Tech Over Tea - Firefox And The Privacy Preserving Ads | Andrew Moore
Episode Date: August 2, 2024A few weeks back Mozilla began shipping a system called Privacy Preserving Attribution and this lead to an uproar as they completely failed to properly explain the system. During this time Andrew wrot...e a blog post explaining how the system works so he's here today to chat about that system and some adjacent advertising problems. ==========Support The Channel========== ► Patreon: https://www.patreon.com/brodierobertson ► Paypal: https://www.paypal.me/BrodieRobertsonVideo ► Amazon USA: https://amzn.to/3d5gykF ► Other Methods: https://cointr.ee/brodierobertson ==========Guest Links========== Website: https://andrewmoore.ca/ Mastodon: https://hachyderm.io/@FineWolf Blog Post: https://andrewmoore.ca/blog/post/mozilla-ppa/ ==========Support The Show========== ► Patreon: https://www.patreon.com/brodierobertson ► Paypal: https://www.paypal.me/BrodieRobertsonVideo ► Amazon USA: https://amzn.to/3d5gykF ► Other Methods: https://cointr.ee/brodierobertson =========Video Platforms========== 🎥 YouTube: https://www.youtube.com/channel/UCBq5p-xOla8xhnrbhu8AIAg =========Audio Release========= 🎵 RSS: https://anchor.fm/s/149fd51c/podcast/rss 🎵 Apple Podcast:https://podcasts.apple.com/us/podcast/tech-over-tea/id1501727953 🎵 Spotify: https://open.spotify.com/show/3IfFpfzlLo7OPsEnl4gbdM 🎵 Google Podcast: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy8xNDlmZDUxYy9wb2RjYXN0L3Jzcw== 🎵 Anchor: https://anchor.fm/tech-over-tea ==========Social Media========== 🎤 Discord:https://discord.gg/PkMRVn9 🐦 Twitter: https://twitter.com/TechOverTeaShow 📷 Instagram: https://www.instagram.com/techovertea/ 🌐 Mastodon:https://mastodon.social/web/accounts/1093345 ==========Credits========== 🎨 Channel Art: All my art has was created by Supercozman https://twitter.com/Supercozman https://www.instagram.com/supercozman_draws/ DISCLOSURE: Wherever possible I use referral links, which means if you click one of the links in this video or description and make a purchase we may receive a small commission or other compensation.
Transcript
Discussion (0)
Good morning, good day, and good evening.
I'm, as always, your host, Brodie Robertson.
And this week, we're taking a break from the indie game podcast
and instead going to talk about the recent situation with Firefox
with the privacy-preserving attribution.
Is that privacy-preserving attribution?
Yeah.
I really hate that the acronym for it is PPA
because there are a lot
of people that were very confused when people were talking about the firefox ppa they're like wait
why are we talking about ubuntu like what's what's happening on ubuntu so privacy preserving
attribution is what i'm gonna refer to it as i'll probably forget that one starts saying ppa anyway
how's it going andrew welcome to the show uh The reason why you're here is you wrote a blog post that a lot of people
referenced explaining how all of this worked. And before we get into like the main thing,
I do want to say that I'm sorry for like looking at the blog post and sort of misinterpreting your
final conclusion with it.
Your conclusion was a lot closer to mind than the original read-through.
Yeah, so if you want to just introduce yourself and say anything you want to say,
why you got involved with this and your background and anything else like that.
All right, fantastic.
Thank you.
My name is Andrew Moore. I'm a solution architect based out of Montreal, Canada.
I worked in multiple industries, including the advertisement industry.
At some point, I worked for an advertising firm for seven years, not doing any advertisement related things.
I was working essentially there.
They were doing commercial offerings for e-commerce for some reason.
So I was working on that.
And the reason why I wrote my blog post was essentially i was quite frankly
pissed off when i saw the feature when i went open up firefox the what's new page opened up
and there it was an ad related feature and i was mad to be completely honest but i like to
understand things before i get like unruly online about them uh so i i took the time to actually
figure out okay what is this privacy
preserving ad measurement is what they're calling it in the ui right and that's their public facing
name for it uh and yeah after reading about it i'm not so sure in the big in the bigger context
of things it's necessarily a bad thing for privacy for for people who are very like strong on their
their personal privacy and they don't necessarily want that,
I totally understand where they're coming from.
And I personally will probably turn off that feature.
And I totally understand that.
But if you look at the bigger picture,
this might actually be the start of a shift away
from this very invasive personal tracking
that the advertisement industry has been using for years now.
So I decided to write the blog post. i was mentioning before we started like your blog post is very your blog is very
bare so it seemed weird to me that you decided this is the thing you want to talk about because
i'm looking back through it so you have the firefox thing then you have new foundations
rebuilding with astro goodbye to adobe saying oh i saw the car the color one
okay i know i i knew i'd seen your blog post once before okay um goodbye adobe saying no to color
cartels i don't remember who talked about this but i definitely saw that show up somewhere
um and then before that it's one about infrastructure and then the website existing
so there's there's basically nothing
on it so it seemed weird to me that this is the thing where it's like here's where my take needs
to be it's very difficult for me to get motivation to actually sit down and write something no i get
that so what happened that that was a subject that was like okay well i have something to say about
this right right right right no i i get it like and i i feel like it definitely did need to be there because
mozilla they really don't understand how to communicate with the audience they have at
this point because firefox does still have a lot of like my dad uses firefox like they have these
legacy holdover users who
don't even care about Google or anything like that. He is a Firefox user on Mac OS.
So he doesn't... he's just using Firefox because that's what he's always used. But the core Firefox user base at this point is
that very
privacy oriented...
Those people who are using Firefox
specifically to be away from what Google is doing,
specifically because they care about privacy and security
and all of these nice things.
And Mozilla does not understand how to talk to these people
in a way that gets their point across
in the way that they intend it to.
I'll even argue that they're not even trying.
I haven't seen them communicate at all
in the way that is aimed towards users.
It's mostly aimed towards older changelogs
or anything like that.
It's very hard to get a good amount of communication
from Mozilla lately.
I personally feel as a user. You hear about things in the changelogs.
It's been the same thing with their whole AI thing that they've released right before that,
where it was, I think it was for Altex.
Oh, the Altex one. Yeah, yeah, okay.
Yeah.
Because they've done a couple of things related to AI.
See, I haven't even been following, to be
completely honest. That's just...
It shows. Mozilla just doesn't
bother to communicate with its users.
And it's
a bit sad because you see
they're losing market share at this
point. And we're all at risk
of having one big
vendor in charge of
pretty much the whole web. and that historically was like that
and it didn't turn out well and i'm hoping we're not going back to those days yeah i i was getting
involved in i i first started using computer towards like the tail end of ie's dominance. So like around IE6, IE7, just before like Chrome was really beginning to take
off. But looking back now at, especially like the web development space, where if you wanted to
build a website, you had to design it around IE. Because yes, the standards bodies that exist today
did exist back then. But if you're the only entity that exists in that space
you control the standards body. Like they have to listen to what you're doing because
Who's gonna stop you? Like you are the web browser, you can do whatever you want and
Google hasn't gone that route
yet and Google hasn't gone that route yet,
because Safari is still at least enough of a barrier against it happening,
but when you have only two competitors,
it's very easy to create a duopoly then,
and have them just agree on things, and then everyone else else you just have to follow along luckily they have a
fairly competitive um a fairly combative relationship so you don't have as much there
but there's certainly going to be a lot of things that they will fundamentally agree on that are not
going to be good for the average user yeah i agree and you were talking about internet explorer at some point um right before sorry and
the ie problem stayed around for a long time any business to business application like people were
developing even until like windows 10 came out had to target internet explorer edge had an ie uh
like what do you call ie compatibility mode where it would run specifically like ie i think brand
like ie7 or something.
Because yeah, there were government sites like that.
And there were sites that said they worked better in Chrome,
but Chrome was never to that point where,
at least so far, very well could at some point in the future,
never got to the point where websites basically only worked on Chrome.
Whereas IE, because it was so different,
yeah, there legitimately were things, but you could not use the site yeah absolutely just because a lot of websites were built on activex
shutters yeah that was not a good time yeah i'm very happy i managed to skip all that
for now for, at least.
It wasn't good.
Well, hopefully it's not coming back
and Flash is also dead, so that's pretty good.
There was a small period where there was,
Chrome was essentially,
no one was actually properly implementing WebGL,
but it lasted like for two months.
Well, that's more of a problem of
the others were just moving slower
as opposed to doing things your own way and breaking everything
who really cares yeah yeah absolutely that was that was google moving fast and it was a standard
so it was just a question of time until the other browsers caught up so it wasn't necessarily a bad
thing and there's no problem like people in the the web space will talk about like oh web frameworks
and all this stuff but the reason why these existed in the first place
is because no one wanted to deal with web browsers.
They wanted to build an application in JavaScript, and they knew how JavaScript worked.
The problem is all of these different engines had their own weird, subtle bugs,
and these HTML rendering was all slightly different between these different browsers
so you needed some way to
Basically just simplify it to the developer so they didn't really have to think about those problems. Actually you got things like jQuery
That's that's that's the reason why things still stuck around today. Obviously, they're still useful for a
In building a complex graphical application you now see on the web but their origin is because
the web just used to really really suck oh yeah oh yeah absolutely and you also had that's why
sask started coming up as well in the the front-end development space is you could compile, and then what was the library still being used today?
Auto-prefixer, where it would automatically auto-prefix
all the little properties between different browser vendors.
It's less of a thing nowadays, and that's pretty nice.
We're finally getting to a place where, yes, you have different browser engines,
but they're mostly following standard now.
where yes you have different browser engines but they're mostly step following standard now so we're web development today is is a good time to be doing web development well it's also made
easier because there's not really that many browser engines in the first place because yeah
we do have what does mozilla call their engine nowadays oh uh good question is it still gecko
i think it's they want to switch the servo at some point
Yeah, they want to serve the other things. That was the rust thing. I think they're calling it
I think that
Because if they temporarily renamed it to quantum, but then I think they rebranded back
I don't know
Yeah, quantum was their rewrite of their css engine uh and rendering engine within gecko uh it's yeah i i remember seeing it's it's been a while
this is why people just say it's a firefox based browser because it's just easier to say it like
that yeah but if you look at the web space most things are just chromium like there's there's so
few actual and when you do look at a lot of the Firefox-based browsers,
most of them, I wouldn't even really call their own browser. Like, Brave is a separate thing from
Chromium. Vivaldi is a separate thing. Yes, they still use that same upstream codebase. Like,
Opera GX is another good example. Like, they use the same upstream code base, but they're clearly distinct pieces of software.
But when you look at things like LibreWolf or IceCat
or pretty much most that exist in the Firefox world,
they're like Firefox with maybe a couple of cherry pick patches
and a custom config.
Like LibreWolf especially,
people talk about how great LibreWolf is.
LibreWolf is basically just a pre great LibreWolf is LibreWolf is
basically just a pre-configured Firefox which is fine like if that it's useful to have that
but a lot of people seem to get confused about what it's actually providing yeah in terms of
the browser engines uh when you're looking at that specifically there's gecko there's going to be blink which is what
powers chromium and there's going to be webkit which is what what is powering safari but there
is webkit is very close to blink blink is essentially a fork of webkit uh and it's even
worse on the mobile space because not a lot of people are using firefox on mobile uh so on mobile um firefox on mobile i think recently got um extension support
yes and that's my main browser because you can install ublock and block all the ads it's
fantastic uh on on android at least on on on ios it's a different story because well apple is being
apple unless you're in the eu so we'll see
what happens there but there needs to be more competition on mobile that's for sure right
because on ios everything is just a safari skin how did the eu end up handling that is in the eu
can they actually be proper browser engines now is that how that works they they can be proper
browsers but i don't think that Apple is forced to distribute them.
You need to go through and don't quote me on that.
I'm not sure.
I haven't looked at that.
But yeah, they're allowed to have their own engines now.
Apple is very good at reading exactly what they are forced to do and only doing it to exactly what it says.
Like the easier thing to do is just say, okay worldwide you can do what you want then you don't have to build like specific
things in place to stop people outside of the EU doing it but they're like no
we will put an absolute stranglehold on this and only do specifically what it
says honestly I'm surprised that you ever see like, cause didn't they, did they swap? I don't use Apple
devices. Did they swap worldwide to USB-C? Uh, yeah, they did. I'm surprised. I'm genuinely
surprised. Maybe that's just like the engineers like, no, we're not, we're not making two versions
of the device. Stop it. It's probably a production line issue it's it's way more cost effective
of one production line where it's usbc than creating two different skews and two different
products um which i mean in that specific case the consumer wins because lightning had to go
i guess it's i guess it's a lot easier to put those uh those software level locks in place
as opposed to making a second production line
just to piss people off but um yeah we're not we got way sidetracked there it's it's good but this
is this is what we're here for um okay so the way this system works at least the way that you understand it,
basically what's the general idea with this privacy-preserving ad measurement?
What do you think a lot of people are misunderstanding about how it works as well?
Well, I think a lot of people see it as a way to track you uh and then to track you personally
which is not what this is this is aggregate metrics uh the best way to explain it that i
found is this let's imagine you have a city or you have an intersection to the corner of street a and
b and you want to know two blocks down the line if you had a speed bump to the intersection
are you going to have less less accidents at that intersection right
so you when you're when a car passes through the intersection it's asking did you pass through that
intersection with speed bump and it's saying yes or no but they're not seeing the individual results
the city is only receiving oh well there's been one accident which passed through there versus
before there was eight it really is aggregate metrics and that was a terrible explanation that i've said all right yeah i was i was thinking through i i was following
along but that wasn't as good as you made initially sound like yeah i know yeah let's let's let's
rewind a bit uh it's essentially getting like how many people saw one ad that led to a sell that's it it's about an aggregate a collection of people versus
like the individual you what you have seen and what you have bought they're not getting any
information about individuals and there is the way the system is designed there is an intermediary
between the advertisement companies and the client which is a browser which is run by a group
the internet
security research group which are the same people that are running the let's encrypt the ca
certificate certificate sorry so they're receiving the individual reports they're not collecting any
information about like client ip anything it's going through an anonymizing proxy right before
so they're just receiving essentially oh well this ad been seen, like this ad led to a conversion once.
Then it goes out, gets aggregated when the advertiser is asking for a report. And at the
end, they're saying, okay, well, for advertisement X, it led to 10 sales within that period. And
that's about it. That's pretty much the only thing that they're receiving. I think it's also important to note that with the information that even the ISRG are getting,
it's fairly limited.
Basically, it's the type of interaction with the ad.
So whether you viewed it or clicked it
because different ad networks will pay out differently
depending on whether it's a,
you follow through or whether you just view it.
Sometimes they don't even pay if you just view it.
It's the ad itself. So this is the ad campaign. It's associated with where the ad is located.
So is it on this website? Is it here? Is it there? Very important information.
That's pretty much the main core of it. Like it's not, hey, this is being done from a
Like it's not, hey, this is being done from a Chrome browser on a Linux system on an AMD CPU or a lot of other information that you'll see being collected in a lot of these other
systems.
Yeah, absolutely.
And you were talking about the source and the impression type.
They're not technically receiving that information either.
They're just asking the client, is that matching one of the reports? And then they're receiving a one or a zero depending if it matches or not okay so they can get
it based on their collection report because they can say i want to have a report of everybody who
saw love the number sorry not everybody but the number of people who saw add x on source y who
clicked it or viewed it so their report itself is based on that but they're not technically
receiving that information it's just they're getting a report about that information, which is the slight little distinction here.
Okay, that's fair.
That's fair.
If we just look at the information.
Go on, go on.
And it's, I think it's important to know that this information is not like, it's pretty much the minimal amount of information they need to run a business right because they're charging their clients based on that so they're not asking
what topics are you interested in they're not collecting that they're not collecting which
sites you're visiting they literally just want to know you've you if you bought a product and
they're not technically they don't even know if you like they just know the amount of people who
bought a product they've seen this ad 10 times let's say so 10 people saw the ad and bought a product and that's really all they're collecting
um so it's really minimum like the minimal amount of information they need to run their business
yeah i you'll see a lot of people say okay but why do they need any information why can't they
put an ad campaign out there and just let it go and just see what happens?
Like, if it's a successful campaign, they're going to sell products.
Why couldn't they just do it with nothing whatsoever?
Because realistically, you're not just running one campaign when you're doing an ad campaign.
You're going to have multiple variations.
They're going to be on different websites.
So you kind of want to know, well, okay, well, I'm advertising on Pharonix, for example, about some Linux type of service, but I'm also advertising on Reddit.
Am I getting a higher return when I advertise on Pharonix versus Reddit?
That kind of information is kind of useful as an advertiser.
Because if you're just seeing a spike of sales, you don't necessarily know which campaign has worked.
You can't take decisions based on that unfortunately and it's very possible that that particular spike of sale was had nothing to do
with the advertisement campaign it just so happened there was like somebody some content creator
decided hey that product is great and sent everybody on your website to purchase it which
now you have that skewed idea that your ads are actually worth something when they might not be yeah i think this this perspective of they don't need any information whatsoever i think that comes
from people who have zero experience in this space like from my perspective right like if i want to
work with an advertiser they're going to ask you things like okay what are your viewership like
how many conversions do you have in previous ad
campaigns like they're going to ask you this information and like whether similar things have
been successful for you because they want to know if it's even invaluable in the first place to start
a campaign with you and then if they have a campaign with you whether it's useful to continue going down that route and
renew that contract because if you're if you have a a campaign and let's say you're a channel that
has a hundred thousand subscribers and they pay you the lots of money because you get paid lots
of money as a youtuber like that um people don't actually realize how much it is.
And you sell 10 products.
They can be like, okay, unless the margin on that is like crazy high
and 10 products is really successful,
it's very likely that has been a completely failed campaign
and they might offer you a contract again at a lower rate that's more
suitable to what is being distributed there or they might say well clearly this audience is not
interested in what our product is we're going to move on to another space that potentially has a
higher conversion rate yeah absolutely and even if you look at YouTube ads, right?
So in video advertisement
where the content creator puts out an ad,
usually the way that works
is that you have a code
that the person gets a little rebate or something,
but you essentially go on a website.
That's how they do their attribution.
They know because you entered Brody
when you bought that product.
Well, now they know that, okay, well, we've got a conversion based on the advertisement that we paid for.
And that kind of attribution is really important to take decisions.
And yeah, you can't really run and you can't really advertise without knowing if you get a return on that advertisement.
And I understand I hate advertisements as much as anybody else.
But the reality is we wouldn't have YouTube without advertisements.
We wouldn't have most websites and most news organizations without advertisements.
So they do have some place in society, even if, quite frankly and personally,
right now it's way too invasive.
And there's nothing wrong for advertisers to know,
right now it's way too invasive and there's nothing wrong for advertisers to know okay well am i advertising to the right audience by looking at their attributions versus what is currently
being done now which is an advertiser saying okay well i want to specifically target that 18 to 20
year old really isn't a k-pop but also stamp. And that lives in Wycogama, Nova Scotia,
which is a tiny village.
That's how pervasive the tracking
and the targeting is right now.
And that's a problem.
And that's something we need to fix that.
But just knowing, okay, well,
did I have a return on my advertisement?
That's not targeting.
That's just receiving metrics to
know have i done a good investment yeah i think if we compare this to like earlier systems that
have been proposed and very quickly shut down like the uh what was the federated learning of
cohorts is that cohorts yeah where basically it wasn't individually targeted,
but you're basically being put into these groups
that you could effectively,
if you combine it with other information,
you could basically just reverse engineer
individual targeting anyway.
Basically, if I understand correctly,
the idea was just aggregate into different groups
of targeted individuals and you could then just target
ads based off of those. Effectively, what's being done now anyway, just with slightly
less individual tracking. But again, the thing with any sort of user tracking is it's not about
one piece of information. It's not about one piece of information it's
about this large array of information like if you know someone has a 3600x and
they run their computer at 1080p you don't know who that individual user is
but if you know they live in like that random little village and they are
between this age and this age and they use a computer between this time and this time
you've gotten down to maybe in some cases one person but even on like bigger places you might
like let's say it's someone in new york maybe you're down to like five ten people even with only
a few small bits of information especially and i really hate when
browsers do this when they're honest about what operating system you're using in your
your um user agent yeah don't do that especially especially i i've seen this happen on bsd
bsd operating system stop being honest that you're on bsd that is such an easy way for users to be
targeted yeah absolutely the good news is at least for users you have control over the user agent
at least in the firefox so you can remove that from the string if you don't want to i would
i would wish that firefox would put an option saying just put my browser information no os
information but uh yeah the good news is there's forks of Firefox that do that.
Like LibreWolf is a good example where they don't, as far as I know,
they don't put the operating system in the user agent string.
So, I mean, as users, we have options.
Yeah.
Would you say you're Chrome?
Just be part of the big group.
Don't even be honest about the browser.
Just be honest about nothing.
Mozilla 5.0 which is in pretty much every single user agent string out there uh but also talking about uh oh yeah go ahead what i was gonna say especially don't don't
be don't be dishonest in a way where you stand out like if you have no user agent string like
doing the and doing things like that just make you stand out even more. You think
you're hiding because it doesn't say your information, but they don't care about the
information. They care about who you are. The trick is to use Windows user agent string.
Yeah, yeah. Then you're lost in the masses. But talking about the federated learning of cohorts,
but talking about the federated learning of cohorts.
So the private attribution is coming from a group called the private advertising technology,
private advertising technology community group from the W3C.
And one of their proposals right now is something called topics API.
And that is more akin towards like tracking your interests and stuff like
that.
That really needs to be opt
out opt-in because that shouldn't be in browsers and that's going to be a big issue that's coming
up uh google essentially uh what they did is they they reworked their proposal on uh floc and
we worked it towards that topic api thing where essentially your browser would send a head
user a header sorry and every request saying what topics you're interested in so there's still some things to
look into which are bad on the privacy side of things but private attribution isn't really one
of them because if if advertisers have something in place or they can have at least their basic
metrics that they're they kind of are required to have to run their
business then we can go towards legislators and ask to ban that kind of pervasive invasive
personal tracking that we have right now everywhere but we need to have the the alternative in place
for them to capture their metrics or else what's going to happen is you're going to have lobbyists
come in and say well we can't ban that because then we can't have a business we can't charge our customers um so yeah it's a step
in the right direction but there's still some other things that we kind of have to be careful of
which are not part of that whole private attribution uh proposal from mozilla yeah the issue that i
took with a lot of people talking about, especially Mozilla, when they were talking about it, is they were describing it as the solution, but in none of their communication did I see them talking about doing the legislation part. use this instead because it gets them information that allows them to do an ad campaign which i just
fundamentally disagree with it it's good there with the regulation you need that regulation in
place so they don't do the other thing but if you just have the the ppa there all that's being done
is you just have another route to get information they were already getting through these other
means and nothing going in place to stop those other means and this i think is where a lot of
people really got caught up with and like why i got caught up with it as well i just like
if they put front and center like this is step one i think i would have had a very different opinion of it.
Yeah, and I totally agree.
But I also, I'm not sure Mozilla should be the one leading the charge.
At some point, I think we have an individual responsibility to contact our legislators and ask for something to be changed.
Mozilla, unfortunately, did purchase an ad business.
Yeah, the timing of that that's that's
i think also part of the reason like a lot of people are sort of distrusting of mozilla right
now anyway like they've had a questionable track record over the past 10 years and then the ad
stuff the ad tech company as well so it's like all these little things building up. And this was just, I guess, one of the ways it all kind of exploded.
Yeah, absolutely.
But even if you're like really pessimistic, the worst case scenario is that Mozilla sees the writing on the wall and then one alternative in place when the legislators are eventually going to ban invasive invasive tracking, at least in the EU.
I don't know what's going on in the United States.
They don't seem to care going on the united states they don't seem
to care about that kind of thing but there there is some regulation in certain parts of the world
where privacy is coming back individual privacy is coming back so we've seen gdpr in the eu
in quebec where i live we have law 25 which has a very nice little thing that says well the default
should be the most private
options on all pieces of software that's essentially the summary of it um and there
is other legislations as well in california and stuff like that that are coming up cpa
yeah exactly i don't have much hope for the rest of the united states unfortunately
uh it would be really good, though, if they did,
because since most companies
are based there, that's
when we would see the biggest shift.
But
anywhere else in developed
countries, we should push for
legislations and get
that changed. I think we have
to do our part as well, and I don't necessarily
want Mozilla to lead the charge for us, because then we might end up with a compromise that
isn't exactly like doesn't have our best interest in mind no i i don't think necessarily has to
lead the charge but as we're saying before about their communication, I think at least paying lip service to like,
hey go contact your legislators about- like having that anywhere in their original post
or the reddit post, at least mentioning that like, maybe they're not the ones that are
fighting this in court, like that are totally understandable, but
core like that are totally understandable but making it clear like what it is that is being done here i think is was it was just something very clearly missed out yeah absolutely and even
if they would have been honest and would have said oh we're seeing the writing on the wall
so we're working on on and getting those basic metrics in a way that is that are respecting of user privacy
i think would have gone a long way but right now it's just oh well it's an experiment you
don't have to worry it's it's it's not that big of a deal the yeah their communication was just
horrible period um and that's unfortunate because there are there are some governments uh government
actors who are part of the private advertising technology community group that are working on those standards.
Notably, there's three representatives, I think, of the UK government that are part of that group.
So there's clearly some work being done towards improving user privacy.
But it feels like nobody wants to communicate that.
And yeah,
it's a bit sad.
One take I did see from a couple of people is Mozilla should sort of ignore
the whole advertising thing and position themselves as this private browser
that ignores all the advertising.
They try to get away from all of it as much as possible.
Like, you're never going to...
Basically, like, the Doomer approach to it.
You're never going to change the way the tracking works.
You're never going to stop individual tracking.
So, Mozilla should build a browser
that tries to stop that as much as possible.
Like, what do you think about that stance?
If... tries to stop that as much as possible. What do you think about that stance? If Mozilla would have enough of a contributor base
that wouldn't be Mozilla employees,
and it would be purely a community-run product,
sure, but that's not what Mozilla is.
And to be completely honest,
they tried to launch some products to get some revenue in
and i don't think any of their products caught on to be completely honest so at some point
something needs to finance the development of firefox something needs to to to to compete
against chromium and blink and if that's not Mozilla,
I don't see anybody else doing it.
So painting yourself in the corner saying,
okay, no, we're not going to acknowledge
that advertisement exists.
We're not going to acknowledge
that this industry is funding,
let's be honest,
quite a large part of the web
of the information repository
that we use today.
It's not viable it's it simply isn't viable for them and i don't think it's viable for us as users either um so i the middle ground is a good position to have however i would have wished we had a i'm gonna use a out of the box uh an out of the box window
let's put it that way when we install the updates i would have asked if we wanted to opt in or opt
out yeah um you read through the reddit post yeah uh from uh far yeah from the cto here yeah the
let me find the exact quote because i i do think that is the pinnacle of what I mean
by they just don't know how to communicate to their users.
Where was it?
What is the specific dialogue?
Where is it?
Oh, they use modal consent.
That's the word they use.
We consider modal consent dialogues
to be user hostile distraction from better defaults
and do not believe such an experience would have been an improvement here. I do think there is a
part of that that is true. They are worse than better defaults. At the end of the day,
you want to have good defaults so users don't feel the need to configure everything
But I think in this case it doesn't necessarily apply like that applies to things like
Hey, should I have the bar be at the top? What size should icons be?
You know, should I have?
Uh, I I don't know just random other features that firefox has like that for that
Yes, you want to have a good default where users have Firefox
and it feels like out of the box, it's good enough.
Like you install the GNOME desktop out of the box,
it's good enough.
KDE, good enough.
Yeah, there are things you might want to tweak,
but it's not like, you know,
you install like a random little window manager
where you have to write a thousand line config file
before anything is even remotely functional.
But I don't think there's anything wrong with asking a user
if they want to opt into this scenario.
The reason why they didn't is because they knew
most people would probably click no.
No, I think they're seeing necessarily, I don't think that.
I think they're mostly comparing it to what's happened
with cookie consents on websites, right?
So you got those old banners that show up on every single website.
The issue with those is that most of them are user hostile
in a way that if you want to reject you have two
clicks to do and if you want to accept it you just have one button and that's a problem because most
people are going to do the accept they're going to opt in because well that's the easiest option
right but if you look at a place where opt-in opt-out consent is is well implemented it's in
the kde welcome wizard so when you click
through all the options one of the last screens that you get is the telemetry where you have a
slider and you can select what amount of a telemetry that you want the options are clear
as a user it takes 30 seconds to configure and you don't have to go click i refuse on a slew of
like 20 options for each individual cookie right right so there's ways to do opt opt-ins without being user hostile
in a way that you give value to the user and i kind of understand where he's coming from if he's
using that specific example where users were kind of like they got everybody has consent fatigue at
some point and most users nowadays they visit a website
they just say oh except all cookies i don't care okay that's fair and that's i again bad
communication i think that's the example that you wanted to use uh but yeah uh to me just showing a
screen saying like okay well do you want do you want to accept just add measurements? Do you want to
choose between individual
behavioral tracking? Don't word it that way.
Say, like, personalized advertisements.
Do you want to just have measurement
or nothing whatsoever?
If one option would be bigger
and it would be well-explained, I don't necessarily think that
most people would opt out.
I mean, a slot would.
Yeah. No, that's fair're not the target no no i i get what you're saying there um there's something i was gonna say um
oh right regarding the the telemetry thing they've really like readjusted the installer
a bunch of times because this is what windows does, but do you remember when Microsoft was first like being public about the data they were collecting and
the installer you could turn it off you could turn it off there was a lot of
stuff you couldn't turn off you had to like do some registry edits but what you
could turn off they had like a whole screen of individual things you could
choose that you want collected that is sort of the opposite of what you
were suggesting with kde where there's just a single thing it's easy here it's like i don't
even know what half these settings do do i want them on do i want them off like in some cases it
might not have been clear like which way was the more user privacy preserving one so yeah no i get
what you're saying about um making it clear to the user
yeah and making it easy for them to make a choice if you're drowning them in options
chances are they're just going to stick they're just going to skip because most people
like they get overwhelmed with options and they just don't bother with them yeah um so i kind of
understand where they were coming from but for a yes or no question like do you want to actually like enable ppa even if it would have been like just a little pop-up in the address bar kind of understand where they were coming from, but for a yes or no question, like, do you want to actually like enable PPA,
even if it would have been like just a little pop up in the address bar,
kind of like what they did when they rolled in pocket in the browser back in
the day,
we just said,
Oh,
well this is in now.
Do you want to disable it?
Like it,
I don't think anybody was seen as a user hostile.
Just inform the users.
Yeah.
When you're mentioning about Mozilla, trying to find something to be like actually make money um i was having a look
through the products they have and they really like just don't have much that's successful do
they like firefox you know that's firefox That's great. You have Firefox Relay.
Protect your real address and get control of your inbox.
I've never heard of a single person using this.
Oh, no.
Okay, no.
It doesn't exist yet.
It's a wait list.
Okay.
That's why.
Cool.
Mozilla Monitor.
See if your personal information has been compromised in a corporate data breach.
Sign up for future alerts.
Is this a paid service?
You can pay for... I believe you can pay, but there's a free version,
which I personally use.
It's quite useful, but it's just a rebranded Vibe and Pond.
So they're essentially paying a third party to run their service.
I've also seen a bunch of other services.
There's a lot of services that are really popular with YouTube ads
that basically do this as well. yeah then it's completely free oh that's nice then there's
the mozilla vpn vpn rebranded malvine vpn yeah even if it wasn't let's say they were doing their
own thing the vpn space is so competitive there is you know at even like just on what gets advertised on youtube i can
think of like five different vpns they get advertised by multi-million sub youtube channels
you're not breaking into that space like that's just not going to happen um we all love mdn mdn
is great but it's also free so yeah thunderbird actually Thunderbird is Thunderbird
they kind of do their own thing
if they weren't part of Mozilla
nothing would change
because Thunderbird is really successful
fake spot
has your back when you're shopping online
I would assume this is free
it is free
and then there's Pocket
what even is Pocket
I've never used Pocket.
It's to save, essentially, articles,
and they also do, like, it's a bookmarking service type of thing,
which you already have bookmarks in Firefox
where you can summarize articles.
So of the things they do have,
maybe Relay will be popular, but there's already... Like, all of the things they do have maybe relay will be popular but there's already like
all the things they're doing here there's already very well established services to provide this
yeah so like if they like a lot of the stuff that mozilla is doing now is stuff they should
have been getting involved in like 10 years ago when they weren't in this position where they have like
two three percent market share whatever the number is now like now that they are in this very
desperate position they're trying to build out these other solutions and i think it's good they
are trying to build them out but they're building them out so late that i don't know how they can
break into any of these spaces without doing something really really
revolutionary and from what i'm seeing it's just kind of doing the same thing the others are doing
but it's from mozilla so you should trust it yeah but they're doing things like mozilla vpn like
like you said the market is saturated that's not necessarily something that's useful firefox relay
most people are going to go with Proton.
Is it really useful?
Like if they wanted to launch a product that would make money for them, personally speaking, a password manager would have been great.
Now it's too late.
Like the market is also getting pretty saturated.
But 10 years ago, like there was LastPass and that was about it.
And even their product wasn't that great.
So, yeah.
I wish them success. I don't know what i would do in their place uh it's it's a tough market to be in yeah that's for sure
yeah i i don't really know what because yeah if they had something in place before because
last pass they a couple of years back decided to basically neuter
their free tier and make it so you effectively had to pay to use it which caused a lot of people to
leave it and i get it like they have a lot of people on it they want them to pay for like
understandable yeah but when they did that like bit warden was well established by that point
and people like well bit warden is just everything I wanted from LastPass.
Yes, they have their, like, paid tier as well,
but the paid tier, unless you're using, like, hardware verification,
I haven't really seen a value to the paid tier of Bitwarden.
And if you like hardware verification, that's good. Use that.
Yeah, and if, yeah, I think it's OTP time, one-time passwords
and pass keys.
And then again, in the case of Bitwarden,
you can sell self-host and there's also Vaultwarden.
Yeah.
There's competition there.
Like, quite frankly,
the most successful product Mozilla has
is MDN. It is the references
for developers.
Like, even Chrome, like people who develop websites for Chrome, use MDN. It is the references for developers. Like, even Chrome, like, people
who develop websites for Chrome
use MDN.
It's sad, but it's true.
But it's free, and that's sort of the
problem. Yeah.
Yeah.
I
know they're trying out some, like, AI stuff,
but I feel like by the time they're gonna have
anything deployed
It's gonna be like, you know
that again, it's another thing where
It's a perfectly fine product
But it's so late to the market that all of these other things are established all of these other things are better
Like they need to do something before
Everybody else is doing it. i i think the leadership is
trying but i don't think they i don't think they know what to do no and
they're giving they're also given an opportunity right now on a silver platter with the whole
uh web manifest v3 to market
the crap out of Firefox being
a browser that does respect your privacy
and if you want to install ad blockers
we're never going to block them
and all that jazz. They could do a big marketing
push on that and quite frankly
I'm pretty sure it would manage to
convert a few people.
Are they going to do that though?
I don't think so i don't i personally
don't think maxilla is that interested in firefox anymore to be completely honest they know it's not
revenue generating they know it's not going to be revenue generating for them in the long term
so we're going to maintain it because it's it's it allows us to develop all our other technologies
around it but i i force i i'm pretty sure Mozilla is going to pivot.
At least their profit.
Side of the business.
To something more profitable like.
The advertisement business they just purchased.
Which I forget.
Anonym I think it's called.
That sounds right yeah.
Yeah which is going to be.
Which is going to be providing them.
Like a more stable revenue stream.
And at the end of the day,
even if they do that,
it still benefits us
because I don't think they're going to
abandon Firefox completely.
They're still going to develop it.
It's still like they've got brand recognition
for Firefox and that's worth something.
But like they have to do something to stay afloat.
Like if you also think about other things
they've done in the past,
like there was the Firefox OS,
the thing they were going to
use for smartphones and stuff which when that came what year did that come out in initial release
2013 so it was six years after the iphone and uh how many years after android had come out like
yeah they just have they the only thing that mozilla has done early is the browser and that's
only because they got grandfathered in from netscape like that's the only reason yeah and
what year did web web os fail as well from palm that was later bought by lg for tv i think it's
around 2013 as well so they didn't choose the best time to launch Firefox OS, unfortunately.
2009 it was launched.
Okay.
Yeah, 2009 it was launched as PalmOS.
There was PalmOS was launched.
Yeah.
Then it was acquired by HP.
Then it became WebOS.
Yeah.
Yeah, and at that point it was already dead when it was acquired by hp so
i mean yeah unfortunately they were late to the market again
yeah i it would be it would be very you mentioned them pivoting into advertising
so their plan for revenue generation is to pivot into the market
that has a stranglehold by google and amazon like again late to the market for another time
yeah um yeah but that's that's a market where if there's more competition it benefits advertisers
so i don't necessarily see that as a bad thing.
It's the less consolidation you have in the advertising market,
as long as Anand managed to get an audience, right?
So if they can get their ads on websites,
they actually have a chance because they can undercut the prices that Google or Meta's charging right now.
So we'll see.
I don't think it's necessarily a bad thing.
is charging right now.
So we'll see.
I don't think it's necessarily a bad thing.
And their advertisement business does seem to want to respect user privacy
and not do individual tracking.
So am I enthused by it?
No, not really.
I don't like advertising.
But if they keep true to what they're saying publicly,
it might not be such a bad thing.
Right.
No, I agree it is a good thing they have some competition
because, yeah, frankly, like,
they need some competition, that's for sure.
But if it just becomes like it is now,
where it's like, okay,
but we have like 1% or 2% of the market share, like...
Yes, there's technically competition there, but not enough to really put pressure on the big advertisers
and force them to change their ways to compete in this new landscape.
Maybe. Maybe it's successful.
But I feel like that space is so data-dominated that trying to provide a solution that cares about user privacy to companies that already were in a position where they didn't really care about it anyway.
Like at the end of the day, it was, is this providing a higher profit margin?
Yes.
Let's use it.
Yeah.
I'm sure there are people in these companies that like advertise a
lot that care about privacy as well but like when it comes down to the matter of what makes the most
money how do we appease the shareholders i don't know how they would compete in that space with like
big brands uh by going to news services that's services organizations who don't want to deal with google
who don't want to deal with meta because google and meta killed their business so if they if they
can have an alternative to advertising on google and meta like they're kind of stuck right now
giving money to the devil maybe maxilla is going to be able to capture that market i kind of stuck right now giving money to the devil. Maybe Mozilla is going to be able to capture that market.
I kind of hope because I mean, the alternative is what?
They launch a web search service.
I mean, that's the strategy that Mozilla has been
been following with their product launches.
So I kind of don't want to see them do that
because that's going to be a flop.
I think the only company at this point
that could launch a search engine
that would legitimately become really popular is Safari.
And that's why Google pays Apple a lot of money to not do that.
Because if Apple decided tomorrow they want to have a search engine
and made it the default across the entire Apple line,
people would swap away, sure.
But there's a...
Like with Apple marketing their AI stuff as Apple intelligence,
Apple is really good at taking something that already exists,
doing it basically the same,
maybe have it be, like, shinier.
Like, they're really good at making good-looking phones
before everybody else was doing good-looking phones.
And they have very dedicated users and people see it as like a a sign of pride to be using the apple search engine if they launched it like google would legitimately have competition
oh yeah absolutely and they did they did already to google they displaced maps
so they launched apple maps on their devices most people
are using apple maps right now and apple is about to launch maps on the web as well so we'll see
what's going to happen right now it doesn't work on firefox for some odd reason they're blocking
in on the user agent level uh but it's coming so we'll see what happens i don't want apple to be
the only competitor to google but right like, these companies are so ridiculously valued.
Like, I don't know how, like, people have talked about, like, I've said this before, like, you know, if you're in the early days of the internet, you know, you saw, you saw MySpace got displaced by Facebook. You've seen all of, you've seen all these other services get displaced by these other websites.
And that was very possible
back in the early days of the web.
But the gap between the floor
and the ceiling is so much higher now
that what ends up happening
is you have these services that pop up
and there are a lot of really niche,
but popular social media services that
spin up out of nowhere they gain like a million users in a week or so and then google comes along
or another company comes along like hey here's a check we'll buy you and then they just vanish so
it's yeah before anything's actually able to compete they just buy everything they
can because they they have that much money they could just they could just do that
yeah absolutely i just want a competitor that's not going to be user hostile
and unfortunately apple ain't it apple is user hostile in their own way they're very pro user
in certain certain aspects of things but they do everything to lock that user in um so yeah i'm
just hoping that we get for those major services a good competitor that's not necessarily user
hostile i think we have a pretty good one for email right now proton is a is not user hostile
at all and they've pivoted to being a non-profit so that's at least a good alternative if you're
trying to google de-googleify your life and want want to drop Gmail. Or you can always self-host emails, but that's a horror show in itself.
If you ever tried it, it's not fun. Things are easier nowadays with like Docker containers that
you can deploy, but it's still like not a thing that most people ever want to touch. Even people
who have a tech background just don't
want to touch no because then you're dealing also with reputation building with your ip and stuff
like that and that's just not something you can solve with tech unfortunately um so the the biggest
the bigger the market share you have the more reputation you have and the less uh
filtered out you're going to be that's just the way it works unfortunately yeah um if we're
looking at social networks though we there is a big disruption with mastodon mastodon managed to
successfully not fully but somewhat successfully displace a small part of what twitter had uh
in certain niche markets so anything related to tech a lot of people are on Mastodon right now.
And personally speaking,
I've been having great conversation on Mastodon
with people there.
It's been amazing.
We've seen the same thing try to happen with Reddit,
with Lemmy.
I don't think it took off.
It's very hard to have proper conversation on Lemmy
on any subject.
There's just no engagement.
Same thing with YouTube.
We've had Odyssey.
We've had Peertube.
And they're surviving.
They're there.
But they don't necessarily have
the same engagement that YouTube has.
The one service that did manage
to get that kind of level of engagement
is Nebula.
So there are some alternatives.
What the hell is Nebula?
Nebula is a there are some alternatives. What the hell is Nebula? Nebula is a paid service.
Okay.
But it is a subscription-based service, but you do have a lot of content creators that are there.
And quite frankly, they're successful there. The revenue model for creators is a bit different, though.
But yeah, so there are some competitors that are coming up.
But I don't
necessarily want competitors to like be locked behind a pay gate because i feel like there's
so much there's so much information on youtube to try to learn something to get better to be
better as a person to like get into new hobbies and it would be sad to see that content go away because we're locking it
behind a pay gate or because it's non-viable with advertisement or whatever the reason
because what's going to end up happening is that you essentially lock out people who don't have
the means to pay for that information out of that out of that information and i mean the videos there can't could empower them
to provide for themselves so yeah it's there's a lot of people i see especially who were around
in the early days of the web who have this i guess you call it a utopian view of how the web should operate.
They think back to the 90s and they're like,
back then, you know, you didn't have every single website full of advertisements.
Most services were just being run as like volunteer things.
No one was making money.
And you have people think, well, why can't the web just go back to that?
And it would be nice if there was more self-hosting,
if there was more people doing their own thing.
It wasn't just every single, like, it would be nice if you went to a,
I don't know, let's say a creator's page,
and it didn't just link to their Twitter or their Facebook or like
anything like that but whilst it would be nice to have more people playing
around with things on the web you're never gonna get back to a point where
the web is just not like a very monetized space people have built up giant businesses on the web now it's it's not like
it was that's just trying to go back to that is just a it's a fruitless effort you're just
wasting time trying to argue that position advertising right now is the least restrictive
model and probably the least bad.
I think there is definitely a place
for paywalling content,
for like high production value content,
for sure.
Like, you know, you have like a big crew.
It costs like tens of thousands,
hundreds of thousands of dollars
to make something.
Sure.
Yeah, absolutely.
But if you had a paywall
just to access YouTube,
or to access a creator's channel,
most things that exist now would not exist.
People just don't have the production value to justify people paying for it,
and some might argue,
well, they just shouldn't be making stuff on the internet then,
and that's a fair argument to make,
but it's certainly not my position i think that it is nice that just any old person with a camera can go
and make things and they're not required to have this big crew behind them effectively just
reproducing tv on the internet yeah absolutely and i would even argue like the web of old where people would
self-host hasn't gone away it's still here people still self-host blogs with no advertisements
people still self-host their own videos their own thing things the issue is is that you can't have
that level of like small individual infrastructure management with the huge
amount of engagement that you get from a site like youtube right you can't have both of both worlds
that's just not possible because it gets to a point where it's not economically viable for you
to host a service that gets hit by millions of people worldwide every single day, especially not with video.
Yeah, I think that's a big part of the reason why PeerTube is just...
People have asked me, like, hey, why don't you use PeerTube?
I guess it's cool to have as a backup there
and just have another place people can see stuff,
but PeerTube just cannot work as a large video
distribution model because it is this thing where you know the only way you're going to
monetize stuff on peer tube is having in video ads by having links to go to other platforms and
it's really convenient what youtube provides just being able to upload a video and YouTube deals with all of the advertising
is very, very nice as someone who wants to make content.
And I don't think every platform needs to have user content monetized.
I think one of the most harmful things that happened to Twitter
is the fact that posts are now monetized if you have a checkmark.
So you have people, you already had people who were engagement farming just saying nonsense.
Now you have people engagement farming because they know they're going to make money from it.
I do like that if a comment gets a, what do you call it, a community note, it takes the monetization away.
So if people are trying to be really annoying with it, to like just make shit up uh it does stop that but there's a lot of
stuff that doesn't get noticed or is true enough where it doesn't get a note or like you you know
what you know exactly what's happening here like it's clearly set up for no other reason than to
get you to engage with it.
Yeah, absolutely.
And that's the, I mean, the other side of the coin with monetization,
there's always going to, people are going to try to min-max it, right?
And that's the issue with advertisements as well on websites.
You've got some websites who are 90% advertisement and 10% content.
Yeah, yeah.
Nobody wins here.
And that's why we have like click big farms and stuff like that.
So, but does that mean, okay, well, because we have those types of like very low effort, low quality content, we need completely kill any type of monetization on the web?
No, not really.
Because again, like you said, like there's value in having content freely accessible on the web.
There's places though that content's not paywalled and it works just fine look at the wikimedia foundation and wikipedia that's a very good example but i don't think as a society we can
have like a hundred wikipedias that we all donate to it just doesn doesn't work. And so you either end up with centralization of content
or with some way to monetize it
so that it can be somewhat distributed
between multiple platforms.
And the centralization is something that sort of,
it sort of naturally happens
when you have a distributed network.
Mastodon is a really good example of this.
Mastodon is set up to be this thing where
you have a bunch of small servers that are federated together
but you can see exactly what happens.
Where do people go sign up?
And this was especially true during a lot of people leaving Twitter.
They went to mastodon.social. They went to all of these other like
main Mastodon.social. They went to all of these other main mastodon services
because, firstly, there was confusion about how to sign up.
That's a fair point.
I will grant people that.
But also, they didn't want to go and find some little server.
They found the first thing that was mastodon-related,
and the first thing that's going to show up is the biggest one.
So they went to that one they went to the server
they went to the server with the biggest local feed
because when you
loaded up Mastodon that's what you saw
and
yeah and this is especially
it's even more true with the centralized
services where if you don't have
this communication across platforms
why would you want to go to some new social media platform that has a couple thousand users?
Where you could go to Twitter you go to Instagram you go to Facebook where?
you don't even have to tell people these exist because
Everyone you know probably already has an account and if they don't have an account
Like they were never gonna make an account on a a social media if they're one of those people
that don't have social media no social media platform is going to convince them to make it
yeah absolutely so i mean that's that's the that's the other side of the coin that's just
yeah that's how it is and to go back to our main subject that's why attribution is important
because like it or not advertisement is what is enabling those platforms to exist in the first
place regardless of your view if you like one platform another but we wouldn't have that trove of information of, yes, very good
videos, very bad videos, and everything in between if advertisement wasn't there.
And denying just a very basic measurement on if a campaign has been successful or not
is not going to allow advertisement to exist.
And I'd rather have a way that preserves user privacy
by having that metal man that aggregates
all the individual reports
and then ships that to the advertisers
versus having like the very invasive tracking
that we have in place right now.
That said, we do have both
it is another data point and we need that legislation aspect i think the one advantage
there is besides the collection information an advantage of having these centralized platforms is
take youtube for example it has advertising but because all video is on YouTube
and that's pretty much,
yes, it's TikTok.
Yeah, sure.
But if you're not using TikTok,
you're going to be on YouTube.
You can sort of justify
paying for like a ad-free version of it.
I think having that as an option there
is a good thing.
And I don't like the way it's being encouraged
because you have Google that owns YouTube and they also in the browser so they can be in this
position where they can make ad blocking harder so it encourages more people to pay for the service
but I do think having that option there I do pay for premium like it's just it's just easy I don't want to deal with ad blocking
breaking on YouTube because it does
break often I do use an ad blocker
for other sites because there's a lot of sites out there
like those ones that have 30
advertisements on the site especially
the ones that like to open up in like
other tabs and you click on
you click on the page and you don't
realize you're actually clicking on an ad because
there's actually an ad hidden in the page it's just like for sites like that you definitely need
to use some sort of ad blocking content blocking solution but for youtube like i am i'm happy to
pay for it because i use it enough anyway like i i get people having having right oh sorry yeah they do it the right way too because they
compensate content creators for people who are not viewing the ads yeah as a content creator
you're still getting paid even if somebody with youtube premium at a higher rate is watching your
video there you go and i pay for youtube premium as well because i don't feel like i'm i'm not
i'm not penalizing content creators that I'm watching their content.
And I don't get any ads.
So that's, I think the YouTube model here,
like Google is doing it right, personally speaking.
The one thing I don't like about the way that YouTube was doing,
I think they've started, I think I've changed it now.
They were bundling YouTube music and youtube premium for video together
so it was just more expensive than it really needed to be they i think they have split the
tier out now um but honestly i'm waiting for them to go like the the Netflix route and it's like well
premiums actually
Mostly ad supported and sometimes you might still get ads. I I know they're gonna do it
It's gonna happen at some point and it's gonna be like a really cheap version of or it's like
90% of the ads are gone, but every so often you still see one I I don't want it to happen, but I've seen it happen so many other times
that I just...
I would be surprised
if they don't do something really stupid.
Or it's like you get rid of in-video ads,
but they have banner ads or something like that.
Yeah, I'm hoping that...
Well, if it's banner ads, it's not too bad.
You can still block them.
But yeah, I agree with you.
I kind of hope they don't incentivize and shitify that specific service um to me if i feel like if i'm paying for an ad free
experience i want an ad free experience have you heard uh one of the things that youtube has been
working on regarding ads so with a bit of a bit of fun ad tech that a lot of people told me was
never gonna happen but i i knew was going to happen at some point.
So you know how on Twitch,
they inject the ad into the stream?
There's work being done to do that on YouTube as well.
So you actually will not be able to block the ad
in the current forms we're doing
because it'll be part of the video stream.
Yeah, and personally speaking i think it makes sense for a business like youtube it's it actually cost them a lot
to serve videos so for that one i kind of understand why like they want some return
investment it's not just like serving an h a plain html page where you're blocking ads the
cost for that is minimal.
Like we're talking fractions of a cent.
But for an actual video, the cost of encode, like serving it,
serving it from a server that's geographically close to you as well because they kind of replicate all videos across the globe
so you have a good experience.
I kind of understand from a cost perspective why they want to do that.
I kind of understand from a cost perspective why they want to do that.
It sucks.
And it sucks even more that it breaks extensions like sponsor block because then the length of the video is variable.
But I can understand why they're doing that.
Even if I absolutely hate this user.
But then again, I'm paying for premium,
so maybe I don't personally care, but yeah.
It is a bit frustrating when you're trying to watch a video like in a private window
or if you're just putting it on TV where you're not logged in
and then you end up with ads, you're like,
oh, well, that sucks.
So when it comes to this data collection
and individual tracking, all this stuff, like where is your personal line?
Like what do you think is a fine amount of data collection?
And where do you think they've gone too far that you're like, I want nothing to do with this?
I stop at crash metrics.
I want nothing to do with this.
I stop at crash metrics.
I really hate personal track,
like even behavioral tracking and applications because even though they say,
oh, well, it's going to lead to a better product.
No, it just leads to businesses taking decisions
to cut a particular feature
because 1% of users are using it.
It's never to improve a product.
It's to cut costs.
But as someone who has developed website in the past,
now I'm an architect,
so I don't necessarily do development anymore.
I understand the value of crash analytics
because then you get a crash log,
you get information about why the application has failed
and that actually leads to a better product
because maybe you can reproduce that
and then you get additional information.
But I would say that's about it.
Then if we're talking about like advertisement specifically,
my line is like attribution metrics.
And that's about, I think that's where the line goes.
That's their minimum amount of information
they need to run a business.
Right.
And that's fine. Yeah. so keep it as small as possible as generic as possible i guess in the case of crash logs they kind of have to be you can anonymize parts of it like
you don't need full file paths for example um. You just need... What do you call it?
I'm blanking on words.
Relative path.
You can have a relative path, for example,
to the application.
I'm blanking on words constantly today.
Yeah, you see relative path for things
that are important to the application.
And I guess...
Like hardware stuff,
depending on the application, is relevant, but for a lot of applications,
probably doesn't matter at all.
We wouldn't have that whole
controversy with Intel
processors if it wasn't for crash
metrics from games.
There is some use to it.
I have a friend who recently
bought a new Intel
CPU. His is fine.
Should I return it like
i would probably it's probably a good idea yeah oh yeah i am running a 3600x amd cpu i it works
fine i'm just there's a reason there is a reason i recommend this to everyone don't buy the newest
generation always i know in this case it's kind of hard because it's the 13th and it's both
generations that are problem but i usually buy the generation behind usually problems get ironed out
before you buy one then usually absolutely absolutely and amd users were relatively lucky the first
generation i had a first generation ryzen it wasn't too bad like we had memory training issues
that's about it and they got solved with bias updates but i'm looking at the issues with intel
13 engine 14 gen right now and i'm like i wouldn't want an intel c right now. I wouldn't be happy. What are you currently running?
7950X.
So I've graded from... I had the Ryzen 7.
I forget which one it was,
but it was right when they came out.
Then I upgraded to AM5 last year, I think.
Yeah, it's been a while.
I think it's been a year.
I probably should upgrade my system at some point. So far, it's been a while i think it's been a year i probably should upgrade my
system at some point so far it's been good i i usually i have a five-year rotation where i have
my main system and then i shift my main system to my network attached storage uh uh enclosure
so it lives and it lives on in there five years right right no that's actually a good way to do
it um like if you're gonna have a second
system anyway like assuming the
hardware's fine and you don't have a weird
intel situation right now
usually it's gonna be
good like maybe
drives become an issue but it's for
NAS anyway so you got drives for that
you probably rotate out as need to be
rotated out but usually everything else is gonna be
pretty good assuming you're not doing anything like that you probably rotate out as need to be rotated out but usually everything else is going to be
pretty good to be able to do anything like overclocking and burning things out no and it's been running fine like it's running a my my gitlab instance and stuff like that so it's been
it's been fine gitlab and build agents and my uh my automation stuff, which I self-host using Home Assistant
because no internet of things.
No thank you.
Not a fan of that?
Not a fan of that,
especially not the newer stuff
where it requires an online service
that might disappear if the company goes under.
Nah.
Buy an open protocol like Zigbee or now,
was it Treads I think is a new one?
Yeah.
Buy one of those and then use your own radios.
It's so much simpler.
It's more complicated to set up, but then you don't like it.
Once it's done, it's so much simpler to maintain.
I have never really looked into the home automation stuff.
I've had a couple of people come on who were like,
oh, I like doing all of this stuff.
If I run this command, all the lights in my office turn on. Automation stuff had a couple people come on who were like oh, I like doing all of this stuff like if I if I
Run this command all the lights in my office turn on as I set this all up like with open source stuff
And it's cool right like I think it's really cool
But it's just something I've never personally decided to sit down and like
Actually explore and find out like okay. i need to buy this i need to buy this
okay this works with this okay this software supports this and i'm sure i could work it out
just fine it's just you know there's there's only so many things that you can really focus on
and i get it if it's like a fun little hobby and that's what you want to do like that's cool
like more power to you and that's exactly how it started i saw homosystem hobby and that's what you want to do like that's cool like more power to you and
that's exactly how it started i saw home assistant like oh that's that looks nice i'll try one light
and then it's barreled out of control you start with one thing and then oh well i'm gonna add
something else and yeah 10 years down the line here you are actually i do have one fun thing that I recently bought let me just grab
that
do you know
do you know what this is
I don't know what that is
oh wait is that one of the original chrome
is that one of the google chromebooks this is a don't know what that is oh wait is that one of the original chrome is that one of the
google chromebooks this is a ivy bridge chromebook nice so uh i have been convinced by a couple of
people that old chromebooks are actually really good devices um i've got i've got this one here
that i bought and someone had already
Unlocked it and it's running Zubuntu, but it's running Zubuntu with a Mac OS theme
I don't know. I'm gonna do a video on what it's just running out of the box
I bought it because I just want to see like what
Modern desktops are gonna do on that thing because I there's people my audience who are like I use an Ivy Bridge CPU
I use a Haswell CPU, I want to see, like, how well does Gnome run on this thing,
how well is Cosmic gonna run on this thing, how well is KDE gonna run on this thing,
I also have another one that I'm buying, uh, that's not unlocked already, uh, a 11th gen
i5 system, um those ones... So, Google
doesn't care at all about you unlocking
a Chromebook. There's documentation on
the Chromium docs
on how to do it.
For anyone who doesn't know, there is
this cable called a SUSEQ cable
that you can make. The schematics are all open source.
And you just plug it into both USB-C
ports, and you can just unlock
the firmware. And there's a script that you can run
that a bunch of people,
because there is like this weird little community
around it as well.
And you just flash it with Core Boot
and then just stick Linux on it.
Some people are turning them into Hackintoshes,
which I think is kind of wild.
But you can get a really, really cheap, really powerful system
if you look a little bit with the Chromebooks
because most people just throw them out.
And you can get, like, one of the ones I saw was a 16 gigs of RAM,
11th gen i5, 256 gig storage for like $150.
That's a pretty good price yeah actually yeah then you can
just yeah unlock it install linux and then you have a nice little cheap on the road machine if
you want to like go camping and you don't really care about your computer that's great what it's
it's a good uh road warrior setup some of them have uh there's a couple of node issues with
some devices like oftentimes the fingerprint reader doesn't work which is fine um sometimes
there's a systemd service you need to run to get usb uh they're like modern usb standards running
um the biggest problem is some of them you have to make sure you're running a
a you have to run like a little
script to fix up the audio drivers because um they don't power limit on some of them so
you can yeah you can blow the speeches very easily
um yeah that would be unfortunate yeah yeah it would be but um it's really easy to go through
it's like all it's like in total like 15 commands you have to run and you have a core booted
chromebook like it's it's compared to some like a lot of people like to buy these old thinkpads
flashing some of those can be a giant nightmare like if you just want to stick linux on it it's
fine but getting them core booted can be a bit rough um yeah and it's sometimes sometimes you're
kind of playing russian roulette as well when you're purchasing it because it might just not
be unenrolled from the nbm as well so you might end up with a brick um that that's always a
challenge with like old corporate devices
even if you're buying it off the used market because you never know sometimes the company
went out of business but they're still enrolled in their mdm solution and you're kind of screwed
yep yep but yeah i'm gonna play around with this stuff a bit because like that that's that right
now is the uh the one fun uh tech hobby I have. Like I've,
I've, because I do all these Linux videos, I, here's the thing, right? I do all these Linux
videos and I, I like to talk about Linux a lot, but because I'm doing all these videos, I'm not
doing a bunch of stuff with Linux outside of that. It's like, you know, if you work a, a,
I know a lot of people that have, um, like developer jobs who, when they're in uni,
they did a lot of like side hobby and fun who, when they're in uni, they did a lot of side hobby and fun projects.
But now that they're working a 40-hour-a-week job programming all day, they don't keep up with any of the other fun stuff they were doing.
Yep, yep.
Totally feel that.
I feel like I've done the same thing when I started actually working a full-time job in IT.
It's just all the side projects that
were just gone at least when it came to coding uh yeah yeah i want to i want to pick up a lot
more of my um programming side hobbies again like i've very slowly been learning uh rust i'd been
wanting to do rust stuff for a long long time um but like sitting down and actually
finding a time where i'm like okay this is when i'm gonna do it i i didn't force myself to actually
just stop making excuses for it and actually go and do it like that's the real problem like it's
very easy to find excuses to not to not do things and instead go and do whatever whatever little
thing you have that's easier that's more comfortable yeah what i find is easiest is when i actually have a need for something
then sitting down and learning a new language to solve that specific problem that i have is
way easier than just saying okay well i'm gonna learn go today i'm gonna learn rust i'm gonna
learn c sharp i'm gonna run i'm gonna learn java whatever language you want to learn
if you're just doing it to learn without having set yourself a goal of
building something, it's so much, much, like it's so much harder. Like you need to know what you
want to do and then go do it. And then learning Rust is just part of the journey. Yeah. I have
this, um, this, I, it was a bash script bash script uh where I like to have my browsers
my um my browser bookmarks outside my browser so I have them in this like
a separate file and I can just run a command and it just opens up the bookmark in whatever
browser I have as my default I know you can like port your bookmarks between browsers yeah like
but I don't want to do that I just just have this script. I can just change one variable
and now I'm on Firefox.
Now I'm on Brave.
Now I'm on Chromium.
It's nice and easy.
Previously, it was in Bash
and I wrote this back when I,
when I cared about doing stuff in Bash
and it was this,
it was this disaster of a script
and I looked at it like,
what the hell is this?
How, how does this work why did i write
this um i decided to port it over to python because that's much nicer to look at and if i
don't look at it for a couple of months i can understand what the hell i wrote yeah
so that was something where i i went and like brushed off my Python again to go and do that.
But yeah, I don't really have anything specific I want to do with Rust.
And that's sort of the problem.
Like, maybe I should just sit down and say I want to make...
Like, I come up with an idea for a game and just go learn Godot or something.
And like, actually do something.
Because yeah, I do find it also difficult to...
actually do something because yeah i do find it also difficult to difficult to just learn it for the sake of learning it i guess yeah yeah absolutely uh
one of the like when was it in january i had that need so i i have a steam deck
yeah i got one great little yeah exactly. Great little device for Linux gaming and everything I see in the background.
And I upgraded mine to the OLED deck back in December.
But then there was that stupid, annoying thing where the OLED model has wake on Bluetooth.
So if a Bluetooth device wakes up, it will wake up your Steam deck.
up it will wake up your steam deck however there are specific brands of i don't know why bluetooth audio devices or headphones that will wake up your deck even though you want to like i
want i just i'm in the plane or i'm in the car i'm in i'm in the train i want to listen to music
i don't want to connect to my steam deck it used to turn on in my bag all the time so i ended up
so i ended up learning how to do a deki plugin
to turn that stuff off and now i did i did end up publishing a deki plugin essentially control uh
wake on bluetooth on the oled steam deck and now like i think for since may it's built in the us
but for a long time it wasn't and yeah i, I had this thing I needed to fix. It was bugging the crap out of me.
So, all right, let's learn how to do it.
And yeah, that's the easiest way
to get motivation to do something.
Yeah, whenever you have,
like that's why I've written
a lot of random bash scripts as well,
because back then I was doing a lot of stuff.
I think it was when I was using BSPWM,
where the way you configure it
is just running, I think the you configure it is just running...
I think the CLI tool is like BSPC, and that controls everything the window manager does.
So since you're using some CLI tool anyway, you might as well learn Bash alongside it.
Like, yeah, you could do OS system command calls in Python, but who cares about that?
No, just write these nonsense bash scripts where you're like, I don't I don't know what any of this does
But it works I knew it at the time and I'm sure if I wanted to sit down and relearn bash
I could work it all out again without much challenge, but holy shit if you forget how
How bash works for like complex structures? It's it's just not it's a pain yeah i
mean the worst the worst thing to do in bash is argument parsing if you're writing a script that's
going to take like command line switches and everything it's just painful so here's a trip
here's a here's a trick use arg bash it's gonna write that stuff for you you don't have to deal with yes yes and it's gonna do it in a portable way that's also gonna work with whatever
version of bash mac os is running nowadays uh i think mac os is zsh nowadays yeah but they still
ship bash but a really old version oh okay because. Because they still have to ship Bash for all the Bash scripts.
Right, right.
Yeah, I used to be the kind of person who would want to go and do everything by hand.
Like, I'm going to do my own argument parsing.
I'm going to do this myself.
I'm going to do that myself.
Just learn what's good to spend your time on.
If you want to write a library for argument parsing,
write a library for argument parsing.
But if your goal is to write, I don't know, a browser bookmark script,
use a library.
Just do it.
It'll make your life so much nicer.
I do like that in Python, they do have a...
Part of their standard library is an argument parser.
It's not perfect.
There's some like weird...
There's some weird limitations it has,
especially with things that need like double arguments.
But it works well enough for most things you want to do.
So just use it.
Just use it.
Yeah.
Yeah, absolutely.
Like, don't spend your time on the obstacle
that you have on your journey.
Just get rid of it and do the fun part,
which is solving the problem that you want to solve.
Again, but if the fun part for you is, right,
the argument parser, hey, like,
someone needs to do it.
Like, if there are people out there that like writing code documentation.
I don't.
I do it because it's a necessity.
And you can clearly see there's a lot of FOSS projects out there
that it's clearly not that much of a necessity.
Like, there are so many projects where I
don't understand how they
manage to find people who are insane enough
to want to get involved in the project
because
you know it's like
it's like they
read clean code
but then forgot that they were supposed to do the
clean part so they just ignore
the document they're like code is self-documenting.
And you look at the code
and it's
not.
Yeah.
When you look at a code base and you can actually
tell when that's like
that particular portion was
coded late at night, that particular
portion was coded early in the morning.
I mean, it's a labor of love.
But sometimes, yes, some some projects need a little bit a little bit more love.
It works, though.
And that's one thing like that's the most important, like no matter if your code is dirty or anything like that, if there's no if there's no security issues and it actually solves the problem that it was supposed to solve,
you've succeeded.
Yeah.
Like not every single piece of code
needs to be clean code,
even though, yeah, it's fun when it is.
But when you're a single maintainer
working on a project,
just deliver value.
At the end of the day, that's what matters.
Yeah, I think too many people get hung up
on the correct way to do something.
This is especially true if
you get involved in any Python spaces. Holy shit, every forum about Python, you'll have
people arguing about the correct way to approach every single little problem. It's like, oh, do it,
because there'll be like, Python will have a way way to do it and then they introduce a cleaner way to do it and then another way to do it and then another way to do it and
There'll be like
Documentation they'll be like their peps about like what is the correct standard at this point in time to write nice Python and I get it
It's a it's a good way to have like consistent language design
But some people get really obsessed with it and
spend a bit too much time focusing on which way should it be done now instead of just
how do i get the problem solved yeah i mean those kinds of decisions like how to how to how to code
now to present something is super useful when you're developing an API,
that's going to be then,
uh,
consumed by other projects.
That's one thing.
But if you're the,
the thing at the end of the,
of the road,
the,
the project that actually,
okay,
well interacts with the user itself.
It's not that important at the end of the day,
as long as the user understands how to use,
understand,
I'll use your project and it's doing what it's being asked of it sometimes it's good enough
i think if your goal is to have a style guide for a project that's fine as well
but yeah like if you're just if the goal is not to be in this big project it's just a single
developer as long as you know how it works
I do think there's there's a lot of value in adding comments
I know some people like very wary about why don't like comment to my code just add comments
You're gonna forget how it works. Just add something some little bit
It doesn't have to be like full code documentation where you can like generate HTML
Docs off of it like that doesn't need to be there
but at least if you're doing some like weird interaction if you're using if you're if you're
using like ternaries and things like that just put a little note there just be like why why are
you doing this like what what is the purpose of this interaction? Be kind to yourself.
Like, in six months down the line,
we're going to reread that regular expression
and you're going to go,
what the hell is this?
Yes, yes.
Especially regular expressions.
God.
Oh, yeah.
Oh.
I love that people...
I love that websites try to apply
restrictions to email
through regular expressions.
Email is such an absolutely busted standard.
People don't realize how many emails
according to the spec are valid emails.
The only reason, like, you wouldn't want to use most of these
because most websites apply arbitrary restrictions on what a valid email is.
But symbols that shouldn't be an email, structure that shouldn't be an email,
things that you just would never assume are valid.
There was a list I saw a while back.
Weird
valid emails.
I wonder if I can find it.
I feel like I've seen
that before. There's a bunch of people who've talked about it.
Oh yeah,
multiple apps are valid.
Just a random thing like that.
Just that by itself.
Or...
You can...
Like, you can just use
punctuation marks
throughout
the address.
Stop.
Or quoted strings.
Quoted strings are valid.
Quoted strings are valid.
And it doesn't even have to be that strange to completely break email validation.
Both websites just won't accept an IPv6 address after the at sign.
It's completely valid, though.
And at some point, you're being a bit evil
to the website person
if you're doing that but it is what it is
my favorite and this
breaks just a lot of things is you can use
emoji
some are fine with it but websites
like email you can send email
back and forth like that most of the time
but
websites are not going to be very happy about it.
There's a lot of weird things you can do there.
There used to be a difference between Windows machine
and macOS machine, the way they were handling Unicode.
As in, if you were typing with an international keyboard,
you're doing it in the E with an accent or something like that in windows it is in uh and f no it's an fc so the most composed like
compact it's one character essentially but it's two bytes but in mac os the way you would it would
be typed would be in decomposed form so you would have your E, your essentially linking character, then your accent.
If you put that in your passwords and you switch platforms, it would not validate on most websites because the byte representation of that character would be different between both platforms.
So that's always a fun, even if they would hash the password, it wouldn't matter.
Like they're hashing two different byte representations so it it a lot of
qa tests uh back in the day when i was uh working at the uh the um for sidley which was an advertising
agency would just fail at that simple test and we're based in we were based in montreal right
so we had a lot of like french accented characters because we wouldn't we had to normalize the utf-8
form before doing the hashing so there's there's weird internal stuff
like that between platforms i mean everybody knows about the different line endings between
for example windows old darwin now they switch to like the normal uh line feed character but
before it was just a carrier's return for some reason um and then linux which uses the uh line feed character so yeah it's there's
difference between platforms sometimes which are always fun to handle yeah yeah i'm happy that a
lot of i'm happily i get why they exist because you know the platforms were developed independently
but i'm very happy that at least some things we can agree on between the platforms where it's like
it's just easier to not do things weirdly like the fact that
We don't we don't have this situation like we had where different regions would handle
Special characters in different ways now we have this whole Unicode thing and we can agree on what Unicode means.
And it makes things considerably easier.
Now, some platforms like to add their...
There's like a custom Unicode space
where stuff is unassigned.
Some platforms like to use that to do funny things.
But for the most part, it's okay.
Same thing with like port handling, for example.
I'm very happy that we can generally agree
on certain ports mean certain things.
Don't overlap the port.
Don't.
You can change it if you need to,
but preferably leave it as it is.
There is a whole open space of unused ports go and use those ones oh yeah
yeah i mean standardization definitely has its place and it's less of a far west than it was
even 20 years ago where it's just interoperability between systems just a pain in the in the behind but to go back to browsers yeah thank god ie11 is is gone yeah yeah uh one thing back on the the
main topic is so this solution was a opt out so it's something that is enabled by default
and you had to actively go and disable
now some people were confused about the thing not showing up in search they're like oh my god
mozilla is hiding you can't search for the no it was because they were indexing i think the problem
is they weren't indexing h2 tags properly they weren't indexing h1s actually i think i'm
yeah i saw that as well i think i'm
the one who commented that on your uh on your discord but yeah they weren't indexing like the
primary the the h1 headers h2 headers war index and it does make sense if you look at the other
like search panes like user general you would end up like pretty much every single setting
uh or search you would end up with a full page so So it does make sense in a way that they wouldn't index the H1s.
But yeah, some people just decided to be full.
It's a conspiracy.
Yeah, a lot of people...
Occam's Razor is very misunderstood.
Oftentimes, the simplest solution is what is happening.
And that's what it was.
Some developer just forgot to index
things properly like that's that's much easier than there being this like giant conspiracy that
mozilla is trying to hide this they made public statements about it not trying to hide it from
you like that that doesn't even make any sense as a position to take so yeah and I believe they fixed it since the.1 release of 128.
So now you search advertising, it's there.
Yeah, when I disabled it on mine the other day.
Yeah, it's fine. There's no issue.
What I was going to ask about is, with it being opt-out,
what is your general stance on opt-in versus opt-out solutions
when it comes to data collection?
Assuming that you are...
Let's assume it's a system where you're comfortable with the data.
It doesn't matter what the data is, whatever your criteria is for okay.
Do you think a solution like that should still be
opt out or because there is people that simply don't like any sort of data collection whatsoever
it should instead be opt in i guess to appease those people or however you want to frame it
yeah i feel like it should be an informed
choice regardless if it's opt-out or opt-in.
If they would have popped up something saying
this is affecting your privacy,
this is something that we've added.
We've turned it on by default. Here's the button
to turn it off, but at least you're informed about it
once you launch. I don't think I would have
any issue if it would be opt-out
or opt-in, right? Because the user
is informed about something that affects
their privacy.
Yeah, I would prefer, personally speaking, to be opt-in,
but that's my personal preference.
In the big schema thing, it does a bit make sense
that that particular feature is opt-out,
but inform the user.
It's not that hard.
Even if it's opt-out out just let them know that you've
made a change you've added a setting that affects their privacy and if they want to opt out they can
click that button it's not that hard so if when when mozilla does something again where it's
possibly gonna be like an issue with their users how do you think they
should better approach it to make sure that it doesn't explode in their face again uh two ways
um have a global opt-out in the settings for all data collection so that way even if there's a new
setting that comes in you're automatically uptiled because you turned off you you've opted out for all all data collection and then have a mechanism
either a small window that pops up in the address bar or something before you navigate or in the
what's new page saying hey there's a new there's something that affects your privacy here's what
you need to know and here's how you act upon it um yeah that would be fine and increase communication and
have a global opt-out i think is the two things that maxilla needs to do that's fair because i
think the problem and this is a problem that a lot of projects have where they make a change but they
don't really understand how to communicate to the user like if you're a developer you're going to be
in in spaces where you're looking at like developer matrixes, developer IRCs,
you're looking at release notes and change logs and all the stuff so you're going to see things as they're happening.
But I think what is often misunderstood is that a lot of people aren't looking at blogs related to it.
They're not looking at the code changes, not looking at all of this stuff
that is important to look at and if you really want to know like like, that's where you should be looking, um, they're kind of just, like, hoping something gets mentioned
to them in the application, I know there's definitely going to be fatigue with that if they
say every single change, but I do agree that some sort of mention, especially for big things
regarding data, like, especially regarding data, because it's Mozilla, and Mozilla has this privacy reputation that a lot of people have assigned
to them, I think, yeah, putting it in a way the user's going to know about it is the only way
that, like, I think really makes sense, and it's the same thing with, like, a lot of these FOSS
projects that do these donation campaigns, they wonder why the donation campaigns aren't successful, but
You don't tell the user about it. You put it on your website
You'll put it on like your Mastodon feed, but the only people that are looking at that are your most dedicated of dedicated users
Yeah, but I would argue that having a pop-up for example on KDE saying hey
we're doing donation drive would annoy the users more than actually provide people, like, encourage people to donate.
So I don't necessarily think that that's necessarily a good option here.
But especially Mozilla, like if it would be, for example, Hyperland, which is a very small team of community managing and like working a project, if they would do something that affects privacy.
small team of community managing and like working a project if they would do something that affects privacy okay maybe they're gonna have a developer mindset to it and say no this is good for the
user whatever we're just gonna that's one thing mugzilla is a corporation at this point they have
a data privacy officer they have no excuse i'm sorry you need to better communicate to your users
you should know better and if you don't have a mechanism to do that right now you need to you need to
enforce a mechanism to do that and actually implement it yeah i i have a lot of
i i don't see a way where i can make an excuse for mozilla unfortunately for their lack of
their quite frankly like horrible communication that they have with their user base especially
for those types of changes i think a lot of people let mozilla get off the hook for a lot of stuff just
because you know they're not google so there's like this they mozilla has a lot of leeway to do
things that kind of annoy people but i think i i don't know got to a point where people as i said before like there's a lot
of stuff they've done over the past 10 years that have just built up a lot of distrust and
this is the thing that ended up getting like a lot of people talking about it
yep and there's still some information that's wrong out there that maxilla
never corrected the android version of firefox does not have the setting the reason why it doesn't
have the setting in the setting menu is because the code as far as i'm as far as i checked isn't
merged like it is part of the code it's not compiled so the the the ppa experiment is not
part of firefox mobile but yet you saw a lot of people online
saying oh well you have to enable the flags and turn it off in the options because we net we the
the the uh the setting isn't there in the option they're trying to hide it and well no it's it's
not there because the code itself like the flag is there because the the actual file that defines
flag is shared between all builds but the actual browser implementation
dom implementation of ppa is not compiled when you compile a firefox build for android
so turning on or off the setting does not do anything and it was like never turned on
on on firefox mobile period i actually didn't see people talking about that
yeah well if you go on master on there's a lot of people saying oh you got to go like do this
go in the flags turn it off and but yeah it's i i think just seeing the word advertisement
causes a lot of panic in people's uh in people's mind and i and i fully understand as somebody who absolutely hates being tracked uh but yeah i don't think i don't think we needed to be alarmists about that big era change right
yeah no i think i think that's all fair um well we're pretty much gone through everything i want
to talk about anyway uh we somehow got closer to ours talking about like random other stuff that was not at all on topic um but that's that is exactly on brand
for this show uh and people watch it for some reason i don't really get it um let people know
where they can find your stuff or anything you want to direct people to and yeah all that all
that fun stuff yeah absolutely uh the easiest way to if you want to direct people to and yeah all that all that fun stuff
yeah absolutely uh the easiest way to if you want to follow me is just go on my website
andrewmoore.ca where you'll have all my socials on there i um never post on youtube i think the
video on youtube is there from like 2011 and it's me complaining to our regulator that uh our
incumbent telecoms in Canada are
bad actors that want to kill unlimited
internet plans. That didn't come to pass.
Thank God.
Other than that, I post
on my blog sometimes.
I might actually do a post about
Bitwarden taking
a bad decision with their
passkey implementation.
So that may be coming up.
We'll see.
But yeah,
they're essentially
they're essentially ignoring user verification.
If a website requests user verification, they used to ask the user
to put in their master password to verify that they're really the user.
They're turning that off to the user friction, which
yeah, would just lead to people banning bit wardens guid from services because if
you're lying oh and oh yeah they're sending that they did uh do user verification so they're sending
sending the flag to true in the attestation even though they didn't so it's a bit weird they're not
being standard compliant based on the yeah so we'll see i i'm thinking of writing about it but I need to understand what's going on before so
yeah that's fun
I
that one hadn't come across my radar yet
it's it's a recent change I don't think
they've released the the version
that removes user verification
yet so it's it's in their pipeline
that's coming in the
July version which has been delayed due to build failures but it's it's in their pipeline that's coming in the uh july version which has been
delayed due to build failures but it's coming up okay anything else you want to direct people to
or is that pretty much it that's pretty much it okay um yeah my my main channel is brody robertson
i do linux videos there six-ish days a week.
Check it out.
See what's over there.
I've got my gaming channel, Brody on Games.
Right now, I'm probably still playing
Three Devils May Cry 4 and Kingdom Hearts Birth by Sleep.
Both very fun games.
And if you want to hear the audio version of this,
you can find that on basically any audio podcast platform.
There is an RSS feed.
Put it into your favorite app and you'll be good
to go. And if you want to
see the video, it is on YouTube,
Tech Over Tea. And yeah,
I'll give you the final word. What do you want to
say? How do you want to end us off?
Don't forget to contact your
legislators. Make sure that
they hear you, that we're all
tired of invasive behavioral tracking
on the web and maybe we can get that ball rolling uh now that there's alternatives in place
hopefully that'll be nice yeah sweet all right