Mastodawn

Shravan Ravi Narayan Mar 5

I've been seeing a lot of comments online about how browser telemetry is just a way to spy on users and we never actually use it, and it provides no value.

We can debate whether you think someone (Firefox or otherwise) overcollects telemetry, or doesn't collect it in a privacy-preserving enough way. And you should be able to turn it all off, for any reason.

But it's been instrumental for me, personally, to ship multiple security improvements to Firefox - and I'm just one of hundreds of developers. I wrote up some more here: https://ritter.vg/blog-telemetry.html

telemetry helps. you still get to turn it off - ritter.vg

Tom Ritter's personal homepage, where he rambles about tech-related topics.

Cassandrich Mar 5

@tomrittervg It doesn't matter how useful you think it is. It's still unethical and wrong.

I could go through your examples of "Concrete wins from Firefox Telemetry" one by one and detail how each should and could have happened just as smoothly without telemetry, using normal, ethical means like paid QA, voluntary reporting by power-user early-adopters, etc.

But I think this misses the point. You don't get to decide that having telemetry on-by-default (even with an way to opt-out) is acceptable just because you think you think it produced immensely beneficial results.

@dalias @tomrittervg the telemetry has also been used as an excuse for removing functionality (e.g., pure ALSA audio support), ignoring that those most likely to have telemetry off are those that are smart or technical enough to remove pulseaudio

Cassandrich Mar 5

@wyatt @tomrittervg Yes, this is a really important point that's often overlooked. Telemetry harms EVEN FOLKS WHO TURNED IT OFF by prioritizing the measured wants/needs of users who left it on over theirs.

@dalias @tomrittervg in the bugzilla page i'm remembering users explicitly were blamed for having turned it off (things like "if you want your voice to be heard leave it on")

Cassandrich Mar 5

@wyatt @tomrittervg Was "what sound backend you're using" even ever documented as part of what the telemetry was spying on? How were users supposed to know that?

@dalias @tomrittervg even if they were told it's like saying "the demolition plans for your house were on display in your local planning office for the last nine months" while in fact: 1: no one goes to the local planning office on a whim. 2: The plans were on display in the cellar, with the lights out, stuck in a locked filing cabinet in a disused lavatory with a sign on the door saying "beware the leopard."

@dalias @tomrittervg https://bugzilla.mozilla.org/show_bug.cgi?id=1345661
the funny thing:
> "I knew it would be an unpopular decision. However I'm a big believer in focusing our efforts. Pulse Audio and ALSA are a duplication of effort because they run on the same hardware and operating system. ALSA was costly to maintain and the time we save can be better spent elsewhere. If people file bugs against Pulse Audio then we could fix them."
But if you support alsa you also support pulseaudio systems for free, whereas the other way around you just disenfranchise people

1345661 - PulseAudio requirement breaks Firefox on ALSA-only systems

RESOLVED (nobody) in Core - Audio/Video: Playback. Last updated 2023-04-01.

@dalias @tomrittervg
found it
> "Telemetry informs our decisions. Turning it off is not without disadvantage."

@dalias @wyatt @tomrittervg you should implement telemetry in musl so you can drop support for unpopular syscalls /j

Cassandrich Mar 5

@eloy @wyatt @tomrittervg 🤣 🤮

I seriously thought about turning Firefox telemetry on for a while so they could see that I was disabling all their AI slopware. Then I realized doing so would be tacitly cosigning this idiotic behavior

CC: @[email protected] @[email protected]

@wyatt @dalias @tomrittervg removing support for alsa made me sad.

@bakachu @dalias @tomrittervg removing alsa made me start compiling from source and eventually just maintaining a fork with other stupidity reverted

the "I bet you don't seed your torrents either" turns this from a good-faith argument for telemetry into an attack.

my opinion remains that any ethical goal which can be achieved with telemetry can be better achieved by having an actual relationship with users. I have yet to see an argument that isn't rooted in some informal fallacy or another -- in this case, appeal to consequences.

CC: @[email protected]

Tom Ritter Mar 5

@khm I'll accede that bit; I removed it.

Frederik Braun �Mar 5

@khm @dalias @tomrittervg how would you maintain an actual relationship with hundreds of millions of people, many of them not speaking English?

very well, thanks

CC: @[email protected] @[email protected]

@freddy @khm @dalias @tomrittervg You personally don't need to.

You can maintain a relationship with some of them (particularly, the ones that care to), and if many of the devs do the same, then a plurality of voices can be heard (other avenues for user input are also possible). (There is also the degrees of separation thing.)

Besides, you should learn more languages than just English. While not useful for writing (actually, if you're writing mute characters it's still useful but that's not what I meant), everyone that can should learn Sign.

Six degrees of separation - Wikipedia

F4GRX SÃ©bastien Mar 5

@dalias @tomrittervg yes, this

William D. Jones Mar 5

@dalias @tomrittervg (What about telemetry off, opt-in? I have exactly one piece of software I wrote where telemetry would be useful. But I'd never make it on by default.

That being said, I found out very quickly that said software basically "only works on my machine", so I'd need to add lots of tracing and ask ppl to run it. I shouldn't have released it :'D...

https://github.com/cr1901/swmon)

GitHub - cr1901/swmon: Small command-line tool and GUI to switch monitor inputs from command line

Small command-line tool and GUI to switch monitor inputs from command line - cr1901/swmon

GitHub

Cassandrich Mar 5

@cr1901 @tomrittervg Off-by-default, opt-in is maybe ethically okay, but I still don't like it, because nobody really understands enough to evaluate turning it on, the scope of information that might be included. As a programmer, I don't even want people's core dumps. I don't want the risk of seeing something I wasn't supposed to see, or even that contains something illegal.

William D. Jones Mar 5

@dalias @tomrittervg I guess when I go and work on this again, I'll send out a request for ppl to try it on their machines and send me the log output.

I don't want to collect more than I have to, but I'd at least need to know the monitors attached to your machine, and which cable.

... Isn't VESA/DDC supposed to avoid me having to know this shit?

@tomrittervg I used to have telemetry enabled, your CEO announced that Firefox is becoming a modern AI browser, I disabled telemetry.

FWIW, I think that telemetry is a way to help developers, but the question now has become - do I even want what the developers want to build?

I think there needs to be an underlying sense of trust the users have for the developers, and I'd say trust was a lot higher back when all this stuff was opt-in.

@tomrittervg I admit that I am biased in respect of Mozilla software, but across all different open source platforms I use, I recognise that providing anonymous usage data that helps improve the product and drive any project fotwards is a small effort considering how little I have paid for the software to start with.

Wladimir Palant Mar 5

@plwt @tomrittervg While I don’t really disagree: it’s pseudonymous, not anonymous. Mozilla chose to implement the former, not the latter, and it’s a very significant difference. I’ve hated this ever since I found out a decade ago.

@WPalant @tomrittervg (Do not quite know the difference, had a challenging and unpleasantly serious day and those are very long words.)

Wladimir Palant Mar 5

@plwt The difference: anonymous data has no identity attached to it. Pseudonymous data has an identity attached, it merely doesn’t map to a real name (at least not without effort). Mozilla telemetry has been using random user identifiers, probably since its very inception, so it’s possible to isolate all data coming from the same source. Which has certainly some advantages for the developers, but it’s also a significant privacy risk. With the amount of data collected by telemetry, it has to be assumed that user’s identity can be reconstructed for a significant number of users – if somebody were to take interest in that data.

it's none of your business what happens on my computer unless I decide to tell you. "we're taking it unless you tell us not to" is entitlement speaking and writing a thousand words trying to make me feel bad about denying access changes nothing