PSA (?): just got this popup in Firefox when i was on an amazon product page. looked into it a bit because it seemed weird and it turns out if you click the big “yes, try it” button, you agree to mandatory binding arbitration with Fakespot and you waive your right to bring a class action lawsuit against them. this is awesome thank you so much mozilla very cool
https://queer.party/@m04/112872517189786676
So, Mozilla adds an AI review features for products you view using Firefox. Other than being very useless, it’s T&C are as anti-consumer as it possibly can be. It’s like mozilla saying directly “we don’t care about your privacy”.
You must log in or register to comment.
Is this for sure built-in and not some extension? I don’t have it.
its in beta
didn’t the Firefox management say they would focus on their core product rather than random little services like this
Actually I thought there new ceo said they were going to fuck around with AI stuff.
Edit:
At this point, I’m glad I switched to Mull on my phone. It took a bit of overcoming the resistance of using Firefox for decades (Stockholm syndrome), but I don’t miss Firefox one bit.
Now I need to do that on my desktop, but I’m still shopping. Librewolf? Palemoon? Ice Weasel? What are folks here trying out these days?
On Android I am using Waterfox. Still looking for alternatives on desktop.
Mullvad Browser is pretty good on desktop.
Lots of love for librewolf here.
Strong fingerprint resistance breaks a lot of sites so just get used to disabling that on whatever sites.
Isn’t Mull basicslly Firefox since it’s just a Firefox-based fork? The UI seems to be identical to me - don’t notice any other differences on my phone
Yes, it’s Firefox without the bullshit.
It’s ironic that Firefox started the same way, actually.
When Netscape open sourced its browser and then fucked it up, some folks took the source code and built “Phoenix,” much, much later becoming Firefox.
Isn’t Mull basicslly Firefox since it’s just a Firefox-based fork?
I don’t understand why that would be a bad thing. If Firefox starts to enshittify then a fork from before the enshittification is exactly what I want.
It’s not - quite the contrary. I was just wondering what the commenter that I replied to meant when they said that it took them some getting used to. For me, it’s just a slight change in design and a different icon
Yeah but to be fair they bought this years ago. Just took them forever to integrated. I suspect any changes in direction will truly show in 3-4 years, once the current backlog (no don’t look at my company’s Jira, TYVM! 😑 ) is cleared.
They’re trying hard to dump their core users. It’s almost at the point where I won’t be advertising the browser anymore.
“strategic partnerships”
https://support.mozilla.org/en-US/kb/review-checker-review-quality
Protect your privacy
Firefox is committed to empowering you with information about review reliability while respecting your privacy. We use Oblivious HTTP (OHTTP) for Review Checker.
When Review Checker is turned on, we use information about the products you visit on Amazon, Best Buy and Walmart to analyze the reviews, but by using OHTTP we ensure Mozilla cannot link you or your device to the products you have viewed. OHTTP uses encryption and a third party intermediary server to offer a technical guarantee that this is the case: all Mozilla learns from this network request is that someone, somewhere, looked at a given product.
I dislike doublespeak
Here is a talk on OHTTP (OHAI) https://www.youtube.com/watch?v=_HEzpnktAwY
and a OHTTP recap https://www.youtube.com/watch?v=qjLwo4Ufp8s
Basically, if you trust the OHTTP Proxy (mozilla) and the OHTTP service provider (fakespot) to not collude, then OHTTP protects your data.
If you think Mozilla and fakespot might collude, then this doesn’t give you any privacy.
Depends on your threat model.
I don’t trust Mozilla one single bit with my data as long as they have an advertising network enabled by default and use pingback telemetry for ALL actions you do in the browser by default that can only be turned off by changing multiple “hidden”
about:configsettings.Wait, where does it say that Mozilla is the third-party intermediary server?
It doesn’t, but when modeling threats we have to go be capabilities and not intentions.
If we’re going by capabilities, then your browser maker can already see everything you do in that browser.
Mozilla says they use a third-party OHTTP intermediary. In the blog post linked above, they name Fastly as their partner. So it’s not as bad as Mozilla + Mozilla-wearing-funny-glasses.
Personally, I still think this is the wrong approach to privacy, even though I’ve used Fakespot on my own many times over the years. Largely because I don’t think any of this needs to be built into a web browser.
I would prefer my web browser to minimize information leakage by default, to the greatest degree that it can while still remaining useful as a web browser. Mozilla keeps adding bloat to Firefox, and bloat always comes at a cost. I’d much prefer these to be browser extensions that people can download if they want them, rather than built in by default. The baseline Firefox should be lean. Less “stuff” = smaller attack surface. Simplicity is best.
I mean, the Fakespot browser extension has existed for a long time, and I’ve never seriously considered installing it. I’d much rather just take an extra three seconds to load their web site and paste in a URL than have it constantly monitoring my activity and doing god-knows-what with it. That way I have better knowledge and control of what is happening with my data. Even if I trust their intentions, I don’t implicitly trust their competence (all software has bugs) and I don’t trust that they will never go rogue in the future.
And also, I just don’t find this claim all that compelling in principle:
By processing the data jointly across two independent parties, they ensure neither party holds the information required to reveal sensitive information about someone.
I mean…sure. That’s fair. Buuuuuut handing half the data to your “partner” doesn’t give me a whole lot of confidence. Especially since literally nobody reads all of the privacy policies they are subject to. See:
Minimizing privacy policies should be a high-priority goal for any organization that claims to value privacy.
Furthermore, how many additional parties have access (legally or otherwise) to both Mozilla and Fastly? 🤷
i would like to see mozilla making all of these features as full fledged browser extensions (installed by default, sure why not, but uninstallable at user request)
I remember when Firefox was brand new over 20 years ago and one of the reasons for creating it was the main Mozilla browser had too much feature bloat so it was stripped down to just a browser and if you wanted more features you could add them in as extensions, putting just what you wanted in the browser and leaving out what you didn’t. It was great! Eventually Firefox became more popular so Mozilla switched their efforts to it and they’ve been jamming more things that used to be extensions in as features and bloating it full of features I don’t want. It’s one of the reasons I started using Chrome in the early days of Chrome but then of course that and Google started getting worse so I switched back to Firefox, but it still has its problems.
AFAIK this is the result of their acquisition of fakespot.com
Ohh, Good point, so the entire trust model is we are trusting Mozilla not to share data with Mozilla, because if Mozilla colludes with Mozilla then there is no privacy here at all.
What are the right settings to disable that crap via
user.js? I assume this is done via hidden extension, like Pocket.I’m not opposed to the tool itself but they can fuck off with pushing it onto us. If I want to see the newest Firefox features I’ll go the main site and find them.
That won’t do for any even remotely normal user and you know that!
You’re saying that no remotely normal person would ever bother to download Fakespot free of charge if it wasn’t pushed at them through obnoxious in-browser advertising? And how much did Mozilla pay for this thing?
No, I did not say that. As evident by, well, what I wrote there.
No? What was your justification for building big and intrusive ads for Fakespot into Firefox then, if not that nobody would otherwise bother to go looking for it?
My mom would love that feature, and she wouldnt go looking for it.
Also that popup only appears when you click a tiny “shopping tag” icon in the adress bar, and THAT icon only appears on supported websites
Ah well, that’s not so bad as I feared (as an esr and librewolf user I won’t be seeing it for a while) but not so good as it might be. A little notification icon that appears when there’s an update to inform people of such things is traditional and makes more sense to me.
Showing it instead when you visit a particular site unfortunately reminds people likely to be unhappy about it that their web browser now contains features designed specifically for the benefit of a small list of supported web sites.
I’ve used Firefox since it was released. I will be considering other browsers due to this. I do not want AI in my products.
I don’t think AI is what’s wrong here…
Different priorities for different people. The AI is what I really have an issue with right now. I’m sick of it being shoved down everyone’s throats, and I have big ethical concerns about it in general.
Librewolf and Floorp are good Firefox based alternative browsers.
Floorp
Thanks, these look interesting. I’ve been using Firefox forever for my personal browsing (but Edge for work) and I’d prefer to stay with it if I can.
What other browsers? Firefox was the last good one.
Since Firefox is free and open source, there are many other variations of it built and distributed by the community.
IANAL, but I don’t think T&Cs are really legally binding and can be easily fought against in court.
While true, it requires time and money to get a case before the court. Which most people don’t have. If your rights require you to invest your time and money against a much larger adversarial party in court, then it’s not your rights that are being protected in the first place. Right now Big Tech is more worried about us exercising our rights instead of being afraid of trampling on them in the first place.
I hate the anti-pattern of “Not Now”. How about “No”?
Best I can do is accepting three options: “Yes,” “No,” and “Remind me later.”
“Not now” or “No, I don’t want this awesome feature” bullshit infuriates me.
Yeah, corporate dark patterns really don’t respect consent. When would you like to know more: Now, or Later?
Though I don’t mind the “accept, deny, ask me again later” for when something seems interesting but I don’t want to put the effort into looking into it right at the moment but don’t want to click yes without looking into it.
These should be the norm, actually.
Yes, though it stops being as good if there’s a “you can postpone this n more times” involved.
These should be flatly illegal. No means no
We had a whole generation of people that were taught that ‘no’ means ‘maybe later’ (the whole point of the ‘no means no’ ads about daterapes), and that same generation is now running these companies. What did we expect to happen?
LibreWolf
Why do you think it’s useless?
If someone wanted it, they could’ve installed the Firefox extension, but now for users who doesn’t want this, they have an intrusive feature that is just a bloat. Also, even if I wanted it, it’s fairly useless unless you live in western countries.
Can you opt out?
Okay, but why do you think it’s useless?
Because not many people from somewhere like greece shop on walmart or best buy, and many people who use Firefox also are anti amazon
Hmm, that might be a bug - it looks like it was only meant to be available in the US. I’ve never seen it, at least.
It’s not a bug. I don’t think they saw it. They just need something to be angry about.
For the same reasons as the shitty AI for detecting AI produced essays.
Please tell me there’s an about:config setting to turn this bs off.
I got this linked on Mastodon: https://kitsunes.club/notes/9wbyqywt28
Nice. For those who don’t click the link, it appears you can disable by setting these flags:
browser.shopping.experience2023.activeand:
browser.shopping.experience2023.survey.enabledTo false.
Back to surf it seems
