PSA (?): just got this popup in Firefox when i was on an amazon product page. looked into it a bit because it seemed weird and it turns out if you click the big “yes, try it” button, you agree to mandatory binding arbitration with Fakespot and you waive your right to bring a class action lawsuit against them. this is awesome thank you so much mozilla very cool
https://queer.party/@m04/112872517189786676
So, Mozilla adds an AI review features for products you view using Firefox. Other than being very useless, it’s T&C are as anti-consumer as it possibly can be. It’s like mozilla saying directly “we don’t care about your privacy”.
You must log in or register to comment.
I hate the anti-pattern of “Not Now”. How about “No”?
These should be flatly illegal. No means no
We had a whole generation of people that were taught that ‘no’ means ‘maybe later’ (the whole point of the ‘no means no’ ads about daterapes), and that same generation is now running these companies. What did we expect to happen?
Best I can do is accepting three options: “Yes,” “No,” and “Remind me later.”
“Not now” or “No, I don’t want this awesome feature” bullshit infuriates me.
Yeah, corporate dark patterns really don’t respect consent. When would you like to know more: Now, or Later?
Though I don’t mind the “accept, deny, ask me again later” for when something seems interesting but I don’t want to put the effort into looking into it right at the moment but don’t want to click yes without looking into it.
These should be the norm, actually.
Yes, though it stops being as good if there’s a “you can postpone this n more times” involved.
Please tell me there’s an about:config setting to turn this bs off.
I got this linked on Mastodon: https://kitsunes.club/notes/9wbyqywt28
Nice. Thank you. For those who don’t click the link, it appears you can disable by setting these flags:
browser.shopping.experience2023.activeand:
browser.shopping.experience2023.survey.enabledTo false.
EDIT: On finally getting back to my desktop and disabling these, it looks like there’s a bunch of these
browser.shopping.experience2023flags. Some of them set to true, others false, I just set them all to false.
deleted by creator
deleted by creator
I consider it a big deal. I’m clicking “Not Now” buttons all day when I just want to use a piece of software for its main purpose. And then because it says “Not Now” I get asked again and again and again.
i did not get a pop up on a amazon page maybe a us only thing idk but its ironic how firefox advertises Privacy related feature
Yeah I’m thinking this might be a nightly experiment/recommended extension?
Prob
I’m in the US and don’t see it, so I don’t think it’s a thing, at least on the stable channel.
Oh
I actually use fakespot a lot, but will never install an add-on for this.
I got that notice a few months ago, but I didn’t use either button on the bottom. I used the X on the top, and haven’t seen it since.
<rant>I thought we were done with the age of Toolbars, but here we are, back there. An app or add-on for every damn thing. No, I don’t want this integrated into my browser. No, I don’t need your HTML5 app on my phone to do less than the webpage does. No, I don’t want your spyware app to view the one-off Twitter, Facebook, or Instagram link a friend sends me. No, I don’t mean ‘maybe later’, I mean ‘no forever’.</rant>
but here we are, back there.
The upside is that if you’re ever prompted to install a thing to your browser to use a site’s features, it’s because the built-in sandbox is too restrictive for what they want. It’s an immediate red flag.
I also view prompts to “use our (phone) app” the same way. I’m already seeing your site, in my browser, with ten different kinds of adblock and tampermonkey scripts running. I already have what I want, and I’m not letting you anywhere near my data plan.
Clearly, it’s time for a “no means no” extension.
But the thing is, most people don’t think twice about it, and just go, “meh, why not, what’s the harm?” and install it, which tells those scummy summersons that “we” want this, and they keep pushing it, and making their site more and more useless without it, to the point, where ‘desktop view’ no longer works (I’m looking at you, Facebook, Twitter, Instagram, Google, to name a few).
deleted by creator
I never explain exactly why. I skirt. “my phone isn’t compatible with your app”, “I don’t have a modern smartphone that works with your app”, “I don’t install apps on my phone”, “I don’t have space on my phone for your app”, “I only a work phone, and I’m not allowed to install anything”, and so on. They don’t care about your privacy, so don’t give it as a reason. “it’s not about privacy, I’m just poor”.
I was happy when they used an entirely on-device AI to generate alt text for photos, but this is just ridiculous. They quite literally already have an extension that does the exact same thing this new “feature” offers.
Firefox was supposed to be a less bloated than chrome, but all they’ve done now is continued to add more and more to the browser that nobody actually asked for.
Give me bug fixes, UX and performance improvements, not entire sidebar popups for review checking that only works on 3 stores on the entire internet.
For the new AI review feature, we are the product not the customers.
IANAL, but I don’t think T&Cs are really legally binding and can be easily fought against in court.
While true, it requires time and money to get a case before the court. Which most people don’t have. If your rights require you to invest your time and money against a much larger adversarial party in court, then it’s not your rights that are being protected in the first place. Right now Big Tech is more worried about us exercising our rights instead of being afraid of trampling on them in the first place.
https://www.fakespot.com/privacy-policy
Internet or other electronic network activity (e.g., browsing history, search history, information regarding an individual’s interaction with an internet website, application, or advertisement, and online viewing activities)
Category of Third Parties to Whom Personal Information is Sold and/or Shared: Advertising partners, Service providers
Just a snippet of the privacy policy. There’s other bad stuff too like location tracking. It’s also all ran through Google analytics.
So much for a privacy respecting Mozilla
And people thought Mozilla became an ad company when they bought the other ad company. Nope. I’m tracing it back to right here.
I know … But people actually literally want this.
Maybe FF is what we install for normies while we use forks for other flavours.
people actually literally want this
Who’s tearfully begging for a chatbot to tell them what a review page says instead of just clicking on the page and reading the actual reviews wtf
Normies.
Our IT department is constantly getting tickets to unblock random shitty stuff like that.
I cannot explain it, not even a little, I just know it’s a thing.
Perhaps the general ad infestation of everything blurred the lines.
In a way, in the immediate sense of the moment, being sold bullshit by AI/algorithms or irl by a sales person isn’t that much different. And people don’t care about tomorrow or anything they can’t immediately see.
(Im guessing, all of it)
Does fakespot have a chatbot? I thought it predated LLMs and is basically just some human-made algorithms to filter out suspicious reviews.
But people actually literally want this.
No-one except advertisers want this.
Most people simply do not care at all.
Read the room
Why do advertisers want you to have tools that help you detect covert advertising?
Because Mozilla takes a metric shitload of your data via fakespot such as (but not limited to)
Internet or other electronic network activity (e.g., browsing history, search history, information regarding an individual’s interaction with an internet website, application, or advertisement, and online viewing activities)
https://www.fakespot.com/privacy-policy
And then sells it to advertisers
In long term, for substituting them with their own links. In short term it’s a nice feature.
Why do you think it’s useless?
If someone wanted it, they could’ve installed the Firefox extension, but now for users who doesn’t want this, they have an intrusive feature that is just a bloat. Also, even if I wanted it, it’s fairly useless unless you live in western countries.
Okay, but why do you think it’s useless?
Because not many people from somewhere like greece shop on walmart or best buy, and many people who use Firefox also are anti amazon
Hmm, that might be a bug - it looks like it was only meant to be available in the US. I’ve never seen it, at least.
It’s not a bug. I don’t think they saw it. They just need something to be angry about.
For the same reasons as the shitty AI for detecting AI produced essays.
Can you opt out?
I beluga there is an
about:configsetting to disable it. You can find more details somewhere in the comments of this post or the original post that I quoted.apt remove firefox (or via pacman, windows settings etc)
Otherwise should be a bunch of flags you can set in about:config
didn’t the Firefox management say they would focus on their core product rather than random little services like this
At this point, I’m glad I switched to Mull on my phone. It took a bit of overcoming the resistance of using Firefox for decades (Stockholm syndrome), but I don’t miss Firefox one bit.
Now I need to do that on my desktop, but I’m still shopping. Librewolf? Palemoon? Ice Weasel? What are folks here trying out these days?
Lots of love for librewolf here.
Strong fingerprint resistance breaks a lot of sites so just get used to disabling that on whatever sites.
Isn’t Mull basicslly Firefox since it’s just a Firefox-based fork? The UI seems to be identical to me - don’t notice any other differences on my phone
Isn’t Mull basicslly Firefox since it’s just a Firefox-based fork?
I don’t understand why that would be a bad thing. If Firefox starts to enshittify then a fork from before the enshittification is exactly what I want.
It’s not - quite the contrary. I was just wondering what the commenter that I replied to meant when they said that it took them some getting used to. For me, it’s just a slight change in design and a different icon
Yes, it’s Firefox without the bullshit.
It’s ironic that Firefox started the same way, actually.
When Netscape open sourced its browser and then fucked it up, some folks took the source code and built “Phoenix,” much, much later becoming Firefox.
On Android I am using Waterfox. Still looking for alternatives on desktop.
Mullvad Browser is pretty good on desktop.
Actually I thought there new ceo said they were going to fuck around with AI stuff.
Edit:
Yeah but to be fair they bought this years ago. Just took them forever to integrated. I suspect any changes in direction will truly show in 3-4 years, once the current backlog (no don’t look at my company’s Jira, TYVM! 😑 ) is cleared.
Thanks.
AI shit alone, I never understood the urge to build a whole OS in the browser. I want my browser to view websites. If I want more, then I can install extensions. I’d rather them release this as some sort of “official” extension. Might switch to LibreWolf (do you have any other suggestions?)
deleted by creator
“strategic partnerships”
https://support.mozilla.org/en-US/kb/review-checker-review-quality
Protect your privacy
Firefox is committed to empowering you with information about review reliability while respecting your privacy. We use Oblivious HTTP (OHTTP) for Review Checker.
When Review Checker is turned on, we use information about the products you visit on Amazon, Best Buy and Walmart to analyze the reviews, but by using OHTTP we ensure Mozilla cannot link you or your device to the products you have viewed. OHTTP uses encryption and a third party intermediary server to offer a technical guarantee that this is the case: all Mozilla learns from this network request is that someone, somewhere, looked at a given product.
Here is a talk on OHTTP (OHAI) https://www.youtube.com/watch?v=_HEzpnktAwY
and a OHTTP recap https://www.youtube.com/watch?v=qjLwo4Ufp8s
Basically, if you trust the OHTTP Proxy (mozilla) and the OHTTP service provider (fakespot) to not collude, then OHTTP protects your data.
If you think Mozilla and fakespot might collude, then this doesn’t give you any privacy. (Update - Someone pointed out Mozilla has purchased fakespot, so this comes down to Trusting mozilla with 100% of your data for their privacy promise and OHTTP is totally pointless here)
Depends on your threat model.
If they actually cared about privacy they would have the OHTTP model, sure, but also a TOR hidden service endpoint that anyone could use as well ; Removing all the links between the user and the service shouldn’t be a problem, since they are not monitizing user behavior, right? RIGHT?!?!?
Mozilla says they use a third-party OHTTP intermediary. In the blog post linked above, they name Fastly as their partner. So it’s not as bad as Mozilla + Mozilla-wearing-funny-glasses.
Personally, I still think this is the wrong approach to privacy, even though I’ve used Fakespot on my own many times over the years. Largely because I don’t think any of this needs to be built into a web browser.
I would prefer my web browser to minimize information leakage by default, to the greatest degree that it can while still remaining useful as a web browser. Mozilla keeps adding bloat to Firefox, and bloat always comes at a cost. I’d much prefer these to be browser extensions that people can download if they want them, rather than built in by default. The baseline Firefox should be lean. Less “stuff” = smaller attack surface. Simplicity is best.
I mean, the Fakespot browser extension has existed for a long time, and I’ve never seriously considered installing it. I’d much rather just take an extra three seconds to load their web site and paste in a URL than have it constantly monitoring my activity and doing god-knows-what with it. That way I have better knowledge and control of what is happening with my data. Even if I trust their intentions, I don’t implicitly trust their competence (all software has bugs) and I don’t trust that they will never go rogue in the future.
And also, I just don’t find this claim all that compelling in principle:
By processing the data jointly across two independent parties, they ensure neither party holds the information required to reveal sensitive information about someone.
I mean…sure. That’s fair. Buuuuuut handing half the data to your “partner” doesn’t give me a whole lot of confidence. Especially since literally nobody reads all of the privacy policies they are subject to. See:
Minimizing privacy policies should be a high-priority goal for any organization that claims to value privacy.
Furthermore, how many additional parties have access (legally or otherwise) to both Mozilla and Fastly? 🤷
I remember when Firefox was brand new over 20 years ago and one of the reasons for creating it was the main Mozilla browser had too much feature bloat so it was stripped down to just a browser and if you wanted more features you could add them in as extensions, putting just what you wanted in the browser and leaving out what you didn’t. It was great! Eventually Firefox became more popular so Mozilla switched their efforts to it and they’ve been jamming more things that used to be extensions in as features and bloating it full of features I don’t want. It’s one of the reasons I started using Chrome in the early days of Chrome but then of course that and Google started getting worse so I switched back to Firefox, but it still has its problems.
i would like to see mozilla making all of these features as full fledged browser extensions (installed by default, sure why not, but uninstallable at user request)
Wait, where does it say that Mozilla is the third-party intermediary server?
It doesn’t, but when modeling threats we have to go be capabilities and not intentions.
If we’re going by capabilities, then your browser maker can already see everything you do in that browser.
I don’t trust Mozilla one single bit with my data as long as they have an advertising network enabled by default and use pingback telemetry for ALL actions you do in the browser by default that can only be turned off by changing multiple “hidden”
about:configsettings.
I dislike doublespeak
