You can find all of these videos as written articles, plus some extra content, at https://thelibre.news/ You can the channel grow by donating to the following platforms: Paypal: https://paypal.me/ni…
I fucked up and used their password manager for years. Now I’m going through and deleting old accounts I forgot about and saving passwords into keepass and i’ll use syncthing between phone, laptop, and pc and probably backup to a private/paid cloud provider. I need to transfer accounts away from gmail as well.
Bitwarden is the way
How do I know i can trust them?
They hold some of the hardest to aquire security certifications in the industry, both server and client are open source, and they regularly undergo and post the results of external third party audits.
Out of all password managers they are by far the most trustworthy
You can always self host or audit the code yourself.
Firefox routinely ignores it’s users wants & needs. The CEO is paid way too much. Take $5 million away from his annual salary to pay developers to create the best browser there ever was.
Her* salary.
100% agreed
Mozilla is not selling your data, yet, but they have removed their pledge to never sell data.
It’s an intentional gradual change, and they’re playing a sleight of hand trick getting you to talk about whether they actually are selling data right now rather than the canary dying.
If what they have been doing for a while, is now legally “selling your data” in California they just cannot state “we will never sell your data”, as the definition of what is meant by “selling data” exactly is not the same everywhere…
They should not have deleted that statement and just clarify it instead of their absolutely messy changes…
Of course you can craft a lm EULA that makes clear their never sell your data. If they want to…
I am fed up. If google does something; google baaaaaaad, if Mozilla does something: poooor Mozilla.
Maybe you want to hold both to the same standards? Yes?
Actually no, I don’t want to hold both to the same standard. Google is a for profit company. I expect them to do shady shit. I expect more out of Mozilla. Doesn’t mean that they screwed this up the way the media says they did. They screwed up the communication big time
Just being non-profit doesn’t mean an org won’t do shady stuff.
Yeh, I have higher standards for Mozilla, but I’m also more willing to trust them if they say they are making it right.
I trust and expect very little good from Google, other than convenience.A company that is able to pay 20 millions a year to a ceo is for profit. Change my mind
The company itself is not for profit. The CEO gets payed way too much, but a for-profit company would return money to the owners (mostly shareholders/investors), which Mozilla is not
Before continuing, I want to specify that I’m agreeing with you but clarifying the situation because there is a business interest involved here.
The Mozilla Foundation is a non-profit with several wholly-owned, for-profit business subsidiaries, most notably the Mozilla Corporation. The Corporation markets and distributes several Mozilla products, including the Firefox browser, as well as its other commercial ventures like Pocket. The corporate subsidiaries’ profits do get returned to the owner of those businesses, which is the Foundation.
That is a very American definition of for profit.
Here in Germany, a non-profit is not allowed to do any profit. They are allowed to cover their costs, that’s it. (Of course it is more complicated but that is the essence).
For years and years, Mozilla is doing shady stuff.
Let’s for example look the way how they enabled DoH. Or their decision to let themselves pay by google for making google the default search engine. Or now, spinning up their own ad network.
And on the other hand, if google does something like their new ad auction stuff (that is run completely in your browser and the api is open btw) than there are only bad intentions, according to some folks.
If we keep argumenting this way, Mozilla will make itself the very thing we hate, and we are loosing a very important alternative to chrome
So, now, I am not willing to give them any more slag. They have to change
Google the company only has bad intentions, despite what many working for Google might want to achieve. It’s proven time and time again that it couldn’t care less about anything other than profit, and if you don’t think profit over everything isn’t nefarious, then we just disagree.
That said, I agree with everything else you said.
Here in Germany, a non-profit is not allowed to do any profit
That is just not true… You are not allowed to pay your profits to anyone, but investing it or building reserves is absolutely permitted and a really important thing to do especially if you’re dependent on donations…
So, now, I am not willing to give them any more slag. They have to change
I agree, but that will never make me use Chrome or any Chromium based browser. Like probably a lot of people here I do not use vanilla Firefox, but rather LibreWolf and the like
I’m more upset about the addition of terms of service to the browser itself, rather than upon activating optional hosted services.
A browser running on my computer does not result in its creator providing services, and does not need me to grant them a license to any data. The addition of such a license gives them the option to cause the browser to send Mozilla data I did not intend to send to Mozilla.
If folks are still this confused about the new changes, maybe Mozilla is still doing something wrong with their communication.
I’m still confused about why a tool would need a tos when it has freedom zero.
Otherwise great lies from them.
Nah. Those of us who tried explaning legalese here the last few days have been heavily downvoted.
Maybe sometimes people really just need to chill and accept that their gut feelings aren’t facts.
If by explaining you mean hand waving and saying it’s fine because it’s in legal jargon instead of plain English then sure, you did a great job of explaining 👍
https://fedia.io/m/privacy@lemmy.world/t/1853068/-/comment/9571333
… yeah, maybe that’s not the only post I made on the subject?
You should not need legal people explaining the change of mission statements or FAQs… Imo Mozilla just really sucks at PR (it not just this time)
Well, it’s not exactly made easy when folks wade through the commit history and drag something out into the public before it’s properly announced. I certainly do not want Mozilla to move development behind closed doors, just so their PR looks better.
Welcome to Lemmy, where not being outraged by every single thing is against the rules!
(you should also listen to the people with knowledge, which are the legal people in this instance)
I am not hearing anything.
Mozilla is NOT SELLING your DATA, but they are collecting it and sharing it with select partners in order to “stay comercially viable”.
They’re not claiming a right to sell data right now, but they have removed the promise to not sell data.
That promise is a canary statement. When the canary dies it’s an indication of something, usually that it’s time to stop using the product/service.
More specifically, they aren’t claiming the right to sell data however they want. However, they do have to follow all legal requests, and they can bill for this provision. If a government compells them to sell they have to oblige.
Right, that’s the claim I saw from the Foundation over the weekend (yesterday?) - “selling data” is SUCH a nebulous legal concept that’s different in many jurisdictions that it’s borderline impossible to keep that language anymore.
…I’m not sure how completely I buy that, but I can see where they’re coming from. I hope that the Mozilla Foundation will clarify what data is being harvested and sold to whom, but I’ve studied enough history to know that transparency fading isn’t a good sign.
Yeah I mean I feel like they’re just being overly cautious here (as lawyers often are) when in fact there is no real precedent to support that position. The law perhaps could be interpreted to stretch the definition of sale broadly, but in practice it isn’t right now.
Frankly, I find it offensive that businesses would choose to pass that minute risk onto the customer by weakening consumer rights.
In an aggregated and anonymized manner
I would replace that “aggregated and anonymized” with an and/or, as that is consistent with the language in Mozilla’s privacy policy. The distinction is fairly important because de-anonymizing user data is a practice of its own and exactly what it sounds like.
Now, is the data which Mozilla “shares with” (sells to) its partners anonymized reliably enough that the identity of the person it relates to can never be rediscovered? Granting Mozilla the benefit of the doubt, if it is sufficiently anonymous today, could future developments lead to de-anonymization of that data at a later date? This could include leaks, cyber-attacks directed at Mozilla, AI-assisted statistical analysis of bulk data, etc.
In an aggregated and anonymized manner
Phew, what a relief, that puts my concerns about powerful actors abusing that aggregated data fully to rest!
Just like Google
I mean apparently according to California they might be?
I don’t think that’s the case. This article says that an overly generalised definition of “sale” was proposed in California law, but that language was removed before the law came into effect.
Instead of quibbling over the exact demarcation of selling data, they should stop whatever it is they are doing that could possibly be construed that way. Really, why are they even collecting the data? They have to collect it before they can sell it, and they shouldn’t collect it in the first place.
Then there is that TOU gives an insane picture of what they think their role is when you use a browser. I don’t feel like finding and pasting the words, but really their role in the process is they supply the browser and you use it. They should acknowledge that instead of pretending otherwise.
I think the fault lies in their online stuff. Things like their VPN, Pocket, FF Sync, etc… Also they collect the aggregated and anonymized ad click thing in the new tab page
I think you’re both right here. Mozilla has been hunting for money (to keep the lights on), and in doing so diversified into many things. However, when it has come to light that some of these things are grey or even black towards their morals, the right thing to do is to stop doing it. Instead of keeping their actions in line with their morals, they’re trying to change their morals to maintain their income.
Yeah I can see your point. Especially with Pocket and the adds on the new tab page…
Maybe I glanced over it too much, but as far as I know the problem is this exact line which is still in the law:
by the business to another business or a third party for monetary or other valuable consideration
Context:
“… selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.”
What is this “or other valuable consideration”? Could be anything which makes it very very very very broad
Firstly, “consideration” in this context means payment. It’s standard contract law terminology. What that statement means is that Mozilla can’t give data to a 3rd party in exchange for a payment (money or otherwise) from the 3rd party.
Mozilla should still be able to “share” data with no value exchange, or even pay a 3rd party to process the data in some way. In the latter case, Mozilla would be giving the data freely, on top of a transaction where Mozilla provides consideration in exchange for the 3rd party’s service.
The only way, as I see it, that “valuable considerstion” towards Mozilla would occur is if the 3rd party were to give a discount on their service in exchange for the right to exploit the data. Or if Mozilla otherwise straight up sold the data.
Consideration does not have to just mean monetary payment
I don’t think I said that? Consideration is any kind of payment, money or otherwise. The terminology of the law also says this, “monetary or other value consideration”. A discount is not really giving money to someone, but it may be valuable consideration (if it is part of a broader deal - a shop shelf discount usually isn’t).
It’s the first sentence on your post
Consideration does not have to just mean monetary payment
Your statement implies there are other forms of payment than monetary.
Firstly, “consideration” in this context means payment.
My statement did not state monetary payments only, just payment generally. I clarified 2 sentences later with “in exchange for a payment (money or otherwise)”. The point I’m making is that “consideration” is a payment in return for something else, and that payment can either be money or any other valuable item or service.
As I have no legal clue this is my source: https://www.youtube.com/watch?v=-8bTquKjzos&t=151s
Ahh good ol Rossmann lol. I love him but I hate watching his videos, he goes far too ranty and repeats himself, it becomes hard to extract the real points.
Case in point, the video at your timestamp starts with an After-Before-Whatever rant before getting into any of the meat XD
I think everyone is really missing the points here. It isn’t just bad PR, it’s so bad that it can only be intentional. They didn’t just claim rights and put them back, they removed their pledges to not sell data. The conversation isn’t focused on the net result, the loss of the pledge, it’s diluted elsewhere.
Maybe they’re selling data to governments under law? I’m sure they already have terminology that permits them to do things legally required of them (so they don’t need you to give them further rights), and the general process for the tech industry is to protest against such government interference up until the point a contract is negotiated where the government pays for access. In fact, I think this is generally what’s happened with other businesses when their canary statements have gone away, as was revealed in the Snowden leaks.
he goes far too ranty and repeats himself, it becomes hard to extract the real points.
I think it holds entertainment value, but if you want to watch the video for informational purposes, yeah I agree :D
The conversation isn’t focused on the net result, the loss of the pledge, it’s focused elsewhere.
I stated my opinion about the statement here:
They should not have deleted that statement and just clarify it instead of their absolutely messy changes…
So like expand on it instead of deleting it…
Maybe it is kinda the same as when Google decided to get rid of the “don’t be evil” statement…
Maybe it is kinda the same as when Google decided to get rid of the “don’t be evil” statement…
That was exactly what I was thinking of. Although I think there were even better examples with proper canary statements going away in line with the business’ alleged joining of the PRISM program.
As far as I understand it, yes possibly… But if their definition is very weird to me… I now watched 2 30 minute long videos about it and still don’t understand what the problem is exactly…
What I did get though is that they majorly screwed up their PR
I’ve only just started looking into this, but I think it’s all fluff. The claim is that any sharing of data could be considered a sale.
This article says that an overly generalised definition of “sale” was proposed in California law, but that language was removed before the law came into effect. The CCPA webpage also frequently talks about opting out of “sale or sharing”, implying those two are different concepts. Thus Mozilla should be able to share data as needed to perform user-driven functions, while still retaining the pledge not to sell user data.
There could also be more nuance in this. Perhaps Mozilla is concerned about liability based on third party actions - if they share with a 3rd party to perform a service, but that 3rd party doesn’t follow the privacy terms, then Mozilla has an increased risk of litigation.
I haven’t started digging into the actual law itself yet, but the cynic in me wonders if organisations and their lawyers are looking to use this misunderstood news story as an excuse to weaken the privacy rights language. And the effect here is more significant to the user than the mild reduction in risk for Mozilla.
Maybe you’re right. I have not digged into it myself a lot, just watched a few videos. BUT I think the CCPA makes the selling of anonymized and not personally identifying data still count as “selling your data” even though you cannot be identified by it. As far as I understand it they are not doing anything new, but just reacting to a changing legal landscape. I might be wrong about it, but I don’t want to believe that the only FOSS browser enshittifies…
And as a friend of mine often states “don’t assume it’s malice if something can be explained by stupidity”
Basically California thinks that if you receive something of value in return for sharing data that that is considered selling data
Yes exactly. And that is entirely right and proper.
Nothing of what Mozilla should be doing meets that definition. Even if they share data with 3rd parties to process it, and even if they pay the 3rd party for that service, they’re not supposed to get something in return for providing the data. But also, providing data in such a manner does not mean they are selling it.
If they are getting something in return for providing the data, be it payment, other services or even simply a discount, then they’re doing something wrong.
Mozilla thinks they are getting something in return( I believe it’s services). I only watched the rossmann video but the Mozilla document he showed lays it out
Cool, I’ll give the video a full watch then. I normally don’t like Rossmann videos because he takes 30 min to say what he could have covered in 5-10.
But yeah, they shouldn’t be doing that. That’s selling of data. If they want to sell my data, that I manufactured by my literal blood, sweat, and tears of being alive, they should pay me for it first.
Could it be e.g. the sponsored tiles on the new tab? If you click those, the sponsor inevitably gets your IP address and thus your approximate location, and Mozilla gets paid.
As far as I know they do not get that. Mozilla aggregates and anonymizes the people that clicked on the sponsored link. Of course Amazon knows when you request their site, but they do not know that you clicked it from the sponsored link (as far as I know)
Yeah I meant the latter - you visit the Amazon website, and then your IP address is shared with them. I have no idea how broad these legal clauses are, and it could be that there’s a need to (legally) guard against even that.
Well that is just the basis of browsing the web… If you don’t want to share your IP you have to proxy your traffic though some other server like a VPN for example…
Yes, but we’re talking legalese here, not common sense, so I don’t want to make any assumptions 😅
yet
I’ve already chose alternatives, you fucked yourself firefox. Ios = Snowhaze, linux mint os = pale moon, and windows = waterfox.
Does water fox allow extensions?
