PSA (?): just got this popup in Firefox when i was on an amazon product page. looked into it a bit because it seemed weird and it turns out if you click the big “yes, try it” button, you agree to mandatory binding arbitration with Fakespot and you waive your right to bring a class action lawsuit against them. this is awesome thank you so much mozilla very cool
https://queer.party/@m04/112872517189786676
So, Mozilla adds an AI review features for products you view using Firefox. Other than being very useless, it’s T&C are as anti-consumer as it possibly can be. It’s like mozilla saying directly “we don’t care about your privacy”.
- tinfoilhat ( @tinfoilhat@lemmy.ml ) English186•2 months ago
I hate the anti-pattern of “Not Now”. How about “No”?
- jet ( @jet@hackertalks.com ) English62•2 months ago
Yeah, corporate dark patterns really don’t respect consent. When would you like to know more: Now, or Later?
- AlexWIWA ( @AlexWIWA@lemmy.ml ) English11•2 months ago
These should be flatly illegal. No means no
- 𝕸𝖔𝖘𝖘 ( @01189998819991197253@infosec.pub ) English7•2 months ago
We had a whole generation of people that were taught that ‘no’ means ‘maybe later’ (the whole point of the ‘no means no’ ads about daterapes), and that same generation is now running these companies. What did we expect to happen?
- davel [he/him] ( @davel@lemmy.ml ) English57•2 months ago
Why not just be a web browser and leave stuff like this to browser extensions?
Oh right, you enshittified yourself.Edit to add: Why give them money when they apparently already have too much of it from corporate inputs (most of it from Google)? I think they ask us for donations in order to retain their non-profit image, for PR purposes.
- Urist ( @Urist@lemmy.ml ) English26•2 months ago
You are not wrong. I got curious how much they receive in donations, but could not find anything about it in their financial statements.
- Vincent ( @Vincent@feddit.nl ) 8•2 months ago
- Urist ( @Urist@lemmy.ml ) English5•2 months ago
That is where I looked and could not find it, albeit only on my short commute from work.
- ZeroHora ( @ZeroHora@lemmy.ml ) English41•2 months ago
Fakespot is from Mozilla, if you trust Mozilla, why don’t you trust Fakespot?
And why is it useless? With the amount of fake AI reviews an AI to detect them is not completely useless.
But the popup is annoying.
- lone_faerie ( @lone_faerie@lemmy.blahaj.zone ) English18•2 months ago
Using AI to detect AI is completely useless. It’s been a big issue in academics, where a professor will plug your essay into an AI detector and then you get dinged for plagiarism because your entirely handwritten essay gets marked as AI. It’s just glorified pattern matching, it has no concept of real or fake.
- Laurentide ( @Laurentide@pawb.social ) English12•2 months ago
If the AI could really detect any discrepancies between human and AI-generated text, it would stop making them.
- LWD ( @LWD@lemm.ee ) 16•2 months ago
I trust Mozilla to do what they promise with my private data
- Possibly linux ( @possiblylinux127@lemmy.zip ) English7•2 months ago
Shouldn’t trust Fakespot or Mozilla
- antler ( @antler@feddit.rocks ) 2•2 months ago
Lol who the f trusts Mozilla nowadays?
- Possibly linux ( @possiblylinux127@lemmy.zip ) English33•2 months ago
- LWD ( @LWD@lemm.ee ) 27•2 months ago
FakeSpot is a hilarious company run by trend chasers, “crypto enthusiasts and web3 believers.”
If Mozilla chasing the AI trend isn’t bad enough, and their privacy policy doesn’t hurt your soul, FakeSpot also only works on the biggest and most predatory platforms (Walmart and Amazon).
- Blisterexe ( @Blisterexe@lemmy.zip ) 20•2 months ago
FakeSpot also only works on the biggest and most predatory platforms (Walmart and Amazon).
that also happen to be by far the most popular, and also where you are the mos likely to see fake reviews
- LWD ( @LWD@lemm.ee ) 15•2 months ago
“If the privacy invasion and corporate trend chasing doesn’t hurt your soul”?
Did you miss the privacy invasion where Mozilla now sells private data to advertising companies directly?
- Blisterexe ( @Blisterexe@lemmy.zip ) 6•2 months ago
all the data that goes through the firefox integration is anonymised
- LWD ( @LWD@lemm.ee ) 7•2 months ago
We are talking about Mozilla FakeSpot, not Mozilla PPA…
I know, there’s so many privacy issues right now that it’s hard to keep track.
- Blisterexe ( @Blisterexe@lemmy.zip ) 5•2 months ago
i am talking about fakespot
- LWD ( @LWD@lemm.ee ) 7•2 months ago
The letters “anon” don’t appear anywhere in the privacy policy.
So where are you pulling this claim from, because it doesn’t smell right…
- jet ( @jet@hackertalks.com ) English4•2 months ago
Mozilla claims the service respects your privacy because they are using OHTTP (which does NOT provide anonymity)… The marketing speak implies anonymity heavily, but doesn’t say it
- vrighter ( @vrighter@discuss.tchncs.de ) 4•2 months ago
anonymization is not a silver bullet. Data gets deanonymized all the time. It’s very easy to accidentally leak useful information
- 10_0 ( @10_0@lemmy.ml ) 26•2 months ago
Click the big X button in the top right corner
- Napain ( @Napain@lemmy.ml ) 23•2 months ago
didn’t the Firefox management say they would focus on their core product rather than random little services like this
- fine_sandy_bottom ( @fine_sandy_bottom@discuss.tchncs.de ) 9•2 months ago
Actually I thought there new ceo said they were going to fuck around with AI stuff.
Edit:
- thegreenguy ( @thegreenguy@sopuli.xyz ) 21•2 months ago
AI shit alone, I never understood the urge to build a whole OS in the browser. I want my browser to view websites. If I want more, then I can install extensions. I’d rather them release this as some sort of “official” extension. Might switch to LibreWolf (do you have any other suggestions?)
- Wave ( @JameUwU@lemmy.ml ) English2•2 months ago
Libre wolf for privacy w/ customization, Mullvad for anonymity & blending into the crowd
- jet ( @jet@hackertalks.com ) English21•2 months ago
“strategic partnerships”
https://support.mozilla.org/en-US/kb/review-checker-review-quality
Protect your privacy
Firefox is committed to empowering you with information about review reliability while respecting your privacy. We use Oblivious HTTP (OHTTP) for Review Checker.
When Review Checker is turned on, we use information about the products you visit on Amazon, Best Buy and Walmart to analyze the reviews, but by using OHTTP we ensure Mozilla cannot link you or your device to the products you have viewed. OHTTP uses encryption and a third party intermediary server to offer a technical guarantee that this is the case: all Mozilla learns from this network request is that someone, somewhere, looked at a given product.
- jet ( @jet@hackertalks.com ) English17•2 months ago
Here is a talk on OHTTP (OHAI) https://www.youtube.com/watch?v=_HEzpnktAwY
and a OHTTP recap https://www.youtube.com/watch?v=qjLwo4Ufp8s
Basically, if you trust the OHTTP Proxy (mozilla) and the OHTTP service provider (fakespot) to not collude, then OHTTP protects your data.
If you think Mozilla and fakespot might collude, then this doesn’t give you any privacy. (Update - Someone pointed out Mozilla has purchased fakespot, so this comes down to Trusting mozilla with 100% of your data for their privacy promise and OHTTP is totally pointless here)
Depends on your threat model.
If they actually cared about privacy they would have the OHTTP model, sure, but also a TOR hidden service endpoint that anyone could use as well ; Removing all the links between the user and the service shouldn’t be a problem, since they are not monitizing user behavior, right? RIGHT?!?!?
- GenderNeutralBro ( @GenderNeutralBro@lemmy.sdf.org ) English12•2 months ago
Mozilla says they use a third-party OHTTP intermediary. In the blog post linked above, they name Fastly as their partner. So it’s not as bad as Mozilla + Mozilla-wearing-funny-glasses.
Personally, I still think this is the wrong approach to privacy, even though I’ve used Fakespot on my own many times over the years. Largely because I don’t think any of this needs to be built into a web browser.
I would prefer my web browser to minimize information leakage by default, to the greatest degree that it can while still remaining useful as a web browser. Mozilla keeps adding bloat to Firefox, and bloat always comes at a cost. I’d much prefer these to be browser extensions that people can download if they want them, rather than built in by default. The baseline Firefox should be lean. Less “stuff” = smaller attack surface. Simplicity is best.
I mean, the Fakespot browser extension has existed for a long time, and I’ve never seriously considered installing it. I’d much rather just take an extra three seconds to load their web site and paste in a URL than have it constantly monitoring my activity and doing god-knows-what with it. That way I have better knowledge and control of what is happening with my data. Even if I trust their intentions, I don’t implicitly trust their competence (all software has bugs) and I don’t trust that they will never go rogue in the future.
And also, I just don’t find this claim all that compelling in principle:
By processing the data jointly across two independent parties, they ensure neither party holds the information required to reveal sensitive information about someone.
I mean…sure. That’s fair. Buuuuuut handing half the data to your “partner” doesn’t give me a whole lot of confidence. Especially since literally nobody reads all of the privacy policies they are subject to. See:
Minimizing privacy policies should be a high-priority goal for any organization that claims to value privacy.
Furthermore, how many additional parties have access (legally or otherwise) to both Mozilla and Fastly? 🤷
- jet ( @jet@hackertalks.com ) English6•2 months ago
i would like to see mozilla making all of these features as full fledged browser extensions (installed by default, sure why not, but uninstallable at user request)
- 𝘋𝘪𝘳𝘬 ( @Dirk@lemmy.ml ) 6•2 months ago
I don’t trust Mozilla one single bit with my data as long as they have an advertising network enabled by default and use pingback telemetry for ALL actions you do in the browser by default that can only be turned off by changing multiple “hidden”
about:config
settings. - Vincent ( @Vincent@feddit.nl ) 2•2 months ago
Wait, where does it say that Mozilla is the third-party intermediary server?
- jet ( @jet@hackertalks.com ) English3•2 months ago
It doesn’t, but when modeling threats we have to go be capabilities and not intentions.
- Vincent ( @Vincent@feddit.nl ) 10•2 months ago
If we’re going by capabilities, then your browser maker can already see everything you do in that browser.
- Possibly linux ( @possiblylinux127@lemmy.zip ) English5•2 months ago
I dislike doublespeak
- z3rOR0ne ( @z3rOR0ne@lemmy.ml ) 17•2 months ago
Please tell me there’s an about:config setting to turn this bs off.
- 𝘋𝘪𝘳𝘬 ( @Dirk@lemmy.ml ) 14•2 months ago
I got this linked on Mastodon: https://kitsunes.club/notes/9wbyqywt28
- z3rOR0ne ( @z3rOR0ne@lemmy.ml ) 17•2 months ago
Nice. Thank you. For those who don’t click the link, it appears you can disable by setting these flags:
browser.shopping.experience2023.active
and:
browser.shopping.experience2023.survey.enabled
To false.
EDIT: On finally getting back to my desktop and disabling these, it looks like there’s a bunch of these
browser.shopping.experience2023
flags. Some of them set to true, others false, I just set them all to false.
- 𝕸𝖔𝖘𝖘 ( @01189998819991197253@infosec.pub ) English16•2 months ago
I actually use fakespot a lot, but will never install an add-on for this.
I got that notice a few months ago, but I didn’t use either button on the bottom. I used the X on the top, and haven’t seen it since.
I thought we were done with the age of Toolbars, but here we are, back there. An app or add-on for every damn thing. No, I don’t want this integrated into my browser. No, I don’t need your HTML5 app on my phone to do less than the webpage does. No, I don’t want your spyware app to view the one-off Twitter, Facebook, or Instagram link a friend sends me. No, I don’t mean ‘maybe later’, I mean ‘no forever’.
- Evil_Shrubbery ( @Evil_Shrubbery@lemm.ee ) 14•2 months ago
I know … But people actually literally want this.
Maybe FF is what we install for normies while we use forks for other flavours.
- 𝘋𝘪𝘳𝘬 ( @Dirk@lemmy.ml ) 16•2 months ago
But people actually literally want this.
No-one except advertisers want this.
Most people simply do not care at all.
- Eiim ( @Eiim@lemmy.blahaj.zone ) 6•2 months ago
Why do advertisers want you to have tools that help you detect covert advertising?
- 𝘋𝘪𝘳𝘬 ( @Dirk@lemmy.ml ) 5•2 months ago
In long term, for substituting them with their own links. In short term it’s a nice feature.
- antler ( @antler@feddit.rocks ) 2•2 months ago
Because Mozilla takes a metric shitload of your data via fakespot such as (but not limited to)
Internet or other electronic network activity (e.g., browsing history, search history, information regarding an individual’s interaction with an internet website, application, or advertisement, and online viewing activities)
https://www.fakespot.com/privacy-policy
And then sells it to advertisers
- 𝘋𝘪𝘳𝘬 ( @Dirk@lemmy.ml ) 14•2 months ago
What are the right settings to disable that crap via
user.js
? I assume this is done via hidden extension, like Pocket. - ArchRecord ( @ArchRecord@lemm.ee ) 11•2 months ago
I was happy when they used an entirely on-device AI to generate alt text for photos, but this is just ridiculous. They quite literally already have an extension that does the exact same thing this new “feature” offers.
Firefox was supposed to be a less bloated than chrome, but all they’ve done now is continued to add more and more to the browser that nobody actually asked for.
Give me bug fixes, UX and performance improvements, not entire sidebar popups for review checking that only works on 3 stores on the entire internet.
- Lad ( @AFC1886VCC@reddthat.com ) 11•2 months ago
I’m not opposed to the tool itself but they can fuck off with pushing it onto us. If I want to see the newest Firefox features I’ll go the main site and find them.