Sarah Jamie Lewis

Firefox forks might be a reasonable short-term solution to the current era of Mozilla paper cuts, but the crisis is ultimately driven by economics.

Browser dev and maintenance is expensive and that pressure is pushing Mozilla towards the same underhanded, advertiser-driven strategies embraced by google et al.

At best firefox-forks are a less well funded version of what Mozilla used (at least publicly) aim for.

Sep 13, 2024 at 8:30pmWeb
Show threadSarah Jamie LewisSep 13, 2024
What I would really like to see in the browser space is an actual strong vision that prioritizes the open web, and community building - one that suggests alternatives to ad-tech (e.g. browser support for micropayments or subscriptions or view-proportional payments or the dozens of other models proposed over the decades)
Show threadSarah Jamie LewisSep 13, 2024

More broadly, I think it most spaces people are desperate for something that can actually cheer on - instead of half-heartedly supporting because they are not-technically as bad as the other options in some categories.

A vision of a future. Rather than a continuously exploited present.

Show threadPhilSep 13, 2024
@sarahjamielewis This, absolutely! A lack of visions for the future seems to be an almost ubiquitous issue right now, but these visions can be developed!
Show threadAndy MilesSep 13, 2024
@sarahjamielewis @Em0nM4stodon I have been living in Vivaldi, and have heard murmurs of Ladybird and Servo. Excited to hear when someone has alternatives!
Show threadlaurentSep 14, 2024
@sarahjamielewis I want to see a @servo based browser with good anti-ad tech, and a built-in way to remunerate visits like you say. Sounds like a browser of the future.
Show threadEric A. MeyerSep 13, 2024
@sarahjamielewis Servo?
Show threadSarah Jamie LewisSep 13, 2024
@Meyerweb servo may be part of the solution - I do think that making it easier to build and maintain alternate browsers is likely needed to approach some kind of better future.
Show threadstgiga (they/them) Sep 13, 2024
@sarahjamielewis

I'm sorry, I CANNOT get behind ads OR the ❝alternatives❞ you propose. Adding microtransactions, subscriptions, view-proportional (and thus tracking), or such to HTML5 (and by extension browsers) is a VERY bad idea. We don't need more fucking modals, paywalls, or nag boxes.

I will reiterate that the entire tech monetization system, as we know it, is a broken piece of fuckshit. What you propose is NOT the solution. It's like saying 🙶The solution to pollution is dilution.🙷, which it isn't.

As someone who is financially-underwater, I find these "ideas" completely fucking repulsive. We DO NOT need paywalls added to fucking HTML5.

I'm really fucking losing my cool here and due to yesterday's events that included HRT drama.

I'm GLAD Gumroad recently got fucked. Oh and nobody will ever miss Adfly.

Let's just say that this is probably the angriest Fedi post I've made in a while, because what I'm responding to is a suggestion of something like the fucking Web Integrity API.

ALSO I'm a fucking web app developer.

I don't hate you, but damn, those "ideas" you floated are damaging and will only make the web WORSE. End of story.

There are better ways to achieve the desired results.

If you have something positive I'd love to see it. But not THIS. I'm sorry for the profanity by the way, I'm just really rattled from all sorts of crap recently. That's its own story, but at least I see Green Day tomorrow.
Show threadSarah Jamie LewisSep 13, 2024

@stgiga

My words, at most, expressed a desire to see browsers trial new features to undermine the current ad-driven ecosystem. New economies come in many forms, and I don't know what combination of models would be viable.

From those words you extrapolated a (really) bad implementation and then expressed anger at me for promoting it.

Show threadstgiga (they/them) Sep 13, 2024
@sarahjamielewis

I suspect I must have misinterpreted your post tbh. I don't hate you.

Truthfully my rage is towards the current online content ecosystem, a challenging issue to fix without giving big corporations even more power to squeeze money from users. THAT's my problem with trying to make these features real.

But what we CAN agree upon is fuck ads. They're at this point a cross-platform virus development toolkit. And a source of scams. I'm in favor of regulating them into having NO CSS, JS, or IMG tags, in a style similar to unbranded cigarette boxes in non-American countries.

Oh and Flash going bye-bye didn't fix ad malware so...

My apologies.
Show threadVertanaSep 13, 2024

@sarahjamielewis It’s in the early days, but something like this?

https://ladybird.org/

Ladybird

Ladybird is a truly independent web browser, backed by a non-profit.

Show threadmccSep 13, 2024
@sarahjamielewis It is also unfortunate because a point a number of mozilla/ex-mozilla people have raised with me is that the forks don't have security fast-response teams and will naturally lag a little on deploying time-sensitive security patches. and i just don't have a compelling response to that :(
Show threadHishamSep 13, 2024

@mcc @sarahjamielewis An honest, vulnerable and naive question: how fast do we really need security response to be?

I mean, I've often ran browsers several versions out-of-date (either by disabling auto-updates on my phone, or by installing an alternative .deb over Ubuntu's) and I have only updated when I found that a particular site stopped working. All seemed ok.

Again, not a rhetorical question and not me saying "maybe we don't need fast updates". I'm asking why should I not be doing this.

Show threadmccSep 13, 2024
@hisham_hm @sarahjamielewis I want to think about everything in terms of costs, benefits, risks, harms. If we needed to get off Chrome because Google was acting shady, I would not use "but Google has very fast security response times" as a reason to stay on Chrome. But the concerns about, say, Firefox are lesser and easier to mitigate with simple measures like autoconfigs. I don't know.
Show threadviqSep 13, 2024
@hisham_hm @mcc @sarahjamielewis browsers are a high value target, since that's what you use to reach out to the world.
When high profile software is patched, especially for an "interesting" bug, from what I hear it's not unusual for exploits for that to appear within days, maybe a week.
There have been documented cases of advertising networks serving ads that were malicious.
[1/2]
Show threadviqSep 13, 2024
@hisham_hm @mcc @sarahjamielewis How far from that to being able to compromise your browser and your system? I don't know. But I don't feel comfortable using an outdated version of such an exposed piece of software.
[2/2]
Show threadviqSep 13, 2024
@hisham_hm @mcc @sarahjamielewis and how fast a response would be "comfortable"? Personally I'd probably accept builds with fixes from upstream to be available within 2-3 days. If they were on the ball and kept vital fixes to that, I guess I could live with waiting for bugfix releases for a week, but that's pushing it.
But there's a question of what *their* code changes, and how well they're able to deal with bugs and vulns in that.
Show threadSarah Jamie LewisSep 13, 2024

@hisham_hm @mcc

Most of the time you will be fine, ad-blockers and the fact that most people stick the the same small set of sites most of the time minimize the attack surface greatly.

But then once every 2 years or so, something like the web-p vuln happens and any image loading becomes a potential full-system takeover. At that point you really do want fast update rollout.

Show threadHishamSep 13, 2024

@sarahjamielewis @mcc Thanks! That matches my general feeling of "how bad can it be to access Wikipedia on a year-old version of a browser".

My feeling is that this makes a firefox-fork that's upgrading on a best-effort volunteer basis somewhat of a viable option for someone like me, but not something we could go around recommending for family and the public at large the same way we've been campaining for Firefox over all these years...

Show threadmccSep 13, 2024
@hisham_hm @sarahjamielewis I want to remind that there is "Firefox ESR" which is an official version of Firefox that updates no more than once a year EXCEPT security updates. This will not protect you from misfeatures but it may be easier to maintain, for example, an autoconfig that blocks misfeatures if you know misfeatures come no more than once a year. We shouldn't have to do even that, but if that's the world we live in maybe that's the solution.
Show threadHishamSep 13, 2024

@mcc @sarahjamielewis I'm typing this from my personal laptop running the last version of GoboLinux I helped build. Half of its packages are from 2017. Its kernel is Linux 4.x. Every package was compiled by either by me or a friend, save for LibreOffice and Firefox.

The only thing in it I have on semi-auto-update is Firefox, which is running from the upstream binaries with "auto-update on restart" (and I don't restart it for weeks or sometimes months). That's how much I trusted Mozilla. :(

Show threadMatěj Cepl 🇪🇺 🇨🇿 🇺🇦Sep 15, 2024

@hisham_hm @mcc @sarahjamielewis

I wonder whether the applications like Firefox are not exactly the best candidates for giving up and using #Flatpak only. Although, perhaps #GoboLinux is exactly the distro, which doesn’t want to use Flatpaks?

Show threadHishamSep 16, 2024
@mcepl @mcc @sarahjamielewis I have used AppImages successfully. When I tried using Flatpaks, they were not isolated enough, and failed due to making assumptions about the underlying system libraries.
Show threadMatěj Cepl 🇪🇺 🇨🇿 🇺🇦Sep 17, 2024

@hisham_hm @mcc @sarahjamielewis

I think it is different on different distros.

Without trying to have much of an opinion of my own, let me post here (a bit old, yes) link to https://youtu.be/4WuYGcs0t6I by @sysrich

#OpenSUSE #Tumblweed #Rolling_release #MicroOS #Moldavite #Flatpak

- YouTube

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Show threadHishamSep 17, 2024

@mcepl @mcc @sarahjamielewis @sysrich

Before even watching the video:

> I think it is different on different distros.

Yes, that's what I meant. I'm sure Flatpak works well on some distros. But the point of those all-in-one packages was to abstract us from the underlying distro. (I do understand how hard/unfeasible it is to get full universality — just saying that in my experience with a VERY nonstandard distro, _the AppImages I tried_ did better.)

Show threadkuro68kSep 13, 2024
@sarahjamielewis
Can any parts of FF/Chromium be used? Like the expensive parts, the HTML and JS engines. That might make the rest more viable.
Show threadaeriqueSep 13, 2024

@sarahjamielewis I still think the EU should fund a Firefox fork and make it a rule that goverment and member state's sites are tested to work well on it.

Basically because I can't think of anything better.

@EUCommission @kimvsparrentak

Show threadMatěj Cepl 🇪🇺 🇨🇿 🇺🇦Sep 15, 2024

@sarahjamielewis

less well funded === with less future