On Sat, 2017-12-23 at 04:36 +0100, drago01 wrote:
> On Friday, December 22, 2017, Adam Williamson
> wrote:
>
> > On Fri, 2017-12-22 at 07:01 -0500, Solomon Peachy wrote:
> > >
> > > Especially since Fedora's maintainers *already* compile it, including
> > > changing some of the defaults. What's
Benjamin Berg wrote:
> Actually, Debian ships Firefox again these days as the policies
> apparently have been changed/clarified enough.
They ship it as Firefox again under exactly the same kind of informal
agreement that they already had once and that already burned them once
(because Mozilla su
On Sat, Dec 23, 2017 at 04:36:37AM +0100, drago01 wrote:
> Same for fedora - if you want to use the trademark.
Yes. It's not an unreasonable request. (Although Fedora does offer the
secondary "Fedora Remix" mark, and Firefox doesn't have anything
equvalent that I'm aware of.)
--
Matthew Miller
On Friday, December 22, 2017, Adam Williamson
wrote:
> On Fri, 2017-12-22 at 07:01 -0500, Solomon Peachy wrote:
> >
> > Especially since Fedora's maintainers *already* compile it, including
> > changing some of the defaults. What's a couple more?
>
> AIUI, Mozilla doesn't actually like downstrea
On Fri, Dec 22, 2017 at 09:17:27AM -0800, Adam Williamson wrote:
> > Especially since Fedora's maintainers *already* compile it, including
> > changing some of the defaults. What's a couple more?
> AIUI, Mozilla doesn't actually like downstreams changing too much in
> Firefox. I don't know exactl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Fri, 2017-12-22 at 09:17 -0800, Adam Williamson wrote:
> On Fri, 2017-12-22 at 07:01 -0500, Solomon Peachy wrote:
> > Especially since Fedora's maintainers *already* compile it, including
> > changing some of the defaults. What's a couple more?
On Fri, 2017-12-22 at 07:01 -0500, Solomon Peachy wrote:
>
> Especially since Fedora's maintainers *already* compile it, including
> changing some of the defaults. What's a couple more?
AIUI, Mozilla doesn't actually like downstreams changing too much in
Firefox. I don't know exactly where thei
On Fri, Dec 22, 2017 at 12:33:20AM +0100, Kevin Kofler wrote:
> The thing is, the question is whether Firefox even still qualifies as Free
> Software at all. We disagree with those actions for a reason, i.e., because
> they are attacks on users' freedom!
It's Free Software, under every definitio
Solomon Peachy wrote:
> There is a ginormous difference between not being able to legally ship
> something and deliberately not shipping perhaps _the_ premium Free
> Software application because you don't agree with every action of its
> authors.
The thing is, the question is whether Firefox even
Sergio Durigan Junior wrote:
> Midori has been "revived" only recently. It stayed dead for a while,
> without any activity on the codebase/IRC channel, and accumulating a few
> CVE's here and there.
Interesting. I'd expect the browser itself to not really be security-
critical, the underlying web
On 12/20/2017 03:37 PM, Kevin Kofler wrote:
> Kevin Fenzi wrote:
>> midori is dead upstream. Likely it should be retired, but I keep holding
>> out hope they will revive development. I definitely would not suggest
>> more widespread usage of it.
>
> https://code.launchpad.net/~midori/midori/ doesn
On Thu, Dec 21, 2017 at 12:37:48AM +0100, Kevin Kofler wrote:
> People also ask for patent-encumbered codecs, Flash, etc. It is not always
> the right decision to ship what some people ask for.
The phrase "cutting off our nose to spite our face" seems relevant here.
There is a ginormous differen
On Wednesday, December 20 2017, Kevin Kofler wrote:
> Kevin Fenzi wrote:
>> midori is dead upstream. Likely it should be retired, but I keep holding
>> out hope they will revive development. I definitely would not suggest
>> more widespread usage of it.
>
> https://code.launchpad.net/~midori/midor
Kevin Fenzi wrote:
> midori is dead upstream. Likely it should be retired, but I keep holding
> out hope they will revive development. I definitely would not suggest
> more widespread usage of it.
https://code.launchpad.net/~midori/midori/ doesn't look that dead. The
webKitTwoOnly branch you are
On 12/19/2017 03:24 AM, Kevin Kofler wrote:
> Chris Adams wrote:
>> I thought that this was actually a violation of the packaging policies,
>> but I can't seem to find it now; I only see the restriction on software
>> the requires downloads to be useful. I think simply requiring Mozilla
>> to chan
On 12/18/2017 09:42 PM, Gerald B. Cox wrote:
Mozilla has already admitted they made a mistake and removed Looking
Glass from the
Fx Studies. I believe they understand the situation quite well. It's
not helpful to beat
a dead horse.
Do you think it's a dead horse? I don't.
Actually, I thin
> Chris Adams wrote:
>
> This is the very least that Fedora ought to do, and it has to be done
> immediately!
>
> In addition, for future Fedora releases, the default browser ought to be
> changed to one with a more trustworthy upstream, e.g.:
> * QupZilla (soon to be Falkon) [https://www.qupzi
On Tue, Dec 19, 2017 at 3:19 AM, Daniel P. Berrange
wrote:
>
> None the less, if we consider Fedora maintainers to be adding value via the
> packaging process, over having users get their browser direct from Mozilla,
> then I do still think it is desirable to be able to opt-out of this feature
>
On Tue, 2017-12-19 at 09:47 -0500, John Florian wrote:
> On Mon, 2017-12-18 at 11:16 -0800, Adam Williamson wrote:
> > Well, not quite. I installed Firefox rather a long time ago on this
> > system. Again I can't prove it, but at that time I believe this
> > question and preference referred *only*
On Mon, 2017-12-18 at 11:16 -0800, Adam Williamson wrote:
> Well, not quite. I installed Firefox rather a long time ago on this
> system. Again I can't prove it, but at that time I believe this
> question and preference referred *only* to 'data collection'. However,
> since then, a new sub-preferen
Daniel P. Berrange wrote:
> Conversely though in a Flatpak world though, we would be moving much
> closer the model of Windows/OS-X/Android where Mozilla has a more direct
> way to push software to users, without a OS vendor arbitrarily rebuilding
> & repackaging stuff.
And that is one big reason
Chris Adams wrote:
> I thought that this was actually a violation of the packaging policies,
> but I can't seem to find it now; I only see the restriction on software
> the requires downloads to be useful. I think simply requiring Mozilla
> to change their policies is unacceptable, as this still d
On Mon, Dec 18, 2017 at 01:19:26PM -0500, Stephen John Smoogen wrote:
> On 18 December 2017 at 13:08, Matthew Miller wrote:
> > On Mon, Dec 18, 2017 at 09:55:26AM -0800, Adam Williamson wrote:
> >> I think we should be concerned by this kind of behaviour on the part of
> >> the supplier of our def
Adam Williamson wrote:
> Well, not quite. I installed Firefox rather a long time ago on this
> system. Again I can't prove it, but at that time I believe this
> question and preference referred *only* to 'data collection'. However,
> since then, a new sub-preference seems to have appeared, labelled
Daniel P. Berrange wrote:
> It was brought up elsewhere that Chrome/Chromium in the past has done
> something worse in scope, silently downloading an add-on to that turns
> on & listens to your microphone. Ostensibly to detect the "ok google"
> keyword, but since its a closed source add-on can you
Matthew Miller wrote:
> Is there a fundamental difference between this and, if, say, similar
> functionality were in the FF 57 release itself?
If Firefox itself contained such adware, that would make the entire browser
unusable.
Kevin Kofler
__
On 19/12/17 01:11, Thomas Daede wrote:
On 12/18/2017 03:00 PM, Sam Varshavchik wrote:
Does anyone read this as Mozilla admitting that they messed up?
This was published today:
https://blog.mozilla.org/firefox/update-looking-glass-add/
It's certainly an improvement on their previous efforts t
On 12/18/2017 03:00 PM, Sam Varshavchik wrote:
> Does anyone read this as Mozilla admitting that they messed up?
This was published today:
https://blog.mozilla.org/firefox/update-looking-glass-add/
signature.asc
Description: OpenPGP digital signature
On Mon, Dec 18, 2017 at 3:00 PM, Sam Varshavchik
wrote:
>
> Can you point out to me which part indicates that Mozilla admits that they
> made a mistake. Sounds to me like they're just blaming the dumb users for
> not understanding how wonderful was "the experience [they] created".
>
Keeping with
Gerald B. Cox writes:
Everyone makes mistakes - this wasn't the first by Mozilla and won't be the
last. I don't believe
they are acting out of malice. As long as they admit and correct mistakes as
they go along
that is fine with me.
Here's the most complete statement from Mozilla that I
Daniel P. Berrange wrote:
> IMHO requesting support for a build flag to disable this ability to
> remotely push executable code out to user's browser is not unreasonable,
I agree. There should be a single, properly documented build-time option to
disable all current and future features that downl
Chris Adams wrote:
> Are
> there any other packages that can silently download and run non-Fedora
> code?
The other web browsers. They'll silently download and run Javascript code from
pretty much every website. It's a crazy dangerous practice, but that genie
isn't going to go back into the bott
- Mail original -
De: "Adam Williamson"
> My mail is based on a belief that Mozilla is still one of the better
> actors we have to work with in the category of desktop browser
> suppliers,
Adam, I agree it's still one of the better actors, but the better actor bar
keeps lowering every
Florian Weimer wrote:
> On 12/18/2017 08:31 PM, Chris Murphy wrote:
> > I don't remember being actively asked about such data collection, and
> > I've recently installed on a clean system, nightly on Fedora, and then
> > final releases of 57 on Windows and macOS. Does anyone have a screen
> > shot
On Mon, 2017-12-18 at 22:36 +0100, nicolas.mail...@laposte.net wrote:
> Is it surprising that the Mozilla foundation, that decided long ago
> that users were idiots that didn't know what they wanted, and
> reoriented itself to serve the cloud industry
I don't share this opinion at all. If Fedora a
Adam Williamson wrote:
> since then, a new sub-preference seems to have appeared, labelled
> 'Allow Firefox to install and run studies'.
In the Swedish translation the sub-preference doesn't even exist. There is no
second checkbox under the translation of "Allow Firefox to send technical and
int
On Mon, Dec 18, 2017 at 1:03 PM, Adam Williamson wrote:
>
> Again, this is something I covered in my original mail. We distribute
> Firefox as the default browser to a large number of people who trust us
> to provide them with software. This gives us both a responsibility to
> our users and, pres
De: "Adam Williamson"
> I think we should be concerned by this kind of behaviour on the part of
> the supplier of our default desktop browser, and we should express that
> concern to them.
Adam,
We should understand that there is a whole software ecosystem that grew on the
Internet and free sof
On 12/18/2017 09:59 PM, Gerald B. Cox wrote:
Everyone makes mistakes - this wasn't the first by Mozilla and won't be the
last. I don't believe they are acting out of malice.
Of course not. But at some level, there is a deception involved:
Mozilla present a strong privacy focus for Firefox, b
On Mon, 2017-12-18 at 12:59 -0800, Gerald B. Cox wrote:
> On Mon, Dec 18, 2017 at 12:51 PM, Adam Williamson <
> adamw...@fedoraproject.org> wrote:
>
> >
> > > The only reason we are beating a dead horse is because you keep
> > > telling us that we shouldn't have beaten a dead horse in a way that
On Mon, Dec 18, 2017 at 12:51 PM, Adam Williamson <
adamw...@fedoraproject.org> wrote:
>
> > The only reason we are beating a dead horse is because you keep
> > telling us that we shouldn't have beaten a dead horse in a way that
> > requires us to explain why we are doing so. Look we understand..
On Mon, 2017-12-18 at 15:48 -0500, Stephen John Smoogen wrote:
> On 18 December 2017 at 15:42, Gerald B. Cox wrote:
>
> > > And in any case, a tie-in with a television-show related game is
> > > clearly neither telemetry nor some kind of user interaction study. Yet
> > > to me, Mozilla's response
On 18 December 2017 at 15:42, Gerald B. Cox wrote:
>> And in any case, a tie-in with a television-show related game is
>> clearly neither telemetry nor some kind of user interaction study. Yet
>> to me, Mozilla's response does not seem to convey understanding of this
>> at all. It basically just
On Mon, 18 Dec 2017, Chris Adams wrote:
> the requires downloads to be useful. I think simply requiring Mozilla
> to change their policies is unacceptable, as this still depends on a
> third party to properly enforce such policies (and not have any security
> issue that could result in untrusted
On Mon, Dec 18, 2017 at 12:23 PM, Adam Williamson <
adamw...@fedoraproject.org> wrote:
> On Mon, 2017-12-18 at 20:52 +0100, Florian Weimer wrote:
>
>
> So I just booted Firefox 27 Workstation live and opened Firefox.
> Indeed, a pop-under tab appears with this URL (so you can close it
> without e
On Mon, 2017-12-18 at 20:52 +0100, Florian Weimer wrote:
> On 12/18/2017 08:31 PM, Chris Murphy wrote:
> > I don't remember being actively asked about such data collection, and
> > I've recently installed on a clean system, nightly on Fedora, and then
> > final releases of 57 on Windows and macOS.
On Mon, Dec 18, 2017 at 12:06 PM, Chris Adams wrote:
> Once upon a time, Gerald B. Cox said:
> > First of all, when you install Fx, it asks you specifically if you want
> to
> > participate in Fx Data Collection - you can opt out at that point.
>
> AFAIK, not when you install from an RPM.
>
> Se
Once upon a time, Gerald B. Cox said:
> First of all, when you install Fx, it asks you specifically if you want to
> participate in Fx Data Collection - you can opt out at that point.
AFAIK, not when you install from an RPM.
--
Chris Adams
___
devel
On 12/18/2017 08:31 PM, Chris Murphy wrote:
I don't remember being actively asked about such data collection, and
I've recently installed on a clean system, nightly on Fedora, and then
final releases of 57 on Windows and macOS. Does anyone have a screen
shot or description of what this "ask" look
On Mon, Dec 18, 2017 at 12:16 PM, Adam Williamson
wrote:
> On Mon, 2017-12-18 at 11:09 -0800, Gerald B. Cox wrote:
>>
>> First of all, when you install Fx, it asks you specifically if you want to
>> participate in Fx Data Collection - you can opt out at that point.
>
> Well, not quite. I installed
On Mon, Dec 18, 2017 at 11:16 AM, Adam Williamson <
adamw...@fedoraproject.org> wrote:
> On Mon, 2017-12-18 at 11:09 -0800, Gerald B. Cox wrote:
> >
> > First of all, when you install Fx, it asks you specifically if you want
> to
> > participate in Fx Data Collection - you can opt out at that poin
On Mon, 2017-12-18 at 11:09 -0800, Gerald B. Cox wrote:
>
> First of all, when you install Fx, it asks you specifically if you want to
> participate in Fx Data Collection - you can opt out at that point.
Well, not quite. I installed Firefox rather a long time ago on this
system. Again I can't pro
On Mon, Dec 18, 2017 at 10:36 AM, Kevin Fenzi wrote:
>
>
> Additionally, can we turn the "Allow firefox to install and run studies"
> preference to off/false by default in Fedora packages. It seems odd that
> this is now opt-out.
>
>
I don't know. I personally tend to side with upstream on their
On Mon, Dec 18, 2017 at 10:42:17AM -0800, Adam Williamson wrote:
> On Mon, 2017-12-18 at 12:34 -0600, Chris Adams wrote:
> > Once upon a time, Adam Williamson said:
> > > As part of a tie-in with an American TV show, Mozilla thought it'd be a
> > > great idea to silently install a cryptically-name
On Mon, Dec 18, 2017 at 12:34:46PM -0600, Chris Adams wrote:
> Once upon a time, Adam Williamson said:
> > As part of a tie-in with an American TV show, Mozilla thought it'd be a
> > great idea to silently install a cryptically-named addon in all(?)
> > Firefox deployments. Which can't be turned o
Once upon a time, Adam Williamson said:
> Well, practically speaking we do have to have *some* degree of trust in
> our suppliers for apps as large and complex as a web browser or, say,
> an office app.
True, but I do think there's a difference between trusting code we get
and trusting that they
On Mon, 2017-12-18 at 12:34 -0600, Chris Adams wrote:
> Once upon a time, Adam Williamson said:
> > As part of a tie-in with an American TV show, Mozilla thought it'd be a
> > great idea to silently install a cryptically-named addon in all(?)
> > Firefox deployments. Which can't be turned off.
>
On 12/18/2017 07:29 PM, Adam Williamson wrote:
Sure. A new release coming out affords many people in the pipeline many
chances to notice changes in it. The packager has the opportunity to
notice significant changes while updating the package. Users of
updates-testing have the opportunity to notic
On 12/18/2017 09:55 AM, Adam Williamson wrote:
...snip...
>
> “Our goal with the custom experience we created with Mr. Robot was to
> engage our users in a fun and unique way,” a Mozilla representative
> said in a statement. “Real engagement also means listening to feedback.
> And so while the web
Once upon a time, Adam Williamson said:
> As part of a tie-in with an American TV show, Mozilla thought it'd be a
> great idea to silently install a cryptically-named addon in all(?)
> Firefox deployments. Which can't be turned off.
I thought that this was actually a violation of the packaging po
On Mon, 2017-12-18 at 13:08 -0500, Matthew Miller wrote:
> On Mon, Dec 18, 2017 at 09:55:26AM -0800, Adam Williamson wrote:
> > I think we should be concerned by this kind of behaviour on the part of
> > the supplier of our default desktop browser, and we should express that
> > concern to them. As
On 18 December 2017 at 13:08, Matthew Miller wrote:
> On Mon, Dec 18, 2017 at 09:55:26AM -0800, Adam Williamson wrote:
>> I think we should be concerned by this kind of behaviour on the part of
>> the supplier of our default desktop browser, and we should express that
>> concern to them. Assuming
On Mon, Dec 18, 2017 at 09:55:26AM -0800, Adam Williamson wrote:
> I think we should be concerned by this kind of behaviour on the part of
> the supplier of our default desktop browser, and we should express that
> concern to them. Assuming Fedora-as-a-project shares my concern, do we
> have a chan
So in case you haven't heard of it (or noticed about it), there was a
kerfuffle in Firefox land recently about this:
https://www.theverge.com/2017/12/16/16784628/mozilla-mr-robot-arg-plugin-firefox-looking-glass
As part of a tie-in with an American TV show, Mozilla thought it'd be a
great idea to
64 matches
Mail list logo