Slashdot Mirror
Firefox In 2018: We'll Tackle Bad Ads, Breach Alerts, Autoplay Video, Says Mozilla (zdnet.com)
An anonymous reader quotes a report from ZDNet: Firefox maker Mozilla has outlined its 2018 roadmap to make the web less intrusive and safer for users. First up, Mozilla says it will proceed and implement last year's experiment with a breach alerts service, which will warn users when their credentials have been leaked or stolen in a data breach. Mozilla aims to roll out the service around October. Breach Alerts is based on security consultant Troy Hunt's data breach site Have I Been Pwned. Firefox will also implement a similar block on autoplay video to the one Chrome 66 will introduce next month, and that Safari already has. However, Dotzler says Firefox's implementation will "provide users with a way to block video auto-play that doesn't break websites". This feature is set to arrive in Firefox 62, which is scheduled for release in May.
After Firefox 62 the browser will gain an optional Chrome-like ad filter and several privacy-enhancing features similar to those that Apple's WebKit developers have been working on for Safari's Intelligent Tracking Prevention. By the third quarter of 2018, Firefox should also be blocking ad-retargeting through cross-domain tracking. It's also going to move all key privacy controls into a single location in the browser, and offer more "fine-grained" tracking protection. Dotzler says Mozilla is in the "early stages" of determining what types of ads Firefox should block by default. Also on the roadmap is a feature that arrived in Firefox 59, released earlier this month. A new Global Permissions feature will help users avoid having to deny every site that requests permission for location, camera, microphone and notifications. Beyond security and privacy, Mozilla plans to build on speed-focused Quantum improvements that came in Firefox 57 with smoother page rendering.
After Firefox 62 the browser will gain an optional Chrome-like ad filter and several privacy-enhancing features similar to those that Apple's WebKit developers have been working on for Safari's Intelligent Tracking Prevention. By the third quarter of 2018, Firefox should also be blocking ad-retargeting through cross-domain tracking. It's also going to move all key privacy controls into a single location in the browser, and offer more "fine-grained" tracking protection. Dotzler says Mozilla is in the "early stages" of determining what types of ads Firefox should block by default. Also on the roadmap is a feature that arrived in Firefox 59, released earlier this month. A new Global Permissions feature will help users avoid having to deny every site that requests permission for location, camera, microphone and notifications. Beyond security and privacy, Mozilla plans to build on speed-focused Quantum improvements that came in Firefox 57 with smoother page rendering.
Will also tackle free speech like Facebook, Google, and YouTube.
So ... all ads then?
The strategy is to follow closely in Chrome's shadow.
will still bitch and moan, because they're too stupid to see that the adblocking is on the rise BECAUSE of their own inability to nderstand the importance of vetting ads, because of their insistance of continually increasing the resource usage, trackking of users, and continually choosing to up annoying-ness of ads... and I don't buy for one second that "oh, they make the ads more annoying because of adblock." Bullshit, ads were this bad well before adblock became popular. I remember browsing the internet in the early 2000s.
If you believe in privacy, and believe you have "nothing to hide" at the same time, you're a goddammed idiot
Sounds like a great target to me. All those credentials, in one place.
Nobody thinks anything through anymore. We are getting stupider by the day.
Only Safari, the only moral browser in the world must be used! (Tim Cook: Can I have my free Apple stylus now?)
Why did the chicken cross the road? Because Elon Musk put an AI chip in its head.
Video Autoplay completely breaks websites from a usability standpoint.
There are zero times I look up an article on a website where I would prefer to watch a video over READING a story. That's AFTER. If I feel I need to.
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
in 2018 will Beau: stop sucking cock for coke, stop sucking msmash's cock for coke, quit using "bad" toys on himself, stop going to the ER room to remove various objects (alive/dead/other) from his rectal area, start thinking, get msmash thinking, elevate the credibility of the publication, get a life?
All these and more coming up next.
about:config
Accept the Risk
media.autoplay.enabled = False
In Soviet Russia, Trojan exploits YOU!
I miss the days when these sorts of problems were dealt with by standards bodies. But ever since the W3C abanoned its XHTML 2 standard, it's been an escalating arms race between browser makers, creating new, poorly-conceived (and annoying) features, and working to undermine the features introduced by their competitors.
If XUL was still around like it is in Pale Moon and Waterfox it would be trivial to implement extentions for the features Mozilla is proposing but no Mo$illa decided to “pocket” money from advertisers and cripple the extention and cookie management. Join the resistance, don’t use Trackzilla Spyfox.
So every time you visit Facebook you get a popup?
Add-ons Links
Firefox, WaterFox, and Pale Moon Browsers
For security: Get add-ons only from the Mozilla.org add-on web pages.
Visit those links with Firefox. Visiting with the latest version of Pale Moon (27.8.2) shows an error: """This add-on requires a newer version of Firefox (at least version 52.0). You are using Firefox 27.9."
Pale moon add-ons
Adblock Latitude For Pale Moon browser only. Blocks display of ads. "Adblock Latitude is a direct fork of Adblock Plus made specifically for the Pale Moon browser."
BetterPrivacy Removed by the author. Deletes Local Shared Objects, LSOs. LSOs are files placed on your computer by the Adobe Systems Flash plug-in. Use of Adobe Flash allows web sites to track you, permanently even though your browser is configured to delete the files known as "Cookies" after each re-starting of your operating system.
CanvasBiocker Prevents websites from using the Javascript <canvas> API to fingerprint them.
Classic Theme Restorer Quoting 3 paragraphs:
"This add-on will stop working when Firefox 57 arrives in November 2017."
"This add-on will stop working when Firefox 57 arrives in November 2017 and Mozilla drops support for XUL / XPCOM / legacy add-ons. It should still work on Firefox 52 ESR until ESR moves to Firefox 59 ESR in 2018 (~Q2)".
"There is no 'please port it' or 'please add support for it' this time, because the entire add-on eco system changes and the technology behind this kind of add-on gets dropped without replacement."
Cookies Manager+
Disconnect Updates to Pale Moon browser don't install.
Facebook Blocker Prevents Facebook from following you everywhere there are Facebook "Like" buttons.
Firebug "Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page..." Firebug development page.
FlashStopper Stops video autoplay and shows a preview thumbnail. On Sept. 9, 2017 does not work with YouTube because it prevents reading comments; there is a working version in the development branch.
Ghostery I don't know if Ghostery still sells data: Ghostery sells data it collects. (Business Insider, Jun 18, 2013) Ghostery web site. See the article, Ghostery is Acquired by Cliqz! (Feb 15, 2017)
HTTPS Everywhere Doesn't install in Pale Moon. Encrypts traffic by using HTTPS encryption rather than HTTP wherever web sites accept HTTPS. See How to Protect You
Let's say the web were to lose all advertisements tomorrow. What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?
A. Paywalls on most websites, causing your web searches to result in a lot more clicks on the back button
B. Shutting down commercial websites in favor of those run on hobbyists' pocket money
C. Some other option, which you plan to explain
Good luck finding a way to "provide users with a way to block video auto-play that doesn't break websites", especially if it's muted. Site operators will fall back to less efficient methods to display video, which include a canvas displaying video decoded in JavaScript, animated GIF, or even a pure CSS motion JPEG player.
I set media.autoplay.enabled in my copy of Firefox ESR 52 (default browser on Debian 9) to false, but this horse was still animated. What did I do wrong?
All those sound like welcome enhancements. But please, do not change the UI again.
which already did all this and more
my plugin support. I don't recall plugins being much of a vector for viruses except for the occasional one that got sold off to spamers, and none of the chnages to the plugin APIs solve that problem. You can still call out to exes, it's just a big pain in the rear now.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
The 1% of the internet who still use Firefox will appreciate it.
Hit me up when you roll back quantum and have a plan to restore the old UI.
Or in other words, give us back the ability to manage cookies, amongst other things.
I'd like some browser maker, any really, to come up with a browser profile which allows for use of the web in a metered connection. There are times when all i have access to is my mobile hotspot, and I pay per gig, so I'd really like to be able to flip a switch and have things like the disabling of multi-media downloads and pictures over Xkb.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
n/t.
They already make shady money off of profiling people through all sorts of tracking methods.
They can just use that
What use is there for such profiles if they cannot be used to improve specificity of an advertisement campaign?
They shouldn't auto-play if they're video based.
Exactly. Such an ad will pause on the first frame and cover up the page until the user clicks to start the ad playing and waits for the ad to finish playing. This is a prestitial, and Chrome would likely automatically block it because countdown prestitials before a non-video payload violate the Better Ads Standards, but a publisher* can deploy anti-adblock to send more people to the back button.
And, last but not least, they shouldn't track you.
In order for an ad not to track the viewer across websites, it would have to be hosted by the publisher, as opposed to going through an ad network or ad exchange. Sites that have adopted this more print-like model include Daring Fireball and Read the Docs. But for sites with less reach or less homogeneous readership than those two, how is a publisher supposed to find willing advertisers without having to hire an in-house ad sales team?
* In adtech jargon, a "publisher" is the operator of a website that carries advertisements.
What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?
A. Paywalls on most websites, causing your web searches to result in a lot more clicks on the back button
I wouldn't mind A since that would mean we're going to be treated as customers instead of as products and search engines/browser extensions would adapt to it
How many pages on The Wall Street Journal can I read with a subscription to The New York Times? Zero.
Let's assume that over the course of a month, you read two articles on each of 20 different pay sites, each of which demands (say) $5 for a 30-day subscription or $5 for 150 page views. How many people would be willing to pay $100 per month only for most of the subscription to go to waste?
That checkbox is offered only to users near maximum karma. Stack Overflow has a similar model of presenting fewer ads once a user reaches a particular reputation level. But what would you do between signup and reaching the karma threshold?
I might lie to you about some things, but I would never tell a lie about my own mother.
Il n'y a pas de Planet B.
Firefox needs to implement fingerprinting protection. Brave (Chromium-based) already has this technology.
Are they going to get rid of the awful bar and go back to a sane bar???
ShareMeNot has been replaced by the EFF add-on Privacy Badger. I'm trying it now.
Something like that would create better revenue. They have some pretty good deals in there. :)
[($)]
There is an easy to use extension to toggle JS.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
I'd like some browser maker, any really, to come up with a browser profile which allows for use of the web in a metered connection. There are times when all i have access to is my mobile hotspot, and I pay per gig, so I'd really like to be able to flip a switch and have things like the disabling of multi-media downloads and pictures over Xkb.
Comparison of lightweight web browsers
https://en.wikipedia.org/wiki/...
something that would let me find which tab(s) are eating my CPU with some crappy javascript. I would then be able to close the tab; although a ''stop javascript in this tab'' button would be better.
What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?
[...]
B. Shutting down commercial websites in favor of those run on hobbyists' pocket money
B. This was the internet before 1999
Except "the internet before 1999" was 0.05 Mbps dial-up, or sub-Mbps DSL if you were rich enough to move to one of the cities where the local incumbent phone company chose to test-market it. Even if you would be willing to go back to dial-up, what fraction of other Internet users would? And even though modern high-speed home Internet access is available right now, how long do you think demand therefor would continue without the availability of commercial websites?
Hosting a website with almost all text-based content like /. is possible on the $5/m droplet from digital ocean.
Then what would you recommend for someone whose works aren't "text-based"? Or would you instead encourage freelance photograhers, illustrators, and animators to give up their trade and instead retrain to become writers?
If a site's owner cannot afford $5/m, then maybe they shouldn't host the site.
Then who, other than the site's owner, would host the site? I don't see each of the billion-plus Facebook members joining the IndieWeb movement and subscribing to a $15 per year domain and $60 per year VPS just to run his own website. Where would a minor even come by that sort of money, especially if other kids have already swallowed up all the lawn mowing jobs in the neighborhood?
the best quality content is user generated content not full-time writer content.
The prevalence of major platforms built for wide distribution of user-generated content, such as Facebook and Twitter, has led to the use of said platforms for disinformation campaigns, such as the "fake news" battles during the 2016 U.S. election season. In a scenario dominated by user-generated content, who pays for the fact checking?
Besides, nowadays, "user-generated content" often includes video for all screen sizes and viewer processing capabilities. When the user who generated the content uploads a high-definition video, who pays to "selectively spin up more VMs" to transcode it to lower bitrates for users of small battery-powered computers or slow or metered Internet connections? Vidme shut down because it could no longer afford to serve the load.
If you have more than a few million registered users, a 1% donation-rate of $1 per month
Of which the credit card network would pocket 0.30 USD per swipe. The Bitcoin miners would pocket even more, as average transaction fees surpassed the equivalent of 55 USD in December of last year, though for the past month, they have stayed between 1 and 3 USD. Who pays for the research and development of a practical micropayment network?
will let you have *ONE* fulltime staff, and that person should ideally be ensuring that everything continues running.
First, how many of these registered users are active, as opposed to users who haven't posted in months? Second, with bills like SESTA/FOSTA eroding safe harbors for site operators, I doubt that one staff member could handle even the legal compliance requirements for moderating a site with three million users.
How to do $FOO? Yeah, experts have chimed in on some forum somewhere already.
Once Google Search and Bing have shut down due to the loss of ad revenue, through what means shall users find the writings of said "experts" who "have chimed in on some forum somewhere already"?
Looking more and more that Firefox is just doing desperate stuff to be relevant and get at least some interest from users. Has it become a niche browser already?
So far its not looking to good for Firefox and if it kills ads even the ones it survives on that's going to be counter productive to its survival.
If a forum cannot get enough paying members, why is that my problem to solve?
It's your problem to solve if you happen to be a member of such a forum that can no longer pay its bills.
Once again, I don't care. If *YOU* care about watching videos on the internet, maybe you go and put your money into the pot for those sites you care about. The topics I care about can survive with minimal donations.
I wouldn't be so sure that affordable high-speed home Internet access can keep its economies of scale if the only topics that the Internet covers are those that "can survive with minimal donations". What's the size limit for photo attachments on forums that discuss the topics you care about? Because if people decide to cut back to dial-up in response to withdrawal of advertising-supported works, then your (presumably fiber or cable) Internet provider may not consider it profitable to continue providing (presumably fiber or cable) Internet service to your home, and the "56K warning" that used to be common on forums is likely to return.
Swipe once a year and donate $12.30 instead of $12.
Then the question becomes how to convince new members of a forum to donate $12.30 in exchange for 365 days of privilege to post to the forum.
will let you have *ONE* fulltime staff, and that person should ideally be ensuring that everything continues running.
Second, with bills like SESTA/FOSTA eroding safe harbors for site operators, I doubt that one staff member could handle even the legal compliance requirements for moderating a site with three million users.
Not a problem, host the damn thing abroad, have the single full-time staff in a third country.
That works until said third country enacts its own counterpart to SESTA/FOSTA, or until money laundering and terrorism funding laws catch up with this business model design pattern.
Once Google Search and Bing have shut down due to the loss of ad revenue, through what means shall users find the writings of said "experts" who "have chimed in on some forum somewhere already"?
You don't need a Google or Bing to spider effectively.
Then what do we need? I'd be interested to read your architecture for spidering every forum in existence on the shoestring budget of a hobbyist.
Or what am I missing?
Wow welcome to 2011 Firefox :: Dev.Opera — Autoplay, Go Away!
Back before Opera became a useless Chrome clone, and had preemptive JavaScript.
Bring back the goddamned ESC key. Until a user can hit hyper pages like Yahoo News with a tranquilizer dart that delivers a static page that can be scrolled and read until the user hits the end or hovers over something... it will not be complete. It should cancel Javascript time triggers also, something addons cannot presently do far as I know.
Sorry, you cannot have access to the content you can plainly see in the window because an oversold cloud appliance or gobblegook DNS abuse tactic is failing to respond.
cite "Without getting into too much technical details, pressing the Esc key can cause major problems for sites that use Web Apps that are coded in Ajax or use jQuerry. With the growing popularity and number of web apps came a great number of users accidentally hitting the escape key. So effective with Firefox 20 the Esc key will no longer stop anything, it simply won't do anything.
cite bug 614304, comment showing consensus "Yeah, I think we should remove this "feature". Having a key to abort network requests seems like an expert feature that at least shouldn't be enabled by default. IMHO it should ideally be removed completely. People can always write an extension to re-add it if desired."
So instead of forcing XMLHttpRequest/WebSocket/Ajax developers to directly address the situation of sudden lost network connectivity... which is a general design issue and might have been solved by now... it was decided that the unwashed masses should lose control of their browsers, forever. There's always yanking the wall plug, until Mozilla addresses that problem at some future date.
</S> humor, kinda. I love Firefox even though I'm frozen at an undisclosed earlier version.
<blink>down the rabbit hole</blink>