Everyone saying "oh, just right click and remove it; it's so easy" is entirely missing the point. The simple fact is, Mozilla took a third-party, proprietary service and bundled it into the browser. If this becomes the new norm, imagine downloading Firefox v53 and having six different services installed (all consuming memory, collecting personal data, etc.) all because some research studies they collected said "people like this." Sure, every subset of the population is going to like different services. When I download Chrome, I install PushBullet, Disconnect, the Chromecast extension, and Ublock. But that doesn't mean that every other users wants or even needs those same things. The entire purposes of add-ons is that they can be... added onto the default experience. Mozilla has now begun changing the default. While they may claim this was done "purely for the benefit of users," it sure smells like it was done for money.
EDIT: for anyone who doesn't think it wasn't about money, please explain why it is so difficult to remove, why I have to open about:config to "disable" (not remove) it, and why it wasn't just added as an add-on (which already existed)?
> (all consuming memory, collecting personal data, etc.)
the integration does not collect personal data until the user opts in, and it does not consume memory beyond loading the image from disk until the user opts in.
meanwhile, that search bar up at the top is an integrated browser function (not even an add-on) that sends personal data to a 3rd party, closed source server.
> please explain why it is so difficult to remove
you remove it just like every other thing in your toolbar: click the menu button, drag it off of the toolbar.
> Mozilla has now begun changing the default
like when they added bookmarks, search, download menu, spaces, and countless other functions? that's literally what browser vendors do.
> like when they added bookmarks, search, download menu, spaces, and countless other functions? that's literally what browser vendors do.
All of those features either work offline or use Mozilla's own services as opposed to third party services.
The only exception I can think of at the moment is search which should also be provided through add-ons in my opinion because I don't use it - I go directly to Google website and search there.
> Mozilla took a third-party, proprietary service and bundled it into the browser
This is no different from the integration with Google or Yahoo. The Firefox-side code is not proprietary. It doesn't consume resources if you're not using it.
You can remove it via the customizeable UI feature too.
I've seen Firefox employees stating that there was no money involved.
Walled garden "ecosystems" can be also useful to people called "users". There are plenty of ways they can give up their privacy to gain some convenience.
The service integration code is entirely open source and isn't executed even once unless you choose to use it.
Just for comparison, Chrome has chunks of closed source code, including the binary blob that is downloaded on first run to enable listening for "OK Google". This add-on is pre-installed. And it's pre-installed to make Google more money.
It's not an add-on; it's a default, difficult-to-remove-entirely integration into the browser. Surely that must have taken more engineering work than to simply ship it as a default add-on, which is why people are questioning the motives behind it. How about instead of installing extra, third-party services into the browser that people may or may not want, Mozilla improves the add-on search experience to direct users to add-ons they may like? Or the first boot experience?
And I think comparing Firefox to Chrome is just legitimizing the argument; Firefox markets itself essentially as the opposite of most of the things Google does. "It's okay because Chrome does it" doesn't make me feel very good about Firefox.
It's a feature that folks had been asking for in Firefox and was originally planned a while back. The resources to do the actual service side were better used elsewhere, though.
I only referenced Chrome because the post I responded to specifically mentioned Chrome for comparison.
> The service integration code is entirely open source and isn't executed even once unless you choose to use it.
Not very reassuring.
Do you suggest i make a daily reminder to check the Firefox source code to check whether the implemented privacy invading code still "isn't executed" ?
of course it was done for money, I don't think there's any doubt about that. The question is: Is that bad? If this was an extension you could remove entirely, that didn't be default track you, I'd say no. Just like with google/yahoo tie-ins, mozilla has to earn money somehow. But I think the implementation of this tie-in was extremely clumsy
People need money to live. It is unavoidably about the money. The real problem is not the money, but where it comes from. It is not coming from the users, who expect everything to be free. That is the real problem. Things won't get better until we truly are the customer, not the product.
Well for one thing Firefox's cloud sync is completely open source, whereas Pocket is a proprietary cloud service. This, I believe, is one of the primary reasons people have a problem with this whole situation.
This sounds like FUD. The whole point of a (modern) browser is in essence a sandbox to safely run other peoples code. If you've ever visited a website, then you've given it permission to "install" arbitrary code from arbitrary sources. They're installed "in" the application (i.e. - its cache). Who cares?
In fact, visiting a website is considerably worse. The code may be quite large, and it's not vetted in any way (unlike the pocket plugin), so it might try to escape the sandbox.
If you're going to get fed up about this, at least have some reasonable basis for that. You might complain about the increased download size or disk usage (but the overhead is likely to be ridiculously small). You might complain about the attention pocket - a non free service - gets this way. Of course, this isn't too different from a default search engine. And did you know about https://activations.cdn.mozilla.net/en-US/?
At the end of the day, is your feeling based on anything other than a grumpy gut?
He cares because installing Firefox means you now also install software that can very easily be considered to be spyware. This is stuff that we'd expect for-profit corporations (hi Google, Microsoft and Opera!) to pull not the Mozilla Foundation who describe themselves as, and I quote, "non-profit organization that promotes openness, innovation and participation on the Internet. We promote the values of an open Internet to the broader world."[1]
Mozilla has clearly positioned itself as (1) the independent browser-vendor who cares about (2) open source, (3) the open web and (4) your online privacy.
If they start bundling "free" proprietary third-party services, where the price is a piece of the user's privacy, to provide a more seamless experience at the cost of bypassing "normal" rules for web-application integration, they have effectively compromised themselves on all 4 of those criterias.
This one incident is not the end of the world to me, but I've had this feeling for quite a while that Mozilla is losing both direction and momentum, and stuff like this helps cement it.
Had it not been proposed as a joke, I would already be looking forward to those Emacs-patches incorporating Webkit as the new embedded browser.[1]
[1] Embedding Webkit was proposed as a "solution" to the famous Emacs-quote "Eight Megabytes And Constantly Swapping"[2] no longer being valid or relevant.
> Mozilla has clearly positioned itself as (1) the independent browser-vendor who cares about (2) open source, (3) the open web and (4) your online privacy.
They were positioned that way, but ever since they gutted the security of Sync[1], it's really hard to take them seriously.
[1] First, your data is now 'secured' on their servers solely by your password, which for most people is memorable and thus breakable; previously it was secured with a high-entropy key, which was secured on your system with a memorable password, if desired. Second, login to their services (which uses that same God password) is performed by downloading JavaScript (and perhaps HTML and/or chrome; I forget now) from their servers, which means that they can at any time choose to intercept as few or as many user passwords as they wish—or as someone with legal authority wishes them to.
> Had it not been proposed as a joke, I would already be looking forward to those Emacs-patches incorporating Webkit as the new embedded browser.
I thought that there was a serious effort to do that. It'd be great IMHO.
If they start bundling "free" proprietary third-party services, where the price is a piece of the user's privacy
Like search engines? Terrible reasoning. Browsers need these or they won't be competitive. There was a judgment call that a read later mode is needed to be competitive, too. We can argue whether it's the right call, but not about the above.
He cares because installing Firefox means you now also install software that can very easily be considered to be spyware.
I don't get how that follows...like, at all. The same kind of weird reasoning can be used for setting a default search engine or sending back crash reports, telemetry or even update checks. We understand that some features of the browser have a privacy impact in return for user friendliness. It's not like they aren't upfront about that.
In all cases, you don't get the impact if you don't use the feature. The original post tried to say there was still some impact from having the JS sit unused on disk. That's just bullshit!
So you'd be 100% OK with Windows having Bonzi Buddy installed by default (and with it not being uninstallable) if it only ran when you clicked the icon, icon that is on the desktop and start menu by default? It only runs when a user clicks it so it's ok?
I think what I don't get is why this is so important that it has to be bundled in the browser. I have always viewed Firefox as being fiercely, at times absurdly, about the idea of providing a minimal browser on top of which users can use extensions to build whatever customised experience they want. Sure, integrating Pocket allows Mozilla to (in the quote linked by meesterdude (https://news.ycombinator.com/item?id=9876221 )) "provide this feature to our users in the best way possible", but the same argument could be made for tons of extensions; I think that they haven't made the case that this one is so important that it needs to be integrated. (Is the extension functionality, which can provide amazing services like Greasemonkey, really so limited that Pocket and Mozilla couldn't work together to write an extension that provides an indistinguishable experience?)
> I think what I don't get is why this is so important that it has to be bundled in the browser.
They've made a statement just last week following a developer summit. Sounds like Pocket et al might yet be repackaged as default addons afterall.
Folks said that Pocket should have been a bundled add-on that could
have been more easily removed entirely from the browser. We tend to
agree with that, and fixing that for Pocket and any future partner
integrations is one concrete piece of engineering work we need to
get done.
Putting focus on short term revenue can hurt long and medium term revenue, and thus degrade the value of the company. Of course if you're already hunting for the next gig in another company, then the short term bonuses may be the only things that matter.
I cannot find the source but I think it was Rushkoff who used a wonderful phrase: extracting wealth by destroying value.
It highlights the underlying problem better than anything I can come up with.
From other comments here, it sounds like data shows that this one is good for users. You can argue that other extensions might help, but this one has had an actual investigation done proving its benefit.
It seems likely that there are lots of other extensions that would also pass the bar of "users" (even 'lots of users'!) "like it in tests".
(Also, not to be nit-picky but because I think it's an important distinction, I don't think the investigation here "proved its benefit", but rather showed only that those users tested liked it. I suspect every designer would agree that bundling everything a user wants leads, almost paradoxically, to an unuseable mess.)
There might be more. But tests are time-consuming and can't be done on everything. Also, the number of addons you want to preinstall has to be quite small - past a certain limit, it's too much clutter in the UI, as you correctly said (and indeed the number is very tiny: Pocket, Hello, and Search if you count that).
Given the data available, Firefox is a better browser with Pocket than without, on average, for Firefox users. That's justification for bundling it. Perhaps more data will be collected and other addons might be considered later, but again, the bar gets higher and higher since the total number has to remain small.
> Also, the number of addons you want to preinstall has to be quite small - past a certain limit, it's too much clutter in the UI, as you correctly said (and indeed the number is very tiny: Pocket, Hello, and Search if you count that).
I think that the wording here is important: Pocket is not an add-on, at least in the sense that I understand it: when I go to Tools > Add-ons, nothing there allows me to disable or remove it. (I can't find it now, but I thought that one used to be able to manage search providers in a similar window.) Add-ons are by their nature trivial to disable or remove, and a solution involving going into about:config, where the user is explicitly warned of the dangers—in language far more frightening to a non-techie than any opt-in could be—is not trivial at all.
That's true. As mburns commented above, it looks like the goal is in fact to do the extra work in order to turn Pocket into an addon, for the reasons you mention.
Dude, an ad-blocker is a no-brainer for an addon that basically every user would love. For instance because your playlists on youtube no longer get interrupted by awful ads, and thus serve as a decent radio.
Adding a useful feature that also does evil things behind the scenes can be seen a net positive for (uninformed?) users, but that is still not an excuse for piggybacking the evil things.
You should let users have all the value from new useful features, instead of just keeping the balance barely positive after bundling some bad stuff.
> Pocket has been a popular Firefox add-on for a long time and we’ve seen that users love to save interesting Web content to easily revisit it later, so it was an easy choice to offer Pocket as a service in Firefox and we’ve gotten lots of positive feedback about the integration from users.
> All the code related to this integration within Firefox is open source and Pocket has licensed all the Firefox integration code under the MPLv2 license. On top of that, Pocket asked Mozilla for input on how to improve their policy, based on early comments from Mozillians. After that discussion, Pocket updated their privacy policy in early May to explain more precisely how they handle data. You can read Pocket’s privacy policy here.
> Directly integrating Pocket into the browser was a choice we made to provide this feature to our users in the best way possible. To disable Pocket, you can remove it from your toolbar or menu. If Pocket is removed from the toolbar or menu, then the feature is effectively disabled, though you can still find it again by accessing it in the Customize Panel. You can find detailed instructions here.
Almost all users of any popular browser are not tech savvy like you and I and other people here on Hacker News. They would not enable an opt-in feature because it would sound complex and confusing to them.
The Firefox design team did studies on this, seeing how real users interact with the feature. The results are that bundling it in the browser makes it useful to a lot of people, overall making the browser experience better for them. That's really all this comes down to - the data shows users are happier, overall, with it present by default.
Some users don't like it, like the author of this article, but more users do like it.
I don't get why you're being downvoted. If Firefox is a tool for the Mozilla Foundation to achieve their goals, then yes, it must absolutely be a product that anyone (not just experts) would be willing to use.
> They would not enable an opt-in feature because it would sound complex and confusing to them.
This sounds like an excuse that could justify withholding just about any choice from users. Why not have a first-run splash page with something like "Pocket is a really cool service that runs best when it's part of your Firefox. May we turn it on? [yes] [no] Don't worry, you can always change your mind later! [Read more about what Pocket does.]"
The real decision isn't made based on a guess like "it would sound complex". It is made by doing a user study - a test of actual users. That data guides the decision, and the data here showed users benefited more, on average, by bundling it, rather than having it be something the user needs to authorize and/or install.
I wasn't involved in the study on this. I watched a presentation summarizing the study.
User research isn't my field, but my understanding is that the study asked a random sample of people if they noticed the feature, if they found it useful, how they used it, and so forth.
This is a terrible reason: "We can't offer users a choice, because if we do that, most of them will decline! We know they want the feature, despite what they say, so we just won't offer a choice!"
Firefox has always been the browser that, in contrast to the competition, doesn't try to decide what's best for me. I really appreciate that. Even with this change Firefox is still the best about that, but it is not a move in the right direction.
Talking about UX studies here probably isn't relevant as the issue here is very much about inclusion of a closed source 3rd party data collection service included by default to an open source browser provided by a non-profit with a mission to protect users from, among other things, that very thing.
With that said, much of the UX research you are talking about deals with a users first use of a program. The entire program not the addition of one additional feature over time. Also, the more relevant research is that many, many users just click "no" unless they are lead to believe they will lose functionality they currently have. If we were to actually follow the current UX trends from research pocket(or pretty much any features) would never get added to Firefox at all past it's core use of browsing the web.
Talking about UX studies here probably isn't relevant
Of course it is, if the question is why it was bundled by default, rather than leaving it in the add-on store.
Also, the more relevant research is that many, many users just click "no" unless they are lead to believe they will lose functionality they currently have.
That is an argument in favor of increasing adoption of a feature most users would decline if they were presented with the choice. If that is truly considered appropriate behavior by Mozilla at this point, I think we're getting to the time for me to turn in my Firefox OS phone and switch over the Chrome(as I have been doing this week).
Either way, my issue(and I'm sure the issue to most people against it) is that Pocket is a closed platform. I was okay with the binary blobs since not having them would have significantly degraded the browsing experience for users, but including by default things like Pocket makes the moral distance between Mozilla and Google, Apple etc a small enough gap to me that I'm not sure I'm going to be sticking with Mozilla's products long term.
That is an argument in favor of increasing adoption of a feature most users would decline if they were presented with the choice.
But the question is when the choice is asked, right? If you would have the time to explain the Pocket feature to a normal users, don't you think most would say "OK, saving articles might be useful, keep it in"?
The problem is that you don't usually get the time to explain the feature well enough, and if there's no time, the user will click it away ASAP (and be annoyed).
Is there a specific reason you chose to ignore my repeated statements of what I believe is the real and most important issue with the addition and only address UX?
Maybe I didn't word my question correctly. I was wondering why you actively chose to repeatedly ignore my issue with including a closed platform by default. I repeatedly stated that this was my main issue and that the UX was an aside to what I felt was the issue that needed to be addressed.
Why did you feel it necessary to ignore that issue completely over several comments directly addressing it?
I find it interesting that he considers Firefox getting H264 support as "the browser getting worse and worse".
I don't like patented codecs either but there's no argument that making Firefox actually work with pretty much any video website out there is making it better, especially as they fought tooth and nail and only caved in when it was a foregone conclusion that H264 won out.
It's easy to see why Mozilla doesn't listen to people like him.
(And the tl;dr doesn't seem to agree with what's actually in the documents either)
> I find it interesting that he considers Firefox getting H264 support as "the browser getting worse and worse".
The issue, at least for me, is that the browser now downloads binary blobs behind my back. Therefore it is no longer an open-source browser, unless I patch it and build my own version to disable this stuff. Firefox being open-source was one of the big selling points originally.
Of course it's very convenient that video just works. User-experience wise it's just better. Noone is arguing that.
> It's easy to see why Mozilla doesn't listen to people like him.
Yes. It's completely understandable, the market for people who don't care about these issues is much larger. The reason many people are annoyed is because the free-software tech crowd used to be the target consumer for mozilla, that's the group that built the brand and the goodwill around it. Now they're turning around and using that goodwill to get new markets, while saying "screw you" to the people who built the brand for them.
All the power to them, it's just sad for us old users watching this ship burn. I'm hoping a new project will spring up that picks up the torch and focuses on being an open-source, privacy-preserving browser.
The issue, at least for me, is that the browser now downloads binary blobs behind my back... Firefox being open-source was one of the big selling points originally.
OpenH264 IS open source. Firefox downloads a pre-built binary (that happens to have a patent license included), just like it'll do if you update, for example, Debian Iceweasel.
The reason many people are annoyed is because the free-software tech crowd used to be the target consumer for mozilla
It still is, but only the people who are willing to be reasonable and listen to arguments. Demanding that a browser in 2015 does not support H264 is not realistic.
I mean, there's people arguing here that the current Sync system is a sell-out because it uses passwords instead of the old randomly generated keys.
If I see that, and the H264 argument, then I think there's two kinds of "open source communities": the ones that try to build usable products and a big circklejerk that is happy to have a solution only for themselves. If you follow the discussions about ANY kind of open source project that tries to help the mainstream, you'll often see the same pattern. (GNOME and systemd are some easy examples)
> OpenH264 IS open source. Firefox downloads a pre-built binary (that happens to have a patent license included), just like it'll do if you update, for example, Debian Iceweasel.
Sure, I can download the source. And I can patch firefox to restrict the auto-downloading and instead use a locally bundled version. But at that point I'm forking firefox to get a full-featured version built from source.
I can see arguments either way, but a lot of people, myself included, would not consider this fully open-source code.
Again, I am in no way claiming that the majority of people have a problem with this. But there is a group of tech people, who have historically been very pro-mozilla, who are now more on the fence or actively dislike moves like this.
> It still is, but only the people who are willing to be reasonable and listen to arguments. Demanding that a browser in 2015 does not support H264 is not realistic.
I would prefer you respond to the arguments made rather than resorting to strawmen. Nowhere in my post did I demand that H264 not be supported. I voiced an objection to the way it was included. You are free to disagree. If H264 really needed to be supported, I would have preferred this be done through exposing the OS video codecs, leaving firefox out of the whole thing.
> I mean, there's people arguing here that the current Sync system is a sell-out because it uses passwords instead of the old randomly generated keys.
And were any of those people me? Please, stop with the strawmen. This has nothing to do with the H264 discussion.
> If I see that, and the H264 argument, then I think there's two kinds of "open source communities": the ones that try to build usable products and a big circklejerk that is happy to have a solution only for themselves. If you follow the discussions about ANY kind of open source project that tries to help the mainstream, you'll often see the same pattern. (GNOME and systemd are some easy examples)
Just like we have different makes of car, most of them targeting the average consumer and some of them targeting niches and people who enjoy driving for its own sake. What's the problem, exactly, with making a product for a niche market? Why can't we have a browser made for techies?
When did scratching ones own itch become a bad thing in the open source community? For the record, I have contributed to browser development in the past, both mozilla and other projects. All of those contributions were to solve issues for me. Others have benefited from that. That's how a large chunk of the open source code we use every day got started.
By your definition of open source, I know of no compiled application that's fully open source. If you want to change it, you're going to need to fork it. If that's not intrinsic to source code in principle, it is in practice.
As to the H264 situation - how is using closed source and patented implementations better than using open-source but patented implementations?
I don't think anybody is happy with H264; but blaming mozilla is counterproductive. They clearly aren't calling the shots on this; and they tried their utmost to prevent it from happening by supporting numerous unencumbered alternatives. However, companies such as Apple and Microsoft refused to participate, and web developers chose to support H264 over the free alternatives. And lets be honest - there's no free alternative with comparable quality. And realizing that, mozilla supports the very interesting https://xiph.org/daala/ - but that's clearly far from ready.
What else could they have done to avoid H264 dominance? Failing to implement it would simply have hastened firefoxes decline, as despite FF's onetime significant market share, sites never adopted H264 alternatives to any large extent.
If you want to blame somebody, blame webdevs for that (but again... it's not like there was a good alternative).
> By your definition of open source, I know of no compiled application that's fully open source. If you want to change it, you're going to need to fork it. If that's not intrinsic to source code in principle, it is in practice.
By far most open source software, when built without changes, will produce a fully working binary that does not grab and run binary blobs at runtime. All that software would meet my criteria for acceptance.
> As to the H264 situation - how is using closed source and patented implementations better than using open-source but patented implementations?
If the work is deferred to the OS, it's not mozilla's problem. It is then up to the user to choose a platform with the desired codecs, which may be open or closed. People on platforms that already contain and expose closed-source codecs are unlikely to be concerned about these issues.
The rest of your comment, I agree with. I know mozilla fought hard to get a free codec included in the standard. That was very good, I'm certainly not trying to demonise mozilla here.
My problem here is only with the technical solution implemented after that fight was lost. And I worry about the precedent being set that mozilla is okay with the browser downloading and running precompiled binaries from the internet at runtime, without an explicit request from the user with a big, scary warning. That's mozilla's prerogative, they decide to go with the larger market and I totally understand that. It doesn't make it any less sad to watch, though.
>By far most open source software, when built without changes, will produce a fully working binary that does not grab and run binary blobs at runtime. All that software would meet my criteria for acceptance.
Huh? We're not talking about whether the main part of firefox is open source. We're talking about whether the H264 plugin is open source.
Look at firefox as your apt-get and the H264 plugin as something that you can either download a compiled binary of or compile yourself.
Is the only objection that it does it at 'runtime'? If you consider first boot part of the install process then that problem solves itself.
I want Pocket & Telefonica removed. Or at the very least implement something fair like the Search Engine toolbar (in the case for WebRTC video). Except Pocket, why on earth isn't that still just an extension.
Why force it on people who don't want it AND withhold the ability to permanently remove it? What's wrong with them?
Chrome has google accounts to synchronise recently viewed pages across devices. This is just Mozilla's response. There is already a popular extension, so why re-invent the wheel?
Firefox already has sync built-in. I think this is supposed to be an improvement over the current bookmarks system. Mozilla realized that Pocket was already doing that better than they were, so they just integrated it instead of reinventing it poorly.
> I think this is supposed to be an improvement over the current bookmarks system.
The old secure Sync was great, absolutely great. I could see all of my bookmarks and history from all of my machines, and it was all well-secured. There was nothing wrong with it.
I see this as Mozilla basically admitting that the extension model has failed; this is a textbook example of an extension, but they've decided that's not good enough.
The Firefox team has been very aggressive about performance lately. Each extension you have installed increases the startup time, so that's probably why they baked it in.
So it improves the performance for a very small number of Firefox users at the expense of the performance of all of the other Firefox users who never would have had the extension installed in the first place?
If it is changed to an addon, it will still be installed by default. It will just be easier to remove. That means most users will take the performance hit because most people don't mess with the defaults.
What's wrong with Telefonica? I heard people complain about it when Hello came out and I never understood why because I'd never heard of it. Is Firefox still open source at this point?
"Its main advantage is an ethical one: it is entirely free software. While the Firefox source code from the Mozilla project is free software, they distribute and recommend non-free software as plug-ins and addons."
Konqueror. The browser that was open-source from day 1 (back when Mozilla was still Netscape), that wrote their own first-class rendering engine with a tiny fraction of the money or developers that Mozilla has. I often wonder how history might've been different if they'd got the money and attention that Mozilla did.
Suppose you were to right click -> Customise and remove the icon, the feature is effectively disabled. If you can't take Mozilla's word on that, that's understandable. You can check the integration code - its open source. Now if you're going to say that its the principle of opting-out rather than opting-in, that's a separate discussion. If you're concerned about your privacy, you can protect it in 3 clicks.
If you're still concerned, then use IceWeasel or SeaMonkey.
User preferences are stored in the plain-text file "prefs.js" in your user profile directory. Presumably you could just append the preference to the end.
If you want a programmatic way to modify the UI, probably a simple extension could do that using Fx's UI API.
in some sort of weird recursive stroll through the internet I clicked a link from that page and got 'TabMarks', a service that consolidates bookmarks. Thought that was pertinent, given the discussion in this thread.
> we collect information about the URLs, titles and content of the web pages and other information you save to Pocket. The types of information we collect includes your browser type, device type, time zone, language, and other information related to the manner in which you access the Pocket Technologies. We also collect information about your use of the Pocket Technologies so that we can provide our services. For example, as a part of providing Pocket’s syncing features, we sync information about the items that you save and view within Pocket so that your list, tags, scroll position, and other account and usage information may be synced across all of your devices.
> In addition to the methods described above, we may also collect information using cookies or other technologies. You may decline our cookies if your browser permits, although in that case you may not be able to use certain features, you may be required to enter your password more frequently during a session, and you may be unable to install or use certain Pocket Technologies. Cookies and other technologies make our Pocket Technologies easier to use and help us customize and personalize the services we provide based on your interests and activities.
> We may also use "pixel tags," "web beacons," "clear GIFs" or similar means (individually or collectively "Pixel Tags") in connection with emails that we send to our users in order to collect usage data. Our use of Pixel Tags allows us to count users who have visited certain pages on our Website, to deliver branded services and to help determine the effectiveness of promotional or advertising campaigns.
> We may also analyze and use aggregated information to improve the products and services that we offer, and to develop new products and services.
> In the event that we or certain of our assets are acquired, user information may be included among the transferred assets.
> Please note this Privacy Policy will change from time to time. We may amend this Privacy Policy at any time by posting the amended terms on our Website that you can access at getpocket.com or through the options or help menu of the Pocket application. All amended terms shall automatically be effective thirty (30) days after they are initially posted on the Website.
> By installing the Pocket™ application, visiting our website or installing or using any of the Pocket Technologies, you are accepting these terms of service.
The firefox integration is not a pocket-brand application, website, or technology. It uses pocket's public API and is open-source, mozilla-developed and -licensed code.
I thought the API used was undocumented and custom to Firefox? I don't know where exactly I found the Google groups discussion going on between various Mozilla people and the community, but this was a point made a number of times. IIRC at least one Mozilla person was working on getting clarification regarding this clause of the TOS.
The part where you log in and then explicitly upload specific URLs to Pocket? The part where you navigate to the Pocket app and use it? This sounds like any other website.
Right click the toolbar, select CUSTOMIZE. Drag the Pocket button off the toolbar. Click "Exit Customize". No more Pocket.
I, too, don't care for it, but I'm not going to pretend that the inclusion of a new button that doesn't do anything if you don't use it is like injecting malware into my browser.
Because that's how surveillance-as-a-business-model[1] works[2]. The industry that brought us the "EULA" just loves to try to force contracts on people, especially when it tricks the user into giving up even more data.
It starts as a useful product until the network-effects take over and raise the cost of leaving, de facto locking people in. After they are hooked, you introduce various types methods to make the product rely more on remote services instead so more data can be captured. As few people understand the difference between a product that runs locally and a service that necessarily gives your data over to a 3rd party, this usually works without anybody noticing and objecting.
If a few nerds object, they are usually countered with a few lies about why such a service is "necessary", even when it isn't. In this case, the lie is that a 3rd party service is necessary so you can share your bookma^H^H^H^H^H^Hreading list on different devices (which assumes you have multiple devices, and that you want to move bookmarks between them). In hard cases, it may require some vague, misleading, and hard-to-prove statistics ("our data says user's like $foo", "everybody uses $foo"), or simply browbeating anybody that complains ("Then submit your own patches", "stop being paranoid").
The worst part is that for many of the engineers involved, this is probably unintentional. The human mind has a very limited "working set" that is given full attention; everything else is filtered heavily with various shortcuts[3], heuristics, and assumptions, making it incredibly easy to be distracted by endless technical details.
A more plausible explanation is that that's the only way people discover new functionality. Prediction: it won't be the default eventually (after people get used to the idea that they can easily pick and choose sharing services https://activations.cdn.mozilla.net/en-US/ to show).
It's opt-out because if it were opt-in, far fewer people would benefit from it.
The Firefox design team conducted user research experiments, and found that a significant amount of people like the feature (far more than dislike it). Most of those users are not techies, and would never even hear about an addon, so including it in the browser is the most realistic way to reach them.
That still doesn't explain why firefox has to be marketing for the Read it Later company. Why even bother having extensions if Mozilla going to pick and choose for you?
"this has absolutely nothing to do with money. We're shipping Pocket because we love their product, and so do our users. Pocket is, by very far, the most popular reading-list add-on used with Firefox."
Apparently they went too far: it's the most popular extension of that kind among people that care about reading lists (hardly the majority I think) and it's being hated by everybody that don't tolerate imposed choices. No good can come for Firefox and Pocket from this. If I were Pocket I'd ask Mozilla to unbundle the code into an extension as soon as possible because this is starting to be a PR backslash.
I'm not sure that is a denial. "[Us including pocket] has nothing to do with money." Could also mean "We like pocket enough to include it, but they are also paying us."
They had a win with the Hello chat stuff, which is backed by Telefonica. It's understandable that they might have tried another item in the same vein (regardless of underlying good v bad motiviation).
With that logic they could add the Ask Toolbar and make it opt-out too because otherwise far fewer people would benefit from it. Clearly adding pocket wasn't in the interest of users, but only Mozilla's. I doubt adding pocket by default into Firefox was even a thing anyone asked for.
And why Pocket? Maybe some Firefox users use Instapaper, and they had no say in the choice of Pocket.
>>hat a significant amount of people like the feature
So what?
Consider this argument: 80% like a feature 20% don't. You implement it, now 20% of the people aren't happy. Next feature is also 80%/20%, now between 36-20% aren't happy. Keep doing this and you will alienate most of your user base.
Did anybody actually want this feature? What percentage was that?
I don't see how it's shady. It's quite similar to other browser integrations. For example, Chrome integrates with Google services like Google Translate. All modern browsers do some amount of by-default enabled extra services. Of course, Search is the most familiar such service (google.com, bing, yahoo, etc.).
Firefox is, has always been, and always will be, open source. The Mozilla server side is similarly also open source. But Mozilla is quite small compared to Google and Microsoft, and so must partner with external parties for things like Search and Pocket.
Your search comparison is a good one. The bundled search providers are installed as removable. If Pocket was distributed in this manner (as an extension that was enabled by default, but removable via standard UI) there would probably be less of an uproar.
Um, no. Chrome prompts you to login, and uses the same login for your browsing session and the browser, but if you don't log in then you won't be logged in.
What are you asking for, exactly? That the browser should force you to login twice?
I think TheLoneWolfling explained it well, but I'll give you an example:
I want to be logged in in Chrome so that my bookmarks sync between devices. But I want to be logged out of my Google session so that my searches aren't tied to my Google account.
On Mobile Chrome, if you log into Chrome, you log into your Google account. There's no way to separate the two.
No. What I am asking for (although note I am not the author of the grandparent comment) is to be able to be logged into Chrome without being logged into a browsing session if I so choose. And as far as I know there currently is no way to do so.
It's nowhere near my only problem with Chrome, but it's one of the big ones.
This is similar to integrating with a search provider, which all browsers do, for better or for worse. And all search providers are closed source and for-profit: Google, Bing, Yahoo, Yandex, Baidu, etc.
however the precidence of selecting a closed source search provider already exists and is a strong expectation (this was something championed largely by firefox to begin with, as an interesting sidepoint)
There is no expectation of an integrated closed source "cloud reader" and attempts to paint this like "aww gee shucks it would be great it we could do something about this but thats just the way they world is" come off as extremely disingenious, especially as the mobile version of firefox had this feature baked in with no reliance on any third party at all.
> It's quite similar to other browser integrations.
"Online advertisements with active content aren't shady, almost all networks use them!"
Except for course, what you said it's identical are a notoriously shady group of activities, which has led to much abuse my market leaders at various times (Google, Microsoft), and we see no difference here. For that matter, neither do you.
I get that Firefox benefits from shipping the integration, but you haven't provided any good technical reasons for it not being fundamentally a shift in the way you do business and kind of exploitative.
Holding up a bunch of famous exploitations as "me too!"ing is tonedeafly missing the complaint.
Historically, the binary blobs provided as "browser integrations" are both major attack vectors and used by market leaders to exfiltrate inappropriate data under the aegis of "they didn't opt-out of our totally optional service!".
So yes, the market is fundamentally shady for "browser integrations".
There are no binary blobs involved here. The API endpoint is closed source, but the Firefox-side code is not. This is true for Pocket, Hello, and Search.
Ok, I think I understand your objection now. I can sympathize with your position - browsers would be purer without such integrations. It would be a better world.
I do think, however, that to compete with other browsers, such integration is necessary. If Firefox doesn't integrate with search, users will not find it useful, because they are so used to using google.com and so forth.
So I agree browsers would be better with no such integrations. It's a necessary, sometimes painful compromise.
> If Firefox doesn't integrate with search, users will not find it useful, because they are so used to using google.com and so forth.
This is a particularly weak case, because what's really needed for this feature at the browser level is an API for search providers, backed by several plugins which take advantage of the feature and offer various providers.
However, that's not what Firefox did here, as far as anyone can tell. Why not? No technical reason has been provided, and the replies have been so completely off topic as to cause a long debate thread over that very reasonable concern.
Firefox tightly coupled a technology to their platform rather than providing a service API and plugins, and we have no understanding of why a group committed to openness would make such a fundamentally close source move.
Historically speaking, the reasons groups do that is malice.
Wouldn't "decide on first run" (i.e., the user is queried if, say, `browser.pocket.firstRun` is set to `true`) address both issues (of users who don't want to be opted in automatically, and of users who wouldn't discover it if it were opt-in only)?
Applying the "make it an option" tactic to all questions of UI is how one ends up with a preference menu like Eclipse's. It's a tradeoff, and "I'm on the losing end of the tradeoff" doesn't mean the wrong decision was made.
I think that the second sentence mischaracterises my argument (I haven't said anything, though my opinion is probably clear, about whether this is the right or wrong decision); but I appreciate the first sentence. I have been arguing the drawbacks of one extreme of the trade-off (bundle everything!), but it's worthwhile to observe, as you did, that the other extreme (prompt for everything!) is equally silly—so that really, I think, what we're all debating is what is the appropriate point in the middle, not at which end we should live.
The button is "decide on first click" whether you want to actually set up the integration. I think the opting aspect is fine, even if it should have been constructed as an extension.
That does not address the terms of service concerns. Not to mention that that sort of thing (random popups asking "do you want to enable X") gets far too many accidental misclicks. Look at bundled installers to see what I mean.
I'm afraid not, because for the average user, who understands very little about software, asking them "do you want [complex new feature]?" is almost always going to get a "no". And even if it isn't an actually complex new feature, it sounds that way to them.
It's true that this seems perhaps a little silly to people like us. We might prefer this to be opt-in. But we are a rare type of user. Studies show the best decision here is to bundle it by default.
> Studies show the best decision here is to bundle it by default.
I believe that there are meanings of 'best' for which this is true, but they aren't, I think, necessarily the right ones. In this case, it seems like 'best' is "best for widespread adoption of Pocket".
OK, so let's buy that widespread adoption of Pocket is a good goal because more users like it than don't. I'm sure there are lots of add-ons with this property, but we don't add them all on—so what is so special about this one, beyond just that it tested well, and moreover what is so fundamental about it that it has to be integrated at the browser, rather than extension, level?
I think that I was unclear. When I said "best for widespread adoption of Pocket", I meant just that: Mozilla have decided, after gathering data, that Pocket is a service that is good for users, and they want as many people as possible to use it. I did not mean to suggest that this was an attempt by Mozilla to promote Pocket for Pocket's sake.
This. It's like everyone wants Firefox to look like version 1. Seriously guys, there are great features like reader mode which people don't know about. There's a sync mode that people apparently aren't using (I know about it and even I haven't set it u, but I do have Pocket installed)
The Firefox design team needs to test these things out. If y'all don't like it stick to Iceweasel or some other fork. Just don't expect much innovation from the forks.
You're spewing so much PR bullshit in this thread it's fucking ubelievable. Why exactly a useless thing like this? Why aren't other, way more useful addons like AdBlock in by default? I tell you why - because you, and your friends in the "research" department are being paid for this.
Maybe that's all you have to do to have it not track your activity, maybe not. Maybe disabling it in about:config and setting all the strings related to it to "null" is enough to keep it from tracking you; again, maybe not.
Either way, it's a shitty thing for Mozilla to do, just as it was a shitty thing for Google to sneak in code in Chromium that downloads and installs proprietary blobs after compilation and packaging.
The list of truly open web browsers keeps getting smaller.
There is no "maybe" about it. It's open source. If you don't interact with the button, then nothing will be sent to a third party or tracked. You can remove the button and disable it entirely if you want, but at no point will anything be sent or tracked if you don't click the button.
> The list of truly open web browsers keeps getting smaller.
I'm talking about what the author of the article pointed out. Did you read the article?
"Non-free software-powered. You want to host your own instance? You can't. Also, you can't modify, translate, reverse engineer, decompile, disassemble, or create any derivative works based on the Pocket Technologies, including any of its files, tables or documentation, or any portion thereof, or determine or attempt to determine any source code, algorithms, methods or techniques embodied in the Pocket application or any portion thereof. Yes, this service is integrated in your favourite Open-source web browser."
The reality is if you are not concerned about trust, openness etc Chrome/Webkit is currently going to give you a better end user experience. With Mozilla losing the moral high ground, my reasons for using it over Chrome and especially Firefox OS over Android(or Firefox in Android) diminish greatly.
I think I'll choose not to use Firefox anymore. Google swiftly reversed their bad decision to include a silent binary blob downloader, but I didn't go back to Chromium because that trust was broken.
What I mean is, it's not so much about open source (I used closed source technology every day), it's about the overall openness of the project. Mozilla has chosen to integrate a proprietary service in what is supposed to be an open browser, and that bothers me enough to not use their product anymore.
And if it's not already apparent, no, I won't be using Pocket either. :)
That's the license of the API integrated in Firefox. What I quoted is Pocket's Terms of Service[1], as explicitly stated in the article. And that's what I take issue with: It's a proprietary service the users didn't ask for in a browser that is supposed to champion openness.
In other words, my decision isn't based on whether the API is open source. Mozilla chose a proprietary platform instead of an open platform; whether out of laziness or due to a kickback from Pocket, I simply don't like it. I like choice, and I choose to stop using Firefox.
What I quoted is Pocket's Terms of Service[1], as explicitly stated in the article
Which quite obviously don't apply to Firefox in their entirety. The quoted section specifically doesn't apply, and I hope it's obvious to see why.
You can decide whatever you want, but given that you specifically quoted that section as the reason earlier, it's obviously not based on sane reasoning but on self-justification.
Your ad hominem attack notwithstanding, I see where you're coming from. I just think you fail to see where I'm coming from. Here's my issue as simply as I can put it:
Mozilla chose to use a service provider that is not only proprietary, but (as the terms I quoted indicate) aggressively anti open-source/open standards. This, combined with the fact that we can't choose a different "read later" provider, makes me wary of using Firefox from here on out. As I indicated in another comment, I also don't care for search engine integration, but that's a battle that was lost a long time ago. At least with most browsers (including Firefox) the user can change the search provider to one she prefers; with the Pocket integration, it's Pocket period because it's hardcoded with their API only. I would have preferred Mozilla either bundle Pocket as an add-on, or if they are going to integrate a "read later" function, do it using an open (as in open to any provider) API and publish the specs so any provider can then offer their services.
I've never been happy with search engine integration with any browser, but that's been a dead horse for well over a decade now. Besides, I can remove those services from Firefox and substitute any search engine I want, or none at all. I can't change Firefox's choice of "read later" providers because it's hard coded to Pocket. They chose for me, and don't allow me to alter that choice. With search engines at least I can control the service provider.
If they provide an extension, you can use whatever read-later provider you want. You can trivially remove or disable the Pocket button. I agree Firefox made a mistake not integrating this as an extension, and whether it should be included by default is a valid question. But you're really exaggerating any amount of "evil" being done here.
Well I never actually said it was "evil", just outside the bounds of what I find acceptable. And it's interesting to see that, after all of that back-and-forth, in the end you and I agree: It should have been implemented as an extension, not hardcoded to one specific provider.
For everyone saying "Customize" this and opt-out/in that. Why not just have Pocket be a pre-installed add-on? That sounds like a compromise that would satisfy both camps and fit in with the Firefox philosophy.
> Directly integrating Pocket into the browser was a choice we made to provide this feature to our users in the best way possible.
I don't know why (or whether) this direct integration makes such a difference compared to providing it as an extension, or even what is 'best' about it (fastest? Easiest? Most consistent?), but that's what they said.
Is Mozilla getting anything from this? I know in the old days almost all of Mozilla's income came from money Google gave them to set Google as the default search. I suppose you could look at this as a similar thing, the difference is you could easily remove Google as the default if you wanted to.
Their new suitor is Yahoo, but since we're on the subject of Firefox defaults and funding, this reminds me that Firefox's "Show Cookies..." UI has been broken for years.
And that Mozilla refuses to merge many of Mike Perry's privacy and security-enhancing patches for Tor Browser Bundle because they make advertisers' lives more difficult.
I could trivially list at least a dozen default Firefox preferences that could readily be explained by conflicts of interest, rather than common sense or Mozilla's commitment to user privacy or their increasingly-touted (and I'm guessing, unpublished) user studies.
It would be interesting to study which Firefox 'features' get prioritized or broken or fixed via paid staff time on a given time horizon and plot that against deals Mozilla makes with 3rd parties.
>And that Mozilla refuses to merge many of Mike Perry's privacy and security-enhancing patches for Tor Browser Bundle because they make advertisers' lives more difficult.
> And that Mozilla refuses to merge many of Mike Perry's privacy and security-enhancing patches for Tor Browser Bundle because they make advertisers' lives more difficult.
I don't think Mozilla should be in the business of deciding what content is appropriate for users to view. Users can install extensions to do that if they wish.
And that Mozilla refuses to merge many of Mike Perry's privacy and security-enhancing patches for Tor Browser Bundle because they make advertisers' lives more difficult.
Tor is willing to break webpages and website features if that keeps the user untracked. That isn't viable for a general purpose browser.
Mozilla had a reader mode, and instead of implementing their own service for saving things to a cloud, they used an existing, popular one after lots of user research.
On top of this, Firefox for Android now demands access to your contacts list. The browser itself has no need for your contacts list. But Mozilla Sync and Pocket do.
This is what happens when you have a tightly-coupled "NPO" that needs to use creative means to fund their organization.
Mozilla is not exactly light-weight anymore and they have major expenses these days, which means they either need to go cap-in-hat and beg YaGoogFace or tell users that user-interest is still core, whilst integrating "sponsored" plugins deep into the browser.
This is no different to getting "free" software on MS back in the 2000s, at the expense of having to install that shitty ask.com toolbar.
Privacy and security really seems to be becoming more of a fallacy on the internet now.
IIRC Mozilla needs to open up their sources of revenue at the end of the year anyway because of nonprofitness or whatever (at least, they do do it), so they'd have to disclose it later.
No, they're great examples: most people find search useful and don't object to it, even if it brings Mozilla revenue and if it has privacy implications.
I'd use Sync with my own server but Firefox on Android is not good enough (rendering is too slow, font inflation sub par, etc) so I don't have anything to sync with. I'm using Opera on my phone and my tablet. Opera doesn't sync with personal sync servers so I'm not syncing between them too.
This is making a mountain of a molehill. Pocket like functionality is an integrated and expected feature of every browser today. Mozilla decided that instead of making the effort to reimplement this (efforts which are better redirected towards stuff like finally completing per tab processes), they would integrate the most popular extension that was being used for this functionality.
Pocket does not immediately gain any info about the user until the user explicitly opts in.
Mozilla certainly needs to be more transparent about how these companies are selected, and the way this information is first presented to the user. And they have acknowledged they did it poorly with both Telefonica and Pocket, and are looking to improve. But it is in no way an abandonment of their core principles by any stretch of the imagination.
IE11 has a reading mode since Windows 8 I think. The replacement Microsoft Edge browser will also include it.
Firefox for Android actually had its own 'reading list' for a while too. Won't be long until Pocket will be on Firefox for Android by default if this is their direction.
I have a Pocket account and use their bookmarklet when I want to save something for later reading on my tablet or phone. That should be reasonably private (apart from what I obviously send to them), correct?
As said in other threads, firefox/mozilla decided to stop developing their own in-house similar feature, and to collaborate with the existing and apparently better pocket.
As has been pointed out dozens of times in this thread, Mozilla didn't get any money from the integration. Although indirectly they of course save engineering salaries from not building the feature themselves.
ever since an ad appeared on my firefox ive been looking for something else. tried vivaldi but its based on google code, and i dont support google either. hard to know where to turn next.
It is very important to the open web. People expect more from Firefox because they state what they stand for. See here https://www.mozilla.org/en-US/about/manifesto/. Integrating a proprietary service into Firefox is contrary to this.
EDIT: for anyone who doesn't think it wasn't about money, please explain why it is so difficult to remove, why I have to open about:config to "disable" (not remove) it, and why it wasn't just added as an add-on (which already existed)?