[tardygrad]

One of the first things you see on that page (on mobile), even above the headline of the article, is a Facebook share button.

Facebook has its claws in deep. De-Facebooking the Web isn't going to be a simple task.

Bit of hypocrisy to say 'we're not advertising on Facebook anymore' while leaving those buttons in place. Would be ironic if people shared this article on Facebook.

[downandout]

Bit of hypocrisy to say 'we're not advertising on Facebook anymore' while leaving those buttons in place.

I'm sure that it wasn't intentional. Most CMSs have this functionality built in.

Facebook has its claws in deep. De-Facebooking the Web isn't going to be a simple task.

Do you think anyone will try? This is a PR storm, but it will be drowned out in a few weeks or less with whatever headlines get clicks for news sites at that point. Click-hungry web publishers are not going to remove these sharing tools, and many smaller sites depending on tools like Wordpress probably don't even know how even if they wanted to.

If Facebook lost half of its users tomorrow (which won't happen), there would still be over a billion people using it, not to mention its other tools like Instagram. Love them or hate them, Facebook isn't going anywhere for the foreseeable future.

[pgeorgi]

> Most CMSs have this functionality built in.

Which is a big problem for German (and potentially European) publishers due to privacy laws. One major German IT publisher therefore developed an open source privacy preserving tool that strikes a balance: https://github.com/heiseonline/shariff

It shows a bunch of buttons but only loads the 3rdparty Javascript when you press them once (ie. show intent to use them) and asks you to press once again (then the native 3rdparty button).

[fusiongyro]

On the other hand, one thing Taleb points out in Fooled by Randomness is that meteoric rises are often followed by catastrophic losses, whereas gains more slowly made are typically also lost more slowly.

You can also apply Richard Gott's estimator:

https://www.washingtonpost.com/news/wonk/wp/2017/10/06/we-ha...

At the 50% confidence interval, it predicts that Facebook has between 5 and 42 years left in it. Maybe the Cambridge Analytica scandal is serious enough to be the death knell, and in five years it will be defunct. Five years is a long time on the web. I could easily see us looking back on this as the scandal that led to Facebook's complete downfall.

Another question I don't have the answer to is how dependent is Facebook on advertising. If their brand becomes toxic and all the advertisers pull out, how much runway do they have? Enough to build a completely new revenue model before going out of business?

Day to day big things are rare, but over longer time intervals large companies do die, and for more frivolous reasons than this.

[downandout]

If their brand becomes toxic and all the advertisers pull out, how much runway do they have?

There are plenty of companies that will still advertise there. As long as the users remain - and that appears to not be a question, at least right now - there will be advertisers chasing after them. I am in charge of a relatively large Facebook advertising budget, and I can tell you that I would love it if, for example, half of the advertisers left. Facebook ad pricing is largely based on an auction model, and that would mean less competition and lower priced clicks. But I'd be stunned if even 0.5% of the advertisers left over this.

Mozilla is in a unique situation, in that the political views of its workforce seem to dictate many of its business decisions. That is not the case at most companies.

[fusiongyro]

Let me reinforce my earlier point: I am not predicting Facebook disappears tomorrow because of this scandal. However, I doubt it's the last big scandal, and I don't see a way for Facebook to unreveal their star killer base or disarm it. I am predicting slow decline for them from here on out, until they enter a heay death like MySpace or LiveJournal. Just because it appears to be a complete fixture in billions of lives today, does not mean it will be forever. We all lived without it 14 years ago.

"When building sand castles on the beach, we can ignore the waves but should watch the tide." -- Dijkstra

[vkou]

The thing is, MySpace died because it was replaced by Facebook.

What will Facebook's successor look like, and what makes you think it'll be any more human-friendly?

[vertex-four]

It looks a heck of a lot like any number of mobile messaging apps combined with subject-specific forums, in my circles. But we're relatively out of the mainstream - not in tech, but a different circle that hasn't wanted to be attached to Facebook for years.

Honestly, I think it's going to be "mobile messaging and X" where X is different for every subset of people. The mobile messaging allows you to keep contact details for people and keep in touch in a non-1-to-1 way through group chats, while the choice of X allows people to make a statement about what sort of person they are.

[downandout]

It’s certainly possible that you’re right. I just don’t think that this situation is the beginning of the end. It’s a big deal in the Valley, but I’m not sure how big of a deal it is elsewhere.

[EGreg]

This analysis reminds me of a Princeton study 3 years ago:

https://techcrunch.com/2014/01/23/facebook-losing-users-prin...!

[jakecopp]

Are there online RSS feed writers that nontechnical people could use? Reading a pure collection of my friend's RSS feeds would be wonderful.

Though to the best of my understanding there is no way of commenting on RSS posts unless you host a site.

[zdkl]

Have you checked out the ActivityPub spec? https://www.w3.org/TR/activitypub/#Overview

[brylie]

FWIW, Mastadon supports ActivityPub:

https://hackernoon.com/mastodon-and-the-w3c-f75f376f422

[fitzroy]

FriendFeed was great for this (until it was acquired and eventually shut down by Facebook).

Seems like a good time to resurrect that idea.

[brylie]

For non-technical people, it might be good to help them get set up on Mastadon network:

https://joinmastodon.org/

https://instances.social/

[aaron-lebo]

That's not a good choice for non technical people.

I respect what they are doing, but the community is still nerdy and really small. It will feel good from a techie perspective, but it's not something that many users are going to get much value out of, you are kind of wasting their time.

Not sure, but pretty sure Mastodon is going to end up being as popular as Diaspora RStatus or app.net. It's not a mainstream solution. Federation for most people is a useful feature on top of an active popular social network, not the other way around.

[daveFNbuck]

Yes, I find Feedly to be quite usable. It also has some social features but I have no idea how those work.

[dawnerd]

Newsblur? Theres commenting and it's pretty easy to use.

[smsm42]

If you want to read RSS, use feedly. I've moved to it when Google killed Reader, and haven't regretted it since.

[Tossrock]

Yeah, I thought that this line:

> "They know everything we click and like on their site, and know who our closest friends and relationships are."

was actually a big understatement - due to the ubiquity of the share button, which (as many HN readers know, but many average internet users do not) tracks logged in (edit: and also logged out) users, they also know a decent approximation of everything, done by everyone across the entire internet.

Now, it may be ironic, but it might also be poetic justice if something being shared over Facebook ultimately weakened it. Imagine a virally-shared post encouraging people to take a deletion pledge in 5 days by sharing it. They could use the intervening 5 days to get contact information, and establish what kind of relationship they'd like to have with the people they actually care about on there.

[jjeaff]

>tracks logged in users

It also tracks logged out users. Assuming you didn't log out of Facebook AND clear your cookies. Logging out of Facebook merely marks you as logged out. But the cookie remains and they use it to track all the sites you visit.

[eecc]

Just curious, but blocking third party cookies would also stop the tracking or it uses some server-side library to embed the cookie in the site’s domain?

[inlined]

JFC. How does logging out of Facebook revoke all OAuth tokens for linked accounts on that machine but they still leave a token to track your movements.

[lettergram]

I actually have been ironically sharing many of these posts on Facebook, along with the #deletefacebook tag.

[dingo_bat]

I have started posting 1 pic every day on facebook (hadn't posted anything for a year) as soon as I saw the #delete fb propaganda going on.

[dfxm12]

Bit of hypocrisy to say 'we're not advertising on Facebook anymore'

They actually said they're not going to "support the platform with our advertising dollars."

It's not really hypocritical at all...

[Gaelan]

Looks like it’s not actually Facebook’s share widget, just a plain link, so at least it’s not s privacy issue.

[TAForObvReasons]

Is there a way to put a "Follow us on Facebook" button without a FB tracker script?

[gkoberger]

<a href="http://facebook.com/yourpagename">Follow us on Facebook!</a>

[sundvor]

Gold. :-)

Should probably be https:// though!

[gkoberger]

Why bother? They're gonna just share your info with everyone anyway ;)

[arkh]

https://github.com/panzi/SocialSharePrivacy

You can see an implementation of it on Schneier blog: https://www.schneier.com/

[thg]

Heise Shariff is one. I've been happily using the typo3 plugin of it for years.

https://github.com/heiseonline/shariff

[akkat]

A lot of German sites have two buttons. One with no tracking that pressing it causes the "follow up" script to run, and then the "follow us" script that tracks you.

[dingo_bat]

You can just put a regular link to your fb page.

[dredmorbius]

See Bruce Schneier's blog for examples.

[Gaelan]

I think Mozilla might be doing just that.

[superkuh]

Also ironic given that Mozilla continues to violate software freedoms by removing control from the very users they pay lip service to protecting. Until they go back on requiring their own cryptographic signature on all add-ons and the Facebook style walled garden this creates these PR moves will fall flat.

And before anyone says,

Yes, you can use developer version but that's a beta (yes, it is). Using a beta as your daily driver shouldn't be a thing.

Yes, you can use the unbranded not-Firefox version. But now you have to install it manually (not in any distro's repository) and keep it up to date manually.

[confounded]

Can you help us understand the problems with this?

[bad_user]

The problem is that every time Mozilla is mentioned on HN, a contingent will see it as an opportunity to bitch and moan about Mozilla not being the FSF.

[DonHopkins]

Don't get screwed by security! You can easily tell if they're truly sincere RMS disciples or just ersatz RMS poseurs by trying to log in to their account using their login name as their password.

http://www.gnu.org/philosophy/stallman-kth.html

>When I found out about those, I overthrew them. The first time, I happened to know the password of one of the people who was included among the elite, so I was able to use that to turn everyone back on. The second time he had changed his password, he had now changed his sympathies, he was now part of the aristocratic party. So, I had to bring the machine down and use non-timeshared DDT to poke around. I poked around in the monitor for a while, and eventually figured out how to get it to load itself in and let me patch it, so that I could turn off password checking and then I turned back on a whole bunch of people's wheel bits and posted a system message. I have to explain that the name of this machine was OZ, so I posted a system message saying: “There was another attempt to seize power. So far the aristocratic forces have been defeated—Radio Free OZ”. Later I discovered that “Radio Free OZ” is one of the things used by Firesign Theater. I didn't know that at the time.

>But gradually things got worse and worse, it's just the nature of the way the system had been constructed forced people to demand more and more security. Until eventually I was forced to stop using the machine, because I refused to have a password that was secret. Ever since passwords first appeared at the MIT-AI lab I had come to the conclusion that to stand up for my belief, to follow my belief that there should be no passwords, I should always make sure to have a password that is as obvious as possible and I should tell everyone what it is. Because I don't believe that it's really desirable to have security on a computer, I shouldn't be willing to help uphold the security regime. On the systems that permit it I use the “empty password”, and on systems where that isn't allowed, or where that means you can't log in at all from other places, things like that, I use my login name as my password. It's about as obvious as you can get. And when people point out that this way people might be able to log in as me, i say “yes that's the idea, somebody might have a need to get some data from this machine. I want to make sure that they aren't screwed by security”.

[superkuh]

It is supposed to provide increased security for users that don't know what they are doing. But because it's not feasible to have humans review every single change made to every single add-on in a reasonable time they've automated the system. So now instead of providing security all it does is make a walled garden where everything has to be approved by mozilla but no one actually checks what they're approving.

So it both provides a false sense of security and prevents users from being able to control the software they run on their own machines.

[IAmLiterallyAB]

It does ensure that the add-ons you download were at least approved once to enter the add-on store. So if you were at a sketchy website and were prompted to install an add-on, it would fail the check. So that's something. I agree it could be a lot better from a security point of view, but I don't think it's malicious.