18 votes

What happened to Mozilla?

21 comments

  1. [4]
    helloworld
    Link
    There isn't much in this article than what most people on Tildes already know or have discussed. So to summarize, Mozilla has been a bad kid for quite a while now, except that every other kid in...

    There isn't much in this article than what most people on Tildes already know or have discussed.

    So to summarize, Mozilla has been a bad kid for quite a while now, except that every other kid in school is worse, so punishing Mozilla will only set a bad precedent.

    Or, you can have your own better behaved kid be sent to school, but that's not so easy, so this is where we are.

    15 votes
    1. [3]
      freddy
      (edited )
      Link Parent
      I'm sorry you feel this way, I'd been trying to publish it for some time but hadn't been able to. Hence, it's already been discussed. EDIT: due to the ammount of inaccuracies, the article will be...

      There isn't much in this article than what most people on Tildes already know or have discussed.

      I'm sorry you feel this way, I'd been trying to publish it for some time but hadn't been able to. Hence, it's already been discussed.

      EDIT: due to the ammount of inaccuracies, the article will be reciving an update shortly.

      11 votes
      1. [2]
        helloworld
        Link Parent
        Hey, just by writing and publishing something you're already ahead of me. I'll make sure to read the fixed version as well. Thanks for being a good sport.

        Hey, just by writing and publishing something you're already ahead of me. I'll make sure to read the fixed version as well. Thanks for being a good sport.

        9 votes
        1. freddy
          (edited )
          Link Parent
          Yeah, well I enjoy writing and felt as though it would be good to publish something on the topic. I don't usually muck up my articles to this extent, but hey ho. I'm glad you'll read the updated...

          Yeah, well I enjoy writing and felt as though it would be good to publish something on the topic. I don't usually muck up my articles to this extent, but hey ho. I'm glad you'll read the updated article, and I hope it's an improvement.

          EDIT: here is the updated version: https://dt.gl/what-happened-to-mozilla-revised/

          4 votes
  2. [12]
    nothis
    Link
    I read about all of that, but seeing it summarized somehow increases the impact of it. I mean, this is just bitter:

    I read about all of that, but seeing it summarized somehow increases the impact of it. I mean, this is just bitter:

    Specifically, Mozilla are getting rid of Servo, Mozilla's research team, their security team and their Developer Network (MDN)

    9 votes
    1. [11]
      ThatFanficGuy
      Link Parent
      Thank fuckin' goodness that's not true. They're not getting rid of it: just cutting funds to its development.

      and their Developer Network (MDN)

      Thank fuckin' goodness that's not true. They're not getting rid of it: just cutting funds to its development.

      18 votes
      1. [7]
        nothis
        Link Parent
        They're not literally shutting the site down, but they fired a significant part of their tech writing team. Since the main benefit of a resource like this is less its existence but the continued...

        They're not literally shutting the site down, but they fired a significant part of their tech writing team.

        The other areas we have had to scale back on staffing and programs include: Mozilla developer programs, developer events and advocacy, and our MDN tech writing.

        We recognize that our tech writing staff drive a great deal of value to MDN users, as do partner contributions to the content. So we are working on a plan to keep the content up to date.

        Since the main benefit of a resource like this is less its existence but the continued updating and support, I'd consider that an abandonment of MDN as it exists today. "Working on a plan to keep the content up to date" is about the most worrying statement you can hear, since they're reasonably good at PR and this sounds bad despite their efforts to make it sound good. It reads like they're trying to essentially shut down professional (as in: actually hired and paid) moderation and content creation.

        10 votes
        1. ThatFanficGuy
          Link Parent
          Which would be an example under "the opposite of getting rid of", yes. I usually stumble upon new features either on the rare occasion I actually visit the MDN itself (I use third-party...

          They're not literally shutting the site down, but they fired a significant part of their tech writing team.

          Which would be an example under "the opposite of getting rid of", yes.

          Since the main benefit of a resource like this is less its existence but the continued updating and support

          I usually stumble upon new features either on the rare occasion I actually visit the MDN itself (I use third-party interfaces) and see a sudden new property in the navigation sidebar, or because I read about it elsewhere. Relying on MDN alone to keep you up to date, even before the lay-offs, would seem myopic to me when there are dozens of excellent resources that keep up and look into the future.

          So I wouldn't consider this its main utility. That, to my mind, is the fact that it's a repository of all common properties that you can't afford to memorize, with examples, detailed descriptions, and "see also" lists. As long as it doesn't go away... well, we're not good, exactly, but we're okay.

          3 votes
        2. [5]
          Neverland
          (edited )
          Link Parent
          neophyte here: How significant is what really happened to someone whose threat model includes having been spear phished from .ru before? (Thanks to my naive use of LinkedIn. Which is the biggest...

          their security team

          neophyte here: How significant is what really happened to someone whose threat model includes having been spear phished from .ru before? (Thanks to my naive use of LinkedIn. Which is the biggest boon to intel since I donno?)

          For example, should I continue having a password manager extension in Firefox? Should I still have some passwords saved in Firefox? Is MS Edge the next least worst thing, and should I jump if my top 2 requirements are security then privacy?

          I would much rather stay with FF if appropriate. I know FF is still FOSS, so that is a huge plus, and it does actually have a ton of eyes on it which should provide the intended sec benefits of FOSS. Any feedback is greatly appreciated, I've heard other opinions but I remember that there is a lot of knowledge here on this topic.

          2 votes
          1. [4]
            Parameter
            Link Parent
            Last pass and the ff password manager are probably safe enough but you could restrict it to netflix, hulu, etc. versus banking accounts or a primary email. The real concern for you is getting lead...

            Last pass and the ff password manager are probably safe enough but you could restrict it to netflix, hulu, etc. versus banking accounts or a primary email.

            The real concern for you is getting lead to some site that is going to run shady javascript on your machine.

            The ff addon ublock origin is what everyone is using. Combine that with the addons https everywhere and privacy badger (they do everything, you won't need to fuss with them) and you will make yourself so much safer than you are. This setup does a lot of the work for you and is good for improving privacy and security.

            3 votes
            1. [3]
              Neverland
              (edited )
              Link Parent
              Thanks! It’s good to hear I was at least on the right track. I’ve got https everywhere, privacy badger and ublock. On the network side, I started building a porta-homelab/firewall. Goal is to...

              Thanks! It’s good to hear I was at least on the right track. I’ve got https everywhere, privacy badger and ublock. On the network side, I started building a porta-homelab/firewall. Goal is to learn, research, and hopefully secure myself. I got a little Protectli FW4B and it’s running esxi7 with pfsense (pfblocker and snort) and the ELK stack on an Ubuntu guest.

              I set up geoblocking for countries that don’t co-operate with US or EU law enforcement, and I think I’m adding Holland and S Korea to that list. I know it’s not at all foolproof, but it certainly has been eye opening. Blocks a ton of .ru connection attempts, among others. If security is like an onion then I am happy to expend cpu and ram on this even if it’s not perfect.

              Oddly enough it pointed out that fact that my GeForce Now activation email linked to subdomain.nvidia.cn ... seriously why? Ping sucked, the CCP is involved, and just changing .cn to .com activated my account. Could hosting be that much cheaper?

              Not sure where to go next... would studying for a cert be helpful?

              Edit: I stumbled into it, but I guess working in security actually sounds interesting to me. Also, for any other noobs reading this, checkout jnettop. It’s just neat to look at. Use the number keys to change network interfaces.

              1. [2]
                Parameter
                Link Parent
                Wow that sounds pretty fancy. I'm pretty basic in that regard, just ufw with a few rules to allow apt and stuff. The right cert could certainty help, a general Linux cert would be good for...

                Wow that sounds pretty fancy. I'm pretty basic in that regard, just ufw with a few rules to allow apt and stuff.

                The right cert could certainty help, a general Linux cert would be good for understanding the fundamentals.

                1 vote
                1. Neverland
                  (edited )
                  Link Parent
                  Fancy maybe, but I am probably using 1% of the tool, and incorrectly at that. I had been trying to avoid learning Linux firewall stuff but finally bit the bullet recently with ufw. * I do need...

                  Wow, that sounds pretty fancy..

                  Fancy maybe, but I am probably using 1% of the tool, and incorrectly at that.

                  just ufw with a few rules to allow apt and stuff

                  I had been trying to avoid learning Linux firewall stuff but finally bit the bullet recently with ufw. *

                  I do need what you say below, and real networking fundamentals too.

                  The right cert could certainty help, a general Linux cert would be good for understanding the fundamentals.

                  The signal to noise ratio sucks for me in “cert” search results. Could anyone please point me to a specific cert for Linux and one for networking? Let’s say I wanted to eventually be able to do lab research like reverse engineering APIs to look for shady stuff/CVEs and I currently have a middle aged script kiddie level of understanding. I need solid entry level stuff to build on I suppose, so which certs would you recommend?

                  * this is because I used to run OpenSnitch and manually allow things... yup.

      2. [2]
        DougM
        Link Parent
        When I first heard this, my heart sank. Glad to know it's not true.

        When I first heard this, my heart sank. Glad to know it's not true.

        5 votes
        1. ThatFanficGuy
          Link Parent
          I know. The amount of times I consulted MDN for things big and small is incalculable. I'm sure lots of devs do the same, even mature and experienced ones.

          I know. The amount of times I consulted MDN for things big and small is incalculable. I'm sure lots of devs do the same, even mature and experienced ones.

          5 votes
      3. freddy
        (edited )
        Link Parent
        Due to the ammount of inaccuracies, the article will be reciving an update shortly. I made a lot of mistakes writing this article and I'm happy to admit that. EDIT: heres the updated version...

        They're not getting rid of it: just cutting funds to its development.

        Due to the ammount of inaccuracies, the article will be reciving an update shortly. I made a lot of mistakes writing this article and I'm happy to admit that.

        EDIT: heres the updated version https://dt.gl/what-happened-to-mozilla-revised/

        5 votes
  3. dblohm7
    Link
    Personal opinion, as always: I see this repeated in a lot of places, but it is not quite accurate. Yes, some security people unfortunately were laid off. My heart goes out to them, and I...

    Personal opinion, as always:

    their security team

    I see this repeated in a lot of places, but it is not quite accurate. Yes, some security people unfortunately were laid off. My heart goes out to them, and I understand why anybody who lost their jobs would express anger. But the notion that there was only one security team, and they have all been laid off, is false. Mozilla is well aware that security and privacy features are not optional in a modern web engine.

    For example, the Gecko sandboxing/hardening team was left completely intact.

    5 votes
  4. justcool393
    Link
    Mozilla having trouble is just bitter for me. As much as I didn't like IE and as much as I was kinda meh towards Edge, I was kinda glad that they're existing so that Google couldn't just run away...

    Mozilla having trouble is just bitter for me. As much as I didn't like IE and as much as I was kinda meh towards Edge, I was kinda glad that they're existing so that Google couldn't just run away with a huge monopoly in the industry.

    I don't think HTTP is going away anytime soon, for better or worse. It seems to be so embedded in everything if you want to do much on the internet. I've done stuff with other protocols and just writing a spec for a protocol for practice in that sort of design, but it's mostly theoretical.

    A lot of stuff I've found just uses straight HTTP or HTTP for part of the system.

    3 votes
  5. [2]
    MeckiSpaghetti
    Link
    Hey, the link doesn't seem to work anymore. It gives me a 404 error.

    Hey, the link doesn't seem to work anymore. It gives me a 404 error.

    1 vote