Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox In 2018: We'll Tackle Bad Ads, Breach Alerts, Autoplay Video, Says Mozilla (zdnet.com)

Posted by BeauHD on from the coming-soon dept.

An anonymous reader quotes a report from ZDNet: Firefox maker Mozilla has outlined its 2018 roadmap to make the web less intrusive and safer for users. First up, Mozilla says it will proceed and implement last year's experiment with a breach alerts service, which will warn users when their credentials have been leaked or stolen in a data breach. Mozilla aims to roll out the service around October. Breach Alerts is based on security consultant Troy Hunt's data breach site Have I Been Pwned. Firefox will also implement a similar block on autoplay video to the one Chrome 66 will introduce next month, and that Safari already has. However, Dotzler says Firefox's implementation will "provide users with a way to block video auto-play that doesn't break websites". This feature is set to arrive in Firefox 62, which is scheduled for release in May.

After Firefox 62 the browser will gain an optional Chrome-like ad filter and several privacy-enhancing features similar to those that Apple's WebKit developers have been working on for Safari's Intelligent Tracking Prevention. By the third quarter of 2018, Firefox should also be blocking ad-retargeting through cross-domain tracking. It's also going to move all key privacy controls into a single location in the browser, and offer more "fine-grained" tracking protection. Dotzler says Mozilla is in the "early stages" of determining what types of ads Firefox should block by default. Also on the roadmap is a feature that arrived in Firefox 59, released earlier this month. A new Global Permissions feature will help users avoid having to deny every site that requests permission for location, camera, microphone and notifications. Beyond security and privacy, Mozilla plans to build on speed-focused Quantum improvements that came in Firefox 57 with smoother page rendering.

19 of 84 comments (clear)

  1. Bad ads? by Anonymous Coward · · Score: 4, Funny

    So ... all ads then?

  2. And advertisers... by Travelsonic · · Score: 3, Insightful

    will still bitch and moan, because they're too stupid to see that the adblocking is on the rise BECAUSE of their own inability to nderstand the importance of vetting ads, because of their insistance of continually increasing the resource usage, trackking of users, and continually choosing to up annoying-ness of ads... and I don't buy for one second that "oh, they make the ads more annoying because of adblock." Bullshit, ads were this bad well before adblock became popular. I remember browsing the internet in the early 2000s.

    --
    If you believe in privacy, and believe you have "nothing to hide" at the same time, you're a goddammed idiot
  3. "... that doesn't break websites" by Gojira+Shipi-Taro · · Score: 3, Insightful

    Video Autoplay completely breaks websites from a usability standpoint.

    There are zero times I look up an article on a website where I would prefer to watch a video over READING a story. That's AFTER. If I feel I need to.

    --
    "Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
  4. My browser extension list (add-ons) by Futurepower(R) · · Score: 2

    Add-ons Links
    Firefox, WaterFox, and Pale Moon Browsers

    For security: Get add-ons only from the Mozilla.org add-on web pages.

    Visit those links with Firefox. Visiting with the latest version of Pale Moon (27.8.2) shows an error: """This add-on requires a newer version of Firefox (at least version 52.0). You are using Firefox 27.9."
    Pale moon add-ons

    Adblock Latitude For Pale Moon browser only. Blocks display of ads. "Adblock Latitude is a direct fork of Adblock Plus made specifically for the Pale Moon browser."

    BetterPrivacy Removed by the author. Deletes Local Shared Objects, LSOs. LSOs are files placed on your computer by the Adobe Systems Flash plug-in. Use of Adobe Flash allows web sites to track you, permanently even though your browser is configured to delete the files known as "Cookies" after each re-starting of your operating system.

    CanvasBiocker Prevents websites from using the Javascript <canvas> API to fingerprint them.

    Classic Theme Restorer Quoting 3 paragraphs:

    "This add-on will stop working when Firefox 57 arrives in November 2017."

    "This add-on will stop working when Firefox 57 arrives in November 2017 and Mozilla drops support for XUL / XPCOM / legacy add-ons. It should still work on Firefox 52 ESR until ESR moves to Firefox 59 ESR in 2018 (~Q2)".

    "There is no 'please port it' or 'please add support for it' this time, because the entire add-on eco system changes and the technology behind this kind of add-on gets dropped without replacement."

    Cookies Manager+

    Disconnect Updates to Pale Moon browser don't install.

    Facebook Blocker Prevents Facebook from following you everywhere there are Facebook "Like" buttons.

    Firebug "Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page..." Firebug development page.

    FlashStopper Stops video autoplay and shows a preview thumbnail. On Sept. 9, 2017 does not work with YouTube because it prevents reading comments; there is a working version in the development branch.

    Ghostery I don't know if Ghostery still sells data: Ghostery sells data it collects. (Business Insider, Jun 18, 2013) Ghostery web site. See the article, Ghostery is Acquired by Cliqz! (Feb 15, 2017)

    HTTPS Everywhere Doesn't install in Pale Moon. Encrypts traffic by using HTTPS encryption rather than HTTP wherever web sites accept HTTPS. See How to Protect You

    1. Re:My browser extension list (add-ons) by theweatherelectric · · Score: 2

      LSOs are files placed on your computer by the Adobe Systems Flash plug-in.

      The wise thing to do is to not install Flash in the first place. Time's running out for Flash anyhow. Might as well uninstall now.

  5. What other revenue source? by tepples · · Score: 3, Interesting

    Let's say the web were to lose all advertisements tomorrow. What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?

    A. Paywalls on most websites, causing your web searches to result in a lot more clicks on the back button
    B. Shutting down commercial websites in favor of those run on hobbyists' pocket money
    C. Some other option, which you plan to explain

    1. Re:What other revenue source? by reboot246 · · Score: 2

      I really don't mind ads IF they are well-behaved. They shouldn't contain malware at the very least. They shouldn't take up half the damned screen. They shouldn't auto-play if they're video based. There should be a way to close the ad after you've seen it, especially if it's covering content you want to see. They shouldn't constantly change size making the content you're reading jump up and down. And, last but not least, they shouldn't track you.

      Ads have gotten worse and worse over the past few years. They're now annoying as shit, just in-your-face pure crap. Give me some simple ads, preferably small ones, and I'll put up with them.

    2. Re:What other revenue source? by Anonymous Coward · · Score: 2, Insightful

      C. Sites run by special interests offering heavily biased articles designed to push a specific narrative

    3. Re:What other revenue source? by cyn1c77 · · Score: 3, Informative

      Let's say the web were to lose all advertisements tomorrow. What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?

      A. Paywalls on most websites, causing your web searches to result in a lot more clicks on the back button
      B. Shutting down commercial websites in favor of those run on hobbyists' pocket money
      C. Some other option, which you plan to explain

      B. This was the internet before 1999 and it was a great place before everyone else showed up.

    4. Re:What other revenue source? by goose-incarnated · · Score: 3, Interesting

      Let's say the web were to lose all advertisements tomorrow. What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?

      A. Paywalls on most websites, causing your web searches to result in a lot more clicks on the back button B. Shutting down commercial websites in favor of those run on hobbyists' pocket money C. Some other option, which you plan to explain

      HOSTING:Hosting a website with almost all text-based content like /. is possible on the $5/m droplet from digital ocean. I'd be surprised if this site needs more than a 100GB of storage for its archive. A less popular site with less history should do fine on a 25GB droplet. If a site's owner cannot afford $5/m, then maybe they shouldn't host the site. If more processing power is required you can selectively spin up more VMs.

      The reason for the high hosting costs is due to the serving of ads - you need a fancy backend that auctions each user for ad delivery, you need to use ad-delivery frameworks written in cycle-wasting interpreted languages, you need to provide unnecessary images just so that you have at least some images that aren't ads, you need to use a client-side framework that is compatible with the ad network, your backend needs to talk to some tracking site for users, you need facebook, twitter, G+ integration .... for ad purposes.

      Take the ads away and your need for space and complexity goes away.

      CONTENT:You don't need full-time staff to generate content for the sites I read. In fact, the best quality content is user generated content not full-time writer content. I'd rather read a forum for comparative shopping when looking for a new car/computer/sewing-machine than a clickbait "Ten Things You Need To Know When Buying A New Car (#4 Will Shock You!)". All the most popular sites on the internet, the most visited, are the ones with user-generated content. If the site has a few hundred thousand users on some stable forum software you don't need *any* full-time staff. A few part-timers will keep things going. If you have more than a few million registered users, a 1% donation-rate of $1 per month will let you have *ONE* fulltime staff, and that person should ideally be ensuring that everything continues running.

      You only need full-time staff for generating content when that content is worthless. When you need to generate "content" that pushes some particular political view, you need to pay people to write those views. When you generate content about the top 5 document editing tools, you'll need to *PAY* people to generate that content. When you need to generate content about stripping and reassembling a Chevy V8, people will (and already have) generate that content for you. How to do $FOO? Yeah, experts have chimed in on some forum somewhere already.

      Frankly, the only reason it costs to run a site is because ads have driven up the costs. Sure, ads bring in (say) $10000/m, but you're essentially spending more than that just to support the fact that you want to run ads.

      Taking away ads and ad-supported sites will, ironically, leave us with better content. The ads arms race has resulted in every second site needing to use clickbait links and ads just to keep the users they have, because then they can advertise to those users.

      I will not miss the demise of ad-supported sites. Only advertisers will.

      --
      I'm a minority race. Save your vitriol for white people.
  6. Re:block autoplay videos right now by Anonymous Coward · · Score: 3, Informative

    Unfortunately, this breaks manually playing video on some major video sites so it's not a great option. That's why we're re-working it in 2018 so you can have auto-play blocked but still be able to play by pressing the play button manually (which as I said doesn't work on some sites today.)

  7. How about giving me back by rsilvergun · · Score: 3

    my plugin support. I don't recall plugins being much of a vector for viruses except for the occasional one that got sold off to spamers, and none of the chnages to the plugin APIs solve that problem. You can still call out to exes, it's just a big pain in the rear now.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
    1. Re:How about giving me back by NettiWelho · · Score: 2

      What plugins are you missing?

      Session Manager; Theres ABSOLUTELY NOTHING among the new plugins that does anything with utility this thing does.

  8. Comprehensive metered connection strategy by grasshoppa · · Score: 2

    I'd like some browser maker, any really, to come up with a browser profile which allows for use of the web in a metered connection. There are times when all i have access to is my mobile hotspot, and I pay per gig, so I'd really like to be able to flip a switch and have things like the disabling of multi-media downloads and pictures over Xkb.

    --
    Mod me down with all of your hatred and your journey towards the dark side will be complete!
  9. What use for profiles other than ads? by tepples · · Score: 2

    They already make shady money off of profiling people through all sorts of tracking methods.

    They can just use that

    What use is there for such profiles if they cannot be used to improve specificity of an advertisement campaign?

  10. Having to hire an ad sales team by tepples · · Score: 2

    They shouldn't auto-play if they're video based.

    Exactly. Such an ad will pause on the first frame and cover up the page until the user clicks to start the ad playing and waits for the ad to finish playing. This is a prestitial, and Chrome would likely automatically block it because countdown prestitials before a non-video payload violate the Better Ads Standards, but a publisher* can deploy anti-adblock to send more people to the back button.

    And, last but not least, they shouldn't track you.

    In order for an ad not to track the viewer across websites, it would have to be hosted by the publisher, as opposed to going through an ad network or ad exchange. Sites that have adopted this more print-like model include Daring Fireball and Read the Docs. But for sites with less reach or less homogeneous readership than those two, how is a publisher supposed to find willing advertisers without having to hire an in-house ad sales team?

    * In adtech jargon, a "publisher" is the operator of a website that carries advertisements.

  11. Subscriptions are usually per-site by tepples · · Score: 4, Insightful

    What replacement for the lost revenue would you prefer as a way to cover the cost of writing and hosting the articles that you read?

    A. Paywalls on most websites, causing your web searches to result in a lot more clicks on the back button

    I wouldn't mind A since that would mean we're going to be treated as customers instead of as products and search engines/browser extensions would adapt to it

    How many pages on The Wall Street Journal can I read with a subscription to The New York Times? Zero.

    Let's assume that over the course of a month, you read two articles on each of 20 different pay sites, each of which demands (say) $5 for a 30-day subscription or $5 for 150 page views. How many people would be willing to pay $100 per month only for most of the subscription to go to waste?

  12. Re:Doesn't block CSS MJPEG by sheramil · · Score: 2

    That's the Muybridge Horse. NOTHING can stop the Muybridge horse, not even death.

  13. From the people who disabled the ESC key. by TheRealHocusLocus · · Score: 2

    Bring back the goddamned ESC key. Until a user can hit hyper pages like Yahoo News with a tranquilizer dart that delivers a static page that can be scrolled and read until the user hits the end or hovers over something... it will not be complete. It should cancel Javascript time triggers also, something addons cannot presently do far as I know.

    Sorry, you cannot have access to the content you can plainly see in the window because an oversold cloud appliance or gobblegook DNS abuse tactic is failing to respond.

    cite "Without getting into too much technical details, pressing the Esc key can cause major problems for sites that use Web Apps that are coded in Ajax or use jQuerry. With the growing popularity and number of web apps came a great number of users accidentally hitting the escape key. So effective with Firefox 20 the Esc key will no longer stop anything, it simply won't do anything.

    cite bug 614304, comment showing consensus "Yeah, I think we should remove this "feature". Having a key to abort network requests seems like an expert feature that at least shouldn't be enabled by default. IMHO it should ideally be removed completely. People can always write an extension to re-add it if desired."

    So instead of forcing XMLHttpRequest/WebSocket/Ajax developers to directly address the situation of sudden lost network connectivity... which is a general design issue and might have been solved by now... it was decided that the unwashed masses should lose control of their browsers, forever. There's always yanking the wall plug, until Mozilla addresses that problem at some future date.

    </S> humor, kinda. I love Firefox even though I'm frozen at an undisclosed earlier version.

    --
    <blink>down the rabbit hole</blink>