Mozilla - Devil Incarnate

Introduction

If you haven't been living under a rock for the last decade or so, you will at least know Mozilla as the developer of the popular Firefox web browser. Of course, if you've been reading this website a little, you'd guess that there is a darker story behind Mozilla. There is no bigger example of a corporation pretending to be your friend while being your worst enemy. And you don't have to dig too deep to prove it (but we will in this article!) - just get past the skin-deep veil of Mozilla's deception and you reveal a greedy, controlling, sneaky, deceptive, abusive, data hoarding, disempowering, doublespeaking, vile spawn of Satan. So what makes Mozilla different than Google, Microsoft and such? Well, it's the facade of course; they campaign against all the sins they themselves partake in! And it is this facade which I will smash in this article, little by little...

Mozilla's pretend privacy

First, the facade - let me show you some quotes and article titles from Mozilla's website:

Fast. Private. Fearless. (this is about Firefox)
Your Privacy Focused Holiday Shopping Guide
Latest Firefox Rolls Out Enhanced Tracking Protection
When the Facebook breach was revealed, Mozilla had an immediate response – and a Firefox product to support user privacy.
Individuals’ security and privacy on the internet are fundamental and must not be treated as optional.
In our Webby-winning podcast, IRL, Veronica Belmont gets real about the online issues that affect our real lives, from privacy and filter...

There is much, much more. That's not even considering the stuff inside their browser, such as the fake initiatives Do Not Track and Private Browsing. If you saw just these quotes, you'd think they must be some champions of privacy; nothing could be further from the truth, though. OK, now let's move on to the fun part - busting the facade! For that, we have to direct ourselves to their website privacy policy (archive) as well as general privacy policy (archive):

Mozilla's privacy policy

We care about your privacy. When Mozilla (that's us) collects information about you, our Mozilla Privacy Policy describes how we handle that information.

They are shameless - still trying to keep up the facade even when the same document refutes it later.

We may use cookies, device information and IP addresses [...]

I don't give a shit what you use it for - keep your hands off my device information!

We may also use cookies, device information and IP addresses, along with clear GIFs, cookies and third party services [...]

Clear GIFs - that's a common tactic of trackers - the same trackers that Mozilla proudly speaks out against! And then the third party services - so they now recruit others to spy on you as well.

Mozilla has implemented third-party technology, Google’s Invisible reCAPTCHA [...]

Google is one of the most anti-privacy companies there are; and here Mozilla is allying with them - proving they are made of the same mold. The really vile thing here is that since the captcha is "invisible", you will have your data collected by Google and you won't even know it's happening. Okay, let's move on to the regular privacy policy which describes how the data gets used:

Your privacy is an important factor that Mozilla (that's us) considers in the development of each of our products and services.

Still continuing the pretense? Anyway, let's check out the section when do we share your information with others?

For processing or providing products and services to you, but only if those entities receiving your information are contractually obligated to handle the data in ways that are approved by Mozilla.

So Mozilla is sending your information around to some unknown entities - but it's fine since they are obligated to handle the data in a way that Mozilla has approved (does that strike you with confidence after reading the above quotes?).

When we are fulfilling our mission of being open. We sometimes release information to make our products better and foster an open web, but when we do so, we will remove your personal information and try to disclose it in a way that minimizes the risk of you being re-identified.

So you release information but it's fine since you minimize the risk of me being identified? Well, minimize means it's still not zero, so fuck off with that excuse.

When we believe it is necessary to prevent harm to you or someone else.

That can mean absolutely anything. So just expect your information to be thrown around for any reason! Now for something even worse - the Firefox privacy policy (archive):

Firefox privacy policy

That’s why we build Firefox, and all our products, to give you greater control over the information you share online and the information you share with us. We strive to collect only what we need to improve Firefox for everyone.

Still lying I see. Okay, now - the section is very fucking long, and I don't want to bore you to death here, so I will just list the general data that FF collects, straight from the horse's mouth: Interaction data, location data, webpage data for Snippets, webpage data for Pocket recommendations, technical data for updates, technical data for Add-ons blocklist,  webpage and technical data to Google's SafeBrowsing service, webpage and technical data to Certificate Authorities, crash reports, campaign and referral data, search suggestions, Firefox Accounts data, Synced data, Screenshot uploads, Addon search queries...and I've skipped much of it anyway. There are probably very few pieces of software collecting MORE data by default than Mozilla Firefox. Check their website for more or even better - the Spyware Watchdog (archive) for a saner analysis.

Anti-privacy nonsense backfires at Mozilla

It's January 13, 2022, and a terrible bug (archive) has struck our favorite web browser, Mozilla Firefox. Whenever anyone ran it, it stole 100% of their CPU cycles - affecting all versions. Why did this happen? From what I've been able to discern, some of the unsolicited requests (Firefox Data Collection and others) Firefox makes at launch connected to servers that screwed up their HTTP3 implementation. Most of the comments that provided solutions (disabling telemetry / HTTP3 or installing an adblocker) have been hidden (censored). This situation proves not only that Mozilla's staff is incompetent, but that they also hate the users since they hide workarounds for their fuckups and still won't disable telemetry by default, which causes them in the first place. Anyway, let's explode some other myths about Mozilla:

Freedom is slavery

Individuals must have the ability to shape the internet and their own experiences on it.
Firefox Puts You in Control of Your Online Life
We created Firefox to give people choice and control of their Web experience and we’re always adding more ways to personalize your Firefox.
Celebrating Choice, Control and Independence On the Web
Ten years ago, we made Firefox to keep the Internet in each of our hands — to create choice and put you in control of your life online.

History of Mozilla's anti-control

To get a big picture view of this one, it's necessary to go back in history quite some time. Let's put the Settings menus of Firefox 17 and 63 side by side:

As we can see, the trend has been to remove options - so less control for the user, contrary to the claims of Mozilla. But these are pretty minor - wait until you see the really vile things. In version 23 (which came out in 2013), Mozilla removed the ability to disable JavaScript from the Settings menu. Now, you could say "just use an addon to handle JS permissions!" and I agree - but that is no reason to remove the option for the people who want it. And there is another problem - Firefox does not allow to install unsigned extensions anymore! Here is the history of this:

• Firefox 40-42: Firefox warns about signatures but doesn't enforce them.
• Firefox 43: Firefox enforces the use of signatures by default, but has a preference that allows signature enforcement to be disabled (xpinstall.signatures.required in about:config).
• Firefox 48: (Pushed from Firefox 46). Release and Beta versions of Firefox for Desktop will not allow unsigned extensions to be installed, with no override. Firefox for Android will enforce add-on signing, and will retain a preference — which will be removed in a future release — to allow the user to disable signing enforcement.

See the slippery slope? First it was just a warning, then disabling unsigned extensions by default but allowing to enable them; and finally removing the option to install the addons without Mozilla's approval completely. Firefox will also disable any unsigned addons you might already have. The Choice, Control and Independence is truly off the charts...Just imagine - one day it might decide to disable your AdBlocks and NoScripts - and there will be nothing you can do whatsoever. MAY 3 UPDATE: This might be coming sooner than expected. Mozilla's new addon blocking process (archive) literally starts with a section called Security Over Choice, which was not in the old one. So, they have now provided us with a direct, undeniable admission that your choice doesn't matter. Thanks, Mozilla! The criteria for a hard block were also way expanded - I think we can expect a wave of addons (that Mozilla doesn't like) to get buried soon.

UPDATE 2: Aaaand literally the next day my predictions came true - All Firefox addons have been disabled (archive) due to an expired certificate. And so, people got silently hit with stuff like this when turning their "private and secure" browser on. It was only a matter of time until Mozilla's extension prison backfired, and it did so spectacularly. Though the BugZilla comments were already predictably closed, they will not be able to contain the armageddon this time, no matter how much PR they spew. The whole /r/firefox front page is filled with threads about this, with many people moving to Chrome-based browsers. Hacker News (archive) is also booming. Tech sites are running with the news (archive) too. The funny thing is, the whole point of the extension prison was allegedly to increase security - and yet today, all security addons got disabled because of it! Shows how freedom always has to trump over security or it ends up in a disaster like this. RIP Mozilla, you won't be missed. And let's use this as a reminder that evil eventually loses not only in cartoons! With this out of the way, let's list some other anti-choice decisions Firefox has made before moving on to the most vile thing:

From Firefox version 28 on you cannot disable images from the Preferences menu anymore. 44 has removed the option to "Ask you every time" if you want to allow a website to store cookies. 52 brings a PulseAudio requirement to play sound on Linux - even though the ALSA code is there even now, so the decision was made entirely to remove user choice. 57 no longer supports XUL addons. Since version 60, Firefox does not allow to delete single cookies anymore - only all of them for a specific website. 68 removes yet another option - disabling multiprocess (archive). It seems they even plan their anti-control changes two versions ahead, because the removal of userchrome.css (archive) customization is coming in 69.

XUL deprecation

The XUL issue is really important and requires further elaboration. With version 57, Mozilla decided to end XUL support and replace it with the gimped WebExtensions which they knew would kill many addons (the others would have to be rewritten). If you check out Mozilla's site (archive), you will see that the vast majority of functionality available for XUL addons can't be done with WebExtensions. It is actually really tough to find relevant information (as in, not Mozilla's propaganda) about this; we have to hunt down addon developers unhappy with the change, such as Classic Theme Restorer's dev (archive). Check out these quotes for example:

WebExtensions will never do everything XPCOM does, so feature parity is not a goal. Some top add-ons can’t be completely ported (DownThemAll and Firebug come to mind) and we’re accepting that risk.

So Mozilla doesn't care that some addons considered essential by their numerous users will die. Nice user choice they've got there.

pretty much all the APIs that it makes sense to implement have been done. What remains is undocumented, deprecated or we've thought not worth bothering with (we could be wrong).

According to Mozilla, some functionality isn't worth bothering with. All that control and independence probably overwhelmed them. And the most important and revealing quote:

The only reason why CTR does not work in Firefox 57+ is Mozillas decision to take away add-ons almighty power over the browser, not because add-on features are incompatible to modern techniques or Firefox 57+ in general. A simple CSS loader would allow over 80% of CTfRs features to be available for Firefox 57+. This is proven by all userChrome.css/userContent.css tweaks available here.

So Mozilla not only doesn't care about user choice and the other slogans it spews - but is actively working against them. Spawn of Satan wasn't an exaggeration! Another good resource for WebExtension information is DownThemAll's site (archive). This topic is so extensive I have barely scratched the surface - and the developers of the killed addons explored it way better than I could - so read those links I've provided if you want to know more. For now, let's move on to the last, and perhaps the most disgusting, anti-control scheme of Mozilla:

Forced updates

Yes, you saw it right! There is no way to disable auto-updates since version 63! The option has even been removed from the dumpster known as about:config. Therefore, Firefox will at least check for updates (privacy issue) and graciously let you decide whether to install them. But it remains to be seen if that's still available in the versions to come; remember, the trend is towards less user choice. So it is quite likely that you will soon be completely at the mercy of Mozilla in regards to the software you run on "your" computer - unless you stick with an ancient Firefox version, or switch browsers (the sane choice).

But the updates themselves are not even the worst thing about them. The bigger issue is that they frequently change settings you've set up for yourself. So Mozilla knows better what your Firefox preferences should be than you do. Their bugzilla page is full of these intrusions being reported. For example changing the order of extension buttons (archive), removing bookmarks (archive), bookmarks again (archive), removing pinned tabs (archive), reenabling of the Pocket spyware (archive), deactivating addons (archive), and many, many others including on their support site (archive) and elsewhere (archive). Of course, not all of these can be proven to be malicious, but some, like the Pocket thing, seem very likely. And regardless, a changed setting is a changed setting, and takes away user control - which is what this section is all about.

Bypassing proxy settings

From https://www.bleepingcomputer.com/news/security/mozilla-blocks-malicious-add-ons-installed-by-455k-firefox-users/ (archive):

 

Starting with Firefox 91.1, Firefox now includes changes to fall back to direct connections when Firefox makes an important request (such as those for updates) via a proxy configuration that fails. Ensuring these requests are completed successfully helps us deliver the latest important updates and protections to our users.

 

Yes, this means that, even if you've configured your Firefox to use TOR, and that fails to connect, auto-updates will still be executed in the clear. How malicious. This also means that mitmproxy - my favorite method for fishing out unsolicited requests - is not guaranteed to catch them all anymore (unless using proxychains). I suspect Mozilla will soon bring in more requests that they consider "important" enough to ignore the users' wishes and bypass the proxy.

Mozilla supports censorship

On January 8, 2021, Donald Trump (then president of USA) was banned from Twitter (archive). Mozilla - of course - immediately jumped to defend the ban (archive) (almost as if this was all planned between the parties involved). Anyway - since this has wider implications than just Trump - let us analyze their blogpost:

The title We need more than deplatforming already shows that they do support kicking out undesirables, but that (they think) we need to do even more to control the discourse effectively. Before we move on to the actual quotes, let's realize what this means. The only way to censor in the manner Mozilla thinks is appropriate, is by relying on the so-called Big Tech - the same Big Tech which Mozilla has pretended to rally against! The elephant in the room is this:

Turn on by default the tools to amplify factual voices over disinformation.

They want to algorithmically decide which content is allowed to be posted, and which isn't. This is especially relevant in the context of the fake pandemic, during which the whole world has been enslaved exactly thanks to the propagation of the factual voices over the so-called disinformation. The disinformation here includes mentioning the factual harm done by COVID vaccines or even proven alternative treatments for COVID itself. So, Mozilla supports a world where people are harmed without being able to defend themselves.

These are actions the platforms can and should commit to today. The answer is not to do away with the internet, but to build a better one that can withstand and gird against these types of challenges.

As I said earlier, the only platforms that can do so are those that have enough resources to develop and implement algorithms that will check every comment posted there against their criteria for disinformation. Which just happen to be the Big Tech that Mozilla allegedly hates (but in reality is apart of them). Anyway, let's analyze another one (archive) of their blogposts.

In short, Mozilla is really bothered that YouTube's recommendation algorithm brings up conspiracy theory or anti-LGBTQ videos. So bothered that they even want to create laws to combat the issue. Fortunately, that won't be necessary as YouTube already has policies against hate (archive) and conspiracy theories (archive). What Mozilla, then, wants, is even more control over allowable content than YouTube already provides. And since they are in bed with Google (and Twitter, Facebook, Microsoft...) they will surely get their wish. All of this has been planned with full knowledge of all the participants involved, including the pretense that Mozilla is the David fighting against the transgressions of the Big Tech Goliath. And what The Hydra wants, is full control of what you can say, do or even think.

People before profit?

Mozilla makes browsers, apps, code and tools that put people before profit.
Mozilla puts people over profit in everything we say, build and do.
Motivated by creating public benefit versus commercial gains [...]

Analyzing Mozilla's finances

It just so happened that as I was beginning to write this section, I visited Mozilla's site and this greeted me:

So let's check out how Mozilla is actually financed - does it really need our donations? It seems Mozilla has made their financial report as hard to understand as possible - but let me try to make sense of it anyway:

In 2017, 96% of Mozilla's revenue came from Royalties; in 2016 - 97%. What are these Royalties made up of?

Mozilla has entered into contracts with search engine providers for royalties which expire through November 2020. Approximately 93% and 94% of Mozilla’s royalty revenues were derived from these contracts for 2017 and 2016, respectively, with receivables from these contracts representing approximately 75% and 79% of the December 31, 2017 and 2016 outstanding receivables.

97% from 93% is 90%; that is the percentage of 2017 income Mozilla gained from having certain search engines as defaults in Firefox. What were those search engines?

we decided that the default search providers would be Yahoo in the US, Baidu in China, Yandex in Russia, Belarus, Kazakhstan, Ukraine, and Turkey, and Google for the rest of the world.

Amazing isn't it - 90% of Mozilla's income comes from having anti-privacy search engines as the defaults. Truly, thanks for putting people over profit, Mozilla. There isn't much space left for donations to fill. I'm assuming they go under the Contributions section - that would mean donations made up a measly 1% of Mozilla's whole income in both 2016 and 17. According to Wikipedia (archive), this situation is going back at least to 2005! So, their "we're funded by donations!" shtick is just a shameless lie and a ploy to fill their pockets as much as possible. It does not end at the search engines of course - I had to hunt down an obscure wiki page (archive) to reveal these quotes:

Invest in sustainability to grow diversified revenues this year [...] Our goal is to strive to hit meaningful diversified revenue by December 2014 [...] After reviewing over a dozen revenue opportunities for Mozilla, we have isolated a few that we are pursuing this year.

OK, so they want money from another source - because 500 million $ from Google just isn't enough for those greedy fucks. What are the ways they're going to get more?

Advertising in your browser

Tiles: There are a few opportunities that we plan go to market with in 2014 the first of which is to provide sponsored content on Firefox Tiles. Mindful of our values, we'll then evaluate the program and look to develop enhancements that benefit users and generate revenue.

Okay, so what is hiding behind those mysterious tiles? From https://blog.mozilla.org/advancingcontent/2014/02/11/publisher-transformation-with-users-at-the-center/ (archive):

Directory Tiles will instead suggest pre-packaged content for first-time users. Some of these tile placements will be from the Mozilla ecosystem, some will be popular websites in a given geographic location, and some will be sponsored content from hand-picked partners [...]

What this actually means is you will see advertisements anytime you open a New Tab page. The blog post mentions many times that this initiative puts the users first - hell, it's even in the title. So let's check out if that is actually true:

While we have not worked out the entire product roadmap, we are beginning to talk to content partners about the opportunity [...]

Oh, so you already ran to the advertisers to get them on board. How about talk to the fucking users first, if we're allegedly at the center? Anyway, it gets worse: On some obscure google group (archive) I hunted down this quote:

Darren's team looked at that, and realized that we could make this better for users and generate income for Mozilla if we were smart about it.

Anyway, they had to end this failure of a project just 8 months later, since it didn't bring in enough money. From https://blog.mozilla.org/advancingcontent/2015/12/04/advancing-content/ (archive):

Advertising in Firefox could be a great business, but it isn’t the right business for us at this time [...]

Okay, so you have to wade through a bunch of PR-bullshit before finding this gem of a quote. Directory Tiles were a business decision all along - and ending them was as well. However one failure isn't going to stop Mozilla from trying to shove ads down your throat to get rich (or richer than they already are):

Mozilla will continue to explore ways to bring a better balance to the advertising ecosystem

Pocket integration

The quote above is just PR-talk for "we'll find a way to make money with this - just watch!" And it turns out they're back at it. Pocket is a service which allows you to Save articles, videos and stories from any publication, page or app.. Firefox has been integrated with it since 2015, and acquired it in the beginning of 2017 (for 30 million $, so they have to get it back somehow). And, thanks to recommendations from Pocket, they've been able to resurrect Directory Tiles (archive). As they say, a picture is worth a thousand words:

As you can see, they're not distinguishable at all from regular suggested tiles until you get to the bottom to see Sponsored by. Of course, these tiles are also tracking you - this is how Mozilla is earning money from them in the first place. Since it started this year, we will know how much when their financial report comes out, I guess. And when this becomes another project supposedly improving the user's experience that is ditched a few months later - it will again be shown as a purely business decision, not an user-centered one. I mean, let's be real here - they're working with advertisers here; how can it be said that this is about the users? Did the users ask for ads in their New Tab pages? No? Then it's advertisers first, users second - refuting the People before profit slogan.

ProtonVPN partnership

Recently Mozilla has partnered with ProtonVPN (archive) - of course to keep you safe online. Actually, I'm impressed by them this time - it only took unti the second paragraph to tell you it's about the money:

We believe that an innovative, vibrant, and sustainable Mozilla is critical to the future of the open Internet, and we plan to be here over the long haul. To do that with confidence we also need to have diverse sources of revenue.

Anyway, whenever you browse using a public Wifi, this ProtonVPN advertisement will appear:

Has Mozilla suddenly had a change of heart towards caring about the users' privacy? Doubtful - just read the section from the beginning of this article again. Anyway, it takes a visit to ProtonVPN's blog (archive) to reveal the fact that:

These subscriptions will be billed directly by Mozilla and the majority of the revenue from these subscriptions will go to Mozilla, directly supporting Mozilla’s mission.

So the greedy fucks will take most of the money even though it's ProtonVPN that provides the actual service. If Mozilla cared so much about the users' privacy as they claim, they could just create their own VPN and give it away for free (they are surely rich enough to do that). But they cannot even stop including an avalanche of spyware into their flagship product - showing that it's about satisfying their endless greed instead of the user.

Mullvad partnership

Mullvad is one of the best - if not the absolute best - VPNs on the market in terms of data collection, payment options, servers, speed, etc. Mozilla's partnership with Proton has failed so I guess they had to find another victim. In July 2019, Mozilla has started running a frontend for Mullvad (archive) for twice the price and worse performance. Since it's using Mullvad for connections - but also connects to their own servers - it will be slower than Mullvad alone, by definition. More importantly, it adds the usual spyware (archive) on top of it that Mozilla is famous for:

 

Campaign and referral data. This helps Mozilla VPN understand the effectiveness of our marketing campaigns. Upon installation of the app, Mozilla may temporarily receive your IP address in addition to campaign data and referral data like what ad campaigns you engaged with and your operating system, device type, and operating system version. Mozilla shares this with Adjust, but we do not share or store your IP address. Read the documentation here.

 

 

Interaction data. Mozilla receives data about your interactions with Mozilla VPN, including when you log in and when you request the server list.

 

There's also the fact that the VPN requires a Firefox account, that it's available only in certain countries, and that it only accepts payments from anti-privacy services. Analyzed honestly, you have to admit that this is the worst VPN to have ever existed - seriously, try to find me a single commercial one that collects as much data or has all these other flaws. Mozilla is literally scamming people by inserting themselves as a middleman in front of a respected service, ruining it and charging twice the price (unless you pay for the whole year straight up, then the price per month is the same as Mullvad's). They do not even bother to mention that they are just a frontend to Mullvad on their main VPN page - you have to click the Privacy page. And yet, Mullvad has somehow agreed to this deal (bribes?). Still, it's obviously only a ploy for money since people do not gain any additional privacy by using their VPN (let me repeat, Mozilla's VPN has zero advantages over using Mullvad directly). If Mozilla respected the user, at least they'd leave Mullvad's great privacy untouched - but no, they just had to add a bunch of data collection. You'd be hard pressed to find such a horrible villain even in fiction.

Mozilla bribes distros to include spyware in their default settings

I am refering, of course, to the Linux Mint "partnership" (archive) which changed users' Firefox search engine from DuckDuckGo / Yahoo / StartPage to the spywaristic Google:

 

The default search engines no longer include Linux Mint search partners (Yahoo, DuckDuckGo…) but Mozilla search partners (Google, Amazon, Bing, DuckDuckGo, Ebay…)

 

Even if you have explicitly chosen the more private options, they will be burned with the new update, and Google's jaws will devour you:

 

No, these were core engines in the Linux Mint configuration. They no longer are present in the Mozilla version of Firefox. The default engine will switch to Google.

 

Though the Mint team gave excuses like simplification in terms of maintenance and development, it is obvious big money was involved (they admit later it's a commercial partnership). So, Mozilla will pay you to ship Firefox with Mozilla's chosen settings, which include the spyware search engines and all the telemetry etc. To be honest, this is partially a FOSS issue, where projects eventually realize they need money and end up giving up their principles in order to gain it. But Mozilla still takes the blame for having bullshit default settings and bothering distros to include them, with the money working as the carrot and lawyers as the stick:

 

We can’t continue to keep using Mozilla’s trademarks and brand identity if they don’t agree with our changes.

 

Shady marketing

I've thought for a long time on how to structure this section (actually - the whole article!), since anything Mozilla touches is full of shady marketing - and I don't want to write an encyclopedia here! Maybe let's start with explaining how marketing actually works. Briefly: Mozilla wants to do X, knowing the users will hate it, so they recruit their PR team to present the issue in a way which will make people see it the way Mozilla wants them to. Misdirection, confusion, replacing certain words with more acceptable ones, including a lot of "fluff talk" to bury the real relevant points, and even outright lying are some of the ways this is accomplished. Let's present some examples here, and hopefully you too will be able to unspin Mozilla's web of deception soon. We will take this post (archive) to the chopping block:

Blog post analysis

Introducing Extension Signing: A Safer Add-on Experience

Mission: make a walled garden of addons. Now how to get there? The blogpost starts with a title containing the buzzword safety. This is supposed to "prepare" you in a certain way - you know, first impressions have an impact. Since people (usually) want safety, if you hit them with that right at the start, they will be more willing to lose some things in exchange. Of course, the marketing team will skip mentioning those at first - a title like "We will decide which addons you can use - for your safety!" would be a PR disaster.

This year will bring big changes for add-on development, changes that we believe are essential to safety and performance, but will require most add-ons to be updated to support them. I’ll start with extension signing, which will ship earlier, and cover other changes in an upcoming post.

Safety again. Repeat it until it sticks! And finally add another alleged benefit - performance.

The Mozilla add-ons platform has traditionally been very open to developers. Not only are extensions capable of changing Firefox in radical and innovative ways, but developers are entirely free to distribute them on their own sites, not necessarily through AMO, Mozilla’s add-ons site. This gives developers great power and flexibility, but it also gives bad actors too much freedom to take advantage of our users.

In preparation for the upcoming reveal, Mozilla reminds you that they are the good guys and have been so for so long.

Extensions that change the homepage and search settings without user consent have become very common, just like extensions that inject advertisements into Web pages or even inject malicious scripts into social media sites.

Problem - reaction - solution. First, imagine a "problem" - malicious addons floating around! By the way, this is disproved by Mozilla's own data (hey - telemetry can be useful after all!). The most common extensions are adblockers, which are the opposite of malicious:

Only these seven addons go above 1% of usage, and 65% of Firefox users do not even use extensions at all! By the way, Pocket was just an addon once, instead of an integrated part of the browser - and it is very intrusive privacy-wise, but it was allowed. So Mozilla lied twice - first about the severity of the problem, then that they care about it at all.

To combat this, we created a set of add-on guidelines all add-on makers must follow, and we have been enforcing them via blocklisting (remote disabling of misbehaving extensions)

Click here (archive) if you want to analyze these guidelines; they are very long - the gist of it is: extension developers are complete slaves. Anyway, with this quote Mozilla reminds you that they have already dabbled into the addon slavery business, to get you ready for the cuffs getting tighter (the "Boiling Frog" strategy again):

Furthermore, malicious developers have devised ways to make their extensions harder to discover and harder to blocklist, making our jobs more difficult.

See? We've been trying so hard to protect your safety, but those damned malicious developers just keep bypassing all our schemes. Clearly, we need something better! So, the capability of imagined "enemies" is way overstated in order to get you to accept the "solution" easier.

We’re responsible for our add-ons ecosystem and we can’t sit idle as our users suffer due to bad add-ons.

Mozilla reminds you again that they're your friend, and want to save you from the suffering caused by freedom to install whatever extensions you want!

An easy solution would be to force all developers to distribute their extensions through AMO, like what Google does for Chrome extensions

Look, we could do it the wrong way - like those evil Google guys over there, but we're your friends! And then - with the reader already conditioned in several different ways - comes the reveal of the whole addon slavery system. I've skipped it since that part is pretty honest - and we're analyzing bad advertising here. Moving on...

One important improvement that signing brings about is that the extension install experience will be renewed and improved.

Our prison is pretty comfortable though, so don't worry about it! So, since you might be a little worried after knowing their "solution" - they've had to recondition you. Anyway, as usual with spinning the narrative - it's as much about what you've included as what you've skipped. And they've carefully avoided mentioning the fact that the browser isn't yours anymore - you don't decide which extensions can run in it - that's controlled by Mozilla now. This directly contradicts their stated mission, manifesto, and all the stuff about independence and control they keep spewing on their site. Fortunately, the users have spoken on the blogpost comments, and they realize what's up - which is the only good thing about this extension signing business. I hope they don't mind me quoting them:

The users have spoken

LuckyBastard wrote on March 12, 2015 at 4:52 am: The end of freedom comes under the guise of safety. Thanks for the years of freedom, but I don’t need or want your “safety”. SELLOUTS!

Gary5 wrote on February 10, 2015 at 1:09 pm: [...] Goodbye Firefox, it’s been a nice few years.

Mathieu wrote on February 11, 2015 at 7:35 am: The problem is that Mozilla is gonna become the next Apple or Google, moderating away add-ons on subjective reasons. Even if you use the “do no evil” argument, it would be pointless, as it used to be Google’s argument.

Will wrote on February 11, 2015 at 5:04 pm: Why is there this control-freak fetish going around these days? Apple and iOS, Microsoft and Modern, Chrome and their addons. Now Mozilla? Come on guys, don’t be so freaking unilateral.

Mike wrote on February 11, 2015 at 7:50 am: Yeah, not being able to disable this is the nail in the coffin.

And many, many more. Surprised Mozilla didn't disable the comments there (like they usually do), knowing how freedom-hating they are. Was this a strategic decision or a moderation fuckup? Regardless, these should at least fill you with some hope - though there are also other comments which, unfortunately, show how some people have fallen hook, line and sinker for Mozilla's marketing. Anyway, time for a summary:

Summary

Okay, that's it for this blogpost. Now you should be prepared to do the same kind of analysis elsewhere on Mozilla's site (and even other PR pieces, since Mozilla certainly isn't the only corporation using these tactics). Honestly, once you know the ways marketers use their gimmick, it's so transparent - like a magician pulling a rabbit out of the hat, or a cheap card trick - you will not be taken in anymore. A good way to test your capability to recognize PR-bullshit are the "advancing content" blogposts from the Freedom section.

Shitty developer attitude

Let's get straight to the meat of it. How do the developers respond when users challenge their terrible decisions? Let's look at the removal of JavaScript toggle (archive) first:

JavaScript removal issue

Some clarifications: - This preference is still available in about:config.

Also known as "the dumpster", where the dirty options you are not supposed to touch, go. Do you want to dumpster dive in order to change a basic browsing preference? This guy thinks you should.

- There are add-ons such as NoScript or SettingSanity that will do what you want with more easily accessible UI.

Again, according to their research, 65% of Firefox users do not use extensions. So they know very well the setting will be unchanged for most people. Why pretend otherwise then?

Turning JS off completely is the wrong security/usability tradeoff for the vast majority of users.

This guy thinks it's up to him to decide where you should put yourself on the security / usability spectrum.

The ability to shape your experience (including turning of JS) is offered in many different ways. Not everything needs to be in primary browser UI. We did not actually remove a choice, just reduced the visibility of that particular choice. That does not go against either of these principles in the manifesto.

I'm struggling to find words here to describe this utter contempt for the user. They just threw the most basic browser option into the trash, forced you to go in there if you want to find it, and then told you it's not that important and they did not take away your freedom. What's next? Having to recompile Firefox to be able to create a New Tab? That would be a "choice" too, according to this dev. Now look at how he replied to a person that didn't like their preferred setting getting changed, without their consent:

Note that if we removed the preference from the UI but left it disabled, this would make life really hard for non-expert users that accidentally changed this, because they're a lot less likely than you are to be able to find out where to change this back.

"We will change your settings for your own good, because you are too stupid to know what you want."

More generally, "add more dialog boxes/infobars" is practically never a solution.

This is in response to a guy that thought there should be a dialog box warning you that a setting has been changed upon update. So the dev thinks he can freely change your settings and does not need to inform you in any way. And, of course, there wouldn't need to be a dialog box if you just didn't touch the fucking setting!

Mikko and Blake, thank you for your support - keep on rocking the free web!

And then shamelessly suggesting Firefox supports your freedom.

Anyone else who would like to comment: please note that this change was not made lightly; if you believe you have convincing arguments against it or would like it changed, instead of posting here please post to the firefox-dev mailing list: https://wiki.mozilla.org/Firefox/firefox-dev

Well, you certainly don't have any convincing arguments for deleting the option to disable JavaScript. Stop sending your users to wherever the fuck (that list has a really shitty moderation policy, by the way) and actually address the issues! Of course this vermin would rather crawl back under the bed:

I believe at this point, there isn't much point in repeating the same objections that have been voiced previously (see also the points I made in comment 15), and considering some of the language used I will go ahead and restrict commenting to users with editbugs.

Complaining about fucking language? How about your total disregard for the user's feedback, implying they are stupid, lying and shifting the blame? Now let's check out the PulseAudio requirement (archive) complaint, with another dev:

PulseAudio enforcement issue

Right at the start you are hit with this:

If you're wondering, those comments are not at all offtopic, and the allegedly abusive one is simply in Russian.

What is preventing you from installing Pulse Audio?

Blaming the victim. As if someone is required to install your preferred piece of software because of your whim.

The issue is that people may forget that they're using ALSA and not know why their audio doesn't work.

Yeah, a person that chose to uninstall PulseAudio would forget that they did it. And the audio doesn't work because you disabled the fucking functionality!

If there are issues with Pulse Audio then please file them with steps to reproduce in a separate bug.

We force you to use a certain piece of software that breaks shit and want you to do our job for us and find its problems.

TL;DR We're trying to do what is best for Linux and Firefox, so please file bugs if you have Pulse Audio issues.

Why not do what is best for the people - allegedly part of Mozilla's mission? And again relying on the users to fix up your shit - the same users who you've ignored when you created the problem in the first place...

You must be looking at different numbers to me. At the time of making the decision, only 3% of Linux users were mising Pulse Audio.

He mentioned telemetry as the source for the data. But commenters explained to him that it isn't reliable at all - because, for example, people that uninstall PulseAudio might be more likely to disable telemetry. Either way - cold numbers were taken into account instead of the actual users speaking to you. How inhumane. Now for something even more vile, let's check out how they treat actual long-time volunteers:

Long-time volunteer DISRESPECTED AND BANNED

I hope he won't mind me writing about him. Filipus Klutiero has been a Firefox user since 2003 and, as I understand it, a Mozilla volunteer since 2004 (his bugzilla account (archive) seems to support this). In 2016, he submitted a bug (archive) in which he dared to suggest that bugs should not be marked as RESOLVED and WONTFIX at the same time. This was enough to send the Mozilla bullies after him:

To put it another way, we have firmly decided that we do not view this report as a bug, and hence we will not be fixing it.

let me make this clear: we will NOT be making the change you suggest here, or in bug 1285748. there is nothing you can say that will alter that. pushing on this issue further may result in your account being disabled.

We're right, you're wrong, shut up or we will ban you. And they did:

unfortunately your activities here have left me with little choice but to disable your account. it's great that you're passionate about some things, but you have to pick your battles and stand down when given clear answers and resolutions.

Stand down! A fucking military term. Could they be any more patronizing? Later he posted a report about all the issues he found with Mozilla's project to their governance mailing list (archive). Let's see how they reacted. This is in response to the the above ban:

That said, a disabled account is typically a sign that someone was argumentative or abusive to the point where interacting with them was not being productive at all