Re: Case against Firefox in FESCo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



As an happy Fedora user since many years now:

+1 keep upstream Firefox by default. Vast majority of users want this
and don't use packaged addons by Fedora, so problem doesn't apply for
them.
To not let the others in the dust provide IceWeasel or whatever
unbranded version you like (but honestly IceWeasel sounds a good idea
since it's shipped in Debian from a long time... and seems to do the
job). This is also the second best option if not keeping upstream
Firefox.

Personally I could live with IceWeasel, but I would swap the icon with
the Firefox one by hand honestly. I don't like this Mozilla signature
thing, but I understand their motivation. However I don't really
consider it like DRM since the source code of the signature checking
is free (as in freedom). You are free to download the source code and
remove the limitation, while with DRM you cannot do that. If Fedora
ships with upstream FF, I can download the SRPM and tamper with it. I
have an escape root, not the easiest but it's only limited by my
knowledge of tampering with RPMs, and I think that's fine.

Let alone removing Firefox from Fedora.... that would just call a quit
on my Fedora usage. Luckly it doesn't sounds like this will be the
case :).

Cheers!

On 7 January 2016 at 23:45, Elad Alfassa <elad@xxxxxxxxxxxxxxxxx> wrote:
> Hi,
>
> I really think we should just keep shipping Firefox from mozilla with the
> addon restriction.
>
> Why? Let's review the options.
>
> We could ship ESR firefox, but it will only delay the problem and we will
> have to face it again anyway. And it will also mean Fedora users will not
> get the latest and greatest firefox, which is against what Fedora stands for
> in being "First", but also conflicts with our Workstation PRD - we want to
> ship an OS for *developers*, and specifically web developers are one of our
> main target audience. Developers needs a recent browser with all the new
> HTML5 features firefox adds every release.
>
> We could switch to Epiphany, but this is also a bad idea, because, again, we
> are targeting web developers... and epiphany is not good for web developer.
> Its developer console is not very usable and doesn't look very good, and the
> debugger barely works. Firefox (and Chrome/Chromium) on the other hand ship
> with very powerful developer tools built in, and the ability to install
> Firebug which is always useful. While a web developer should be
> knowledgeable enough to
> install a browser which actually fits their needs, it adds another task to
> the ever-so-long list of tasks you need to do to get your brand new Fedora
> install into a usable state.
>
> And I don't know about you but I don't feel comfortable using a browser
> which doesn't have adblock with custom filter lists, the HTTPS Everywhere
> extension, Firefox's tracking protection, and an option to sync with my
> phone. Epiphany has non of that.
>
> We could ship IceCat, but that has weird GNU restrictions (and LibreJS)
> which will frustrate users.
>
> Or we could ship IceWeasel, which will confuse users because it looks like
> Firefox but with a different brand, which means users will see it as a
> Firefox clone and think we ship a "lesser" product.
>
> This is why I think shipping Firefox as we ship it today is still the best
> option. Considering the other options (and that afaik we can't ship
> Chromium) I think unbranded firefox (such as IceWeasel or whatever branding
> people would use) is our second-best bet.
>
> This entire discussion is full of too much hyperbole already. People call
> Mozilla's decision a "lock in" or "DRM" and that's just silly. You know this
> isn't the case. The reason Mozilla is doing this is to prevent malware
> addons from being added to its browser either by malicious applications
> which install shady  Firefox addons or by websites offering unsuspecting
> users to download Firefox still branded as Firefox but shipped with
> malware/adware extensions.
>
> This decision was not made to force you to use Mozilla's addon website for
> their profit or whatnot which is usually the reason for actual vendor
> lock-in, and it's not DRM - it doesn't limit your "rights" since you can
> still download the developer edition if you need custom addons. It is a
> mechanism to protect users, similar to secure boot.
>
> While it might be preferable that Mozilla would add an option to allow
> trusting additional keys, I can understand why they are not keen on doing so
> - if it's a runtime configuration it can be easily abused by malware. If
> it's a compile time option while still allowing people to use the original
> branding, it could be a way for malware authors to keep (legally) shipping
> their malware-filled Firefox installers.
>
> So can we please stop with all the hyperbole and silliness and focus on the
> technical/political discussion here? That would be more productive for
> everyone.
>
> Thanks,
> --
> -Elad.
>
> --
> desktop mailing list
> desktop@xxxxxxxxxxxxxxxxxxxxxxx
> http://lists.fedoraproject.org/admin/lists/desktop@xxxxxxxxxxxxxxxxxxxxxxx
--
desktop mailing list
desktop@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/desktop@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Fedora Users]     [Fedora KDE]     [Fedora Announce]     [Fedora Docs]     [Fedora Config]     [PAM]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux