[GoLUG] If firefox really cared about security

Barry Fishman barry at ecubist.org
Fri Aug 29 13:35:13 EDT 2025 

On 2025-08-28 23:13:52 -07, Kyle Terrien wrote:
> On Thu, Aug 28, 2025 at 10:26:22AM -0500, Barry Fishman wrote:
>> A fine example of pipikism.
> ... if Your
> mean “why is the choice of enabling it or not” a problem, here is an
> explanation:

I think the issues around the ethics about Mozilla's behavior are
complex. This time you give a clear and valid response against
what Mozilla was doing.  Mozilla is badly managed and makes some bad
decisions in regard to their users freedom.

But I get upset when free software proponents use the kind of over the
top, meme based, simplistic, and unsound arguments that are being used
against them.  It feeds the "our team" vs "their team" mentality that
seems to a part of the large growth in corruption in our society.

And is so tempting to be drawn into.

> The problem is that in 2013, the world’s second most popular web
> browser changed from not supporting EME at all to all of sudden
> supporting it out of the box.  Think about it from the perspective of
> a product owner of a legitimate streaming website.  Any strong-armed
> suggestion from upper management to use EME could no longer be
> countered with “but it will break in Firefox, one of the major web
> browsers.”

I think the web has become a major part of how we interact with others,
and having it entirely the province of a few large companies is a
problem.

Firefox went from almost 32% of the market in 2010 to 2.45% now.

https://gs.statcounter.com/browser-market-share#monthly-200901-202507


The loss seem very smooth starting about 2012.  Encrypted Media
Extension (EME) support in Firefox started in 2015, and XML User
Interface Language (XUL) was dropped in 2017 (according to Wikipedia).
Its hard for me do see a significant change in Firefox use do to either
of theses events.

I would hope that there was more of an impact of these changes and the
sketchy practices within Mozilla but there wasn't.  The only real growth
was in Chrome even after the growing enshittification of their product,
and Safari where Apple prevents any other browser engine on their
platform.

Browsers that continue to use the XUL extensions like Waterfox, Pale
Moon, Basilisk, and Conkeror, or webkit ones like Nyxt only have niche
amounts of users.

Chrome's browser share is such that much of the general web are tuned
just for them and even with Firefox concessions still have problems
there.

I needed to sign a contract via the web recently that required the
participants, split across the country, to use Chrome.  I ended up
having to temporarily install Chrome on my laptop, and afterwards spend
time erasing the changes it made in my user configuration.  Fortunately
this wasn't as bad as in the past, where it hooked itself into my
default media files.  Now Chrome asks (persistently) first.

But Firefox supports enough of the net so I can use it as my primary
browser.  I can't do that with the others, and would have to keep
chromium on my computer for particular sites, and Google would still
have leverage on me.

Firefox made concessions which did not reverse their loss of users, but
did keep them relevant in the browser user base.  As Chrome, and Google in
general tend to make their user experience worse with more ads and junk,
people might again start moving back to Firefox as it is.  I don't think
they will move to a more user-centric browser that they couldn't run
most streaming services.  Or maybe it is a lost cause.

The Electronic Frontier Foundation (EFF) withdrew from the World Wide
Web Consortium (W3C) because of their adoption of EME.  I don't dispute
their action.  It was a choice between remaining in organization and
having some say in what standards are developed, or leaving because they
felt powerless to influence the core decisions that are being made.

But these standards are a necessary part of ensuring the interoperability
of internet.  Some of what the W3C does is establish standards for
things like ActivityPUB which makes things like Mastodon, GNU social,
and a variety of other social networks interoperate.

But I think ActivityPUB came about from the work of people like Evan
Prodromou, Christine Lemmer-Webber, and others, developing it outside
the W3C, and then presenting W3C with its as something already being
used, and in a sense something hard to refuse.

But there is room for things like Emacs that can exist as a model
environment for free and open development.  I don't think these projects
are ever going to get wide adoption, but I think they can contribute
greatly too the design of projects that do.

When it comes to investing my time, I would like browsers like NYXT to
be developed that do allow users a great deal of control over the
browser.  I use Emacs' internal non-javascript browser in reading my
mail, and visiting web addresses I don't fully trust.  But some mail
from sites I do trust and have content I want to see the full HTML
display, I have Emacs (GNUS) pop up in a Firefox window.

So I don't invest my development time in Firefox but have contributed to
projects that are more FSF friendly.

> While everyone was distracted by the sleight-of-hand, the truly
> nefarious parties silently took over web standards.  Now, we are
> cooked because there is no organized resistance to the 1984-esque
> totalitarian control that the nefarious parties are about to unleash
> upon everyone.

This is drifting in to politics, but unfortunately much of Science and
Tech has been politicalized.  This forces us to be confronted in the same
way.

If you are interested in what I think is going on you might read the
book "Doppleganger" by Naomi Klein.  I stole the idea of "Pipikism" from
her.  Its not an easy read for those of us that are concerned, but it
does give a clear viewpoint on what seems to be happening, and how it
might be confronted.

-- 
Barry Fishman

More information about the GoLUG mailing list