I’ve found a lot of people are quite naively idealistic around browser development. The rendering, JS engines in Firefox and Chrome are state-of-the-art and take small armies to build and maintain. Mozilla has to strike a balance between revenue seeking and consumer protection seeking behavior that I would imagine is quite difficult to maintain.
Lots of people here additionally are up in arms their incredibly specific workflow was upheaveled by a movement to webextensions planned like 2 years in advance. Browser engines don’t have the luxury of being vim and supporting every environment and config.
> Lots of people here additionally are up in arms their incredibly specific workflow was upheaveled by a movement to webextensions planned like 2 years in advance.
They're up in arms because of an upheaval which prevents anyone from restoring their workflow: the new extensions API simply does not allow the extensibility the new extensions API allowed. Some of the changes are arbitrary (e.g. it's not possible to rebind C-n).
The move to Quantum is awesome, but the permanent loss of functionality is not.
Likewise, the security reversion in the Sync protocol is another unforced error.
I wouldn't call it permanent. It'll just take time to build up the WebExtensions API set more, which there should be more breathing room to do with 57 finally out the door.
The change to the Sync security model happened in response to years of user feedback about the usability of the system as it was.
> The change to the Sync security model happened in response to years of user feedback about the usability of the system as it was.
They should have improved default usability while still preserving their previously-unmatched security level. Yes, the old system didn't do what novices expected, and yes they should have gotten a default system which would. But experts should still be able to use a truly-secure system.
It's currently impossible to use the Sync system securely: even if one ran one's own Accounts server remotely, then an attacker would still be able to inject malicious JavaScript into the signin page. Accounts should never have been usable from within a web page; they should always have been isolated to the browser chrome.
Then what the hell did I donate money to them for? I thought their whole thing was they were for "people, not profit." I don't want my technology to make money off of me in any way I'm not aware of.
Besides, it looks like the amount of cash that Mozilla got for stuff like Pocket or Mr Robot is tiny compared to their other sources of revenue. It doesn't seem something worth to taint their brandname and ethos for.
If you rule out Firefox, there's hardly any viable option for a modern, feature-complete and freedom-respecting browser. Chromium is OK, but those suspicious blobs don't look very appealing.
For me the most shocking part is that the FSF has a Firefox ESR fork, IceCat, which is hardly maintained and goes 2 versions behind mainline. They don't even bother patching CVEs...
For the record, Mozilla didn't get any money for the Mr. Robot tie-in: it was supposed to be part of a mutual cross-promotion campaign. I don't think the original Pocket integration was paid, either, though my memory there is hazy. Either way Mozilla now owns Pocket anyway.
You probably donated money to the Mozilla Foundation, which owns the Mozilla Corporation. The Corporation is not a nonprofit, in the sense that it's taxed, although that is not the same thing as saying their goal is profit.
> Lots of people here additionally are up in arms their incredibly specific workflow was upheaveled by a movement to webextensions planned like 2 years in advance.
Maybe their incredibly specific workflow involves a piece of multi-million dollar equipment and updating to a new API involves reflashing its firmware for some crazy reason. (alternately, 100 $200 pieces of equipment in hard-to-reach places that must be manually reflashed.)
2 years may be roughly the maximum attention span of a software project, but 5 years seems like a better number for bedrock systems like web browser.
I don't mean to trivialize what goes into Firefox, just that backwards compatibility is a big deal and most software companies don't take it seriously enough.
If Mozilla didn't take backwards compatibility seriously then the JS and layout engines in Firefox could be a whooole lot simpler than they are now...
Really, the point of WebExtensions is to establish a well-defined, maintainable API set that can be kept backwards-compatible going forward. Swaths of legacy extensions were already breaking with every release as internal APIs changed. The old system made the e10s (multiprocess) roll-out inordinately more painful and slower than it would have been with WebExtensions, for example.
Did Mozilla claim to offer support for their product for that period of time? Why would an embedded developer take a dependency on a third party product that does not have a guaranteed support cycle greater than the life of the device?
Perhaps a multi-million dollar piece of equipment shouldn't depend on a third party to maintain legacy protocols. If such R&D could be put into an embedded device, then a little bit of R&D could be put into a proper REST interface so that it could be properly maintained in the future.
Just because it was planned 2 years in advance doesn't make it any less meaningful. And there were a lot of "incredibly specific workflows" that xul extensions allowed that webextensions won't. Will you deny millions of people each their own incredibly specific workflow if there's one singular ecosystem that mozilla has to maintain, to accommodate them all?
I would say yes, since web browsers should prioritise performance and security of their primary use case which is accessing the web. In my opinion extensions are just a nice add-on, not the reason browsers exist in the first place. Most developers understand from their own experience that backwards compatibility while admirable can be very costly to maintain forever.
>>I’ve found a lot of people are quite naively idealistic around browser development.
So it is naive to hold a Non-Profit to their foundational mission statement and goal? Their Manfeisto?
Mozilla is not, or rather used to not be, just a For-Profit Software firm making a browser. They were a Non-Profit Foundation started to advance ideological and philosophical ideas, namely Open Web Standards and Access for all.
It seems like you are perfectly find with Losing the Mozilla Foundation, and replacing it with Mozilla Corporation the software developers that make a commercial browser.
Maybe FireFox 60 should just go closed source and charge $40 a download
We need to balance "holding them accountable" and "being realistic". Mozilla cannot compete against Google without funding from somewhere. As far as I know, this is a fact. So the question, to me, becomes "what kind of funding is acceptable?"
And I suspect this is where we completely differ - because while Mozilla has made some mistakes, I am not nearly as enraged as some of the other commenters I've seen have been.
I think Mozilla has been doing a great job, with a few notable hiccups.
Lots of people here additionally are up in arms their incredibly specific workflow was upheaveled by a movement to webextensions planned like 2 years in advance. Browser engines don’t have the luxury of being vim and supporting every environment and config.