debian's Iceweasel is a little squabble about the logo not being licensed correctly. they only divert official version to add the -debianXXX when they backport security patches on the stable branch. They never removed anything. apart from branding. They even upstreamed the branding agnostic flags so they don't have to change even that!
FDroid's fork is now a move against binary blobs. And copious tracking. They are taking back firefox (pun intended). From the announce: "It removes the proprietary binaries out of the official builds." [emphasis mine]
There was already discussion on the community when mozilla decided to make the, then optional by effort of contributors, google play api on the android build... just so a really small portion of users could share youtube videos to chrome cast (like anyone uses firefox to watch videos they care so much they want to see on the TV...). Everyone reaching the IRC on how to build without the proprietary google dependency was ignored. But some soldiered on. There was even a PaleMoon build on the play store just for that! (palemoon were mostly to avoid the new australis UI, which breaks lots of OS usability/accessibility features just to copy chrome).
Now, on top of the google play api (which now is not just for chrome cast, but also for tracking. ha! didn't see that coming did you?) they added adobe DRM, which will probably reach android soon.
I sure do hope that incite the rest of the community as it incites me. I've been running fennec build laboriously myself on my phones for a while. And i hope i now have the time to stop that nonsense and contribute to fdroid's effort somehow. Even if just by bitching... err promoting on forums.
The logo copyright licensing was fixed years ago. The reason Debian still ships Iceweasel is that they do not have permission to use the Firefox trademarks. IIRC, to get permission, they would either have to use unmodified binaries as shipped by Mozilla or submit every build to Mozilla for approval. Something like that. In fact I was surprised that F-Droid was able to ship something called "Firefox".
You seem to be implying that Debian's Iceweasel package contains binary blobs. That shouldn't be the case, could you clarify that please? It's true though that Debian doesn't have policies about software using non-free network services and user tracking.
> FDroid's fork is now a move against binary blobs. And copious tracking. They are taking back firefox (pun intended). From the announce: "It removes the proprietary binaries out of the official builds." [emphasis mine]
What's the nearest thing for general Linux? I'm guessing Tor Browser without Tor?
I didn't see anything specific in Arch/AUR repositories.
I hope Debian's iceweasel will eventually serve that purpose. Stable is still on 31, so it will be interesting to see how 38+ shows up there. maybe looking at what happen on sid will already show something (sorry, i'm not following sid for a couple years now :(
Edit: What makes people think Firefox has been removed?
Correct. I've been using Fennec (the custom build) ever since the team managed to get it to build, and have had zero complaints.
As far as I'm aware, that is the last upstream binary in the official F-Droid repository.
Keep in mind, anyone is free to make their own F-Droid repository using the fdroidserver software. The server supports either building apks from source, or adding binary apks (ala Firefox). There is nothing special about the repository at f-droid.org/repo other than it being preconfigured in the client. But hey, if you really wanted, you could build the client yourself with different default repositories, because that is also open source :
Currently these Mozilla domains are blocked in our internal networks. Not all of them are data-collecting services, but it's better to be safe than sorry:
The amount of stuff you must block to have a decent browser experience nowadays is simply mind boggling. Of course, Chrome or Opera are no more better.
You can always go to Tools -> Add-ons and mass-update all your add-ons manually at once (Click on the gear icon drop down and select "Check for Updates"). These rules will not block that.
The type of privacy-conscious users/organizations who go to such a length in blocking these domains will also do the update manually or via their own internal update processes.
I'm not sure what most people do will have any relevance to the point I was trying to make.
When I look at your link 0, it says "Note that this package is planned to be dropped from the F-Droid repo soon. Please consider using Fennec FDroid instead to be sure of continued update support." That certainly makes it sound like the Firefox package is being dropped.
Seems petty. Mozilla is one of the most pure open source projects out there in mission, ethos, and product. Addons are user choices, and trying to limit that choice is self defeating in free speech.
A few weeks ago Nightly ended up having "Pocket" integrated, and rumour said it would replace Mozilla's own open source Sync plus the integrated Reader.
Addons will soon no longer be able to be installed unless approved by Mozilla. (Another walled garden. Sigh...)
>Addons will soon no longer be able to be installed unless approved by Mozilla.
Bullshit. The add-on signing requirement will be able to be easily disabled. It's just as much of a "walled garden" as Debian's repos are (ie. nothing like a walled garden).
> Addons are user choices, and trying to limit that choice is self defeating in free speech.
I believe you are talking about the big red boxes that mention it has "Non Free Addons". This is what is known as an "AntiFeature" in F-Droid [0]. It is not a reason to exclude a project from the main repository. Rather, it is purely a piece of metadata that is shown on the website and in the client to let people know that it is a thing.
The goal is to provide as much information as possible to users, so that they can make educated choices about which software they choose to install on their device.
While I appreciate that there are people who do this, I also end up wondering where it'll end up. Debian, for example, has had to go round and round on whether the GNU FDL is actually sufficiently Free for Debian's guidelines. As I understand it, the current status is the FDL is considered non-DFSG-compatible by default, and exceptions are only available when it can be demonstrated that the FDL is used in a way that doesn't bring certain clauses into play.
now, here is the official list of what is removed [with my comments]:
Removed: Tests [not sure about that]
Removed: Crashreporter [tracking]
Removed: Healthreporter (UI?)
Removed: Mediastreaming (requires non-free library: play-services) [google's binary blobs]
Removed: Updater [tracking]
Removed: EME/DRM [adobe's binary blob]
Added: MultiLocales [tracking. what is some 100kb of text when you now don't have to tell play store your locale?]
I understand removing EME and DRM support, but they are removing a feature simply because it only works when a certain closed source library is installed. Is graceful degradation somehow "below" them?
That's like banning packages that use .NET (when it was non-free) on NuGet. You can create open source code that supports proprietary libraries without having to compromise your morals, with the sane choice of graceful degradation when you absolutely need the library.
This seems like a very petty reason to completely remove video streaming support from their distribution of Firefox.
Well, the idea behind F-Droid is "free-of-charge, free and open-source software". If the software doesn't live up to that, I feel their are in their right to remove it.
And honestly if you want the full featured software and don't care about ideals, just download it from Play.
The whole purpose of F-Droid is to provide an alternative to the Play Store for people who don't want to or can't install Google's proprietary code. Anyone who has play-services installed would just get Mozilla's official Firefox releases from the Play Store and not bother with F-Droid. They're removing support for that non-free library because their user base is people who've already decided they don't want to use it.
Let me address some issues on this thread on the best way I can because I am really tired of all the FUD and attacks. I will first address the stuff mentioned on that changelog about the FDroid build of fennec and then I will talk a bit about Mozilla, Eich and what I think people are doing wrong in here.
All that stuff provides telemetry for Mozilla that helps in finding and addressing bugs. People complain about a website not working correctly on Firefox but disable all the reporting stuff and never fill a bug on bugzilla. That kind of thing is useful. The source code for that is available on github, you can check what is sent and decide if it is worth using it or not.
Users want stuff to work. I am not talking about users with a free software mindset that are willing to hop through unfortunate hops to get their system working. I am talking about the average non-technical non-aware-of-foss user which number in the millions world wide (billions?) They want their browser to be able to play multimedia content. If you don't want to use non-free multimedia then don't access mp3 and other patent encumbred content.
Removed: Updater [tracking]
Another piece that you can check the code. Everyone wants an evergreen browser that receives patches, keeps its health in check and is kept up to date. There is no way of updating software without sending some data about the current software. Check the code and see if there is any sensitive information being sent and decide for yourself.
Removed: EME/DRM [adobe's binary blob]
EME is one thing and DRM is another. They work together but they are not a single unity. Before EME/DRM you had proprietary unauditable DRM software running wild on your computing device. Now you have an open source sandbox that can be audited to make sure that the proprietary DRM blob can't escape and fetch personal fingerprint data from your computing device. If you don't believe that the EME/DRM sandbox included in your Firefox is the same as the one from the code, there are mechanisms for building your own and using it. And thats the important part: "If you are against DRM then don't using services that use DRM". Some people want to listen to music, watch movies and other multimedia on services that believe that DRM solves some stuff. EME/DRM solution protects their personal data while giving them the features needed to use such services. If you don't agree with DRM then you don't use those services. The DRM blob is downloaded when you use those services, if you're not using them then the blob is not on your machine and never will be.
The fight against DRM shouldn't happen inside the browser but in the users mindset and towards the service providers. The EME/DRM solution was created as a compromise, give the users what they want while trying the best solution to protect them. Let FSF and other FOSS entitites audit the EME/DRM sandbox. Let researchers try to pick personal data and fingerprints from the machine. Match that against the other solution which is non auditable. If all the effort and action placed into the hate machine against EME/DRM was instead directed at educating users and teaching about non-DRM services then EME/DRM would not be needed.
And that brings us to the topic of action. Mozilla is the only large player in the browser ecosystem that has all its code open, its roadmaps published, its processess available for public perusal and collaboration. You can't influence or be a part of Safari, Opera, IE, Edge and Chrome development. You can't verify, audit, help steer, be a part of what the companies behind those products want for the the web.
THE WEB IS THE ONLY MASS COMMUNICATION MEDIA WHERE EVERYONE HAS A VOICE
Keeping the web free and open, made by everyone for everyone, is the mission of Mozilla. That mission passes through a lot of different efforts which you can help. Millions of people worldwide have no idea how to the web works and don't know how to produce content and make their voice available online.
The Mozilla Webmaker project helps teaching the web through workshops. Instead of spreading FUD and attacking people online, you can direct your energy into positive actions such as educating users on how to make the web their own and how to make their opinion count such as when talking about the DRM situation. The webmaker initiative goes beyond that with workshops and activities to teach about privacy, online rights, net neutrality, information credibility, programming. All that is open and in need of help. Educating users do more about the web than removing EME/DRM API hooks and sandbox.
Firefox is the only browser that has its source code completely open and where you can help steer the project. You can be a part of Mozilla and then join the thousands that are trying to steer the web towards the users. If you don't agree with some practice, then, instead of shouting on Twitter and Hacker News, join the mailing lists and discussions. Be a part of the process. Help.
Firefox OS is the only mobile operating system developed in the open and based on web technologies that are not controlled by a single entity. You can help us create a wonderful mobile system that brings the benefits of the open web in the hands of everybody. Instead of rooting and fighting about isolated closed proprietary islands, you can help steer our little web boat. Our low-cost (and low-specs :-P ) devices are bringing internet access to lots of people in emerging countries, with that there is information sharing, education, and other life transforming opportunities that bring positive social change.
Mozilla is what we make it be. As volunteers, employees, fans and users we can make it more than it ever was. Mozilla is also a project, an idea, that making a good quality software and solutions as a foundation/community we can rival companies and make the ideal of values over profit prevail on the web.
I see a lot of hate for all the decisions Mozilla makes. Apparently it is the fashionable trendy thing on the web to spread FUD instead of taking positive action and helping. The whole situation with Brendan Eich is one of those cases. Brendan is a normal human being like all of us. We all have our flaws, prejudices, qualities, dreams, and bad decisions. Everyone here has some opinion and action taken about such opinion that goes against something that is deeply important to some group. We're humans, we make mistakes. We're products of the zeitgeist of our formative years. We learn and change through time but yet we all make mistakes at the eyes of others and sometimes even to our own. Unlike many here, I've been around Brendan Eich couple times and he was always pleasant, supportive and energetic about the web. That is his passion and fight. A strong problem with the web is the echo chamber. Someone makes a mistake or something we all disagree and consider bad and that person is forever bound to suffer our hate. That kind of action leads us nowhere. Whats helps is education, empathy, showing "the other" why we thing our opinion is important and why we would think another course of action was correct. Dialog and comprehension makes the world a better place, pitchforks don't.
You all here, may you be FUDing/fear mongering or not, can help Mozilla, the Web, Brendan and everyone. You can join the cause of an open web though dialog and positive actions. You can help Mozilla better its code and actions. You can help teach people about the web and let them multiply their opportunities. You can help audit code, translate content, make us see the correct path when we're in the dark. You can help Mozilla fight for a web made of people and not of incompatible features and companies.
Thats what I am asking. Instead of flamewars and fighting Mozilla, join us, help us work, teach and learn with us and we'll all make a much better and interesting web.
The effort to try to change a massive project like Firefox to the better vastly exceeds the effort to rightfully complain and abandon it. Seeing the course of mozilla over the past half decade makes me doubt that one would have any chance to get them on the "right" track again. I hope there will be another phoenix, that does not assume everyone to be a dumb post-privacy tablet user
If you think that creating a new browser from scratch is less effort than helping Mozilla then I believe that you're in for a big surprise.
Let me pose a simple honest question, if not Mozilla, then who? Which major browser vendor you see going in the direction you want? If no one is going there, then, what entity you think could create a succesful browser with the values you want?
not necessarily spyware, but moving away from the community focus.
1. UI copying chrome
2. telefonica servers for video chat
3. Ads on your new-tab-page
4. Yahoo search deal
5. Adobe binary blob DRM installed and enabled by default. this is flash security holes all over again.
6. google binary blob DRM on android.
mozilla have long gone from being a incubator the firefox project to try to be a startup coming up with the next big thing, for who knows why. like their sync thing that they keep annoying me to use every time. it's like ubuntu trying hard with ubuntu one. but ubuntu at least was started to make money.
How is the Yahoo search deal any different than the search deal with Google that they've had for years and years?
And the EME module, good or bad, is not a security hole like Flash. The CDM modules are heavily sandboxed, preventing them from doing anything in the system besides talking to the browser. On Linux, it uses seccomp: https://lwn.net/Articles/332974/
I think the difference is that Google is a superior search engine, so in a world where technology trumps money it would be the default.* Of course, abiding by that would kill Mozilla's bargaining position, and Mozilla losing funding would suck for everyone, but...
* or DuckDuckGo (inferior but privacy conscious), but good luck with them funding Mozilla
1. I still prefer the FireFox UI since it works better with lot of tabs, in Chrome the tabs are becoming smaller and smaller until the point that you can't see them. And Firefox's preference screen is so much nicer, so no it's not a verbatim copy, they improved a lot the interface. The history autocomplete is also one of the strong features of Firefox and still does not exist on Chrome.
2. The servers are only use to find clients, the data is transiting directly between the computers with WebRTC.
3. The ad tiles are there until the screen is full (which happens very fast). In practice, almost half of the ads are for Mozilla itself (Firefox for Android, Marketplace ...).
4. And so ? What's the problem by having Yahoo instead of Google in some countries ? It provides some diversity and competition in the search market which really needs it.
5. I agree on this but it's not like Mozilla had a choice, they tried to resist up to the last minute. And their implementation unlike Chrome's one (if I remember) is going to be strictly sandboxed. So they tried to do what they could. This is really Chrome's fault here.
6. I think they did not have a choice either on this one, unlike what Google is advertising, Android is much less open than they say. A lot of proprietary binaries are needed to run the OS and the stock Android is just the bare minimum. Maybe in the future they could provide an open-source replacement to it but I think they did not have enough resources.
I found that quite interesting actually.
Implementing this kind of thing in an open source(!) browser may be the only way to deliver custom ads without violating the user's privacy.
That being said I still think it is a horrible idea...
Just as a little question, are all the ads pre-downloaded, or could someone theoretically observe which ads your browser downloaded and deduce things about your history therefrom?
The picture in the Techcrunch post is pretty clear. The browser talks with an adserver (step 5). And how could it get ads if it didn't do that, pick them from a static list compiled into the browser binary? Soon out of date and hardly interesting for advertisers.
GETs to the adserver combined with the in-browser selection algorithm leak details on the browsing history of the user (if he's got this ad he could be that kind of person and been there and there). Maybe not the worst of the spywares but about as concerning as any ad in a web page.
The picture in the Techcrunch post is pretty clear. The browser talks with an adserver (step 5). And how could it get ads if it didn't do that, pick them from a static list compiled into the browser binary? Soon out of date and hardly interesting for advertisers.
Based on what I've read in the actual implementation discussion in Bugzilla, the process actually consists of:
1. A Mozilla-controlled server hosts bundles of tiles, which are periodically updated.
2. The browser periodically downloads updated bundles of tiles from that server.
3. Using metadata in the bundles, the browser decides which ones to display.
A lot of discussion seems to have centered on ensuring the bundles and their metadata have enough overlap to ensure that even Mozilla's servers can't determine which sites in the browser history caused a particular tile to display.
They didn't bend to social media. They made it very clear they were surprised by the internal reactions and that's why he stepped back down. Besides, social media or not, the primary reason the issue blew up at all was a lack of transparency in their organizational politics. This isn't about Gamergate.
The truth is, we'll never know the whole truth about why they did what they did. I find it hard to believe that social pressure played no part in their decisions.
> They made it very clear they were surprised by the internal reactions and that's why he stepped back down. Besides, social media or not, the primary reason the issue blew up at all was a lack of transparency in their organizational politics.
Eich wouldn't have been canned if not due to external political forces.
The core of Mozilla is gone, the organization's ongoing denial of it further sinks the brand off the deep end.
Create a wound. Deny it happened. When in history did that ever work?
It gives me the impression "mozilla are liars, they just don't care." Why do organizations continue to go along with lie as if repeating it rewrites history to washes away treachery like that?
> There's a political agenda and they probably don't know that they are doing it.
Ah, the old good FUD. Anything done on Mozilla's scale has political agenda as complex problems include multiple stakeholders and conflicting interests.
Perhaps you'll be able to shed some light on the negative externalities of Mozilla's agenda?
And could you name the people who know what they are doing?
I'm not saying there's a conspiracy or covert political agenda. There is no allegation to set forth they're aligned with anything.
The organization is reactive to the whims of external political / social pressures, namely that of social media, and they cave to them. They're not engaging in self-introspection, responding based upon core values we would expect, namely, the hacker ethic.
The hacker ethic is about merit. It's about protecting ideas and valuing curiosity, wit and cleverness to spur innovation. Ideas and opinions, especially if unpopular, would be tolerated - which is in essence is diversity. On twitter, Eich's out of work donation for a political cause, in the eyes of mobs, was juicy bait for professional agitators.
Are we to just let every organization get bullied into submission until all expression, down to how you want to raise your family, puts great engineers homeless and on the street?
If they could do it to Eich - they could do it to everyone.
>core values we would expect
Who are the "we" you are speaking for?
>the hacker ethic.
You are trying to impose your own, personal values, a subset of vaguely defined hacker ethic, on Mozilla. However, Mozilla's stated "mission is to promote openness, innovation & opportunity on the Web."
>The hacker ethic is about merit. It's about protecting ideas and valuing curiosity, wit and cleverness to spur innovation. Ideas and opinions, especially if unpopular, would be tolerated - which is in essence is diversity.
This is your personal interpretation. Let's compare your interpretation with the opinion of a person who is an epitome of hackers.
Richard Stallman describes:
"The hacker ethic refers to the feelings of right and wrong, to the ethical ideas this community of people had—that knowledge should be shared with other people who can benefit from it, and that important resources should be utilized rather than wasted."
"...Some hackers care about ethics—I do, for instance—but that is not part of being a hacker, it is a separate trait... "
You don't get to define hacker ethic and attack Mozilla from your personal ideological platform.
>...down to how you want to raise your family...
The whole controversy originated from the fact that Eich donated funds to the campaign designed to reduce freedom of expression(marriage) of particular group of people(LGBT). No-one challenged his opinions on raising his family.
>puts great engineers homeless and on the street? If they could do it to Eich - they could do it to everyone.
Really? Homeless and on the street? Nice fear mongering you've got there. Who is an agitator now?
This Eric Raymond?
"Pederasty, at least, remains a common behavior among modern homosexuals. The `twink’ or compliant teenage boy (usually blond, usually muscled, depicted in the first dewy flush of postpubescence) is the standard fantasy object of gay porn."[0]
Or this Eric Raymond?
"I believe, but cannot prove, that global “AIDS” is a whole cluster of unrelated diseases all of which have been swept under a single rug for essentially political reasons".[1]
Or this one,. Eric Raymond?
"You picked an extremely bad example there; Turing was atypical in a way that damages your case. If you examine the actual circumstances of Turing’s exposure, you’ll discover that he was remarkably and willfully self-destructive about it. Outed himself, under circumstances where he could easily have covered and (as I read it) the cop was trying to look the other way. Still, I’m not “pro” Turing’s suicide, just refusing to blame anyone else for it. He made his choice and died. End of story."[2]
Such hacker ethic, so much aspiration for meritocracy.
Excellent job of taking him out of context, while providing quotes that actually disprove your tenet that he's a bad person. After, if the reader was paying attention, they would clearly disagree, so you can claim no culpability for the act of misleading everyone.
I had no idea either and was quite surprised to see the attack on Mozilla from the author of "The Cathedral and the Bazaar". Decided to dig deeper and lost a significant chunk of my naivete concerning a certain type of open source advocates.
The cherry on top. As far as I understand these are true Eric Raymond's beliefs:
"It is relevant here that I am a third-degree Wiccan, which means that I’m pretty experienced at designing rituals that invoke god-forms for specified purposes."[0]
So the guy speaks his mind. In a work environment, you'd get canned. In a group of close friends at a bar / playing xbox, I could imagine buds laughing at that.
...
Some people are eccentric. Some people get validation from saying shocking things and getting a reaction.
Gay men do both of the above, at least as much if not more than straight men. Most gays I know are the most thick skinned, provocative people. They don't want Special treatment or pity and in fact learned to get amused by people who gawk at them. Case in point, Folsom street fair in sf.
My point is, so maybe he thinks he is redpill. maybe he's being an idiot and speaking aloud. Maybe he has a lesson to learn, but he's still a hacker.
He'd have difficulty running for political office. But I'm not about to censor his thoughts.
Eich was judged on the merit of his work and found wanting. At the time he was ousted, he was the CEO of Mozilla, which is both a leadership and a PR job. His views made it difficult for a number of talented people to work for him, and even more, those views made him a liability to the company's brand.
You're correct, being the CEO, he has a higher level of stringency and scruples to adhere to.
But then, there are a lot of Republican CEO's for publicly traded stock companies. Frankly there are also one's that attend campaign dinners and go to yacht clubs. I highly doubt that prevents people from working for them. In America, workers are focused on the task at hand, CEO's don't have any care (to judge against) the private lives of their own talent.
If you are reading this and are this or that - don't be dissuaded from working for a corporation just because the CEO's political beliefs. People are blowing this totally out of proportion.
Unless you're directly in contact with the CEO and he's spewing hate (rare) you are ok.
It's no different that Debian with Iceweasel.