←back to thread

1318 points xvector | 7 comments | | HN request time: 0.783s | source | bottom
Show context
rmbryan ◴[] No.19825581[source]
Update: We have rolled out a partial fix for this issue. We generated a new intermediate certificate with the same name/key but an updated validity window and pushed it out to users via Normandy (this should be most users). Users who have Normandy on should see their add-ons start working over the next few hours. We are continuing to work on packaging up the new certificate for users who have Normandy disabled.
replies(20): >>19825596 #>>19825603 #>>19825612 #>>19825623 #>>19825631 #>>19825665 #>>19825705 #>>19825721 #>>19825744 #>>19825813 #>>19825905 #>>19825998 #>>19826421 #>>19826769 #>>19826772 #>>19826878 #>>19827050 #>>19829585 #>>19831941 #>>19840386 #
inferiorhuman ◴[] No.19825665[source]
pushed it out to users via Normandy (this should be most users)

Is the existence of a back door method of updating Firefox preferences something that will be disclosed to users? What about a UI knob to disable it?

replies(6): >>19825685 #>>19825686 #>>19825716 #>>19825995 #>>19826440 #>>19826786 #
1. oldjokes ◴[] No.19826786[source]
I have spent ~10 years using Firefox daily, tweaking the config and getting the addons set up the way I want. I was a professional web developer for most of those years.

This is the first I have heard of Firefox changing my config settings invisibly in the background. This is obscene. Who on earth thought this was a good idea? The security ramifications are limitless.

I understand all too well that most companies have decided to start A/B testing things on subsets of users, but that doesn't mean you should force that mode of thinking into everything. What a horrible decision. I don't recall ever seeing any news or notifications or checkboxes about studies or "Normandy" at any point.

Are there some other good open source alternatives to Firefox? I remember hearing about Brave but also that it was tied into some cryptocoin nonsense, so I'm not sure what else to look at.

replies(2): >>19826830 #>>19826939 #
2. syshum ◴[] No.19826830[source]
>>This is the first I have heard of Firefox changing my config settings invisibly in the background.

you must not have been paying attention the last 3 or so years

Mozilla is doing all kinds of, IMO, unethical things with FireFox that goes against the core value of the mission statement of the Mozilla Foundation.

They are too busy trying to replicate Chrome to care about privacy, security, or basic user rights

replies(1): >>19826929 #
3. oldjokes ◴[] No.19826929[source]
I read all about the DRM stuff but I figured that was just the awful standards boards being awful standards boards.

I didn't realize what a true mess Mozilla had become.

replies(1): >>19826961 #
4. jammygit ◴[] No.19826939[source]
The way that Firefox needs 5-10 privacy extensions to be usable isn't just inconvenient when the certs fail, but you also have to trust all these strangers and their extension code.

I've been using brave because of that: all of that is baked in so my only extension is my password manager

replies(2): >>19827208 #>>19827762 #
5. syshum ◴[] No.19826961{3}[source]
Not just DRM

Looking Glass, Pocket, Banning Plugins based on Political ideology, Backdoors like Normandy, and the STUDIES system, their creation of what amounts to Mozilla version of the Ministry of Truth, Their partnership with Cloudflare to send everyone's DNS to Cloudfare over HTTP, and whole host of other things

6. _Codemonkeyism ◴[] No.19827208[source]
Exactly the same here, Brave + a password manager after 25y of Firefox/Netscape/Mosaic.
7. julian-klode ◴[] No.19827762[source]
So why do you use a browser made by an ad company, that is all about analysing your browser history and targetting ads at you?