Mastodawn

Theo Paris Mar 2, 2025

Sarah Jamie Lewis

General rule of thumb: Every time an organization updates their terms of service and/or privacy policy, it is never because they have your best interests at heart.

Specific thoughts on this latest Mozilla action (https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/)

Setting aside the "worldwide license" bullshit, the privacy policy appears to have broadened both the classes of data Mozilla aims to collect, and the situations in which they collect them.

These are not the actions of an org that cares about your privacy.

Introducing a terms of use and updated privacy notice for Firefox | The Mozilla Blog

UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of t

Sarah Jamie Lewis Feb 26, 2025

I'd specifically like to bring attention to the "To market our services." bases for data collection under which Mozilla now claim the right to gather, among other things, Unique identifiers and Browsing data - under which Consent is only considered if they have a legal obligation, and of course it's opt-out.

Sarah Jamie Lewis Feb 26, 2025

There is also the incredibly broad "To comply with applicable laws, and identify and prevent harmful, unauthorized or illegal activity." in which Mozilla states they may gather "all data types" - among the defined types include: searches, browsing data (visited URLS), content and any other data.

In support of nebulously defined "identify and prevent harmful," and in response to law enforcement.

That "learn more about" link just goes to a list of definitions.

Sarah Jamie Lewis Feb 26, 2025

This is far from the start of this journey, Mozilla have been working towards this point for many years.

A creeping corruption that I think has finally taken hold.

They themselves, say it best:

"Although we’ve historically relied on our open source license for Firefox and public commitments to you, we are building in a much different technology landscape today"

Sarah Jamie Lewis Feb 26, 2025

I need a web browser, I need it to be open source. I need it to be secure and maintainable. I need it to work in my best interests.

Firefox is no longer that browser, I'll be working to move off of it. I don't think there is an obvious place to go, yet.

Sarah Jamie Lewis Feb 26, 2025

For those asking what my current plan is:

I'm going to push forward on migrating my use of more complex web apps to a standalone equivs where available (e.g. mastodon / rss readers)

In the short term, probably tor browser to do more general browsing. I trust that team to be able to strip out most of the bad, and keep the rest generally locked down.

Long term: It's time to really commit to building something better.

Sarah Jamie Lewis Feb 26, 2025

Now trying out Tuba on Linux as a local mastodon client. A few rough edges to get it up and running (that I mostly attribute to my not-at-all standard linux setup)

But I think this could work...

Joakim Fors Feb 28, 2025

@sarahjamielewis Just wish tuba would have multi column support. It also seemed to get sluggish when left open for a few days.

aproitz Feb 26, 2025

@sarahjamielewis

This is, what I tried to say about #Tor #Browser.
You need at least, a #Minimum of #Trustworthyness to hope, they strip the #bad Parts out of #Firefox, but you'll never know, if there's a #ZeroDayExploit out in the Wilderness.
This rules for EVERY Browser.

Eric Gerlach Feb 26, 2025

@sarahjamielewis Mozilla's decline and adoption of the tech broligarch thinking is such a sad story. We need exactly the opposite of the current tech world.

Proton is probably the closest thing to what Mozilla Corporation could have been. But even that is highly imperfect.

I'm just so tired… all of the time.

Ellie 🏴🏳️‍⚧️Feb 26, 2025

@egerlach @sarahjamielewis "Proton is probably the closest thing to what Mozilla Corporation could have been"

Oh, don't worry, mozilla wants to snitch too now

Eric Gerlach Feb 27, 2025

@31113 @sarahjamielewis I don't think it's possible to design an email product that works for people who have state actors in their threat profile. If you can be defeated by subpoena of your email metadata or by capturing email in transit, then email isn't the communication technology for you.

I never expected Proton to keep the contents of my emails secure. I just wanted them to not look at them and use them for data mining. I'm working on moving to another provider now. Not encrypted at rest, but again that was always bonus for me.

I would have happily paid Mozilla to be that provider.

"We're like Gmail, but we don't snoop on your email. Is that worth $5/month to you?" I like that pitch.

Would have been a smaller, dedicated crowd until now. But with the way Google has been going with their evil it could be a growth segment now.

Visikde Feb 27, 2025

@egerlach @31113 @sarahjamielewis
https://mailfence.com
They say things that sound right
https://mailfence.com/en/faq.jsp

Secure and private email | Mailfence encrypted email service

Mailfence is the only secure and private email service that gives you control. A free, interoperable encrypted email service protected by Belgian privacy law.

Mailfence

LukefromDC Feb 28, 2025

@egerlach @31113 @sarahjamielewis If you need to secure email CONTENT, first you need to install a GPG client like GPA (GNU Privacy Assistant. Your contacts do the same. Then generate your own keys and exchange PGP/GPG keys with those you are communicating with.

Then you can write your emails in your GPG client's text editor, encrypt them locally with the recipient's key using GPG, then cut and paste the cyphertext into an email and send it.

To read an email, cut and paste the cyphertext into your GPG client's text editor and decrypt it.

This is how SHAC (Stop Huntingdon's Animal Cruelty) handled high security email for years, including between US and UK campaigners. Neither the FBI nor any of the UK intelligence agencies ever cracked it.

Mind you they could see who talked to who. To block that using email requires a closed loop of emails that only talk to oneanother, not one linkable back to anyone's real name.

If metadata needs to be protected too (and it DOES these days!) you are far better off with Signal than with email.

Eric Gerlach Feb 28, 2025

@LukefromDC @31113 @sarahjamielewis I've been using GPG since the mid-90s. Defending against state-level actors is not in my threat model.

LukefromDC Mar 1, 2025

@egerlach @31113 @sarahjamielewis In my threat model major-empire state-level actors are the primary expected opponent. This is because of my role in some very hard-edge activsms. Google, Meta, and all ad networks are secondary opponents.

The latter are considered enemies due to the sale of information to data broker where it can end up on people-finder (DOXXING) websites or be sold to law enforcement,

bazkie 👩🏼‍💻 bitplanes 🎵Feb 27, 2025

@egerlach @sarahjamielewis hmyep.. the Proton CEO was recently rooting for the fascists in the US, so even that has gone sour.

man, the state of the world right now.

Marion Grau Feb 27, 2025

@bazkie @egerlach @sarahjamielewis can you give a source for that??

bazkie 👩🏼‍💻 bitplanes 🎵Feb 27, 2025

@marion_grau @egerlach @sarahjamielewis archived tweet: https://archive.ph/txuJ2 (andy yen == proton ceo)

huh, I was gonna link some reddit threads, but they have mostly been deleted. figures. also it seems the most critical comments are gone now, so it's not much use.

the guy himself also posted some responses to reddit, one under his own name, and one as "team proton" or something; but I kinda don't want to link to them if all the critical user responses to them are gone. but you can google them if you want I guess.

I felt his responses were "anti-excuses" of the type "I'm sorry you misunderstood my tweet", and felt more like he was doubling down on his opinion.

anyway, make of the tweet what you will :)

🐈‍⬛David Sommerseth Feb 27, 2025

@bazkie @marion_grau @egerlach @sarahjamielewis

Please give this one a good read .... https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e

Redditors managed to create a flamefest based on unbiased views on poorly understood topics, which went out of control when Proton PR folks didn't manage to clear up the confusion (something they're known to be quite capable of - making it way worse). Such flamefests are not that unexpected ob Reddit these days. We can hopefully do better here without going fully Reddit hyperbolic.

Does Proton really support Trump? A deeper analysis (and surprising findings)

Recently, allegations surfaced on Reddit that Proton (or at least Proton’s CEO) supports Trump. Hillary Keverenge from Tech-Issues Today…

Medium

bazkie 👩🏼‍💻 bitplanes 🎵Feb 27, 2025

@dazo @marion_grau @egerlach @sarahjamielewis I read the CEO's toots, and his 2 horrible responses to the criticisms. If you find my loathing at that hyperbolic, I'm gonna mute and block your ass.

So, I'm gonna mute and block your ass 😁

Eric Gerlach Feb 28, 2025

@dazo @bazkie @marion_grau @sarahjamielewis I already had my own functional issues with Proton, so this was just a "last straw" to me.

IMO, the original tweet isn't the concern. The doubling down, and "whitewashing" US Republicans because they're maybe okay on one issue is the concern. Saying that "right now Dems are bad because of corporate capture" is a concern. It misses the forest for the trees.

My response at the time (to the now-deleted Proton posts): https://hachyderm.io/@egerlach/113833185440686294

My post on Lemmy about it: https://lemmy.ca/comment/13913116

Eric Gerlach (@[email protected])

@[email protected] @[email protected] Unfortunately, there's a line beyond which it's not okay to view a political party through one issue, and IMO the Republicans have crossed that line. Privacy is a human rights issue. Republicans have signaled very strongly that they're going to violate more human rights. It's a net loss for privacy if that happens, even if big tech is a bit more restrained. I'm sorry @[email protected], you've failed this test IMO. It would be one thing to say that given that the Republicans are in power, that Gail Slater is a good pick, but that's not the stance you took.

Hachyderm.io

GutterPoetry Feb 27, 2025

@bazkie @marion_grau @egerlach @sarahjamielewis

I agree with your read on the situation. He said that republicans were looking out for the little guy and better for privacy than the dems. He also said trumps pick had a great track record (false). When called out he doubled down and only apologised for posting his personal views on a company account. I began transitioning from proton immediately.

I will not trust/associate with trump/MAGA supporters, asskissers or apologists.

apophis Feb 28, 2025

@GutterPoetry @bazkie @marion_grau @egerlach @sarahjamielewis even these comments might not have been a deal-breaker for me, but i left when (besides finding another email host that better fit my needs anyway thanks to discussions between people all trying to quit proton) those comments put two other things into a whole new context:

1. the way they recommend that you stay logged in on a trusted device as much as possible. complete total failure to recognize two of the biggest use cases for powerful privacy-focussed encrypted communications software (your device gets confiscated or you're on a shared device in an abusive relationship)

2. when they noticed an uptick in activity and their social media guy dismissively laughed that it turned out to be motivated by porn - like they've completely missed *all* the discourse around porn bans and free speech during and before the election

GutterPoetry Feb 28, 2025

@apophis @bazkie @marion_grau @egerlach @sarahjamielewis

Exactly, its not like theres no good alternatives, I guess it's just that we've gotten this idea that we need to have a completely interconnected ecosystem and buy into one company - google, apple, proton. I've learned that it's best not to do that. I now have different companies for password vault, email, email aliases, media storage /sharing, file cloud storage etc. More annoying to set up but easier to leave 1 if enshittified.

Greg Feb 26, 2025

@sarahjamielewis If you need UX design, prototyping and user research, give me a shout. Even if you just want to bat some ideas about.

( micro cv: since 1996, IBM usability & design on distributed & mainframe and Linux at home + home built IoT. Enterprise Design Thinking trainer & workshop facilitator)

1337 Feb 27, 2025

@sarahjamielewis Any reason not to choose LibreWolf? I switched to that months ago. I'd bet Tor Browser is more secure, but it's also a lot more inconvenient. I've also heard good things about Mullvad Browser, but it's ran by a for-profit company, so chose LibreWolf instead.

D K, verycyber Feb 27, 2025

@sarahjamielewis A safe way to look at these changes is to assume every Big Tech vendor wants to integrate everything with Palantir, and to make personal tech choices that obstruct that objective as much as possible.

Tyler Smith Feb 27, 2025

@sarahjamielewis

> Long term: It's time to really commit to building something better.

How does that happen? Mozilla used to be the answer to that, but it sounds like now we need a community/cooperative foundation supporting a hard fork of Firefox.

Is this something non-technical folks can contribute to, or do we wait and hope someone with know-how and resources kicks it off?

Tyler Smith Feb 27, 2025

@sarahjamielewis

> migrating my use of more complex web apps to a standalone equivs where available

That makes sense, but runs contrary to advice from @pluralistic to consider stand-alone apps to be webpages wrapped in DRM. Or is that risk mitigated by using FLOSS apps, I hope?

PuercoPop Feb 28, 2025

@sarahjamielewis any thoughts on servo as a long term alternative? Igalia has web browser expertise

DasSchaf Feb 28, 2025

@sarahjamielewis how about a non-tracking fork of Firefox like celenity Phoenix Browser? Its not as restrictive as Tor by not using maximum website anti-Fingerprint, so it can use UblockOrigin, >60 hz, darkmode..

ViktorShahter Feb 28, 2025

@sarahjamielewis I think some degoogled Chromium builds are not a bad choice.

Also, there's Waterfox tho I heard it was bought, Idk, need to check it out.

Tetrafester Feb 28, 2025

@sarahjamielewis I'm following this topic being a firefox user and slightly more than average tech/privacy-savy person and your point in using tor browser intrigue me but I always thought that the system on what TOR run is designed for very important use (dissident, whistle-blower) and a daily use would saturate it. Are things different, or changed, or simply I didn't get it right?

Sarah Jamie Lewis Feb 28, 2025

@tetrafester Tor relies on a diverse range of clients using it in order to provide anonymity, it is important that people use Tor for all kinds of situations in order to provide cover for those who really need it.

Tetrafester Mar 2, 2025

@sarahjamielewis that's something I really didn't take into account. I suppose then only streaming and other bandwidth-heavy use are not adviced.

andy Feb 28, 2025

@sarahjamielewis if you're a Gnome user and can live without plugins etc, Gnome Web (Epiphany) is pretty good. It also has webapp support, so you could maybe bundle elk.zone for Mastodon.. (nicer than Tuba?). Qutebrowser is also pretty cool, but it's using Chromium, hence untrustworthy (imho). Servo looks promising, but it's highly alpha. FWIW, I ruled out Firefox a long time back because it's a Google funded project (hence no PWA support?).

Ela Feb 26, 2025

@sarahjamielewis Well, fuck.

My camera shoots fascists Feb 26, 2025

@andreasdotorg @sarahjamielewis

"What are 'the two words that best describe the current outlook of anyone paying attention?' for $1,000."

Shawn Webb Feb 26, 2025

@sarahjamielewis I wonder if #LadyBird might gain a few more contributors through this #Firefox fiasco.

@lattera @sarahjamielewis It just did. I donated specifically because of this.

libUnderseaMonkey.so 🇪🇺Feb 26, 2025

@lattera @sarahjamielewis Seems possible...

90s Script Kiddie Feb 26, 2025

@sarahjamielewis This project might be worth paying attention to:

https://github.com/LadybirdBrowser/ladybird

GitHub - LadybirdBrowser/ladybird: Truly independent web browser

Truly independent web browser. Contribute to LadybirdBrowser/ladybird development by creating an account on GitHub.

GitHub

yumaikas/sakiamu Feb 27, 2025

@90sScriptKiddiw @sarahjamielewis

It's worth mentioning that the Ladybird devs considered a PR that changed pronouns to be "introducing politics we don't want" last year.

Doesn't mean that it's not worth keeping an eye on, but I'd watch the politics and/or for a well-resourced fork.

90s Script Kiddie Feb 27, 2025

@sakiamu @sarahjamielewis Oh that sucks, any alternatives that don't consider basic inclusiveness to be a problem? :|

yumaikas/sakiamu Feb 27, 2025

@90sScriptKiddiw @sarahjamielewis Closest thing I've got right now is Firefox forks. Folks elsewhere in the thread might have ideas

Orca 🌻 | 🎀 | 🪁 | 🏴🏳️‍⚧️Feb 27, 2025

@90sScriptKiddiw @sarahjamielewis This just surfaced through my timeline:
https://corteximplant.net/notice/ApfcIs0ZOjNHy6bx6e

violently gay :sterntastatur: :hex_non_binary: (@[email protected])

racist conspiracy theories by ladybird dev

CORTEX IMPLANT

aproitz Feb 26, 2025

@sarahjamielewis

Remember the #RollingStones:
You can't always get, what You want -
but if You try sometimes,
You get what You need.

Use #Opera - it's good !
Unimaginable, what Work and Money it would cost, to maintain a complete Open Source Browser. Ask the #Debian #Community, for #Example, why they will not develop one. You can see a bit in the #Tor - Browser, what it takes to achieve this. It's #Firefox too, but it's the best, you can get so far. Or use #Lynx, a #Text Browser.

veetee Feb 27, 2025

@antonproitzelhaimer Opera has weird ties with crypto nonsense IIRC... same with Brave.
@sarahjamielewis

sqrt(-1)Feb 26, 2025

@sarahjamielewis I suggest LibreWolf on desktop [1], and IronFox on Android [2]

1- https://librewolf.net/
2- https://ironfoxoss.org/

LibreWolf Browser

A custom version of Firefox, focused on privacy, security and freedom.

Helle, Queen of Dissociation

@sarahjamielewis Mozilla should NOT have any data that law enforcement could use..... that is a great way to go in the more and more fascist world, if you don't have the data you can't hand it over.....

lupus_blackfur Feb 26, 2025

@sarahjamielewis

Pfft...

Bunch of lawyer-speak drivel designed to obfuscate that Mozilla has simply decided they can't ignore the cash they stand to gain from having more and more data to sell.

Joining Google on the ad/data sales evil side.

🤦‍♀️🤷🫏🤡🖕

Saphkey 🕊️Feb 26, 2025

@lupus_blackfur @sarahjamielewis
Baseless speculation. When we hear of them selling users' data without their consent, then you can doompost all you want.
Trolling used to take more effort.
🤦‍♀️🤡🖕

lupus_blackfur Feb 26, 2025

@saphkey @sarahjamielewis

🤣😂🤣😂

Expected response from a bio that specifically expresses "enthusiasm" for Mozilla...

🤷🤷

Saphkey 🕊️Feb 26, 2025

@lupus_blackfur @sarahjamielewis expected response from a furry who apparently hasnt ever heard of something as standard as a terms of use agreement.

lupus_blackfur Feb 27, 2025

@saphkey @sarahjamielewis

🤣😂🤣😂

Bye.

ViktorShahter Feb 28, 2025

@saphkey @lupus_blackfur @sarahjamielewis https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e

Tos copy updates (fix #16016) (#16018) · mozilla/bedrock@d459add

* ToS copy updates (fix #16016) * Apply suggestions from code review - copy change Co-authored-by: maureenlholland <[email protected]> --------- Co-authored-by: maureenlholland &lt...

GitHub

Saphkey 🕊️Feb 28, 2025

@ViktorShahter @lupus_blackfur @sarahjamielewis pedantic. they were already selling your data before. When you use the default Google search engine built-into Firefox, with search suggestions on, the search is routed to Mozilla, which then anonymizes the request and forwards it to Google.
Firefox gets money from Google for having them as the default search engine.
They were already selling that data to Google.
Nothing has changed.

ViktorShahter Feb 28, 2025

@saphkey @lupus_blackfur @sarahjamielewis so... They clearly "promised" to never sell our data and still did? Wow, so honest of them.

Saphkey 🕊️Feb 28, 2025

@ViktorShahter @lupus_blackfur @sarahjamielewis Thing is that it's kind of in the gray area.
It depends on how you interpret it.
Removing the "we dont sell your data" saves them from this gray area that has already been a thing for ages.
Mozilla being a middle-man between Google and you for search-suggestions is supposed to be a good thing for the user. It anonymizes you to some degree because Google wouldn't get your IP.
But because Mozilla gets money for making Google the default search engine, it can be interpreted as them selling your data.

AndroidDreamer Feb 27, 2025

@lupus_blackfur @sarahjamielewis yep
https://www.mozilla.org/en-US/privacy/firefox/#how-is-your-data-used
One is right there: "To serve relevant content and advertising on Firefox New Tab".
Now, does it mean that they are selling it to third-party actors? Maybe not. Will they? Reasonable question.

Firefox Privacy Notice

Mozilla