[RabbiPires]

All this talk about openness and freedom, and Mozilla's builds still ship with the proprietary Pocket extension by default. I really hope they don't have to rely on the revenue from Pocket at some point.

Not only that, but it also connects to Google's SafeBrowsing servers. Is that required by their search engine contract with Google? Shouldn't be turned on by default.

[thawaway1837]

You know they own Pocket right?

Pocket is basically their version of Read Later, etc...And it’s completely optional whether you want to use it or not. So I’m not sure I understand this complaint.

Mozilla’s first integration of Pocket was poorly done, and rightfully raised complaints. But since they have purchased it, a lot of those complaints have been resolved.

[groovybits]

<< it also connects to Google's SafeBrowsing servers. >>

As a privacy enthusiast, what's wrong with Google's SafeBrowsing service? It provides protection from low-hanging fruit with anonymized data (hashes of URLs).

[heartbeats]

It's not very anonymized. Google already has a list of URLs, so they can just hash them all and see what matches. And if they have URL 1, 2, and 4, odds are they can interpolate to find out what #3 is.

[tialaramex]

> so they can just hash them all and see what matches

Matches _what_ ? Firefox doesn't send hashes to Google Safe Browsing. This would not only be a privacy problem it would also make the browser much too slow. Instead Firefox periodically downloads a summary of what might be unsafe, and then it compares hashes to that summary. If there's a match in the summary (rare but it happens) it fetches more detailed parts of the total Safe Browsing map to make a decision.

As a rule of thumb I'd say when a person complains about Safe Browsing without any clue how it actually works I'm confident they're exactly the type of "power user" who most needs Safe Browsing to keep them out of trouble because they're falsely confident in their own abilities.

[throwaway2048]

It does however request hash prefixes, then google sends to the client all bad URLs that match, that is what can be brute forced with relative ease, if you already have a stream of previous they are visiting (via google analytics, google captcha, and other matched hashes). Especially if you know most every URL on the internet already. (hash them, then look it up in a table).

Anonymization is a very tricky subject, and there is a lot of techniques that get trumpeted but are absolutely not effective assuming a bad faith actor.

[tialaramex]

> It does however request hash prefixes, then google sends to the client all bad URLs that match

IF the prefix is a match, which is relatively unusual then the browser requests the full list for that prefix. But also, no, Google just sends back a list of full hashes and not URLs.

> that is what can be brute forced with relative ease

OK. 1f6866 is a hash prefix, quick "brute force" it with this supposed relative ease, what am I looking at?

How about 0aebaf? Ah, trick question, that's just noise stirred in automatically by Firefox (yes their implementation silently does this, typically the noise drowns out signal by a ratio of 4:1 but it's configurable).

Or wait, maybe the first one was noise and this isn't. Google neither knows nor cares.

Still, you'll just use "relative ease" to brute force every 24-bit number and then er, more brute force to figure out which ones are bogus. You can do the same with my phone number. One of the digits is a "five" - quick, brute force the whole number and tell me what it is to show how great "brute force" is at hand-waving impossible problems!

> if you already have a stream of previous they are visiting

I know this trick. Hey, pick a number, then add two to that number, then take away the number you first thought of. The number you're now thinking of is two - tada!

Yes, if I know where you are then I can "magically" tell where you are using seemingly unrelated information, by simply discarding it and already knowing where you are.

But this "technique" works perfectly well without Safe Browsing and so it has no bearing on whether Safe Browsing is in fact safe.

> Anonymization is a very tricky subject

Brain surgery is also a tricky subject. But Google's Safe Browsing project doesn't do Brain surgery either.

[XzetaU8]

That's not how GSB works in firefox.

https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-...

[Anon1096]

I don't think you understand what anonymized means. Yes they know that someone went to those URLs... but they can't link it to a person. So it's anonymous.

[propogandist]

The request originates and returns to an IP address, your IP address. It's not anonymous.

[groovybits]

So does every other service on the internet, unless you're going out of your way to mask your IP addr. That in itself does not expose the sites you visit via SafeBrowsing.

[BurningCycles]

I've not seen any indication that users wanted it, I've also read that Mozilla developers agree that it should be an extension. Yet Mozilla buys this and puts it inside Firefox, where it can at best be disabled by going through about:config and changing parameters.

Why Mozilla is hellbent on pushing this upon their users is beyond me, it just hurts their image in my opinon.

[JohnFen]

> Why Mozilla is hellbent on pushing this upon their users is beyond me

It's one of their many attempts at finding a revenue source that isn't Google. Their hope was that people would love it so much that they'd sign up for the pay version.

I have a huge amount of sympathy for Mozilla on this issue. They get slammed for being funded by Google, but pretty much every time they do something that could generate revenue and get them off of Google's wallet, they get roundly slammed for that, too.

[BurningCycles]

>They get slammed for being funded by Google

I don't see that at all, I mean they've been funded by Google for practically their entire existence.

On the contrary it seems to me that Firefox users find that funding the project through selling the default search engine is a good compromise as it is both easy to switch to a different search engine, and also that the vast majority use Google either way.

Also it's not as if Pocket will ever come anywhere remotely near making Mozilla self-sustainable, it's all so weird to me as this really hurts their image as a 'users-first' organisation.

[zaarn]

The issue is that if Google cuts their funding if they encroach too much on Chromium, then Mozilla is in trouble. At the moment, their entire operation is financially dependent on a competitor paying them money.

[ComodoHacker]

>Mozilla’s first integration of Pocket was poorly done, and rightfully raised complaints. But since they have purchased it, a lot of those complaints have been resolved.

Off-topic, but I find current integration equally poor. Why do I have to spend extra clicks to login every time I want to add something to Pocket? Why it doesn't use stored credentials just like Sync does?

[groovybits]

<< Why it doesn't use stored credentials just like Sync does? >>

If you sign into Pocket with your Firefox Sync account, this is the behavior.

It should only prompt you to re-login if you've cleared cookies. Even then, you can re-login via FF Sync without entering the password in again.

If you're logging in with a service other than FF Sync (ex: Google), I'm not sure how you expect FF to know what your credentials are to log you in.

[ComodoHacker]

>It should only prompt you to re-login if you've cleared cookies

Looks like Cookie AutoDelete extension somehow affects Pocket but not Sync. Thank you for hint!

[abawany]

Yes, I had to whitelist '*.getpocket.com' to avoid auto deletion of Pocket cookies.

[pseudalopex]

Pocket isn't end to end encrypted and replaced a feature that was. Mozilla promised to make it open source and hasn't.

[throwaway2048]

Its still proprietary and closed source, despite them owning it for years now.

[MikusR]

And they promised to open source it. They didn't.

[PopeRigby]

They're working on it https://github.com/Pocket

[sciurus]

> proprietary Pocket extension

FWIW, I believe all the Pocket client code is open source.