this post was submitted on 08 Feb 2024
520 points (99.4% liked)

Firefox

17752 readers
1 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

Mozilla Corp., which manages the open-source Firefox browser, announced today that Mitchell Baker is stepping down as CEO to focus on AI and internet safety as chair of the nonprofit foundation. Laura Chambers, a Mozilla board member and entrepreneur with experience at Airbnb, PayPal, and eBay, will step in as interim CEO to run operations until a permanent replacement is found.

https://archive.is/rmMEb

Official Blog Post: A New Chapter for Mozilla: Focused Execution and an Expanded Role in Charting the Internet’s Future

you are viewing a single comment's thread
view the rest of the comments
[–] sugar_in_your_tea@sh.itjust.works 13 points 9 months ago (1 children)

I think they need to integrate better with their paid offerings to build additional revenue streams. For example, Mozilla VPN works with Container Tabs, but I had to look for it; that's a pretty killer feature IMO. Make it work on mobile too and a lot of people would be interested. Maybe they could white label a password manager (Bitwarden?) as an alternative to their built-in PW manager service, and make the experience really good. Throw in Relay as well.

There's a lot they could do with opt-in, privacy-centric features that I would be totally interested in.

[–] kewjo@lemmy.world 4 points 9 months ago (2 children)

Maybe they could white label a password manager (Bitwarden?)

not sure starting at which version, but in android you can set bitwarden as a default password manager system wide which integrates pretty seamlessly with firefox and other apps. only place i know bitwarden doesn't really integrate well with firefox is on Linux but that seems more due to bitwardens lack of interest to implement freedesktop apis.

i agree though with additional revenue streams, they need to break dependence on Google search engine revenue. maybe spend research on alternative monitization to ads and sponsored content that could be implemented at a browser level and split revenue between browser and websites.

[–] sugar_in_your_tea@sh.itjust.works 3 points 9 months ago* (last edited 9 months ago) (1 children)

split revenue between browser and websites

Yeah, I was super stoked when Brave announced that, but it went nowhere.

I have ideas here as well. Basically, Firefox would integrate some kind of micro-transaction system where you could load up some amount of money, then you pay per view for a given website and it deducts from that balance, and in exchange you get no paywall or ads. Or if you don't pay, you'll see privacy-respecting ads served by Mozilla, and Mozilla would make monthly payments to the website with MTX and ad revenue to preserve privacy.

This would be opt-in by website of course, and hopefully they can get enough websites to opt in to matter. I would be happy to spend like $10/month or whatever to not have any more paywalls and not have to make accounts everywhere.

But yeah, there are a ton of privacy-respecting monetization options, so hopefully the new interim CEO has some ideas. A good model here could attract new users while also securing Mozilla's revenue for the future.

[–] whats_all_this_then@lemmy.world 1 points 9 months ago* (last edited 9 months ago) (1 children)

I'm no cryptography expert but I don't see how they could implement this with true anonymity or without it being spoofed in other browsers. There is currently no way to know with absolute certainty what browser/client web traffic is actually coming from and game anti-cheat devs will probably tell you it's a nightmare of a problem.

The way I see this working is making it a Mozilla account thing and not a Firefox thing through some sort of stateless cross-origin cookie the sites agree to support. But then, you're giving up at least some privacy because even if the sites you visit don't know who you are, you'll still have to trust that Mozilla is logging anonymized visit counts and that some CEO 5 years from now isn't going to change that for a quick buck.

Maybe I'm just out of my depth here and someone's gonna correct me (please do if I'm wrong).

Here's the way I see it working:

  1. Mozilla sends sites a key that can be used to verify a signed client token
  2. You register w/ Mozilla, and Mozilla sends you a signed token with your payment authorization (includes an expiration time and random ID)
  3. Your web client sends your token as a header to the site in question with your signed payment auth token
  4. Sites verify your token's signature and respond w/ an acceptance, and keep their own log of transactions
  5. Your browser logs the transaction and updates your balance
  6. Periodically, Mozilla compares their transactions with news sites to catch anyone using tokens incorrectly

Each week (or more often), you get a new signed token with no reference to the old signed token. In the event that you use more than your agreed-on balance, you must pay the difference or you won't get a new token. So here's the information each party needs to know:

  • Mozilla - some stable id between you and Mozilla w/ links to generated tokens and your balance
  • sites - random auth token, signed by Mozilla, with a transaction log for that token
  • your browser - payment details, transaction log (includes websites visited), your stable id, etc

The only way Mozilla could know your identity is by sending data from your browser that links id info (i.e. Mozilla account details) with that stable payment id. Mozilla could even move the stable id and token generation to a separate legal entity entirely (say, an extension) with publicly audited data transfers w/ Mozilla, and Mozilla just gets a summary from each client (unrelated to the payment id, signed by the extension) so they know which sites were visited with what frequency. They would get a bill from sites based on usage, which they'd compare with the data collected from individual browsers to sort out payment.

In terms of user experience, you'd just get a prompt from the extension asking whether you'd like to see ads and the cost, and if you choose ads, the header would include that info as well (i.e. process this payment token as ads or cash) and Firefox would serve privacy-respecting ads from Mozilla's domain.

I haven't fully ironed out the details, but I think this proves feasibility.

[–] Delusion6903@discuss.online 1 points 9 months ago (1 children)

I'm on Linux and have used Bitwarden for years. If it is better on some other os, I don't know how. I'm certainly not feeling a need for improvement.

[–] kewjo@lemmy.world 1 points 9 months ago

main difference is auto fill support and detection based on domain and/or application. mainly saves a few clicks and also prevents passwords from leaking through clipboards.