox exclusively for a few years, mostly on Linux, and haven't actually noticed it being inferior to the Windows version. What am I missing?
Not OP, but I'll give my list (I use it despite these issues tho):
- associating programs to file extensions is not only out of sync with the system, but also a huge pain to fix manually as basically none of my programs show up in the dropdown
- it uses the extraordinarily crappy GTK3 file picker, regardless of environment
- hardware acceleration is hit-or-miss
- no borderless top bar
- drag&drop is janky (not sure if Plasma-specific)
- touch scrolling and gestures need about:config tweaks to work
None of these are killers for me as I really dislike the way Chromium renders pages (I know how weird that sound) and want to support Gecko even if it's partially inferior, but at least the file picker thing is an absolute disaster (not unique to FF, but they're no doubt the biggest in terms of time spent using it).
I tried the same foreign language search (esperanto-"kio estas la plej bona maniero lerni esperanto?") in google & ddg & ddg gave me a full page of esperanto results while google's was a mix of Esperanto & English. both were mostly relevant though.
I've been using DDG on non-mobile device for years. One thing that always surprises me is when another DDG user doesn't know about bangs.
I never witnessed the search of the 90s but Google's experience has certainly degraded for me since then.
pi-hole can address that be either adding its own DoH proxy, or by null routing / firewalling the most commonly known DoH DNS endpoints and having a local DNS record to NXDOMAIN use-application-dns.net while browsers respect it (to disable DoH). Adding Unbound DNS example below.
Inspired by this post, I just installed Firefox on my iMac. Here are two problems.
1) After a vanilla installation, I clicked the profiles icon. (It's the person in a circle button.) When I click it, a popup menu shows, then it relocates north 30 pixels, then it redraws where it is supposed to be. For a software with a main interface only having 8 buttons, it is bad that one of them does not work properly.
2) I'm at work right now so I planned to migrate from Google Chrome and uninstall it. I successfully migrated my work profile. I don't see a way to use a separate profile for personal. Tried Command-Shift-M (Chrome shortcut to change profiles) and got nothing. That ended it for me.
I wish other browsers e.g Vivaldi would've been built on top of the Firefox engine. The reason, I use Vivaldi is tab management. & that Firefox can be a resource hog on KDE
What Mozilla is doing with Firefox regarding privacy is mostly a sham. Lots of talk but little action.
First off, if they were real about privacy they'd include uBlock Origin by default (and why not HTTPS Everywhere for good measure as well). Their current tracking "protection" is an absolute joke that explicitly whitelists Facebook and Google, the two biggest offenders when it comes to privacy: https://news.ycombinator.com/item?id=20112398
They should also remove Google Analytics from their website, or at least the pages that the browser will automatically load on first use or after an update. While Google claims they have some special relationship with Mozilla regarding this and they won't use the data for any other purposes, it's hard to trust them - Facebook for example used to say that phone numbers would only be used for 2FA and yet somehow they ended up being used for advertising.
They should also make the telemetry opt-in instead of opt-out like it is now. Their current way of doing it might actually be in breach of the GDPR, as any non-essential data collection and processing must be opt-in.
Blatantly blocking Facebook and Google trackers would wreak half of the web. All embedded comments, tweets, posts – all of those things would just disappear. I use Facebook container and see how it happens but that was my conscious choice and most people want Facebook and Google in their life.
They can block the like buttons and such (especially since the browser has built-in share buttons) while leaving the content-related resources alone.
I have all the uBlock lists enabled (social blocking, anti-facebook list, annoyances, etc) and don't notice any breakage or missing content unless I go and look for it explicitly (like blank spaces where the like buttons should've been).
Surprisingly, both Google and Facebook themselves actually seem to work fine (at least they load if I allow them on the firewall, don't have accounts to test thoroughly) so it wouldn't prevent people using the sites themselves, simply block their trash like buttons and similar garbage they polluted the web with.
Well, Mozilla is in a hard place. They're already losing browser marketshare, and they don't want to annoy people by breaking stuff. A lot of these people use Google and Facebook services and don't understand when these sites get broken. That'll give Firefox a bad name and hurt its marketshare even more.
uBlock origin is a third-party project they don't control so I can't blame them for not including it.
> Well, Mozilla is in a hard place. They're already losing browser marketshare, and they don't want to annoy people by breaking stuff.
Well, the web was always like sw development: if it compiles - release it - and let the user test it. Mozilla ( and Chrome and ...) breaks stuff with every release. Yes, your facebook may be perfect but internet is not only google and facebook.
> uBlock origin is a third-party project they don't control so I can't blame them for not including it.
They don't include it because that will hurt they revenue. They are not "free sw" anymore. Unfortunately this seems to be a trend in open source world when a company (Hi Canonical) starts making money by selling user data(legal spyware).
> I agree about the analytics and telemetry though.
I don't see why you're getting downvoted. You're 100% right. Mozilla get money from Google and spend it on fun projects which have nothing to do with the web. This creates some very bad incentives with regard to privacy on the net. Mozilla don't seem to care about this, they just take the money and keep going.
> I don't see why you're getting downvoted. You're 100% right. Mozilla get money from Google and spend it on fun projects which have nothing to do with the web.
Because there are some people here which work in "user data industry".
>This creates some very bad incentives with regard to privacy on the net. Mozilla don't seem to care about this, they just take the money and keep going.
Bad for you. Good for them (for the moment). They (the people who work there) will maybe regret it. But as Stasi or NSA showed there will be no discrimination in the usage of this data.
I get your point but it's still a good thing that the authors are writing about tracking. It's probably a different team working on the website and I'd hope articles like this open people eyes even internally at the verge
Indeed the firewall at old-fashioned newspapers (between editorial and advert sales) was vital to their independence and dissolving this (today you can buy "native advertising" which only the most careful reader will realise isn't editorial) has been part of their downfall. You actively want the people who write the stories to be shielded from whatever the people making money to pay for those stories do. Every time a journalist even feels like they shouldn't write a story because it'll lose their paper (or TV channel, or website) money that's a problem.
That doesn't mean the media aren't worth criticising, but it means you should aim for it to be possible for that critique to come from within.
Funding models other than advertising are good, but they're not realistic for very broad media. I might give money to a person who writes (or talks or makes videos) about a subject I care very deeply about, but who is going to give money to the people doing a morning breakfast show or a mid-size city newspaper? Those things are expensive and advertising remains a realistic way to fund them.
Traditionally news organizations have maintained a separation between editorial and advertising departments so that advertisers had no ability to influence what the editors wrote.
Journalists writing critically about tracking should be seen as pretty clear evidence against a bunch of the conspiracy theories you often see floating around[0]. To turn this against them seems strange.
Ignoring for a second that "putting trackers on the website", writing these articles, and deciding to publish them are the actions of at least three different people/groups, I don't quite get what you are accusing "them" off?
It's perfectly possible to criticise trackers or advertising and still feel the need to use them for economic survival. I'd be surprised if less than 90% of the people in this thread critical of tracking have Google Analytics tags even on their personal websites, where it doesn't serve any purpose except vanity.
And that's OK. Running trackers and criticising them is still better than just running them, in the same way that smoking & regular exercise is better than just smoking.
[0]: HN being particularly dense (pun not entirely intended), and willing to get itself into the most weird contortions of logic to find mechanisms of how some writer might gain some immediate financial gain from some article.
There was a similar discussion last week (or so). It was basically said that even if "the media" does track us, it's still a good thing "they" allow some autors to write about privacy.
They should do that. Cut a deal with some ad provider to serve non-tracking ads, and leave the rest in the dust. This would make Firefox a much more pleasant experience than other browsers, and give them some well-needed cash.
That is harder to justify. Tracking is an invasion of privacy, so blocking of trackers can be seen as a defense.
But blocking non-tracking ads, just because users don't like them and Mozilla could make a buck, would be seen an attack on publishers' revenue, even when publishers tried to do the right thing.
I don't what my browser to start changing the content of the pages I visit. Blocking well known trackers, sure. But the browser should be a platform. It's not like uBlock is flawless - there are tons of false positives so using it should be your own choice.
Mozilla is supposed to be a friend of webdevs. By blocking their income without providing an alternative , or some other kind of benefit, webmasters are going to turn their backs to it.
Mozilla is not blocking webdev income without an alternative. Non-tracking advertisements are still allowed, paywalls are still allowed, donations are still allowed, ...
There is an actual privacy community with Tor at the center of it, with plenty of research and serious ideas. And there is "privacy" propaganda that Mozilla and other corporations are putting out, it doesn't do anything good for privacy whatsoever, it's all bullshit. So calling it "fake sense of security" is somewhat appropriate here.
I'm not against tor, I also support it but, the high cost of running exit nodes combined with suspected state-run nodes were also casting a shadow over tor when I last checked it.
Mozilla's privacy run is not total stealth which, tor claims and strives to provide. On the other hand, Mozilla is providing practical cross-site tracking prevention which can be used by non tech-savvy people.
IMHO, the tracking protection provided by Mozilla is beneficial for normal users. We, the more technical ones, can always setup or use something more advanced and elaborate as tor.
As the cherry on top, some countries effectively block tor. Which leaves a bad taste in the mouth tbh.
There are other browsers better than Ff that focus on privacy just the same, if not more aggressively.
Mozilla lost track when they started with their FfPhone, FfOS, and other bullshit projects. They forgot about their core product and it shows. Ff is still way slower, even with the Rust parts they took from Servo.
Then that they kick out their best developers if they have a "wrong opinion" (in the sjw's view) doesn't help either.
Which ones? I'm often interested in switching away from Safari, but the default has been Firefox so far, which has not been worthwhile outside of a second browser for when Ghostery et al are too aggressive for some vital site.
The chromium source code is open source. At the point that Google attempts to cripple them, they just fork. A big bummer to fork, but certainly they won't be crippled.
"I see this as massively centralizing DNS request data (onto cloudflare) and this change is the most problematic part of the whole thing."
The less companies and locations one have to intrude to be able to "see" or influence DNS responses, the easier it is for a competent attacker.
And from a legal standpoint, at once even more information which would have before remained in some other countries is easily (even trivially) obtainable.
You’re focusing on CloudFlare, but already I have a choice of a couple of DNS-over-HTTPS providers in my preferences, and I see no reason why it would stick at just two.
Yes, but you always also had the "choice" of running your own resolver and running any outbound queries (or just using a recursive resolver) over a VPN.
You might protest that since that's complicated and takes effort the 'choice' isn't that meaningful, particularly when it comes to our collective privacy. You might also protest that it's easy to mess up and hard apply consistently to all hosts, and that few people would bother.
Exactly. The same applies to "you don't have to use cloudflare" for DOH.
You also could have already used your choice of DOH by running DOH proxy-- and bonus: all software would be protected rather than just the browser. ... so if "choice" was the only criteria, we already had it, and there was no reason to default many millions of people to sending all their DNS requests to a single point of observation.
Why should it? There's already a preference, called system setting. The system administrator configured something, it is not app job to duplicate or override that.
In the early days of web browsers, the browsers like Firefox implemented early SSL/TLS ahead of OS vendors. To this day, Firefox still maintains and bundles its own Root CA list, and by default prefers its own list over OS provided lists.
There's certainly precedence for web browsers doing things ahead of OS/system support because they can do it faster, and because maybe they think their users' (privacy and/or security) needs can't wait for deeper OS/system support.
(Also, for an increasing number of people, a browser isn't just "an app", it is their real OS where they spend the most time.)
NextDNS (the other provider) is a startup / Delaware C-Corp that has been around for less than a year. I'm not sure if I trust them more than my local ISP (at least in Europe, for the US this might be different).
There's a long Twitter discussion initiated by Paul Vixie that discusses the problem in more detail:
The dropdown has CloudFlare, NextDNS and Custom (that opens a text input).
As for users changing this, sure, that’s not going to happen. But I can imagine a world where the default is that your requests are fanned out randomly to a choice of hundreds or thousands of providers, with no clear and complete picture of a single user in the event that a single provider is compromised.
If you disregard the few people who change from the defaults and simplify a little, then moving from plain old DNS to DNS-over-HTTPS is moving from some DSL provider's resolver to Cloudflare's. The DSL provider has your real name and street address, Cloudflare does not.
> The DSL provider has your real name and street address, Cloudflare does not.
Some readers probably aren’t aware of the fact that even with DNS over TLS to Cloudflare the DSL provider can still collect exact info of which sites one visits. The name of the site is visible in the clear in the TLS communication with the site, independently of DNS.
> How is concentrating DNS to even less "points of possible collection" of any advantage to user's privacy?
Firefox nightly (not sure with other version) propose already NextDNS as an alternative in pref. and an easy way to add a custom one. I can see for example big companies requiring their employees to use a custom one.
I'm pretty sure that mozilla is currently negotiating with other DNS providers to get them onboard. Hopefully, within a few months, you'll be able to pick from dozens, in addition to rolling your own.
Out of all the browsers I like that Mozilla were the first to point the finger to the elephant in the room while Microsoft, Google, Opera just turned a blind eye on privacy, although I don't think anyone expects much from Google these days.
Firefox has once again became my default browser on all my devices after like 6-8 years since I last used it. I guess as far as privacy concerns goes, if you are looking for a company/browser that will continue working on protecting you from trackers by default that'd be Mozilla.
Random observations that doesn't necessarily have anything to do with the topic: Firefox for windows is perfect. I actually think it's faster on Windows than on OSX for whatever reason. Playing videos, like using Netflix or Youtube is extremely sluggish on Firefox OSX, but is fine on Windows. I always end up using Safari if I want to watch a video on a higher resolution because the performance drags a lot on Firefox, especially it Netflix's overlay UI you can literally observe it's lagging behind but not in Safari.