Th-thank you, Firefox.
thank_you_firefox.png
thank_you_firefox.png
Timeline
Post
Remote status
@judgedread Oh, no, it definitely did, but it doesn't have to be explicit: you just make golden parachute offers to some key employees and leave the idiots and what happened to Mozilla happens on its own.
Anyway, they were going to to destroy Firefox anyway. If you were on the bug-tracker around the 3.4/3.6 days, they were already not trying very hard to actually get anywhere but farther up their own asses. People started talking about Google's browser and Mozilla employees tut-tutted and that's-nice'd and then deprecated features that everyone was using.
Anyway, they were going to to destroy Firefox anyway. If you were on the bug-tracker around the 3.4/3.6 days, they were already not trying very hard to actually get anywhere but farther up their own asses. People started talking about Google's browser and Mozilla employees tut-tutted and that's-nice'd and then deprecated features that everyone was using.
Replies
6
@p Also made Firefox part of GOOG's panopticon with their 'safe browsing' 'feature' that sent every domain you visited to GOOG.
Also Firefox eventually banned unapproved third party plugins.
Also Firefox eventually banned unapproved third party plugins.
@judgedread
> Also made Firefox part of GOOG's panopticon with their 'safe browsing' 'feature' that sent every domain you visited to GOOG.
about:telemetry being massively creepy and invasive, Mozilla has started quietly shoving things into other facilities, and of course the "Glean SDK" uses Firebase, which is owned by Google. Turning off telemetry causes a ping. I replaced a lot of URLs in the browser config with URLs on servers I run and of course those things get inundated even if I have everything "disabled".
I read the theories about the Liberty, right, and I think the plausible one was that, because the USSR had cracked the code the Liberty was using and Israel didn't want their troop movements sent to the Soviets (who would then send them to the Egyptians and Syrians), they dropped bombs on the ship rather than tell us that they had cracked the US comms *and* the Soviet comms and this is how they knew the Soviets had cracked the US comms.
Then, you know, we've got a mountain of goddamn machines and the NSA just does forensic cracking: the reason for the massive datacenter under the desert is that they just dump *everything* and then figure out what they need to crack after the fact. (It's maybe not a coincidence that Bitcoin became lucrative around the time they built that: mining is literally hashbreaking, and suddenly large numbers of private citizens were buying specialized hashbreaking hardware and manufacturers sprung up and raced to the bottom.) Now, they've got the datacenter positioned right on the backbone, so it's a unique position, but BGP is so byzantine that once in a while a packet might circumnavigate the earth to get from your house to the other side of town. Bandwidth cost fluctuates by the millisecond as traffic crosses and uncrosses thresholds that determine pricing tiers and the priority list is SLAs and then cost; intuitive sense or miles traveled are not factors. It's unlikely that more hops means lower cost, it's rare, but it can happen. It can happen especially easily if a state actor is doing the same thing as the NSA and subsidizes domestic ISPs' extra traffic for limited durations, and the backbone's routers respond in real-time. BGP bugs have set billing rate to zero, or a magnitude too low, and there's a giant sucking sound (FSE has no Perot emoji) and the company acting as a landlord for photons is promptly swamped with way too many photons; you wonder how often that's actually a mistake. A bug in a massive ISP's implementation of a protocol that qualifies as magic even to a lot of network engineers, a protocol that even a lot of professional engineers have never even heard of and that you couldn't properly explain to a normie, almost anything you do would escape the view of all but a single-digit number of people: not only is it arcane but the metadata is too large to keep track of and besides the learning curve that filters a lot of hackers, large amounts of it are proprietary information. So you wonder how many glitches are legitimate and how many are closer to "oops, a random fishing boat cut clean through the undersea fiberoptic cable" (a much more crude and obvious form of traffic-shaping).
So, you know, you wonder whether some countries with a fraction of the internet's backbone passing through their jurisdiction are doing the same thing the NSA is doing, though probably at a lower scale, and then you wonder how much of your traffic crosses the Pacific or the Atlantic, all of these stacks of analytics widgets and advertisements anywhere you go, all of the telemetry that Samsung is hoovering up every time someone turns on private browsing to watch Pornhub on their cell phone. Google has Googled their programming language: modules are downloaded from a Google mirror, Google has attempted to put analytics into the compiler; of course Rust has them already, and Microsoft and Apple have them embedded in the compilers, and Larry Ellison had RedHat add telemetry to the C compiler. How many people install applications indiscriminately on their phone and then get beacons forever as the automatic updates change the terms of service for a forgotten piece of software, the new terms implicitly agreed to by "continued use", which doesn't require you to open it or even remember it's on your phone? Apparently enough people install applications *furtively* that Grindr can't be sold to a company outside the US's jurisdiction. Senators and four-star generals out there sending GPS beacons for trysts in the men's room at the airport and you might legitimately wonder if they volunteered the information that Grindr had their kompromat or if the NSA managed to figure it out on their own. TikTok's analytics beacons were geofenced: some locations caused a huge uptick in the amount of data sent back across the Pacific and these locations happened to coincide with some federal buildings. And of course, there is no cell phone readily available for purchase from a company that wasn't part of the PRISM program.
So, you wonder, right, who else has the capacity and how long the NSA keeps their pcap files. It's damn near impossible to actually get Firefox to stop talking to Google, even if you manage to get it to stop talking to Mozilla. Toggling private browsing causes a ping. "Well, of course, we send the domains to Google as a hash! So it's safe." Google, of course, can't possibly remember what value maps to an unsalted hash. They don't have the massive resources that, say, fedilist.com has, which keeps around (and serves up) hashes of all of the domains on fedi: https://fedilist.com/instance/fsebugoutzone.org notes near the bottom that fsebugoutzone.org hashes to 0f9a06b5af2d8980b9757d1bdfea84334bd7ce296a6102d4897cc9553cb3cc77 for SHA-256 (and a couple of other hashes noted).
On the plus side, browsers are slow as shit and running one over VNC in a VM in a different country barely introduces any *more* latency. You don't mind introducing even more latency, you can tunnel the VNC connection through ssh connected via torsocks. ("Oh, I've got a VPN, which means that when the hostile goddamn browser sends my GPS coordinates upstream, they're tunneled through NordVPN!" vs. "I bought this machine with BTC and I don't actually know where it is but that means the browser doesn't know where I am.") If you're worried that the government can (as it has before) correlate your encrypted connections using traffic spikes, that's easy to solve: run a high-volume crawler and some peer-to-peer systems and host a fedi instance out of your house. The cyberpunk dystopia snuck up on us, shit's already crazy but it's gonna get *real* fun, *real* soon.
> Also Firefox eventually banned unapproved third party plugins.
2008: IE at 65%, Firefox at 35%. "Firefox is the hacker's browser!"
2016: Firefox finally passes IE for the first time since the Netscape days...a year after IE is officially abandoned by Microsoft. "Firefox is the...well, we can't really claim to be the best at anything, but you should believe in us, guys!"
2026: Firefox is back to 2008 in the sense that they are again at about half the market share of Microsoft...though now both are way down in the single-digits, with Firefox's 3.6% share closer to Opera's 1.8% than it is to Microsoft Edge's 5.7% share.
> Also made Firefox part of GOOG's panopticon with their 'safe browsing' 'feature' that sent every domain you visited to GOOG.
about:telemetry being massively creepy and invasive, Mozilla has started quietly shoving things into other facilities, and of course the "Glean SDK" uses Firebase, which is owned by Google. Turning off telemetry causes a ping. I replaced a lot of URLs in the browser config with URLs on servers I run and of course those things get inundated even if I have everything "disabled".
I read the theories about the Liberty, right, and I think the plausible one was that, because the USSR had cracked the code the Liberty was using and Israel didn't want their troop movements sent to the Soviets (who would then send them to the Egyptians and Syrians), they dropped bombs on the ship rather than tell us that they had cracked the US comms *and* the Soviet comms and this is how they knew the Soviets had cracked the US comms.
Then, you know, we've got a mountain of goddamn machines and the NSA just does forensic cracking: the reason for the massive datacenter under the desert is that they just dump *everything* and then figure out what they need to crack after the fact. (It's maybe not a coincidence that Bitcoin became lucrative around the time they built that: mining is literally hashbreaking, and suddenly large numbers of private citizens were buying specialized hashbreaking hardware and manufacturers sprung up and raced to the bottom.) Now, they've got the datacenter positioned right on the backbone, so it's a unique position, but BGP is so byzantine that once in a while a packet might circumnavigate the earth to get from your house to the other side of town. Bandwidth cost fluctuates by the millisecond as traffic crosses and uncrosses thresholds that determine pricing tiers and the priority list is SLAs and then cost; intuitive sense or miles traveled are not factors. It's unlikely that more hops means lower cost, it's rare, but it can happen. It can happen especially easily if a state actor is doing the same thing as the NSA and subsidizes domestic ISPs' extra traffic for limited durations, and the backbone's routers respond in real-time. BGP bugs have set billing rate to zero, or a magnitude too low, and there's a giant sucking sound (FSE has no Perot emoji) and the company acting as a landlord for photons is promptly swamped with way too many photons; you wonder how often that's actually a mistake. A bug in a massive ISP's implementation of a protocol that qualifies as magic even to a lot of network engineers, a protocol that even a lot of professional engineers have never even heard of and that you couldn't properly explain to a normie, almost anything you do would escape the view of all but a single-digit number of people: not only is it arcane but the metadata is too large to keep track of and besides the learning curve that filters a lot of hackers, large amounts of it are proprietary information. So you wonder how many glitches are legitimate and how many are closer to "oops, a random fishing boat cut clean through the undersea fiberoptic cable" (a much more crude and obvious form of traffic-shaping).
So, you know, you wonder whether some countries with a fraction of the internet's backbone passing through their jurisdiction are doing the same thing the NSA is doing, though probably at a lower scale, and then you wonder how much of your traffic crosses the Pacific or the Atlantic, all of these stacks of analytics widgets and advertisements anywhere you go, all of the telemetry that Samsung is hoovering up every time someone turns on private browsing to watch Pornhub on their cell phone. Google has Googled their programming language: modules are downloaded from a Google mirror, Google has attempted to put analytics into the compiler; of course Rust has them already, and Microsoft and Apple have them embedded in the compilers, and Larry Ellison had RedHat add telemetry to the C compiler. How many people install applications indiscriminately on their phone and then get beacons forever as the automatic updates change the terms of service for a forgotten piece of software, the new terms implicitly agreed to by "continued use", which doesn't require you to open it or even remember it's on your phone? Apparently enough people install applications *furtively* that Grindr can't be sold to a company outside the US's jurisdiction. Senators and four-star generals out there sending GPS beacons for trysts in the men's room at the airport and you might legitimately wonder if they volunteered the information that Grindr had their kompromat or if the NSA managed to figure it out on their own. TikTok's analytics beacons were geofenced: some locations caused a huge uptick in the amount of data sent back across the Pacific and these locations happened to coincide with some federal buildings. And of course, there is no cell phone readily available for purchase from a company that wasn't part of the PRISM program.
So, you wonder, right, who else has the capacity and how long the NSA keeps their pcap files. It's damn near impossible to actually get Firefox to stop talking to Google, even if you manage to get it to stop talking to Mozilla. Toggling private browsing causes a ping. "Well, of course, we send the domains to Google as a hash! So it's safe." Google, of course, can't possibly remember what value maps to an unsalted hash. They don't have the massive resources that, say, fedilist.com has, which keeps around (and serves up) hashes of all of the domains on fedi: https://fedilist.com/instance/fsebugoutzone.org notes near the bottom that fsebugoutzone.org hashes to 0f9a06b5af2d8980b9757d1bdfea84334bd7ce296a6102d4897cc9553cb3cc77 for SHA-256 (and a couple of other hashes noted).
On the plus side, browsers are slow as shit and running one over VNC in a VM in a different country barely introduces any *more* latency. You don't mind introducing even more latency, you can tunnel the VNC connection through ssh connected via torsocks. ("Oh, I've got a VPN, which means that when the hostile goddamn browser sends my GPS coordinates upstream, they're tunneled through NordVPN!" vs. "I bought this machine with BTC and I don't actually know where it is but that means the browser doesn't know where I am.") If you're worried that the government can (as it has before) correlate your encrypted connections using traffic spikes, that's easy to solve: run a high-volume crawler and some peer-to-peer systems and host a fedi instance out of your house. The cyberpunk dystopia snuck up on us, shit's already crazy but it's gonna get *real* fun, *real* soon.
> Also Firefox eventually banned unapproved third party plugins.
2008: IE at 65%, Firefox at 35%. "Firefox is the hacker's browser!"
2016: Firefox finally passes IE for the first time since the Netscape days...a year after IE is officially abandoned by Microsoft. "Firefox is the...well, we can't really claim to be the best at anything, but you should believe in us, guys!"
2026: Firefox is back to 2008 in the sense that they are again at about half the market share of Microsoft...though now both are way down in the single-digits, with Firefox's 3.6% share closer to Opera's 1.8% than it is to Microsoft Edge's 5.7% share.
@p My opsec is geared to thwart antifa not state actors so I'm good.
Firefox is a case study in the fatal weakness (deliberate) of non-profits.
If you want to protect something you need your own cult.
Firefox is a case study in the fatal weakness (deliberate) of non-profits.
If you want to protect something you need your own cult.
@judgedread
> My opsec is geared to thwart antifa not state actors so I'm good.
I have some fun stories about this. (Haven't seen ACCollective around recently. Wonder why.)
> Firefox is a case study in the fatal weakness (deliberate) of non-profits.
They're a case study in fluoridating municipal water supplies.
> If you want to protect something you need your own cult.
Good morning, dead spacemen.
> My opsec is geared to thwart antifa not state actors so I'm good.
I have some fun stories about this. (Haven't seen ACCollective around recently. Wonder why.)
> Firefox is a case study in the fatal weakness (deliberate) of non-profits.
They're a case study in fluoridating municipal water supplies.
> If you want to protect something you need your own cult.
Good morning, dead spacemen.
@p Spaceman Elon has started one.
@judgedread What the fuck does he need a cult for? He already gets laid.