[preinheimer]

(disclaimer I guess I own a company that offers VPN services, it's like ~1% of revenue though).

I think this seems like a bit much. I'd love Firefox to double down on building a great browser, rather than getting into Pocket, VPN, a Phone, IOT, etc.

Sure, a VPN can be really helpful when you're on sketchy open wifi, or other adversarial network conditions. But you're still trusting someone to handle your connections reliably and fairly. Several ISPs have proven themselves to be sketchy: injecting ads, adding tracking headers, etc. But do we really expect VPN providers to not crunch the same numbers and come to the same conclusions?

Note that despite my thinking, it does fit in well with their agenda:

> Mozilla has identified five key issues that are critical to build the open Internet we want:

    Privacy and Security
    Open Innovation
    Decentralization
    Web Literacy
    Digital Inclusion

[_8j50]

Look,you're missing two very important points here.

1) yes,vpn providers crunch the numbers and come at a different conclusion. This is because they sell privacy before anything else. You don't gamble on the heart of your business model unless you intended to sell out your users from the begining. And there are well vetted providers run by well known individuals with a lot to lose if they sell out users.

2) It is in the interest of Mozilla's users for mozilla to diversify it's revenue source. So long at they don't forget to make features optional,I don't see the problem.

This partnership is great because both Mozilla and ProtonVPN have similar business models. Heck,it would even make a lot of sense for Mozilla to operate protonmail. Except unlike with Google and Gmail,they would charge you money and that's it. Give us what we want,to be your customers not your product!

[nyxtom]

I would actually love it if Mozilla ends up operating protonmail and brings over firefox mail of sorts.

[svrtknst]

Same here. I like Mozilla, and if they can bring me a qualitative email service and VPN on top of a great browser and the MDN, I'm psyched.

Here's to hoping that they also develop an e-mail product to replace Googles Inbox...

[qbaqbaqba]

I don't want another all in one behemoth corporation. I want a browser that's not connected to any services but sports open protocols. I hope protonmail remains independent.

[Leace]

Wow, I never thought about this but strangely it makes sense.

It seems ProtonMail frontend is open-source: https://github.com/ProtonMail/WebClient

[intopieces]

>But do we really expect VPN providers to not crunch the same numbers and come to the same conclusions?

Yes, because those numbers are different -- there's actual competition among the providers, which is not so for ISPs. I agree it's still a gamble, and still requires trust, but if/when that trust is broken, there's someone else ready to fill that void.

[ryanlol]

"competition" doesn't work super well here given the information asymmetry between users and providers.

There's simply no way for customers to tell if their VPN provider is selling them out.

[jopsen]

Isn't that why you want Mozilla?

By siding with you they can certainly pave over the asymmetry in the relationship between provider and users.

I trust Mozilla, not ProtonVPN, and I trust Mozilla vetted them and will continue to look them over the shoulder.

That's more than I can say for my current VPN provider.

[acct1771]

I currently would trust them right up until the point where they receive a subpoena from the government because I said something they deem icky.

[jopsen]

Having worked at Mozilla I can honestly say that I'm confident Mozilla can't keep a neferious secret :)

There is a lot of passionate privacy activists at Mozilla. Many of whom to would leak an NSL at the risk of persecution. (In fact I dare say the lineup would be long)

[tapoxi]

Make no mistake, Mozilla Corporation is a for-profit entity. They're owned by a nonprofit shell, but I imagine that nonprofit could easily sell them off.

This puts them in the same boat as say, IKEA.

[preinheimer]

Like when they slipped a Mr. Robot plugin into the download without telling people?

https://www.theverge.com/2017/12/16/16784628/mozilla-mr-robo...

[BoysenberryPi]

I must be the only one who thought this was a non-issue. A molehill turned into a mountain.

[sjellis]

The incident was trivial, but it exposed serious concerns in the process. Mozilla itself strongly promotes privacy and digital rights, but their marketing people did not understand that this was a breach of trust, and all of the technical people involved in the release of the add-on either did not realise this either, or were overruled.

[svrtknst]

No, I agree at least. I mean, it was a bad move and thoroughly short-sighted, but then again - what's the score?

One slight privacy infraction from Mozilla, vs. the countless others from Google, or Facebook, or whatever. It wasn't a good move, it also wasn't as bad as people make it out to be, and it's defeinitely better than any competition.

[kiriakasis]

> One slight privacy infraction from Mozilla

It was a breach of trust, but there was no privacy infraction.

[tehduder9]

I bet you'd be screaming hell if chrome would have done it.

[bigiain]

Sure - it was a dumb move on Mozilla's part.

But keep in mind that while it was pushed out into people's browsers in a stupidly-lacking-in-foresight fashion, it still required use activation before it'd do anything...

I'm at least four nines sure Google have got worse privacy-eroding code in Chrome that does way worse things that flip some text upside down after you specifically activate an add-on...

[eridius]

On the contrary, we already expect Google to try and monetize its users any way it can.

[bonsai80]

Right. It's the difference in having someone's trust or not.

[ionised]

Not really. We expect shitty things from Google at this point.

[bigiain]

> But you're still trusting someone to handle your connections reliably and fairly.

Some of us live in tinpot totalitarian reigemes[x] where ISPs are required by the government to retain "meta data" records of all customer connections and traffic.

It's a privacy win for me just to move the endpoint where my unencrypted traffic (and dns lookups) out of my local jurisdiction, since at least that way I'm not using a service that's required by law to snitch me out to any curious local cop... (Hopefully my chosen VPN provider really isn't keeping logs or snooping y traffic, but even if they are - moving that out of my local legal jurisdiction is an improvement for me...)

[x] That's a little intentionally overhyperboled - but fuck me our Australian politicians are making some insane laws around internet use by the whole population...

[benatkin]

Agreed. I switched back from Chrome to Firefox partly because Firefox had a constant reminder of a thing I don't use, Pocket, in the address bar. I don't have anything extra in Chrome that permanently shows up, just a temporary window that pops up asking me if I want to sync when I save passwords, which I'm used to dismissing.

[blueish]

You can remove Pocket from the address bar. All you do is right click it and the only option shows up as "Remove from address bar", so you don't have to stare at the reminder if you don't want to!

[mrweasel]

What I don't understand is why everyone needs VPNs all of the sudden. There must be a ton of money in selling VPNs, every YouTuber seems to be sponsored by a VPN provider, and now Mozilla is getting in on the action?

As others have pointed out, Mozilla is a for-profit, and I doubt that they would be able to keep up with the development of Chrome if they where not. That being said I wish I'd keep their focus on the browser part it self, and avoid going in the direction of Chrome, which have basically become an OS without a kernel.

While it is a little hypocritical, I would wish that they'd add Chromecast support to Firefox. That's really the only feature I'm missing.

[paulryanrogers]

For me it was seeing messages from my ISP creeping into traffic from other sites. That's not OK

[jopsen]

I trust Mozilla would throw ProtonVPN under the bus at the first hint of trouble.

Can you actually check if a VPN provider logs data? No, but Mozilla certainly has more sway than I do.