Hacker News new | past | comments | ask | show | jobs | submit login

> please explain why it is so difficult to remove

right-click, "Remove from toolbar". There you go.




Removed from toolbar, but not from Firefox itself. My password list isn't accessed directly from the toolbar, but it's still in the application.


This sounds like FUD. The whole point of a (modern) browser is in essence a sandbox to safely run other peoples code. If you've ever visited a website, then you've given it permission to "install" arbitrary code from arbitrary sources. They're installed "in" the application (i.e. - its cache). Who cares?

In fact, visiting a website is considerably worse. The code may be quite large, and it's not vetted in any way (unlike the pocket plugin), so it might try to escape the sandbox.

If you're going to get fed up about this, at least have some reasonable basis for that. You might complain about the increased download size or disk usage (but the overhead is likely to be ridiculously small). You might complain about the attention pocket - a non free service - gets this way. Of course, this isn't too different from a default search engine. And did you know about https://activations.cdn.mozilla.net/en-US/?

At the end of the day, is your feeling based on anything other than a grumpy gut?


It's just a bunch of JS code that never gets loaded. Why would you care if it's still on the disk, are you on a 100M HDD?


He cares because installing Firefox means you now also install software that can very easily be considered to be spyware. This is stuff that we'd expect for-profit corporations (hi Google, Microsoft and Opera!) to pull not the Mozilla Foundation who describe themselves as, and I quote, "non-profit organization that promotes openness, innovation and participation on the Internet. We promote the values of an open Internet to the broader world."[1]

[1] https://www.mozilla.org/en-US/foundation/


Indeed.

Mozilla has clearly positioned itself as (1) the independent browser-vendor who cares about (2) open source, (3) the open web and (4) your online privacy.

If they start bundling "free" proprietary third-party services, where the price is a piece of the user's privacy, to provide a more seamless experience at the cost of bypassing "normal" rules for web-application integration, they have effectively compromised themselves on all 4 of those criterias.

This one incident is not the end of the world to me, but I've had this feeling for quite a while that Mozilla is losing both direction and momentum, and stuff like this helps cement it.

Had it not been proposed as a joke, I would already be looking forward to those Emacs-patches incorporating Webkit as the new embedded browser.[1]

[1] Embedding Webkit was proposed as a "solution" to the famous Emacs-quote "Eight Megabytes And Constantly Swapping"[2] no longer being valid or relevant.

[2] https://en.wikipedia.org/wiki/Editor_war#Humor


> Mozilla has clearly positioned itself as (1) the independent browser-vendor who cares about (2) open source, (3) the open web and (4) your online privacy.

They were positioned that way, but ever since they gutted the security of Sync[1], it's really hard to take them seriously.

[1] First, your data is now 'secured' on their servers solely by your password, which for most people is memorable and thus breakable; previously it was secured with a high-entropy key, which was secured on your system with a memorable password, if desired. Second, login to their services (which uses that same God password) is performed by downloading JavaScript (and perhaps HTML and/or chrome; I forget now) from their servers, which means that they can at any time choose to intercept as few or as many user passwords as they wish—or as someone with legal authority wishes them to.

> Had it not been proposed as a joke, I would already be looking forward to those Emacs-patches incorporating Webkit as the new embedded browser.

I thought that there was a serious effort to do that. It'd be great IMHO.


If they start bundling "free" proprietary third-party services, where the price is a piece of the user's privacy

Like search engines? Terrible reasoning. Browsers need these or they won't be competitive. There was a judgment call that a read later mode is needed to be competitive, too. We can argue whether it's the right call, but not about the above.


He cares because installing Firefox means you now also install software that can very easily be considered to be spyware.

I don't get how that follows...like, at all. The same kind of weird reasoning can be used for setting a default search engine or sending back crash reports, telemetry or even update checks. We understand that some features of the browser have a privacy impact in return for user friendliness. It's not like they aren't upfront about that.

In all cases, you don't get the impact if you don't use the feature. The original post tried to say there was still some impact from having the JS sit unused on disk. That's just bullshit!


So you'd be 100% OK with Windows having Bonzi Buddy installed by default (and with it not being uninstallable) if it only ran when you clicked the icon, icon that is on the desktop and start menu by default? It only runs when a user clicks it so it's ok?


Spyware that you have to log in to? Spyware that you explicitly send URLs to?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: