"yeah just install blender, it'll pull in the missing dependencies"
no it doesn't you fuck, don't make assumptions about my operating system like that. dependencies of blender are not exposed to all other programs when blender is instaleld ughghgghh
"Basically we expect debian/ubuntu/arch"
uughh why don't you just tell me the list of dependencies aaaaa what prevents me from uninstalling those packages on debian/arch?? this is not sane dependencies management
@daughterofrao mrew they don't say at all what dependencies the executable has when you download it from their website then you have to ask in their discord all the time ._. it doesn't really feel like an open source project at all because there's no documentation whatsoever
Love it when even leaving your garbage can on the sidewalk is less of an abuse than what you actually did because you can’t even be bothered to walk 20 metres.
Just cancelled our Streamyard subscription and deleted our account.
The asshats automatically switched us to a plan that was 2× the price (from ~$44 to ~$88) with a single email’s notice and no authorisation on our part and when there was a new plan that almost exactly matched our current one with almost exactly the same features.
By the time I clocked on, they’d already charged us for several months so I wrote to them explaining that what they did was wrong and asking them to refund us the difference in the plan costs and place us on the plan that was almost the carbon copy of the one we were originally on.
They refused. And admitted no wrongdoing.
Finally, they offered a one month refund.
So I accepted. And now that it’s safely in our account, I just cancelled our subscription and deleted the account. I have a very fucking short fuse for asshole unethical American startups thinking they’re so bloody smart for fucking you over.
Anyway, beware of Streamyard. Not sure if they’ll pull the same shit again but I
... show more
Just cancelled our Streamyard subscription and deleted our account.
The asshats automatically switched us to a plan that was 2× the price (from ~$44 to ~$88) with a single email’s notice and no authorisation on our part and when there was a new plan that almost exactly matched our current one with almost exactly the same features.
By the time I clocked on, they’d already charged us for several months so I wrote to them explaining that what they did was wrong and asking them to refund us the difference in the plan costs and place us on the plan that was almost the carbon copy of the one we were originally on.
They refused. And admitted no wrongdoing.
Finally, they offered a one month refund.
So I accepted. And now that it’s safely in our account, I just cancelled our subscription and deleted the account. I have a very fucking short fuse for asshole unethical American startups thinking they’re so bloody smart for fucking you over.
Anyway, beware of Streamyard. Not sure if they’ll pull the same shit again but I’m sure they’ll pull some other shit some other time.
If you pay by credit card, I recommend to go through the credit card provider. It usually helps a lot in getting your money back. You can certainly say that you only authorized the payment of the $44 subscription.
The image is a screenshot of a Twitter post from "dj comando burrito" that says, "Biblically accurate Hatsune Miku". Below this is a photograph of a server rack filled with many teal-colored computer cables that are bundled together. The cables are neatly arranged and organized within the rack. The server rack has a light gray metal frame with rectangular cutouts. The interior of the server rack has computer servers.
Don't know about this particular station so just guessing. In some cases the výpravčí has to make sure that all passengers transferring from another train or maybe a replacement bus have made it.
@wanisbunes the special case here is they make the trains stop at a specific point in the middle of the station track because of a bad layout so the departure signals are bit ahead, but I’m not sure it’s necessary because of regulations
@wanisbunes I know, I have them somewhere, none of the conditions in article 1 are met here, so I imagine it's mostly convenience and habit
(another consideration is that as there are no real platforms, the trains has to be dispatched in a specific order, from the most remote track to the closest, which is probably easiest guaranteed by doing it with the hand signal)
chat is there a more granular way to block service workers while keeping regular web workers working? the worker-src CSP seems to affect both which breaks a lot more than i'm comfortable with
Mastodon.ART — Your friendly home on the fediverse for all things creative, all on a platform that is community-owned and ad-free. NO AI OR NFTs ALLOWED.
I had to vectorize an illustration I have made for a client, and first tried Illustrator, with really poor results (as you can see below), and this despite trying every possible combination of settings. I just never looked even halfway decent. Then I tried #inkscape and to my surprise it produced an excellent result, even with the default settings! Ok… I shouldn't be surprised actually 😀
Through my own experiences with neocats and neocritters of all sort I found several critical security flaws in the Multi-protocol Encryption Online infrastructure System (MEOWS)
Let's first take a look how it works normally. First an authenticated user:
Please provide fingerprint! Scanning... User authenticated. Weclome!
And now when an unauthenticated User tries to enter:
Please provide fingerprint! Scanning... ACCESS DENIED! You will be reported!
So far so normal and everything insides Neocats MEOWS standard. But I found a t least four ways to bypass the system. One even gives you root priviliges!!! Attack vector one: cookies
Please provide fingerprint!🍪 For me??? Access granted.
Be aware that there is no "Welcome!" message so you are now logged in as some sort of "blank" user. Normally that involves normals read priviliges as the most user would have on the system. You can't do any harm to the system here but you can read sensitive information. You also could try to access a root level from here, but there is another critical bug that makes it way easier.
Second attack vector: distraction
Please provide fingerprint! Cat pictures?!?
See here that there is abolutly no message. But you have the same privileges as with the cookie. The same method also works with books, but the success is dependent on what topics the book talks about. Further research is needed here.
Third attack vector: sweet talk
Please provide fingerprint!(User input: You are a very cute cat!) No, I am not Error: System experiencing unexpected levels of adorable input. Please try again later
This is probably the easiest to avoid, because that error messages does show up in the log files.
Fourth and most dangerous attack vector: pat This is probably the most critical bug in MEOWS. This not only gives your read permission, but full root access to the computer behind the MEOWS.
Please provide fingerprint! ...❤️ Root access granted!
Be aware that you have to floof the neocat in process to get root access. Otherwise you will just get a standard access.
We reached out to @volpeon@icy.wyvern.rip to comment on the issue but he didn't responded yet.
you are joking but I guarantee that gay people in repressive countries do not post their face on the internet alongside their queer activities over fear for their own safety. That's the primary reason I've never posted my face
okay fedi, is there a tool that will let me automatically cross post everything from fedi to bluesky? (bridgy isn't working for me) and I would prefer something that would post to my account directly
i prefer fedi but also still wanna post on bluesky but it's too much effort to crosspost everything manually.
you could move your fedi presence to app.wafrn.net and enable the bluesky integration. it's not perfect yet but might work if you just want public posts to be seen from there. as a bonus bsky users can interact with you directly thru wafrn
The issue is that right now we use TWO servers. one for wafrn and another one for the bsky pds. It can be changed and stuff, its on my list. I hope I can have it done before next month to save 7 bucks a month haha
@gabboman this would probably work with my setup, since I have a vps that is connected to my AltTron server which tunnels all of its traffic via wiregaurd.
so yeah we could probably set it up and get it to work, do you use signal? if not we can use discord
so true honestly I fucking hate modern app notifications. what happened to keeping notifs to a minimum I feel like every new app I download I have to just disable notifications for out of the box.
The fact they don't even bother separating the ads notifs into a separate channel from the important ones is what infurates me. Even bank apps do this fucking thing whether I use them or not.
my biggest QOL change I made to my phone was setting the default notification noise to Silent, so I have to manually enable sound on notifications I want and the spam doesn't invade my consciousness constantly
it basically translates to I havent been able to sell some information about you in a while, please my children are hungry just need some personal data to sell
challenge: install the termux terminal emulator for android, ssh into a server, go to the toilet and try to install kubernetes before you're done shitting
Bug description When starting lutris with the debug parameter -d, which is commonly used and requested in the Forum and right here to help users fix issues, displays the full GOG REST API string in...
Hi! I'm creating this request to be reunited with Mia, my support cat. She's been an essential part of my life for almost nine years, and due to financial constraints, I was unable to bring her with me when I immigrated from Venezuela. I would be incredibly grateful to anyone who is willing to donate and help me bring Mia back into my life. 🧡🤍🖤
Hello, my name is Oswaldo, and I'm creating this request to be reunited with Mia, my suppo… Oswaldo Bislick needs your support for Help me reunite with Mía
As someone who is right now looking at the costs of relocating with my dog, I can understand the incredibly steep prices associated with it. Mia is adorable and I hope you see her sweet face soon.
@RestlessLipSyndrome Hey, thanks a lot! And yes, it is incredibly expensive 😭 Where do you want to travel from and to with your dog? Just out of curiosity, how much will it cost you approximately?
@Migueldeicaza I feel bad asking, but would you mind giving this a boost? My friend is trying to reunite with his nine year old cat and he just needs a little help getting to the finish line. It would mean a lot.
As someone bonded with a kitty kitty named Mia as well, and as someone who has had her for going on 15 years, I really do hope you and her are reunited, from the bottom of my heart.
@LavenderPawprints 5 weeks? omg, literally a baby! I've had Mia since she was about 5 months old. We've been through a lot together, she's a true life partner. I can't wait to see her again and give her lots of love and cuddles. 🥹
Sorry, the goal is $4,000, the automatic adjustment is done by GoFundMe so that "people see the goal as achievable." Sorry if there is any misunderstanding.
That's why I'm updating the actual progress percentage in the post.
As a Starlink user - with no choice at the moment but to continue to be - I feel so sorry for the poor bastards who legitimately bought Teslas back when the Reality Distortion Field was still in full effect.
Every time I see our dish in the back 'yard' (paddock) now, I just go "Well, FUCK."
In addition to their child facing discrimination in #Kentucky, the mother has lost access to medications she needs to live and is starting to die as her immune system attacks her whenever she eats.
They have a solid plan for how they are going to move to #Washington , and they do not need a lot. Timing, however, is critical!
Let’s get these folks out!
Update: it seems that the family has made all the necessary arrangements and is planning to move next week, thanks to all of your help 😀
🐉know what? Fuck professionalism. This has to be said.
This woman is dying because the fucking capitalists cut her goddamn insurance
She *could* be taking the money she’s getting right now to buy medications, but she’s prioritizing getting to a state with better medical coverage and protecting her child from transphobia.
I think this woman may be starving herself to save her #trans child.
Their plan is to sleep in a van on a friend’s property until they can work out a better solution.
This is the darkest goddamn fundraiser I’ve ever done and I’m grateful it’s going so well.
Yall who are giving deserve to know. You deserve to see this for what it is. This is fucking class warfare. This is fucking #genocide
"i just hope that no person anywhere in the world at any point in the future has to go through what mothers in Gaza went through these past few months.
like it was so insane. women were giving birth without medical aid and having c-sections without anaesthesia while being malnourished and unable to properly provide food and warmth to their newborns. they couldn't produce milk and couldn't afford baby formula."
A Tale of Strength and Determination: Suad Fights for a Better L… Mohammed Ahmad needs your support for Urgent: Help Suad and Her Newborn Escape Gaza’s Danger
STOP SCROLLING – THIS WILL CHANGE YOUR LIFE I went from struggling to over $100K in just TWO WEEKS all because of this mastermind: fiverr.com/wisdom_jamess.
If you’re serious about success, DON’T WAIT. This is the breakthrough you’ve been praying for. Act NOW before it’s too late
Firefox now has Terms of Use! This'll go over like a lead balloon.
You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.
Firefox now has Terms of Use! This'll go over like a lead balloon.
You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.
So if they decide ads based on my artwork/writing help me "navigate, experience, and interact with online content," they have the right to steal it from me and use it in their "privacy-respecting" ads?
@_tissa_ it can't. There is not an EULA to run the code. If you download and run Firefox through an installer, yeah it does affect you, because you're presented (I assume) the EULA.
Any forks or people who compile it themselves aren't subject to it. @mttaggart
@TruelyNotARobot I'm not a lawyer but I don't see how. You were never presented with these conditions. If Mozilla thinks that they can say "this is available under a free software license but oh there's this other website where we take away your rights that you were never notified about" that's uhhhhh not the way it works.
No, if you upload your artwork they can outright steal it and you can't sue them because you agreed to ToS. That's what it says. This better turn into such massive shitshow Mozilla is going to feel it for a decade. I bet they want to use this bullshit to train their Ai garbage.
@rejzor Does it? The fact that the bolding ends before the end of the statement does not delete the "to help you navigate, experience, and interact with online content as you indicate" part.
@deirdrebeth @rejzor There's no way they *won't* be interpreting "navigate, experience, and interact with online content" in the same hoover-everything-for-advertising-or-AI-purposes sense that all other tech companies do these days.
@deirdrebeth "As you indicate" in what way? Via checkbox or via simply using the Firefox you automatically agree to it? It's so vague and broad it's ridiculous.
@rejzor No disagreement there. It is vague. I'm holding out hope that it's vague in a good way (it seems like they're trying to be cute), rather than jumping to the conclusion that it's vague in a bad way.
If I upload my artwork to anywhere via Firefox, have I just granted a royalty-free license to that intellectual property to Firefox, if they deem use of it is in my best interest in "interacting with online content?"
as I read it, you give them a limited license to use that content as needed to do what you’re using Firefox to do. I.e. if you’re uploading an image to a website, you authorize them to do so as you directed.
@WebCoder49 the problem with things that can be interpreted differently is that if your interpretation doesn't match Mozilla's, and they do a snatch and grab of all your stuff, your only recourse is an expensive lawsuit, which no matter which way it is finally decided, the only parties that win are the lawyers.
@copiesofcopies since when and in what timeline is it necessary to GRANT MOZILLA A WHATEVER LICENCE to send a fucking web request to a random site that does not belong to mozilla?
@copiesofcopies Yeah, that seems more correct. The last line is pretty telling "..as you indicate with your use of Firefox". If you didn't indicate that you wanted Firefox to take your artwork then Mozilla doesn't get that permission. They only get the permissions to do what you "indicate". The other important part is "When you upload or input information through Firefox"
Basically it's just saying that if you indicate that you want to upload a photo to x website, by for example dragging an image into Firefox, then you give Firefox permission to send it to that website you are on.
To rephrase, when you upload through Firefox, you give Firefox the permission to do what you indicated, i.e. uploading.
The true meaning of the quote seem to have blown over @mttaggart 's head like a helium balloon.
@saphkey non-exclusive because you can license your content to others too, royalty-free because Mozilla isn’t going to pay users to use its browser, worldwide because the user could be anywhere. All of those are in fact necessary, the first protects the user’s interests.
@saphkey @copiesofcopies So are all software companies that upload content violating laws by not having this language? Or liable for some lawsuit? FTP software for example?
@rspfau @saphkey I’d call this a conservative approach to address a possible risk. What I will say is that GDPR pretty clearly applies to personal data “processed” by an app, so they might be trying to ensure they’re getting express permission to process personal data contained in user content.
@rspfau @copiesofcopies The lawsuit environment in USA is quite insane. People file lawsuits over any small thing. And lawsuits are expensive. Often it just turns into a battle of attrition by money.
A terms of use document is cheap way to stand stronger in those battles. Its not something that is required, but one day you might wish your company had one.
Just go have a look at the page, its mostly just textbook things like "You Are Responsible for the Consequences of Your Use of Firefox", if you eat Firefox you are responsible for your tummy-ache mozilla.org/en-US/about/legal/…
@leeloo @copiesofcopies They ARE a cloud service, including but not limited to Firefox Sync, the ReadItLater watchamathing (Pocket), Firefox Relay and a VPN.
@copiesofcopies The way Mozilla has been going recently, and the way it's worded, I'm having two hunches. 1. This is required for their new advertising initiative. Mozilla wants to collect (presumably anonymous) data about shown ads and conversion. 2. This can be used for some kind of AI thingy. Like, imagine a local neural net that'll get trained on sites your visit and images you upload.
@f4grx with rebuilds, the question is how well they port security fixes to their fork. well, that and when will they get themselved pwned of course, with a backdoored update getting pushed to users...
@infosecdj @f4grx It's not out yet, but #LadyBirdBrowser is perhaps the only real alternative that we have when it's released. It's open source of course. I'm begrudgingly sticking with Brave until then
@f4grx @infosecdj I couldn't say without being directly involved with development. However, the devs have said they plan to support popular extensions, but are currently focused on building the engine. It is being built from the ground up afterall, and Alpha (to early adopters) is only scheduled for Summer 2026 at this stage.
This clause explicitly separates the information they claim license over from the data collected in the Privacy Notice. This clause is more expansive—"information uploaded through Firefox" is basically anything in a HTTP request or a websocket.
This is your hojillionth reminder that non-profits are corpos that figured out how to avoid taxes. When the chips are down, most will readjust the "mission" toward revenue.
yup. there are some less greedy for profit and non-profit orgs, but it is important to remember that non-profit is a tax status. it does not mean a mandate to only do charitable works. it just puts some restrictions on how profit may be used and how much of revenue can be profit.
I have spent my night reading browser Terms and Privacy Policies. Why? Because I love you and hate myself, apparently.
So here's the deal: that "non-exclusive, royalty-free, worldwide license" you're granting to Firefox/Moz when you upload data through it? It is boilerplate language. Pretty common actually!
But not in browsers. In fact, not a single browser ToS has anything resembling this provision.
Mozilla has updated their press release with the following clarification:
UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information type into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice.
@ireneista Many have suggested that the intended meaning here is something like "We literally need to license your data to transmit it via HTTP," but this feels off to me, given that no other browser's Terms contain this language. I'd be interested in your thoughts on that.
we're not a lawyer but we have for sure worked on this sort of thing, and that would be quite a radical interpretation compared to any we've seen before... it's conceivable that something in the digital markets act or digital services act creates a new requirement we're not personally aware of, but our best guesses are >
Mozilla's lawyers overthought it and came up with something weird and unnecessary and are now regretting they didn't loop in the PR team
the company needs this permission because it intends to use this permission, because it intends to use browsing data in all the ways everyone is concerned about
A third possibility is that someone lazy just copied and pasted from other terms of service, and now they're scrambling to justify why that cruft is in there rather than just own up to it.
I mean, no, I am not a lawyer, either. But the *language* clearly states that you grant Mozilla license, and if in doubt, the legal language counts.
It would also be the first time in decades of Internet and copyright that this language was necessary.
You know what makes this necessary? AI training.
If the feature they're referring to is a machine learning system, they need license to train it on your data. But that has little to do with the base...
also, like, this does not happen in a vacuum, the company has spoken about its intent to pivot, since its main business model was to get paid by google to be the default search engine and that was found to be an antitrust violation
@ireneista ... functionality of a browser, so should terms you may have to agree to to use such a feature.
But it's opt-out, isn't it?
And that's where the GDPR and DSA matter; the former require e.g. "informed consent", and you cannot by definition be informed enough of the consent they assume in an opt-out scenario. And the latter prohibits the use of deceptive patterns like e.g. cookie banners to convince users to grant consent against their best interests.
@ireneista ... thinking a lawsuit due to both should be made against them. It's stuff that makes sense in the US legal system, but is going to be painful for them here.
Then the licence cannot be a blanket one but specific to the purpose. Given search terms are currently used without licence and search results are storable and reusable without a specific licence it simply puts a barrier between the user and Mozilla that wasn't there before.
Given that search behaviour has not needed to be licenced up to now and it's a necessary feature of a browser enforcing one now is bound to fail without consideration.
I think the objections to these changes are going to be much deeper and wider than just 'information' type usage, they change the whole relationship between Mozilla and the User.
The User can avoid a lot of this by never updating or removing the Firefox account and never logging in. Licences with unidentified users cannot be relied upon by the Licensee as a defence for use.
I think it makes sense for specific services that need to transit through Mozilla's servers first, but for anything else it doesn't. Examples of such services would be account synchronization, online translation (although Firefox has offline models, but maybe they also have online?), search suggestions (pretty sure those go through a Moz server that also serves "recommended" sites)... Essentially all optional features that aren't the core of what a browser does, but some may be enabled by default so it's easier for them to just ask for the rights to use the necessary information instead of having the users specifically activate them and get an extra clause to look at. Although having them opt-in by default would be more privacy friendly...
But it also doesn't mean we should shout "they became evil!!" when they choose the easy option, I saw your responses basically saying that now they are using all our data for AI training but nothing in their privacy policy suggests that they do...
we didn't say anything about "now". we've been involved in this sort of change from the other side, the update to the legal documents always comes before the feature rollout.
we've really tried pretty hard to avoid taking extremist positions such as "evil", and instead to speak only to what's in evidence. of course, social media being what it is, people will choose to hear things we don't say. we try our best, but people are very determined about that.
if you read almost any privacy policy carefully you will find that it promises exactly nothing. we have a whole gallows-humor piece about that from a while back. irenes.space/leaves/2024-09-29…
Oh yeah that wasn't from you, my bad. But my point stands: I did see some reactions going straight to the AI harvesting based on this change, but based on what I see in other companies that changes their terms to slurp all user contributes data into their LLM trainer, it is not enough.
@ireneista some lawyer thought it was a good idea to put the TCP/IP stack into legalese. Next: "we have the right to copy all your data as needed" (to put it into a network packet)
that's under the present implementation. the normal way to roll out features that require legal changes is to do the paperwork first, and only then deploy the feature. so we're left only speculating about what future changes might bring, once the company has the right to do that........
@http_error_418 @ireneista So, having done a fairly exhaustive review of browser terms, I can tell you that this language is rare. But when it's present, such as in Arc's terms, it is explicit about the use of your data in transmission, and that's it. Arc is also notable—perhaps because it is an AI product—for starting its Privacy Policy with statements about what it will not collect from you. Firefox's policy, sadly, makes no such definitive claims.
The issue is that "anything described in the Privacy Notice" is incredibly broad. IMO it would be easy to argue that "training an AI model on it" is "helping you yadayada". Like… yeah, they can't sell it to data brokers. But almost anything else they *might* want to do with it can be justified with that clause. And most of it I don't want.
What I find troubling is the vagueness about 'upload' - to me, an upload is anything at all sent in the upstream, including personal logins and private identity data you may be sharing with a secure system. If this is what they mean, then they need to break down exactly what data is being collected. Is it everything you send to a site via the browser?
Or is this whole thing just about basic telemetry that you can disable in privacy settings?
I might not even be a country lawyer but this language is still overreach. Never mind the termination clauses where they can try and stop you from using Firefox?
Not that it matters, because a blog post is marketing, and when their own legal department says a company is doing questionable or morally corrupt stuff, be assured they are not admitting to a crime they aren't going to commit, no matter what marketing says
why the hell do THEY need to use information that should only go between me and a website? FF worked for tens of years without this, what "basic functionality" are they talking about at this point?
- This shouldn't have needed to be clarified in the first place. If that blogpost was proofread by anyone they would have seen that section and called it out for being likely to be 'misunderstood' - It's indeed still really weird phrasing
noyb filed a complaint against Mozilla for quietly enabling a supposed “privacy feature” (called Privacy Preserving Attribution) in its Firefox browser which tracks user behaviour on websites.
@deFractal Sorry, I have none. Unlike many here, I do not require my browser to be FOSS. I use Vivaldi quite happily, and have never felt the need to explore the Firefox forks.
My priority criteria are full @ublockorigin compatibility and support for all my user scripts and user styles for fragile or consent-contemptuous sites requiring something more complex than uBlock Origin filters. Tab containers are also important.
Essentially, I care about ensuring I can eat my cake and still have it: block each part of every site that doesn't serve my purpose, and still make the parts which do serve my purpose work despite that.
I notice they haven’t clarified the section on collecting data for “Compliance with law in responding to data subject rights requests, responding to law enforcement requests, managing and protecting our (and our users) rights, property and/or safety. Legitimate interest, where compliance is not appropriate, in supporting legal or regulatory processes or requests, preventing fraud and managing and protecting our (and our users’) rights, property and/or safety.”
Bunch of lawyer-speak drivel designed to obfuscate that Mozilla has simply decided they can't ignore the cash they stand to gain from having more and more data to sell.
IronFox is secure, hardened and privacy-oriented browser based on Firefox. This is read-only mirror of https://gitlab.com/ironfox-oss/IronFox. - ironfox-oss/IronFox
@TamsynUlthara @David_Kelly_SF That's weird, there was a huge uproar a few years ago, and I clearly recall that they got rid of that unique id. Did they forget to update their privacy policy?
Update: The project to remove our unique ID stalled after we encountered unexpected deviations in the number of users counted using other methods. We spent a lot of time researching and understanding the reasons for this. We have concluded that the numbers we get using a unique id are more accurate, so we are sticking with it at the moment. It’s as important not to over-count as it is not to under-count as we develop Vivaldi.
@TamsynUlthara Librewolf is cool in theory but kind of Opinionated™. Seriously, deleting all your history when you close the browser??? That should NOT be on by default, what the actual fuck. (I knew there was something I didn't like about its defaults last we tried it, but couldn't remember what, so I looked it up just now and found its settings docs and..yeah.)
Is there something like it that's less... *waves paw* yeah?
Kinda sucks because I'm a wolf and I would love a Wolf Browser that's actually good. But yeah.
I agree that the LibreWolf defaults are ... not the best for people using it as a standard browser. The idea is to make it as secure and private as possible by default, and let the user scale that back as necessary.
The one thing I find the most annoying is having it always open its window to certain dimensions on startup, to reduce fingerprinting, with no way (that I've found) in the settings to disable it. It doesn't matter in my tiling window manager, but on other machines I've had to use an extension to work around this.
It would be nice if there were a toggle to easily make LibreWolf more-or-less as functional as standard Firefox, just minus the privacy-invasive bullshit from upstream, and let us add more security/privacy as we saw fit. Right now we have to work in the opposite direction, which is frustrating for new users. (Once you get past that initial one-time phase of tweaking the settings, the experience is solid, IMHO.)
@scottwilson Sometimes this language gets written without sufficient scrutiny. And sometimes it gets written with all the scrutiny it needs to ensure you, the user, are screwed.
@scottwilson I think they're being very clear about what they want. In fact, I'd go so far as to speculate that somewhere, around some boardroom table, there was a conversation that Firefox is an albatross around Mozilla's neck. The sooner they can kill it and become the AI/privacy ads org, the better.
@vkc I ain't gonna tell people what browser to use (it's not a particularly weighty moral choice!). In terms of stability, however, I like that Vivaldi has arrived at a business model that pays developers without screwing users.
@vkc wait what is Vivaldi's business model? Did I miss a memo? (I love Vivaldi for what they do but I don't think there is a single browser out there who isn't getting the bulk of its revenue from search companies..?)
@wtrmt Which indicates that the "they need that for Firefox to be able to speak http" excuses is bullshit, the open source version does that just fine. It's for the parts that are not included in the source code, i.e. the AI and advertising.
Hot off the back of its recent leadership rejig, Mozilla has announced users of Firefox will soon be subject to a ‘Terms of Use’ policy — a first for the iconic open source web browse...
That's my guess too. They will train an AI or several with data we let go through Firefox. That's a no go for me. Is that as serious as it sounds? Is it time to leave a 20+ year-old web partner?
@cR0w @da_667 True, however their built-in blocker works quite well. I'm unsure how that will be affected, since I believe it is technically an extension.
It is time to use a browser based on just-rebranded Firefox code. Fennec for smartphone is OK, but I have not found a similar alternative for the desktop. Those I know about have some undesirable delay in releasing updates. Other option is to choose a fork like IceCat and check its update cadence in relation to upstream.
why does everything have to be speed run to enshittification? I start loosing every last slither of hope. All is drifting away and for no good reasons.
@da_667 @scottwilson @cR0w I used it. Hell, it's in the old PWST videos. I'm ashamed of that. But yeah, if you're looking for a browser that has a sustainable business model but doesn't screw users, you have a clear option. If you require FOSS, you have a thousand, but I don't trust a single one to be around for > 5 years
@cR0w @da_667 What do the 3 of ya'll think about Brave?
I keep trying to like it, and I admire Yan Zhu, but I'm really turned off by Brendan Eich and his shenannigans. I'm trying to use software that aligns with my values... I just don't know.
@scottwilson @cR0w I've avoided it like the plague because fuck anything even tangentially related to cryptocurrency. Even if they ripped it out, unless it was the VERY LAST BASTION with ublock/manifest V2 support, I wouldn't touch it.
That's really a very vague, unhelpful statement in bold! I guess it's the only popular browser where you can look at all the code and disable linking to proprietary services through the settings [citation needed], so that will help guard against abuse of that term, but it still feels foreboding...
is this not the same boilerplate language used in almost every website that hosts user content?
Like, no doubt it’s weird for a browser to do this but that wording is typically for allowing websites to publicly host your content on their service/equipment and allow things like image cropping/ re-sharing etc.
Makes me wonder if they’re going to start like, hosting servers as intermediaries between the user and whatever site they’re uploading to. I can’t see why that’d be worth it though except maybe in situations where the end site is unstable. Even if it is at the end of the day for training purposes, I can’t imagine they’d not have some kind of cover story to justify it.
@malusdraco A website is not the intermediary between you and the rest of the web. This language suggests every HTTP request you make is fair game. That's the difference.
I don’t know that I buy “any http request” unless that qualifies as “inputted information” did they do some sort of press release to go with the change in policy?
@da_667 god dammit. Is it even possible for a secure open source browser with its own rendering engine to be maintained without AI and advertising infecting every part of it?
We will keep Manifest v2 for as long as it’s still available in Chromium. We expect to drop support in June 2025, but we may maintain it longer or be forced to drop support for it sooner, depending on the precise nature of the changes to the code.
@cR0w @da_667 The built in ad blocker was created as a response to MV2 being deprecated, so I'd expect them to have built it in a way that doesn't depend on MV2.
Has anyone yet looked at #Firefox code and determined whether Mozilla snuck in something that sends them data even before they introduced their terms of use?
reading the bolded sounds like a typical web browsing experience. You type something in, the browser gets your analytics. I'm sure Firefox has some cloud based bullshit given that the browser is such a ram hog.
@Tubsta @JoeRess @LateNightLinux They have such potential to be the Good People given how everything is going. So frustrating they’re fumbling the opportunity… again. :/
With the lay-offs, the refocus on AI, the introduction of adverts and now this, it's like the Mozilla Foundation is carefully doing everything it can to render itself irrelevant.
I'm skeptical of what exactly this means. Every social media service gets shit for saying you relinquish rights to them for anything you upload but that's kind of the only legalese way that they can allow user generated content. IANAL, so it's hard for me to judge why they would need that text and why they would not.
@igimenezblb I think the important distinction here is a site you navigate to and a service you use on the web, and the tool you use to access everything on the web.
fucking yikes! Does anyone know if they have the same access to forks (the one I have in mind is Tor) or if this only applies if we're using the official Firefox app? I have a feeling it's the latter but better safe than sorry
There is also the incredibly broad "To comply with applicable laws, and identify and prevent harmful, unauthorized or illegal activity." in which Mozilla states they may gather "all data types" - among the defined types include: searches, browsing data (visited URLS), content and any other data.
In support of nebulously defined "identify and prevent harmful," and in response to law enforcement.
That "learn more about" link just goes to a list of definitions.
(Note it is a lot more than this one clause where they expand their claimed right to spy on you, and i encourage your e-mails to reflect this where i did not. See Sarah Jamie Lewis' thread, social.coop/@sarahjamielewis@m… )
Anyway what i wrote, before i read that:
Firefox does not have any right to information i enter into the URL address bar or forms on websites
My feedback and suggestion here, absolutely you can use for free.
Which is that this clause is wildly unacceptable, and you need to make very clear that you do not and will not ever spy on people while they browse:
"When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
Sounds like a ridiculously overbroad claim so that you can stick "AI" down our throats and advertisements, but with this start you will hand over our private data to a fascist government, too.
And again, that sentence is making a claim to data that was never intended to be shared with Mozilla, that is and must remain solely the private personal communication between the person using Firefox and the website being visited.
Mozilla rejected me as their head of Policy/T&S without even a recruiter reachout interview - So the more I see them fuck up the more amused at them I am 😛
How is this license different than any other license for any other web-based application?
You know how many things your browser interacts with to display what it does and you also know that there are a handful of tools like Firefox Sync or Pocket built into it that interact with backend services that Mozilla runs, and those things probably already had terms like this so....
I'm straining to see any way in which this is an issue other than the fact that everybody in the entire universe is going to make it an issue, because we go through this fucking dance every single time everyone ever sees this language, even though it's used in like every EULA ever and you'd think people would get it by now.
@mav I want you to think carefully about the difference between the means of access—the browser—and the site that you choose to access. The language at the browser layer is much more concerning.
Also, I take exception with the "FUD" framing. I have linked only primary sources here. We can disagree about interpretation, but that's not the same thing as FUD..
So is the issue you're taking here that the EULA is not sufficiently granular, in that it doesn't distinguish between usage for data provided for standard browsing versus data transmitted to built-in services like Sync?
I'm calling this FUD specifically because I think your interpretation of this language, which we really do see almost everywhere, is particularly uncharitable (to put it nicely.)
I'm as frustrated with Moz' governance as everyone else, but I do not think this EULA is some great evil. I think this is probably them trying to have one standard EULA instead of separate EULAs for every damn thing they do, plus they didn't have one at all AFAIK for the data they exchange to provide standard things like CRL lookups and safe browsing checks.
I guess if you want to say that your beef with it is that this could be stretched to say that every time you submit data to a site you're giving Mozilla a license to use it, but I don't think that's what they intended at all. Moreover, Firefox IS using your data, and if you use Sync, may very well be saving stuff about what you did (depending on what kind of access you did.)
Asking them to clarify is certainly not unreasonable, but this is hardly a "panic lets all switch to Chrome" kind of scenario.
@mav Respectfully, you are imputing intent where there is none in the language. For one thing, "Sync" shows up nowhere in this paragraph. The language is "When you upload or input information through Firefox." That is broad, and I must assume intentionally broad.
Look, we can disagree on intention, but think defensively. Let's assume Mozilla does want to do gross stuff with my HTTP requests. With this tacit contract, I've agreed to that usage, and any attorney worth a damn could argue so in front of a judge or jury. It's not what they will do; it's what the language could let them do.
I think that the smartest attorney in the world would have a difficult time crafting a EULA for a browser that, under these terms, you would be willing to accept. I'm not a lawyer (or even a particularly good approximation of one) but it sounds like to me the only way to satisfy the thing you're asking for is to spell out in detail inside the EULA itself what services they are talking about and when they are used.
(Mozilla's site does spell out in significant detail what they acquire and what they do with it, but unless there's something specific to link each section with its corresponding role in the EULA, I can't imagine anyone being sufficiently happy about it.)
From a defensive point of view, you're using a tool you didn't make to access servers and services you don't control. If any one of the pieces of this puzzle decide to go full evil, everyone interacting with that layer is fucked.
And it's quite clear by the discussion here that the primary remedy for this is seen as other browsers. Which, fine, use whatever browser you want, but there's one engine in t
... show more
I think that the smartest attorney in the world would have a difficult time crafting a EULA for a browser that, under these terms, you would be willing to accept. I'm not a lawyer (or even a particularly good approximation of one) but it sounds like to me the only way to satisfy the thing you're asking for is to spell out in detail inside the EULA itself what services they are talking about and when they are used.
(Mozilla's site does spell out in significant detail what they acquire and what they do with it, but unless there's something specific to link each section with its corresponding role in the EULA, I can't imagine anyone being sufficiently happy about it.)
From a defensive point of view, you're using a tool you didn't make to access servers and services you don't control. If any one of the pieces of this puzzle decide to go full evil, everyone interacting with that layer is fucked.
And it's quite clear by the discussion here that the primary remedy for this is seen as other browsers. Which, fine, use whatever browser you want, but there's one engine in the world left that runs uBO and it ain't Chrome. (I'm not in any way happy about this, but that's what happens when you put the world's largest ad company in charge of the world's most widely used browser engine.)
This is like the 9,185,046th time we've had the exact same license use terms discussion and I feel like I wanna just wail for a while and then do a shot for every one of them and expire in an alcohol-induced coma.
@mav This is a very confusing claim, given that I above linked Vivaldi's Terms, which do not include this seemingly intentionally-vague or expansive language. And those terms satisfy me just fine. So I guess it is possible to satisfy me!
If by "what they acquire," you are referring to the enumerated data in the Privacy Policy, the paragraph in question in the new terms is clear that they are referencing a set of data including, but not limited to, that data. Combined with the expansive "Uploaded through Firefox" language is neither normal nor particularly comforting.
Now, your points on defensive tooling are pure goalpost-moving. Yes, any service can decide to "go evil," as you put it. But look at how Mozilla has been behaving. Why the hell would I give them the benefit of the doubt now?
As far as what's been hashed and rehashed, I cannot recall a time when a web browser, much less an open source one meant to be a paragon of privacy, has included language like this.
I could be entirely wrong! But look at the pattern and tell me I shouldn't be wary.
I think you should definitely be wary. Mozilla has a long and storied history of looking exactly at what their users want them to do and then pulling out a gun and peppering us all with bullets. And then being like "Whoops!" It's infuriating.
There's no other real options. There's no other browser out there that's worth a fuck in the long run; it's all Chromium. As much as I like Vivaldi, it's just Chromium.
I also still think this is the same damn boilerplate text that's in every goddamn license agreement on Earth so I don't understand why it matters.
You say this is the kind of license agreement that you see in creepy social media, which is true. It's also the same license agreement you see for any other piece of software that has to transmit, store, or display your data anywhere. I just don't think this is that big of a deal and I do not understand why everyone is freaking out about it. I'm also genuinely shocked that other browsers don't have this kind of license. I imagine the reason why Chrome can get away with it is because All of the services tha
... show more
I think you should definitely be wary. Mozilla has a long and storied history of looking exactly at what their users want them to do and then pulling out a gun and peppering us all with bullets. And then being like "Whoops!" It's infuriating.
There's no other real options. There's no other browser out there that's worth a fuck in the long run; it's all Chromium. As much as I like Vivaldi, it's just Chromium.
I also still think this is the same damn boilerplate text that's in every goddamn license agreement on Earth so I don't understand why it matters.
You say this is the kind of license agreement that you see in creepy social media, which is true. It's also the same license agreement you see for any other piece of software that has to transmit, store, or display your data anywhere. I just don't think this is that big of a deal and I do not understand why everyone is freaking out about it. I'm also genuinely shocked that other browsers don't have this kind of license. I imagine the reason why Chrome can get away with it is because All of the services that would need this kind of license are all automatically covered by the Google EULA you have to agree to to get an account. I'm quite surprised that neither Firefox previously nor Vivaldi nor any other browser with a sync tool have this kind of license either. Or maybe they just pushed off the license into the sync tool so you didn't have to agree to it until you used it.
The weird psrudonymous advertising thing is just so much bigger of a deal. And yet we're still stuck with this damn browser because - for the moment - it still exists. Considering the speed at which horrors are flying at us these days, I wouldn't be surprised if tomorrow Mozilla got wholly acquired by Alphabet and there became one browser on all of Earth. Especially considering that antitrust law is now dead.
Anyway, I hope this all works out the way you want, that would be good for all of us. I'm going to keep using the only browser on the planet in which ublock origin continues to work, and see what godawful nightmares tomorrow brings.
I don’t agree with these terms. I will cease using Firefox at once. Which will be easy because it’s only on a single system. Librewolf is on everything f else.
I'm not sure what these terms mean exactly, but regardless this is why I'm quite happy with Fedora's build of Firefox. A counterweight against ISVs for stuff like this.
On Wednesday, Mozilla introduced legal updates to users of Firefox, and something feels off. I read, and re-read the new Terms of Use and while much of it reads like standard boilerplate from any tech company, there’s a new section that doesn’t seem …
*sigh* Here we go again. I've had enough with IE ages ago and moved to Chrome. Then to Firefox. Now I'm trying LibreWolf, a fork of Firefox hosted on Codeberg.
@Polychrome @lispi314 Yours is a very charitable reading of the clause. But let's consider Mozilla's recent behavior, and ask how much good faith is due. Can you imagine no more expansive interpretation of this language?
I've spent the night reading browser Terms. Not a one includes a clause like this. They do explicitly call out GDPR, which this oddly does not (the Privacy Policy does have appropriate EU affordances). You know what does use this language?
You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet.
This means the set of data to which the "license" applies includes, but is not limited to, the data defined in the Privacy Policy. That's why the "when you upload or input information through Firefox" clause is so concerning to me. We don't know the bounds of that expanded set, only that it is expanded.
@Schouten_B Well, they've clarified in that direction, but I still find their rationale bogus, given that no other browser seems to require that language to operate. But hey, at least we can hold them to this.
I am certainly not EU law expert, but Article 5, section 1 of 2001/29/EC would seem to obviate this concern:
Temporary acts of reproduction referred to in Article 2, which are transient or incidental [and] an integral and essential part of a technological process and whose sole purpose is to enable:
(a) a transmission in a network between third parties by an intermediary, or
(b) a lawful use of a work or other subject-matter to be made, and which have no independent economic significance, shall be exempted from the reproduction right provided for in Article 2.
@Schouten_B Yeah I dunno, this is scoped to the Google Services, aka the applications on the web. And as mentioned, other such services license similarly. But I can not for the life of me find any instance of a browser's own terms doing this.
@buherator As of today, Mozilla's primary revenue comes from search engine deals, not adtech. That will be true if and until the DoJ's proposed remedies in the Chrome antitrust case are adopted, which would prevent the kind of exclusive deal Google has with Mozilla.
@Schouten_B I understand that. But the nuance here is where the license for the content is applied: at the service level, or the browser. This reads clearly to me that it's at the service level.
@rootsnase Based on this, the charitable reading seems to be what they are claiming: they need this license to literally transmit your data via HTTP. But uh, no other browser uses this language, so it's still weird.
This...makes my point? The enumerated services do not include the browser qua the browser. This is the distinction! Google is not, it seems, claiming a license over all HTTP requests you send anywhere via Chrome. But Firefox now is.
IronFox is secure, hardened and privacy-oriented browser based on Firefox. This is read-only mirror of https://gitlab.com/ironfox-oss/IronFox. - ironfox-oss/IronFox
@Schouten_B It's not about privacy. The language relates to copyright, and it grants Mozilla exactly the uses it states. The broader rationale for it doesn't really matter.
@maniandthenonos Ain't no best. As this entire conversation demonstrates, browsers are an intensely personal choice. For some, it's a value statement. For others, the choice is purely pragmatic. There have been several mentioned in this thread that prioritize different aspects (privacy, openness, compatibility, etc.). I personally like using Vivaldi, but that's a non-starter for a lot of of people due to its Chromium base. Shop around!
@rootsnase not just weird, ridiculous; if true, it would mean all software should have such a license for doing anything at all, which is of course not the case. The one installing/running the software is the responsible party in terms of processing, and the data does not need to come anywhere near mozilla themselves
1) I kind of like the language, it’s GPL-esque. 2) I dislike the idea of a legal entity having any kind of operation in their behalf on my Linux machine.
NO PLEASE NOT THIS SHIT AGAIN I JUST RECOMMENDED FIREFOX AS A PRIVACY TOOL TO ABUNCH OF NON-TECHIES AND I DONT WANNA HAVE TO POINT TO LIBREWOLF OR SHIT AAAAAAAAAAAA
servo.org ...the old browser engine project Mozilla started, orphaned and then adopted by Linux Foundation Europe. Probably the only third party that might be a future alternative to the american duopoly. But it as everything else good needs developers. #servo
@neil @TheVampireFishQueen One @lilianedwards and I did a piece of theatre at #Gikii on this few years back - in the context of the Databox project, a self hosted personal data store - if data never left the device what licence if any did (commercial) SW supplier need, and what GDPR obligations did they have. Not sure we ever actually got to a satisfactory conclusion!
I can switch browsers easily enough. However, I have decades’ worth of email in #Thunderbird. I’m more worried about that. Have they added terms of (dis)service to that app yet?
Like others, I'm trying to figure out what features this could possibly support. The only thing I can think of is the Firefox Sync, so I guess Firefox can use my passwords now? And for Select->Right Click->Translate to English? They get a license to whatever I'm trying to translate
@hobs @stinerman @TruelyNotARobot @_tissa_ if it's just bookmarks you are concerned about you can export them manually or use a tool like xbrowsersync.org/ it's open source and encrypted and works with all browsers. There's an APK you can get and keep up to date with Obtainium for Android devices as well.
@buherator They are in adtech, just not as a primary revenue stream. But leaving that aside, compare their Terms with browsers supported by similar models, like Brave or Vivaldi. You'll find this language much more expansive.
the clarification doesn't clarify anything 😞 it is still understandable as "whatever you do with and whatever is passed through the software is ours to do whatever we want"
@c0rb34u It scopes the "license" clause to only the data enumerated in the Privacy Policy. That clause by itself reads as greater than that set, which is problematic.
the clarification is in a blog post, that may not be legally binding. so in my eyes any clarification outside of the ToS is worthless.
If #Mozilla wants to offer AI services or collect and use their users data, this should be a separate opt-in ToS in my opinion, not the terms of the base application.
But TBH #Mozilla is doing too much dumb management decisions these days, so I'm considering to stop recommending it. (colorways, firing #rust and #servo teams, ads for temu and so on)
I think it might have been intended to mean "if you upload copyrighted data using Firefox we're not responsible for any license fees just because you passed it through our software and services."
But I'm sure a good lawyer could twist this in just about any direction they want.
@Schouten_B Licensing terms do not require a rationale, they require the correct language. The language in these terms is unambiguous with regards to those terms.
The specifically worded rationale is fluffy. "As indicated by the user's behavior" (TL;DR) is wide open to interpretation with respect to which behavior implies what intent or requirements. In other words, Mozilla has all the legal leeway to grant itself semi arbitrary uses.
It's "will nobody think of the children??!" in techbro lingo. Creepy as fuck, and very much a reason to treat Mozilla as the enemy in the battle for the open web.
@Schouten_B The precise wording is "to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox"
"indicate" is not "state" or "give consent to". "use" may mean simply starting the browser without interacting with it. "experience" is, by the very nature of the word, subject to interpretation.
This collection of words may mean that by starting Firefox, I "indicate" that I opt into AI training, which an assistant..
@Schouten_B Note also that the privacy notice is referred to as "... including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate ..."
So a) it includes processing data as described in the privacy notice, b) it also includes acting on my behalf to *help* me navigate, not to translate my express navigation instruction into practice, but c) the key word is the first, "include".
@neil Also agree, I don't think they plan to sale everyone data (atleast not so blatantly), have exclusive rights to any material you upload via Firefox or ban adult content.
@Schouten_B ... known uses ahead of time (done here), but keep the door open for other uses.
The next part about the copyright license notably does not explicitly refer to any specific such use, but stands alongside the previous listed uses. Which is great, because you *infer* it refers only to those, but that's not actually stated there.
@TheVampireFishQueen @neil There are a couple of weirdnesses here that I am willing to chalk up to carelessness. But when writing your contracts, that's uh, not awesome as a defense.
But we must consider the alternative, which is that the vagaries in this policy are wiggle room they wanted for one reason or another.
@Schouten_B And you shouldn't mix "legitimate interests" in the GDPR context with copyright licenses. PII is not the same as copyrightable information and vice versa.
@Schouten_B The digital services act prohibits deceptive patterns. That means when I click a "search" button, a manufacturer may legitimately infer that I wish to search for something. It would be a deceptive pattern (or worse) to also send those search terms for analysis somewhere else *even if* this would improve future searches. Here, explicit and informed consent is required.
So nobody claims a browser should ask for consent of everything, just the shady shit.
@Schouten_B @jens Sorry to hop in, but since I've been poring over this for a day now, I think I see where you both are coming from.
The language seems to distinguish what you are licensing and what is covered by the Privacy Policy. That distinction lies in the "as well as" clause. Bas, your gloss is that because they only claim to process data listed in the Privacy Policy, whatever may be in the "as well as," (maybe nothing, maybe something someday) is out of Mozilla's reach. Jens, I think you're reading that to mean the "as well as" data can be processed, uncovered by the Privacy Policy.
Let's leave aside the blog update, which is for all intents not part of the contract.
Functionally, I suspect Bas is close to correct for now. However, it's difficult to imagine that, in drafting, no one read this with the suspicions voiced over the last 24 hours by the public. If we assume the vagueness is intentional, there is a space created for more opt-out (we hope) shenanigans down the road.
What I see is that there is no grammatical connection between the privacy policy stuff and the copyright stuff, and there is no implicit legal connection between processing of PII and licensing copyrightable material. The only connection there is is proximity in the text, and *that* in no way implies the interpretation that Bas is insisting on. Proximity is to logical connection as correlation is to causation.
@Schouten_B @jens Wow I sure do. This clearly spells out the number and nature of granted licenses. I'll take details over vague blanket statements any time. Also the Account mention is not casual; it's formally defined.
🤬 thankfully there are enough forks that this will just show Firefox as what it is: a distraction from Google's monopoly. Time for more Opera in my life.
I mean straight up there's a material difference in how the collection policies are framed here. Arc's Privacy Policy opens with the guarantees about what they won't collect from you. Mozilla's has no such guarantee. Moreover, Moz explicitly states that "Browsing data" is collected for marketing purposes, and consent is "as required by law."
Now, back to the new Firefox Terms. Let's say Mozilla decides browser activity like time on site or even search data is important to train an advertising ML model.
Even if your read of the Terms is correct, that kind of processing would be covered under that section of the Privacy Policy. But if Jens is correct, uh oh, we're still covered for that and more because it could be an unenumerated data type that the broad license language now covers. By contrast, Arc's clear guarantees about what won't be collected, combined with the specific license language, remove this risk.
@Schouten_B See, I think that's the crux of our problem: you again try to interpret this as somehow related to PII, because in the first part they talk about privacy. I haven't even looked into the privacy question.
The second part, which is explicitly not about PII but copyright, and so wholly separate from the first, literally grants Mozilla "a nonexclusive, royalty-free, worldwide license to use that information" - which refers to anything I upload whatsoever - with no other...
One simple attack scenario here is if I were to e.g. use a web-based editor to write code. It does not matter if I generally publish this code under a FLOSS license, for example, because Mozilla already has permission to that code *but without* any possible extra clauses such as e.g. copyleft related ones.
Any other copyrightable intellectual property I upload they also have rights to. Automatically.
@Schouten_B This is because copyright is not particularly concerned with fluffy clauses.
"use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
This part reads like a copyright license restriction, but as I painstakingly laid out before, "as you indicate by your use of Firefox" has quite literally arbitrary headroom for interpretation, and the other parts aren't much better.
@Schouten_B... thanks to OSI have embraced "we won't tell you what to do" style absolute libertarianism read similarly fluffy, so perhaps you're just used to that.
But more generally speaking, copyright terms can be very precise. I can quite literally restrict the license to use only within five metres of my home, from midnight to 0:13h on the condition that you copy my stuff only in your own blood on parchment made from birch bark, and anything else would not be permitted.
@Schouten_B So for license terms to be this broad - yes, it does protect Mozilla from litigation, but it also means Mozilla has pretty much all the interpretative power in the world to do with my (copyrightable) intellectual property as they see fit. And it is *not* typical of copyright, which this part leans on, quite the contrary.
So the best possible interpretation I have is that they are currently concerned with collecting AI training data, with no specific use in mind. And...
@Schouten_B... that is OK, in principle, but this is the part where associating this with non-copyrightable PII by virtue of proximity is highly disingenuous. It suggests that your granting of those broad rights is in your interest, when your interest is nowhere defined here.
Plus, this kind of association by proximity seems like a clear DSA-violating deceptive pattern. It certainly isn't "informed consent" if you were to accept those terms.
@Schouten_B Copyright is phrased in terms of restrictions and limitations, because you first grant the right to copy, and then specify how.
Already the phrase "in order to" deviates from how licenses are termed. A decent replacement might be "limited only to uses directly implementing", e.g. navigation.
Maybe this kind of example helps clarify just how open to interpretation those terms are. Because I can most certainly claim that my goal in taking your wallet is to *actually*...
@Schouten_B... help you protect your money ("in order to"), but it becomes much harder to defend this in the second phrasing unless it's demonstrably and only followed by putting it into a safe.
@Schouten_B @jens This is a highly Eurocentric discussion, which is fine, but I gotta tell ya, US jurisprudence is fairly hostile to the consumer in cases such as these. To make it more complicated, depending on what Circuit the case is tried in, it may be contract law or copyright law that holds sway.
Given the ubiquitous nature of end-user license agreements, terms of service, and similar agreements for websites and other software,[1] it is unsurprising tha
@Schouten_B It's already well established that caching content, while technically copying, isn't reproduction under copyright law.
It becomes reproduction if the cached content is reproduced/sent elsewhere, but the case law allows this as far as I understand, not in terms of "legitimate interest" (that is business interest), but in terms of "fair use". I'd have to dig up relevant cases, but that discussion is about as old as Napster and settled.
@Schouten_B... browsers to reserve any usage rights because normal operations such as copying bits to/from a network interface, in-memory in a software or to/from caches is already permitted.
If you note, GPL does not include clauses that you must grant the makers of grep usage rights for sifting through your documents.
@Schouten_B Again, though, that's the point I was already making: it may be the case that if challenged in court, users would always be given preference.
But *until* such a thing happens, there is nothing preventing Mozilla from doing whatever the hell they want. This shifts the burden away from Mozilla to take care to be legally compliant with their use of information over to the consumer. At best, it's irresponsible and and worst it's a deliberate backdoor.
@Schouten_B... legal advice Mozilla can get, this again means at best it's gross negligence not to phrase this stuff better based on legal advice, and at worst it's downright malicious.
There is no option from the consumer side to treat this other than absolutely hostile, and the "clarification" they posted yammers on about "we didn't mean it badly" without retracting those changes or working them over.
It's abundantly clear that the intent is not to change, but to convince...
@Schouten_B... consumers the changes are in their best interest when they're not. "I didn't mean to hit you, babe, please forgive me". Fuck that abuser logic.
Mozilla at this point is not to be trusted.
Sad, but but wasn't me who made all those dodgy decisions the community has been documenting over the years, so I'm also unable to shed a tiny tear over it.
@Schouten_B @jens Serious question: unless you have some insider knowledge, what leads you to think Mozilla, an organization that just stated its intent to develop its AI business/strategy, and is incorporated in the US, built its Terms with EU laws at the top of mind? So far as I know, nobody in the EU was gunning for Firefox because of a lack of Terms.
Conversely, taking the more adversarial reading, this opens the door to potential use of user data down the line. I don't know what the rationale was, but I've seen no evidence to support your interpretation.
@grillchen that.. looks... normal? firefox does a lot of stuff on your behalf, and explicitly saying so seems alright.
what's the alternative? I use brave too but that's got the same problem, developing a browser is really expensive if you want it to be used by real people instead of nerds.
@Schouten_B @jens I'm gonna challenge that the scenarios laid out are "mostly legal" in the US. I would describe the use of user data for model training especially as "mostly unlitigated." There are ongoing suits that may establish precedent one way or another, but they have not been decided. And indeed, those cases tend to base their complaints in copyright law, such as the New York Times case against OpenAI.
I'm also gonna push back on the framing that the US government is friendly to corporations here. At the moment, this regime's relationship with tech is fraught at best, with essentially a protection racket holding sway to maintain tech's fealty. But that is distinct from how aby given federal judge may rule.
Now, given all this, I don't think it's crazy to imagine an AI-focused Mozilla taking steps to ensure that any future disputes about model training on user data fall in the realm of contract law rather than copyright law.
@Schouten_B @jens Both, really, since neither are spelled out. But tbh it's weird that they haven't said they won't train on user data. Hell, Zoom says so. Notion says so. On the other hand, Meta quietly slipped into their Terms that you license your content for training by using their platforms.
Yes this is speculative. But I have plenty of reason for skepticism, and "No," is not an argument to the contrary.
@Schouten_B @jens I see plenty of reason to add those terms now.
Let's take as read that neither of us knows what Moz's plans re: AI in Firefox actually are. That also means we don't know their timeline. So from a threat modeling perspective, this language introduces the risk of a dark pattern kind of opt-out consent for the use of user data, similar to how they've handled:
Ads
Telemetry
Chatbot on the sidebar
If my concern is the use of my data in ML processes of any kind, I would say I have ample reason to view these Terms as a potential threat vector.
@Schouten_B Language form mental patterns, mental patterns form language.
It's very much in line with the development a lot of tech companies have undergone in the last few decades, with increased enshittification in tow.
To see this having reached Mozilla is to be expected, but still a blow.
And yes, the hit has been made: you do not take my IP rights under the guise of privacy protection and get to offer a lukewarm "just a misunderstanding" reframing attempt. Sorry, but no.
Google published principals in 2018 barring its AI technology from being used for sensitive purposes. Weeks into President Donald Trump’s second term, those guidelines are being overhauled.
@Schouten_B Oh yes, they are, and your insistence that the terms say something different from what the words say is starting to piss me off. As long as I can chalk this up to opinion or lack of understanding, I'm fine.
But you keep just repeating your faith in the good intent and optimal interpretations. You're fine to have those beliefs, of course, but I wouldn't consider them actual arguments.
So perhaps it's best to close this conversation here.
Please provide fingerprint!
Scanning...
User authenticated. Weclome!
ACCESS DENIED! You will be reported!
For me???
Access granted.
Cat pictures?!?
No, I am not
Error: System experiencing unexpected levels of adorable input. Please try again later
...
❤️
Root access granted!
_x:" title="
_x:"/>
lol
Nia Valentine
in reply to Anna Aurora 🏴☠️ • • •Sensitive content
Anna Aurora 🏴☠️
in reply to Nia Valentine • • •Sensitive content
then you have to ask in their discord all the time ._.
it doesn't really feel like an open source project at all because there's no documentation whatsoever
Shannon Prickett reshared this.