Everyone’s favorite company to dislike announced this week that their browser now has terms of use.
Much has been said about this whole debacle, and by people much more knowledgeable than me on these matters. Here is a good thread over on Mastodon by cryptography and privacy researcher Sarah Jamie Lewis:
Clarification? Link to heading
Since the initial post announcing the new terms of use, an update has been added to the top of the original post (link to an archived version) which states the following:
“UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice.”
Now I am not buying the reasoning that a piece of software that has been around for 21 years, would now all of a sudden be in need of these new terms of use. Unless, of course, Mozilla is planning on implementing something new which legally requires the informed consent of users first.
To me, the following line in the update above strongly hints at something like that being the case: “Without it, we couldn’t use information typed into Firefox, for example.”.
And use it for what exactly?
Firefox is a browser, and as such should not be using the information typed into it for any other purpose than to facilitate the user’s local web browsing.
Could this possible have something to do with Mozilla’s AI aspirations?
Obviously I am no tech CEO, nor a skilled marketer, and there are probably many things I am oblivious to when it comes to running a company like Mozilla. But even I have a fairly good grasp on who the core user base of Firefox is. And those relatively few users that have stuck with Firefox through each and every blunder that Mozilla has made over the years, are not the kind of people to take these kinds of changes lightly.
So this was either a case of complete incompetence, or intentional disregard, of the very likely fallout this change inevitably would bring about.
I’m not sure which is worse.
Now what? Link to heading
Changing browsers is too drastic a change for me at this point.
And I don’t want to move over to any of the Chromium based ones, as they will not support version 2 of the WebExtension manifest - meaning no ad blocking extensions such as UBlock Origins.
And I will never use Brave, for obvious reasons.
There are projects out there that are based on Firefox, namely Librewolf, and perhaps in due time I will give it a fair shake.
But to begin with I decided that the first step should be to reduce my reliance on the extra features that Firefox offers, so as to make it easier for me to switch browsers later down the line.
Those features, in order of significance were:
- Syncing and storage of online credentials
- Syncing and management of bookmarks
- Remote tab delivery.
All these features currently require a user to have an account with Mozilla. But it turned out to only take me about an hour to find and setup alternatives for all three of them.
Credentials Link to heading
For many, the biggest obstacle would be that their browser of choice will contain most if not all of their various online credentials.
For close to a decade now I have used KeepassXC as my credential manager of choice, and have made a concerted effort to duplicated all of my online credentials between it and Firefox.
The keystore is then synced between all my devices via my own privately hosted cloud instance, running Nextcloud.
But obviously I don’t want to start having to copy paste credentials between my credential manager and the browser. But thankfully KeepassXC has the ability to integrate with browsers directly.
Different people will have different threat models, but mine allows for this kind of integration.
Bookmarks Link to heading
When it comes to browsing habits there are generally two camps out there; those that bookmark sites and those that collect open tabs.
I fall into the former, and usually only have around twenty tabs open at any one time.
If something strikes me as being interesting but I don’t have the time then and there to check it out, I add it to the bookmarks along with proper tagging and keywords for easier lookup later.
Since I already host my own private cloud, I simply needed to setup the Nextcloud Bookmark app and then configure Floccus to handle the syncing between the browser and cloud.
Floccus is both available as a browser extension and a mobile application, with the former performing the syncing between the desktop browser and cloud while the latter acts as a catalogue of available bookmarks on mobile devices (since the extension is not currently available for the mobile browser).
Tab syncing Link to heading
Even though I usually don’t have many tabs open, there are times I want to send a tab from one device to another (usually to or from my phone).
And for that functionality I already had what I needed thanks to KDE Connect.
I already used it for various things, such as remotely controlling video playback, synchronizing notifications and sending files and clipboard contents between my devices.
Now when I want to send a tab to a remote device I just click the share button, select KDEConnect and the device in question.
Conclusion Link to heading
So as of today I am logged out of each and every browser instance that is installed in my home, without any real degradation to my browsing experience.
Obviously I am still reliant on Firefox as my primary browser, but this first step at least gives me more options going forward. I can now explore alternatives with ease.
As a side effect this also further reduces my exposure to services offered by US based companies, the importance of which should have become clear to anyone living in the world in the last couple of weeks.