Firefox's ad tech, CrowdStrike shenanigans, SecureBoot broken: Linux & Open Source News

My company was auditioning cloud strike

I asked them a simple question. Can your software be modified by a internal threat and then be used to exfiltrate data from our systems

They claimed they were immune to supply chain or internal threats because of their internal audit process

I asked for the results of their last internal audit and they pulled themselves out of consideration

thomaslindell

Mozilla: popups that ask for consent to collect personally identifiable information are user-hostile
[GDPR has entered the chat]

necuz

Firefox opted in by default without telling you is disgusting

lussor

Sounds like Firefox is doing everything to lose shares to chromium

deloller

when disney IT pushed crowdstrike on us, we all called it "the virus"

logiclust

Brodie said it best, I paraphrase: When it comes to people using Firefox you are already dealing with people already caring about their privacy. So any features like what Mozilla just added is gonna stoke controversy like it or not. And Mozilla just can't get out of controversy it would seems.
Me personally I use ESR on my main machine so I don't have to deal with that bs. But my Fedora machine does use Firefox 128 and if not for Brodie vid, I wouldn't have had known, the setting is meant to be set up once and forget after all.

F_Around_and_find_out

Correction: the gift card wasn't send to affected companies but to IT teams who helped CrowsStike mitigate the issue.
Which is less stupid in my opinion

raykutan

Goddammit, Mozilla. I shouldn't have to explain this. ON MATTERS OF PRIVACY, ALWAYS FAVOR OPT-IN.

And this was *absolutely* buried on the settings page. I wouldn't have seen this for months or years. This is a violation of trust. I'm turning it off purely out of spite, and skipping my usual donation.

brittb

The issue with Firefox's PPA is bigger than a pop-up, though that is unacceptable IMO.

The problem is that it's not necessary, ad companies already collect invasive data about us, this is just another data point that is handed to them for free without user consent, nothing prevents the ad companies to collect more invasive data of their own. Besides, you need to trust Mozilla to not f*ck up the implementation because they run the aggregation service, meaning your data is going to them. 

I don't want my data to be given away on a silver platter, the fact that they hide this from you just makes it worse.

jay-cm

I don't like Windows for a variety of reasons, but I don't believe Microsoft is at fault here, and I'm saying this as a dev with a somewhat good, high-level understanding of the issue that occurred (for a good explanation see Dave's garage video on it). I do belive Crowdstrike broke Debian in the past, so this is hardly a Windows problem.

vlad-rspb

Any of those less invasive ad technologies would only work if there will be laws in place to prevent companies from just collecting all the data they can. In that case yes, such technologies are great and I would love privacy friendly ads as I do want my free content, software and services. But until there are proper strict regulations in place, this is just another source of data collection for companies who will grab everything they can.

temari

CrowdStrike best f@#king hope Uber Eats delivers me a new boarding pass for Vegas! 😡

repairstudio

Considering all the Gnome drama and all the trouble with funding lately, it's nice to have another player with Pop Os in the desktop environment space.

herrquh

No joke, on Thursday, CrowdStrike sponsored my org (as well as a few others in the area) tickets to See Wolverine and Deadpool.

GuenterErde

"The ad-based web... which, like it or not, is the ONLY way you're getting all of those free videos, articles, podcasts and everything else."

There were and are articles, podcasts and "everything else" before and without ads. There are just less of them, and they're not profit driven. There are lots of models for monetizing the internet, and "your privacy for free content" is only one of them, and even if you shut off all monetization for the internet, hobbyists would still use it and still post content.

danieldover

Firefox is objectively slower than chrome. I only use it because it's better for the things I care about (privacy, manifest v2, customizability). With such a small user base, you would think firefox would be in touch with their users, but nah they decide to alienate the last 2% that havent switched to chrome

rabbits

I mean, we all know people are more angry when they're hungry. Genius move by Crowdstrike, you can't be mad at someone who fed you

temari

17:35 and why would AI companies care? Microsoft won in the lawsuit against Copilot.. anything goes now.

soi

Firefox is really going downhill. That is the reason why I donated recently to the Ladybird Project as this is the last chance we have to fight back Google's browser monopoly

Lu-Die-MilchQ

Clem and the Mint devs should seriously consider basing Mint on Debian Testing, and only use absolutely necessary programs from Ubuntu.

danbuter