[MichaelGG]

Same here. Especially as Google becomes more and more evil, Chrome looks less attractive. Even on mobile, I use FF, despite it needing a lot of work and having a lot of rendering and input issues. And Chrome on Android looks very sexy. On desktop, FF is fine, once more.

Rust is also one of the most promising languages with a potentially massive impact on the world. Not only safer software, but exposing more programmers to better ways of coding. (Imagine how different the world would be if a popular OS had adopted a Rust-like two decades ago.)

Mozilla is really an important thing these days.

[omeid2]

I am actually still going back and forth between chrome and firefox and it's design was something that was holding me back, specially in a stacking window. Now looking at this I looked through themes and found Simple White[1] something that way out dones chrome and et all in sexy factor.

[1] https://addons.mozilla.org/en-US/firefox/addon/simplewhite/

[jasonkostempski]

I would like it if something like that was the default and never changed. They seem to keep trying to jump on whatever style is popular when they start a redesign but by the time it appears in a release version it's way out of date. The developer tools are even worse in this regard, they're not even consistent with the rest of the browser. Themes are much better suited to keeping up with trends, the default should be simple.

[alex_duf]

well styling is always a matter of personal opinion. I don't think Mozilla should spend time on theming it's developer tools as long as it's readable and usable.

For the main theme, as long as it's customizable to satisfy the 5% of grumpy people I'm fine with that. The other 95% just doesn't care.

[JetSpiegel]

I just can't stand white themes anymore. DeepDark is the bee's knees, as far as dark themes are considered. It even works on Thunderbird.

[mseri]

Thanks!!! This theme is incredible

[davidrusu]

That is a beautiful theme, thanks

[adl]

Thanks a lot for the tip, that theme is beautiful!. It's now my default :)

[wingworks]

Amazing theme! Thanks for sharing.

[alex_duf]

Great theme, thanks a lot !

[miket]

Don't forget that a large chunk of Mozilla's revenue comes from Google: http://thenextweb.com/insider/2013/11/21/mozillas-reliance-g...

[nnethercote]

It makes me happy that a chunk of Google's money is being used for Mozilla's purposes.

(Disclaimer: as a Mozilla employee, that includes my salary :)

[jfoutz]

Isn't it actually whoever will pay the most to be the default search? I mean, I <3 google search, but i'd bet microsoft could pony up quite a bit of cash as well.

[carussell]

Once upon a time, you could come across a post like this and confidently respond to it by pointing out that, no, Google's position as the default search engine in Firefox is not for sale to the highest bidder. So that even if, e.g.:

a) the "deal" with Google had never happened, and

b) Microsoft came out of nowhere and began offering to pay what Google is actually presently paying (or, let's say, just for fun, even double or triple that), all while

c) Google were making no offer to start paying

... then Google would still be the default search engine in Firefox, regardless.

The same almost definitely cannot be said today.

[cpeterso]

Years ago, Google was head and shoulders above all other search engines. Today Google's competition are almost as good, so other parameters might affect Mozilla's search engine defaults.

[carussell]

We are not talking about whether or not other search engines are probably, maybe now in a better place to compete with Google in terms of quality. Let's assume that they are, even. In fact, let's assume that they are, in fact, better. What we are talking about is this question:

Is the default search position in Firefox for sale to the highest bidder?

If Bing today is the better search engine, or if it's slightly inferior to Google, or if your perspective is that when Bing debuted it was terrible and it's even worse today--these are all absolutely immaterial. They have no bearing on the answer to this question.

[zobzu]

I think theres 3 arguments that are really important here:

- which is the technically better search engine?

- which will pay the most money? (gotta keep lights on!)

- which is the one the users actually want?

Google used to check all 3. Then only 2 (Pretty sure Bing would have paid more).

Today? I don't know.

Sadly engines like Duckduckgo probably can't afford to pay Mozilla enough to keep the lights on.

[nsajko]

What's changed?

[carussell]

Well the set of Mozillians today is not the same as the set of Mozillians in 2009, which is not the same as the set of Mozillians in 2004. It's such a facile thing point out, but it has a huge impact on a project.

Then, it's another very facile thing, but a person involved with Mozilla today who was involved X years ago differs from themselves by X years of experiences. X years' difference also produce X years' worth of changes in the externalities on a project. For example, what impact did the timbre of HN alone have on Mozilla in 2011? What impact was it having in 2008?

So pick how far back you want to go, and then enumerate events that have happened since then. The establishment of Mozilla Corporation. Key developers exiting the project to go work on what would become Chrome. Working with Google on VP8 before the public announcement at Google I/O 2010. The reality of a company that had a couple hundred employees or so for years and then quickly grew to one that now has 1000+, and dealing with that. The shift in focus from the Internet to a focus on the Web, and coping with a lack of influence on the direction of both. The shift in focus on users to a focus on designers and Web developers. The not-terrible idea but also not-amazing idea to try out directory tiles, then dooming it and destroying all kinds of public goodwill in a single stroke by doing this: < https://blog.mozilla.org/advancingcontent/2014/02/11/publish... >. Coping with a number of other failed projects and initiatives over the years like: Theora+VP8 for free video, BrowserID, Do Not Track and changes to third-party cookie policy, and Firefox OS.

Those are some changes Mozilla has been through.

(Note that this is a list of changes Mozilla has gone through, not a "list of bad things about Mozilla". If I were trying to make that kind of list, there are things on there that I wouldn't have put there, and things that aren't on there that should be. But it's not that kind of a list.)

[jasonkostempski]

Users that settle for defaults are IE or Safari users :)

[gsnedders]

There was talk last time it was renegotiated that the large increase was down to MS pushing it up.

[lkbm]

No, the policy is that they will use the best search, and take the money from whomever that is.

[josteink]

> Don't forget that a large chunk of Mozilla's revenue comes from Google

I'd love to support Mozilla as much as possible, but no way I'm keeping the default Google-search when you have stuff like DDG around.

Hopefully me wanting privacy doesn't impact Mozilla's financials too hard. Firefox + DDG only seems like the most natural combination: both are powerful and privacy-centric.

[Tepix]

IMHO, Mozilla only appears to be privacy centric, in reality the way they hide the 3rd-party-cookie on-by-default setting shows that the user's privacy is not their top priority. I'm pretty sure that they are paid for hiding it like that and not blocking third party cookies by default (like Safari).

Disappointing.

The slogan on their page ("Committed to you, your privacy and an open Web") sounds hollow when considering this and their recent support for DRM.

[alex_duf]

Plus it doesn't forbid people to make a donation to support the software they like right ? That's what I do, knowing FFx isn't making any money from me, and knowing that I'm using years and years of development is a good enough reason for me.

[zobzu]

When you donate it goes to Mozilla Foundation while search deal money goes to Mozilla Corporation AFAIK.

That means they actually need donations for the foundation to run (but its not 800 employees so its much less money). Legally you can't fund the Foundation with the Corporation money - since that would make 2 Corporation and zero Foundation then :)

I don't know if the opposite is possible (send donations from Foundation to the Corporation) but I suspect it has the same problem/effect.

[bzbarsky]

> Legally you can't fund the Foundation with the Corporation money

The Foundation is the sole owner of the Corporation. The Corporation pays dividends to the Foundation.

Now the amount of those dividends can't be too much if the Foundation wants to keep its nonprofit status. "Too much" is determined by how much people donate: the restriction is on fraction of money that comes from non-donations.

[forgotpasswd3x]

It's not like Google's just gifting them the money...

[swartkrans]

I'm using Opera instead of Chrome. I use Chrome Canary for web dev, but Opera is basically Chrome sans-Google. It's got all the same features as Chrome as it's based on Chromium. Just none of the Google account features. I've also dumped gmail for fastmail and am trying out duckduckgo, but if that doesn't work out I'll just use Google in an incognito window.

[m_mueller]

I find duckduckgo quite usable for commonplace CS things such as programming in popular languages. For more obscure things I usually just enter g! [query] into my URL bar, so it will revert to an anonymous google. I find this better even just for the fact that I don't get the filtered down view of the world anymore - if there are things named similarly than the ones I use in the world, I want to know, so I can adjust my own naming.

[MichaelGG]

Really? I tried to use DDG, I really did. But the results are just so subpar unless it was a simple "navigational" type search where I knew exactly what I was looking for. I really want to quit Google. I'd even pay for it. But they just dominate by such a large margin.

[newscracker]

In my usage over the last few years, I've come to rely on StartPage for good search results (since it's a proxy for Google). While DDG has improved over time, it still is nowhere close enough to be a Google replacement for me. I end up doing searches on DDG only to repeat the same on startpage.com to get better results. DDG still does not have time based search (where you can search for results in the past day, week, month, etc.), which is a huge disadvantage for me.

I do use both StartPage and DDG, although it's more like a 80%-19% split between these two. The remaining 1% is still on Google to get things like news, and Self-Destructing Cookies [1] helps keep things clean on that front.

[1]: https://addons.mozilla.org/en-US/firefox/addon/self-destruct...

[psykovsky]

Have you tried https://startpage.com ?

[cpeterso]

DDG results have greatly improved over the last year. I tried switching from Google to DDG a couple years ago, but didn't last more than a week. DDG results are as good (and nicer looking) than Google for general searches, but I still rely on Google for needle in a haystack searches.

[fastball]

Yeah, I doubt that DuckDuckGo could compete with PageRank in its first iteration.

There is a reason that Page and Brin are billionaires: their algorithm was absurdly clever.

[thathonkey]

What are you talking about? Totally lost after the first sentence here.

[ripdog]

DuckDuckGo has a 'bang' feature, where you add a bang like '!g' to search a different site directly.

For example, '!g hacker news' becomes 'https://encrypted.google.com/search?hl=en&q=hacker%20news'.

[thathonkey]

Sorry, I understand that part. Was wondering what you meant by this (specifically the part about a "filtered down view of the world"):

"I find this better even just for the fact that I don't get the filtered down view of the world anymore - if there are things named similarly than the ones I use in the world, I want to know, so I can adjust my own naming."

It wasn't a loaded question or anything, not sure why I got down-voted either... (shrug)

[0942v8653]

Google gives you a "filter bubble", essentially exacerbating confirmation bias. That way if you search "what's wrong with Python" it won't return "snakes can hurt you".

Take a look at http://dontbubble.us

[pessimizer]

https://duckduckgo.com/bang.html

[tripzilch]

> use Google in an incognito window.

I've been doing that for a few years now. I only need to log in for GMail, basically. At once or twice a day max, it's not a big hassle at all.

In particular, I find that YouTube is much more useful if you're logged out. At least then the sidebar contains related or similar videos, instead of the stuff I watched last week.

[unicornporn]

Try Startpage.com instead of Ddg. It will give you the the same results as Google, but with the privacy features of Ddg.

[sireat]

Startpage appears to have been around a while and seems relatively open.

However, how does Startpage make money?

In fact, how does DDG plan to make money?

[0942v8653]

DDG proxies ads from Bing and so they make some revenue from that. It's a small team so it seems to be enough (for now anyway).

[newscracker]

Startpage shows text ads (similar to how Google Search ads used to be long ago). And it claims not to record the IP address [1].

[1]: https://startpage.com/eng/protect-privacy.html

[thathonkey]

Just curious why do you use Canary for web dev?

[swartkrans]

It has the best developer tools. You just have to be careful to not use the es6 features that aren't in stable Chrome yet.

[thathonkey]

Is there somewhere I can read about new dev tool features that have not yet made it to Chrome?

[Pxl_Buzzard]

@addyosmani [1] is a Chrome DevTools engineer who often talks about new features. That's probably about the easiest way to find nightly updates without following a mailing list.

1. https://twitter.com/addyosmani

[wlesieutre]

I've been using FF for a while, but partly switched off when I got a Surface (on account of IE's better touchscreen support).

But soon I'll be moving from iOS to Android, the wonderful land of being able to change your default browser. And I'll be using FF there for the bookmark syncing. Firefox on 2/3 devices ain't bad.

There was a lot of hate over the australis redesign, but I like it better than Chrome.

[Encosia]

+1 for IE's touchscreen support. I keep holding out and using Chrome on my laptop for a few extensions and all of the bookmarks/passwords I have synced over the years, but IE makes Chrome look absolutely kludgy and clunky when it comes to performance and UI these days. It's a shame IE doesn't have a more approachable extensibility model...

[wfjackson]

Rumored to be coming in IE12.

http://www.zdnet.com/how-the-next-version-of-ie-codenamed-sp...

[eru]

Does IE run on anything but Windows these days?

(Edit: Doesn't look like it. Alas.)

[SloopJon]

Not that I've tried that hard, but the most recent IE that I can run under WINE (Crossover Mac) is IE 8.

[wlesieutre]

You could always scrounge up a copy of IE5 for Mac ;)

[pjmlp]

So what? Safari is also stuck in Apple land.

[SixSigma]

Perhaps he means "I don't run windows, can I run I.E. on anything else, like it used to run on Solaris or under Wine"

Some people do exist that have Linux desktop / Android smart device as the only computers we can change.

[eru]

Yes, that makes it harder to try Safari, too.

Firefox, Chrome, Opera and others are not so picky about which operating system they run on.

[mdellabitta]

Safari is available for OS X and Windows.

[callahad]

The Windows version was silently killed last year.

[robin_reala]

Safari on Windows has been abandoned; it’s now 3 versions behind.

[MichaelGG]

Android is also the land where almost every single app can see who you call, who calls you, and get a unique serial number for your phone hardware. All because Google smuggled "check to see if the user's on the phone" permission, which many apps rightfully need, into that whole bundle.

As this is technically a very stupid move, it feels like the only way to interpret this is that Google wants more people giving up privacy, for it to be normal.

Also see: Chrome flips around OK/Cancel in the DNT enable dialog, purely to confuse and prevent users from enabling DNT.

[MichaelGG]

For those curious, go look up Phone State and Identity. If an app wants to behave while your in the phone, it also needs to be able to read your IMEI and the number calling or called. So a flashlight app that wants to disable in call can now see that you're calling a cancer doc. This hardly seems accidental, given that knowing if the user is oh the phone isn't s sensitive operation.

As far as Chrome: go compare. Enable things like spell check, which put up a normal little explanation. Then try DNT, which elicits a scary disclaimer and swaps the OK and Cancel buttons.

[zobzu]

I actually think that while its very debatable on desktop, firefox for android may be the best all around android browser.

Now for surface I hear you - i was sad they discontinued the work for that. Even on touchscreen latpops.

[wlesieutre]

Even with no Metro version of Firefox, the desktop version could be better. Touch scrolling in IE for desktop feels like it does on a smartphone. Firefox is jerkier and doesn't get momentum quite right.

[fulafel]

Firefox Beta just got Opera-level responsive for me on Android and no rendering issues so far.

[higherpurpose]

I haven't tried Firefox in a coupled of months, but to me Firefox rendering was the worst out of all the top browsers. I think Firefox does something on purpose that makes rendering worse, such as delaying it somehow in order to increase performance or whatever. So for example you won't get the whole page rendered immediately, and if you switch to a different part of the page, you have to wait for it to get rendered, too. I don't like that much.

[jbkkd]

> safer software What makes Rust-written software safer?

[shadowmint]

This has been covered repeatedly in the past. Rust inherently helps to prevent many types of memory related and concurrency errors.

Rust programs are not 'safe' in the sense that they cannot crash or have security bugs, but they are 'safer' in that the compiler automatically performs a series of safety checks to prevent common errors.

[MichaelGG]

And note that the most serious security bugs in widespread software[1] are typically exactly these common errors. Eliminating them would have prevented nearly all of the remote execution bugs in history.

1: Widespread meaning OSes and popular platforms, not custom LOB apps where SQL injection exists on the login page.

[dscrd]

Option types and safe pointers, and modern abstractions. Some other programming languages offer these too, but Rust attempts to do them while incurring no run-time costs.

[wyager]

It is effectively impossible to have an unsafe memory access error in Rust. The compiler eliminates a huge variety of bug types, including null pointer dereferences, use-after-free bugs, memory leaks, etc. All arrays are bounds-checked and rust encourages good programming practice like using abstracted list-processing mechanisms (like mapping instead of loops) and algebraic types instead of e.g. null pointers.

[shadowmint]

    It is effectively impossible to have an unsafe memory access error in Rust

Please, don't say that. Lets be reasonable. Rust is great, but Rust code crashes and segfaults too, just like any language, programs have bugs, and those bugs can cause program failure.

Rust just has less of them, because it has a smart compiler. ...but it's not right to suggest that it has none.

Remember:

There is no way of ensuring that a rust program does not result in a segmentation fault or other memory or race condition as a result of unsafe code.

There is no way of ensuring a rust program does not contain any unsafe code.

[Dylan16807]

I don't understand your post. If you mean 'unsafe' as in 'may misbehave' then the compiler can definitely ensure there will be no segmentation faults and there cannot be certain classes of race condition. If you mean 'unsafe' as in the keyword that lets you do dangerous things, it's trivial to check if your source has blocks marked with that keyword.

There's no way to ensure the compiler is perfect, but rust itself is not capable of certain types of errors.

You can always code the wrong algorithm, but that doesn't mean you can segfault or use after free (in the default safe mode you almost never have an excuse to leave).

[shadowmint]

This is a misconception.

You are flat put wrong, and spreading misinformation about it doesnt help anyone.

If you use any rust, and that includes dependencies and the standard library with unsafe code, bugs in the unsafe code can and do cause segmentation faults.

Its easy to say, 'well, thats a bug in the library, not a problem with rust', but thats the same as with C++ isnt it? If you can assert any code is 100% bug free then why do we care about the nice safety features in rust?

What is true is that any 'safe' code path that never enters an unsafe block in rust proveably cannot result in certain types of failures.

BUT every rust program uses unsafe code. In the standard library. In c bindings. In 'safe' pure rust dependencies (with hidden unsafe blocks). In loading dynamic libraries.

Its completely unavoidable.

What are going to do? Vet every line of every part of every dependency in the code you use? Dont be ridiculous.

Do you use rust?

..because practically speaking it does crash. Not often, sure. ...but this falacy that rust is 'provably safe' is absolutely false. Its provably false.

Thats why people saying it is unfortunate; it makes the rust community look like a bunch of clueless fanboys.

Please stick to reality. Rust has a zero cost memory management strategy and a smart compiler that helps to prevent certain types of common errors.

We dont need to step into magical fairy land to convince people rust is good. It stands on its own merit easily enough.

[Dylan16807]

I guess I should have been more explicit that I was talking about the language itself (without the unsafe keyword). Not libraries written in other languages, not compilers. It's the job of theorem provers and whatnot to make those safe.

In other words I'm talking about code the programmer makes themselves.

>Its easy to say, 'well, thats a bug in the library, not a problem with rust', but thats the same as with C++ isnt it?

In C++ nothing prevents the lines I write from having memory errors. It's not the same at all.

>If you can assert any code is 100% bug free then why do we care about the nice safety features in rust?

Oh well you shouldn't do that, but you also don't have to use unsafe code willy-nilly. In C++ everything you touch is unsafe unless proven otherwise.

>What are going to do? Vet every line of every part of every dependency in the code you use?

For unsafe blocks? Sure, that's easy.

[Jweb_Guru]

How often has one of your Rust programs segfaulted for you, when it wasn't a bug in your own unsafe code (as opposed to that in the standard library)? For me, the count still stands at zero.

I've been writing Rust for well over a year. I like to abuse new features and I've found many compiler bugs, but my code doesn't crash at runtime.

I'm not saying it doesn't happen, and the plural of anecdote is not data, but I think you're grossly misrepresenting Rust's practical safety benefits. That you only have to trust code in unsafe blocks, rather than all the code everywhere, is a huge benefit.

[MichaelGG]

This is misleading. Apart from bugs in the core code (compiler and stdlib) you shouldn't be memory unsafe in an exploitable way. Even segfault from deref null should be rare. It's like saying Java isn't safe because it might call some JNI. While pedantically true, it's qualitatively different.

That's why effectively impossible is an OK statement. Unless you go out of your way, your program will not contain such bugs.

[shadowmint]

I don't accept that 'effectively impossible' means 'can happen, but probably doesn't happen very often'.

Rust has many other unsafe code paths than ffi; low level optimisations, dynamic libraries, etc.

Unless you go out of your way or are doing low level work, your code will not contain such bugs, and if you used no dependencies that do anything meaningful, what you said is plausibly true.

...but what are we trying to argue here?

That you can build a contrived rust program that doesn't crash?

Or that if you build an arbitrary program in rust, using arbitrary dependencies to do meaningful work (that will invoke a c library at some point, and talk to device drivers), that it wont crash?

In my view 'effectively impossible' is faaaaaar over stepping the bounds of reality.

[kibwen]

Inveterate Rustacean here, and I agree with this. We need to carefully clarify the sort of safety that Rust provides in order to avoid misleading people.

Improperly implemented `unsafe` blocks can cause crashes. APIs that don't properly isolate unsafe interfaces can cause crashes. Bugs in the compiler, bugs in LLVM, and unforeseen unsoundness in the type system can cause crashes. So instead of saying "Rust makes crashes impossible", I'm starting to prefer "If you write only safe code, any crashes that occur are not your fault". A bit less comforting, but still a best-in-class guarantee for a bare-metal language (not to mention that the former claim is impossible in any language).

Furthermore, I think it's important to express to people the true role of `unsafe` blocks, which are not so much "Rust without safety" as they are "reified inline C code with a bit more safety". Rust without `unsafe` blocks could exist, but it would require an enormous amount of FFI and/or much more machinery baked into the compiler itself.

[vertex-four]

> There is no way of ensuring a rust program does not contain any unsafe code.

Sure there is. There's a compiler lint available which can disallow "unsafe" code, i.e. code which is able to create null pointer errors (and thus segfaults).

Of course, the standard library will always contain a bunch of unsafe stuff - but at least it's shared between every project, and any bugs can be fixed once, and assuming it's correct any non-unsafe code that depends on it is memory-safe.

[lucian1900]

What's so evil about Google?

[skj]

It doesn't matter.

(disclaimer: googler)

I see it as a hubris against the idea that Google claimed to not be evil, and the fact that evil is such a poorly defined concept, and whether or not Google meets the bar depends entirely on the values of the perceiver. Many perceivers, for instance, miss the distinction between "Don't be evil." and "Don't do evil.". The former is a mindset, strategy, and intention, while the latter is impossible for a corporation with 50k employees.

Then, the only logical conclusion for someone who hasn't grasped all of the above is that Google is becoming more and more evil every day.

[MichaelGG]

What's the mindset that ends up with Chrome going out of its way to swap OK/Cancel when you enable DNT? (I don't think DNT is a real solution, but I'd guess Google wants to be able to point to data showing users don't enable it.)

What's the mindset behind the broken permissions on Android? Where any app that wants to change behavior when you get a call must request permission to your IMEI and calling/called number? Or why the broken, upfront, all or nothing model is still even used?

What's the mindset behind G+'s incessant nagging, and forcing it as a requirement to even rate apps on Play? Or the same for YouTube, etc.? Not to mention the "real names" debacle.

At what point are we allowed to say Google's mindset is not "don't be evil" as far as external observers are concerned? Or will everyone that brings this up always be labeled as unable to understand?

[DannyBee]

"What's the mindset behind the broken permissions on Android?

Where any app that wants to change behavior when you get a call must request permission to your IMEI and calling/called number? Or why the broken, upfront, all or nothing model is still even used?"

At the time android created its permissions model, most of these issues were not obvious, or it would have been done differently.

Remember, of course, that prior to things like android (the first version of the iphone only had webapps), permission models of any sort were pretty much unheard of. Flip phones running java apps, or blackberries, had apps that got to do whatever they wanted.

Permissions changes are being slowly made in android. The same way you'd slowly change most serious things about something with billions of users.

It's not like C++ or Java just release new features every day (even if we may want them to :P).

This is of course, the same as any large system in engineering.

I don't know enough to comment on the rest.

" At what point are we allowed to say Google's mindset is not "don't be evil" as far as external observers are concerned? Or will everyone that brings this up always be labeled as unable to understand?"

Truthfully? It doesn't matter. At some point, every company large enough will lose its sheen, and people will worry about it, and eventually question its motives. Nobody can be perfect at doing the right thing all the time, even if they wanted to. Eventually, even with the best of intentions, mistakes add up, and people stop believing. In fact, i'd wager it happens slower if you don't even try to have good intentions, and and just stay under the limelight, rather than try and occasionally mess up.

In any case, I guarantee the same will happen to Mozilla (or whoever we want to peg as the current defender of the world) over time, the same as it has happened in the past to every other company. Non-profitness won't save them.

[JetSpiegel]

This is a lie, I have a Nokia with the S40 OS and Java apps can't just do anything they want, particularly sensitive thing like accessing contacts and making internet connections.

In fact, if your app isn't signed by Nokia, you can't let an app make a request without nagging you for permission. This totally kills homebrew.

[DannyBee]

This was the "pretty much" part. But even that permission model is really really simple.

MIDP 2.0 had permission domains. In practice, the permission domains were basically "want this app to let you do anything on your phone Y/N?" for a lot of phones.

In the specific case of S40, Nokia's security policy came into play in 6th edition feature pack 1, or so Nokia claims.

For fun, look at the deviations different carriers (and editions) have at http://developer.nokia.com/community/wiki/Java_Security_Doma...

[zetafunction]

> What's the mindset that ends up with Chrome going out of its way to swap OK/Cancel when you enable DNT?

Chrome dev here. The way the Chrome settings web UI is written does not lend itself to strong consistency, just eventual, as devs notice it and fix it. Your DNT example was fixed last week in https://codereview.chromium.org/665113003.

Another example of inconsistent button ordering: the overlay for disconnecting a managed profile has its buttons reversed from the usual order, while the overlay for disconnecting an unmanaged profile does not.

[MichaelGG]

Damn. I guess this just goes to show how hard it is for an external observer to judge intent. I mean, you gotta admit that between the long, scary warning and flipping the buttons around compared to other privacy related settings, it certainly seems like a dark pattern. But I've been on the receiving end of this, so I understand how frustrating this must be. "No, really, it was late and one line got pasted in front of another and no one noticed."

I guess that just leaves the fundamental incompatibility with Google's current business model and personal privacy.

[munificent]

> I mean, you gotta admit that between the long, scary warning and flipping the buttons around compared to other privacy related settings, it certainly seems like a dark pattern.

Hanlon's Razor is a good rule to apply here.

[lucian1900]

DNT is a bad idea that does nothing useful. Discouraging people from using it is good, just like IE always sending DNT is absurd.

Android permissions aren't great. When Android was being designed (before Google bought it), the permissions were a huge step forward from desktop apps, which can still do anything at all. Arguably the very concept of upfront permissions is inferior to asking when needed, but attributing malice to the choice is silly. It'd also be really hard (or even impossible) to change without breaking all the apps out there.

G+ is annoying, indeed. They were aping Facebook with the real names thing and they should've known better.

[DannyBee]

"What's the mindset behind the broken permissions on Android?

Where any app that wants to change behavior when you get a call must request permission to your IMEI and calling/called number? Or why the broken, upfront, all or nothing model is still even used?"

At the time android created its permissions model, most of these issues were not obvious, or it would have been done differently.

Remember, of course, that prior to things like android (the first version of the iphone only had webapps), permission models of any sort were pretty much unheard of. Flip phones running java apps, or blackberries, had apps that got to do whatever they wanted.

Permissions changes are being slowly made in android. The same way you'd slowly change most serious things about something with billions of users.

It's not like C++ or Java just release new features every day (even if we may want them to :P).

This is of course, the same as any large system in engineering.

I don't know enough to comment on the rest.

" At what point are we allowed to say Google's mindset is not "don't be evil" as far as external observers are concerned? Or will everyone that brings this up always be labeled as unable to understand?"

Truthfully? It doesn't matter. At some point, every company large enough will lose its sheen, and people will worry about it, and eventually question its motives. Nobody can be perfect at doing the right thing all the time, even if they wanted to. Eventually, even with the best of intentions, mistakes add up, and people stop believing.

I guarantee the same will happen to Mozilla (or whoever we want to peg as the current defender of the world) over time.

[skj]

All of these things are designers trying for one user-centric goal and having it backfire in ways that were not predicted.

None of these things say "evil" to me even remotely.

[coldtea]

>Many perceivers, for instance, miss the distinction between "Don't be evil." and "Don't do evil.". The former is a mindset, strategy, and intention, while the latter is impossible for a corporation with 50k employees.

No, we perceive the disctinction just fine. Some of us just believe Google does "evil" with mindset, strategy, and intention...

[lucian1900]

I would suggest that those of you that believe that are deluded.

What possible motivation could they have for being "evil", comic book style?

[MichaelGG]

No one said anything about comic book style. Google is the one that framed things in terms of evil. Are you saying Google meant it in a tautological way? That is, unless they start killing children or something really evil, it doesn't count?

[coldtea]

Comic-book style? Who said anything about that?

Just greedy capitalist style, and "patriotic" pro-US-interests style.

[DannyBee]

Given that everyone at the top has more money than they know what to do with, what would "greed" have to do with it?

[WorldWideWayne]

You don't think they're a front company for the NSA?

What possible motivation does anyone have for doing evil?

[lucian1900]

> You don't think they're a front company for the NSA?

No, I don't. the NSA isn't magic or the Illuminati.

[lotsofmangos]

I do not know if Google is evil, however I do find it hard to trust an organisation that feels the need to have "Don't be evil" as a motto, for much the same reason as avoiding someone on the street who is loudly reminding themselves not to kill people.

[amaks]

As a side question, I'm curious why you think that Google is becoming "more and more" evil? There are products like Cultural Institute, google.org, and many others which prove just the opposite.

[MichaelGG]

Across Google products, the UIs seem intent on getting users to reveal and allow themselves to be tracked. Google appears to want to downplay this and get people in the mindset of giving out personal details.

See my other comments, but things like swapping OK/Cancel when a Chrome user attempts to enable DNT fit right into "evil". Really, how does one excuse adding a dark pattern like that? Even though DNT is bad, Google shouldn't resort to trickery to juke the stats.

Edit: A Chrome dev in this thread says this was fixed and just an artifact of how the UI code is in Chrome. Well that makes me look foolish.

I'm not a huge fan of the evil terminology, as it sounds melodramatic and it's easy to dismiss anyone saying "evil" in such contexts. I use it because Google chose that word.

On a less objective point, everytime I use a Google service, I feel icky. It's bad enough that I'm working on the one missing app I want so I can switch to Windows Phone. (MS has problems, but between their internal legal oversight and inability to execute, I don't feel icky with them. Apple is also a choice, but I just really hate the UI and poor development tools.)

[fastball]

Do you really think Google is evil?

One of the co-founders is still the CEO. He is one of the world's wealthiest men. He doesn't need the money and I doubt he feels the need to put shareholders first.

Why would he let Google stray from an ideal he ascribed to previously? Has he been corrupted by having more money than he could possibly spend?

[newscracker]

Beyond a certain point, power, influence and fame become bigger motivating factors than money. Additionally, competition from the likes of Facebook in diminishing the "value" of what Google (his "baby") provides could also motivate certain people to do all sorts of things. And on the topic of Google, one cannot forget the time when Eric Schmidt was the CEO.

[copperx]

Being such a large corporation attracts unwanted attention: many interests at play, peer pressure, etc.