Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Will Run Two Experiments This Month With Firefox To Explore Ways To Fight Push Notification Permission Spam (zdnet.com)

Posted by msmash on from the bigger-fight dept.

Mozilla said this week that it intends to run two experiments over the course of this month to determine the most adequate way of dealing with push notification spam, a growing problem that is slowly deteriorating the web experience for everyone. From a report: The experiments will run in Firefox Nightly (v68) and Firefox Beta (v67). The Firefox Nightly experiment will run from April 1 to April 29. During this time, Mozilla said Firefox Nightly would only allow websites to show a push notification permission only after the user has clicked or pressed a key while on a website. All attempts to show a push notification permission request before a click or key press will be blocked by default. [...] In the last two weeks of the experiment, Firefox will show an icon in the URL bar, but with no visible popup on the page. Users can click this icon and accept any push notification permission requests if they wish so. Further reading: Mozilla and Scroll Partner To Test Alternative Funding Models for the Web.

16 of 98 comments (clear)

  1. Solution by Rockoon · · Score: 4, Insightful

    Stop allowing websites to pop up anything, every. Seriously. For fuck sakes.

    Why is this hard to understand?

    --
    "His name was James Damore."
    1. Re:Solution by nmb3000 · · Score: 4, Insightful

      Stop allowing websites to pop up anything, every. Seriously. For fuck sakes.

      Why is this hard to understand?

      I have to assume it's because everyone working on the HTML5 stuff is too young to have learned anything from the first time around. In a lot of ways HTML5 is just version 2 of alert(), confirm(), and the embed tag. Throw in a little blink and marquee for good measure (and don't forget object and applet with WebAssembly).

      It turns out that most of these were just abused a lot more than they were used for anything worthwhile. Is anyone surprised that HTML5's allow-by-default or ask-by-default notifications, video, location, camera, microphone, canvas, etc are being abused in the same ways, by the same actors? Only the 20-somethings writing the specs, I guess.

      --
      "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
      /)
    2. Re:Solution by wierd_w · · Score: 2

      It's a novel concept:

      You already use persistent session cookies, for a raft of purposes.
      Combine a session cookie with a browser generated key pair, that gets created when a user clicks on a button on the loaded page.

      Require an actual mouse hover, and actual click. (No automatic bullshit.)

      Name the button something like "I would like notifications". Once pushed, the browser generates a signature which gets attached to the session cookie. The webpage can then check for the cookie, the browser can check the signature, and then the dynamic content can proceed-- You either get the notifications, or you dont (and get the button on the page.)

      The constant "FOO.COM wants to send notifications!" from EVERY GOD DAMN SITE is annoying as fucking hell. No, If I want you to send me notifications, I will let you know. Stop asking me like that. You dont have t be a douche like with the "We need cookies Yo" notifications, since you DO NOT actually NEED to send notifications for your site to work as intended, which is very different from cookie use-- so a simple "Notify me of new content" or similar checkbox or option for the site, with signature enforcement through the browser, would work great, and not be intrusive or abusive.

  2. Re:You can turn them off by Luthair · · Score: 5, Insightful

    Because its not a good experience if every single website you go to shows an asked for popup about showing you notifications, asking your location, etc. etc..

  3. No problems here by renegade600 · · Score: 3, Insightful

    I don't have too much of a problem with push notifications, it is those videos I want stopped. some you have to wait for it to download before you can do anything with it, some you have to look for on a page because you hear it and not see it, some blocks what you are trying to read because it won't close.

    Then there are those sites that constantly bomb you with their subscription popups. how about stopping those too. maybe if they stop the notification ones, it will stop those.

  4. Take 'push' notifications out of the browser by BitZtream · · Score: 3, Insightful

    Problem solved. See how simple that was? Do you need notifications in your browser: No, not unless you're trying to use a browser as an application engine, which is your first mistake; Everything after that is just more calamity.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    1. Re:Take 'push' notifications out of the browser by JackieBrown · · Score: 2

      I can think of a few reasons - calendar reminders and email notifications

    2. Re:Take 'push' notifications out of the browser by tepples · · Score: 2

      Then use a callendar program and an email program.

      And if your favorite calendar program and email program are not available for a given platform, or if you lack permission to install an application on your work computer, just do without.

  5. Re:Firefox by jfdavis668 · · Score: 2

    I've never had Firefox nag. It just updates.

  6. Firefox should have pushed a notification by jfdavis668 · · Score: 2

    To inform us about this change. Man, talk about getting blindsided.

  7. Re:We need to stop the HTML5 madness by jfdavis668 · · Score: 5, Interesting

    A comment about Chrome clones in response to one of the only browsers that doesn't use the chromium blink engine.

  8. Problem solved ... by fahrbot-bot · · Score: 4, Informative

    Add these to your "user.js" file:

    user_pref("dom.push.enabled", false);
    user_pref("dom.webnotifications.enabled", false);

    Optionally these too (may be redundant with above):

    user_pref("dom.push.alwaysConnect", false);
    user_pref("dom.push.connection.enabled", false);
    user_pref("dom.webnotifications.serviceworker.enabled", false);

    --
    It must have been something you assimilated. . . .
    1. Re:Problem solved ... by fahrbot-bot · · Score: 2

      user.js what? Is that how you give tech advice? Just tell people to go to settings, click notifications, and click disable new notification requests.

      I mean shit user.js? Why not ask people to download the source and patch out the code and recompile while you're at it? Or use a hex editor to patch the binary exe like the good old days of bypassing DRM?

      These settings actually disable the push and web notifications altogether rather than just stopping the confirmation prompts.

      As for using "user.js" file... This is pretty common knowledge, but ... Firefox stores its per-user configuration settings ("about:config" and the various Option settings) for that user's Firefox profile folder in a text-type file named "prefs.js" (see prefs.js) and these names/values are updated whenever Firefox exits. These settings can be overridden and permanently set by placing similar entries in a text-type file in that folder named, "user.js" (see: user.js. Any names/values specified in this file will get reset for that user every time Firefox starts -- and many, many users utilize this to ensure they or Firefox don't re-enable something.

      As for your commentary about downloading, patching and recompiling the source or patching the executable with a hex editor (which I have actually done before) -- stop being a dick. :-)

      --
      It must have been something you assimilated. . . .
  9. Irony by habig · · Score: 2

    TFA pops up "Will you all www.zdnet.com to send notifications?" in an article about how the things are so hateful Firefox is rolling out a way to stop them. While they can be easily ignored, I've never once clicked "yes" and can't imagine doing so. Stopping them is a feature I'd enable.

  10. Compliance through Annoyance and Irritation by quag7 · · Score: 3

    I want to see web sites stop popping up their crappy interstitial pages I have to click through to get to contact, almost all of which implore me to subscribe to their stupid e-mail lists (not happening, ever, specifically because of how they pushed).

    I want to see websites stop forcing me through "OMG LOOK AT ALL OUR NEW FEATURES" slides every time I log in.

    Put a lil.

    A lil.

    Flashing thing on the side or something. But get the fuck out of my face.

    ALL autoplay bullshit must end (fuck you cnn.com. I mean fuck you for about a hundred other reasons but especially fuck you for that.)

    The sheer number of browser extensions I install to try to protect what is left of my privacy and stop apeshit web developers from engaging in screen bukkake has become absurd.

    This is not what the Web was supposed to be.

    And *yes*, I would be fine with about 2/3rds of the damn Web collapsing for want of ad revenue if what was left was clean and user-friendly. I have reached that point.

    I'M MAD PEOPLE.

    A CRAZY, MAD, WILD-EYED, BIG-BOTTOMED ANARCHIST.

    I WAS HERE EARLY AND YOU WILL HEAR ME.

    (they will not hear me. no need to point that out.)

  11. Re:You can turn them off by Solandri · · Score: 2

    Ironically, the biggest annoyance I've had lately is due to the EU GDPR ostensibly created to protect your privacy. About 80% of the websites I go to now have a GDPR pop-up I have to click through before I can read the content. If I browse in private/incognito mode, cookies are not retained so I get this pop-up every time I visit the site, which is rather annoying. If I browse in normal mode and agree that I have been informed of the site's privacy policy as per GDPR requirements, it writes a cookie to my browser telling the site not to show the notice again. And the cumulative sum of all those GDPR notification cookies makes my browser uniquely identifiable thus destroying my privacy. Catch-22.