Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

TACO Extension for Firefox Forked After Proprietary Update

Soulskill posted more than 4 years ago | from the way-to-commandeer-taco dept.

Firefox 139

rtfa-troll writes "Beef Taco is a Firefox extension that allows a mass opt-out from tracking and targeted advertising by many ad networks. The Register reports that the original system, TACO, has become proprietary, and has added new 'features' best described as bloatware. I guess this should serve as a warning for users to always prefer software under a copyleft license where possible. If Google had chosen a license with better protection, such as the GPL, when it released its own opt-out tool, this problem would have been much less likely. This also shows why forks are so important when software development begins to get messy."

cancel ×

139 comments

Sorry! There are no comments related to the filter you selected.

What color? (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#32619424)

But will it help me get any closer to a pink taco? frosty pisty

Re:What color? (1)

binarylarry (1338699) | more than 4 years ago | (#32619470)

You? Definitely not.

THIS IS NOT A PROBLEM !! (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#32619442)

This is a good thing for all concerned !!

Re:THIS IS NOT A PROBLEM !! (1)

B'Trey (111263) | more than 4 years ago | (#32619696)

Not sure what you're saying is not a problem - the change to TACO or the forked Beef TACO. If you're talking about the changes to the original, I sort of agree with you. I can understand people being upset over the size expansion, particularly if it slows down Firefox or significantly increases its memory footprint, but is there any real problem with the changes that makes this some sort of malware? So far as I can tell, there's no malicious activity associated with the update. It's just big and bloated but does offer some significant new and useful functionality. Assuming that to be the case, I think the hysteria is a bit overblown.

Re:THIS IS NOT A PROBLEM !! (1)

X0563511 (793323) | more than 4 years ago | (#32619862)

It's a troll/bot post. Move along.

Re:THIS IS NOT A PROBLEM !! (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32620224)

Caught two, make that theee, fish.

forks are so important (0)

Anonymous Coward | more than 4 years ago | (#32619450)

Who eats a taco with a fork?

Re:forks are so important (2, Informative)

rtfa-troll (1340807) | more than 4 years ago | (#32619508)

Yes; dammit; that was my joke as you can clearly see from the submission [slashdot.org] but I guess it wasn't funny enough for the greater wisdom of the our Slashdot overlords.

Re:forks are so important (0)

Anonymous Coward | more than 4 years ago | (#32619904)

yes, because a recipe for taco salad was definitely relevant enough to warrant a link in TFS. You call yourself rtfa-troll, yet contribute to people not RTFA by cramming unnecessary bullshit links into your submission.

Re:forks are so important (0)

Anonymous Coward | more than 4 years ago | (#32622404)

Yes; dammit; that was my joke as you can clearly see from the submission [slashdot.org] but I guess it wasn't funny enough for the greater wisdom of the our Slashdot overlords.

If they actually do edit posts why don't they act like real editors and try some proofreading, or hell even just a spellchecker would be an improvement...

Re:forks are so important (0, Offtopic)

Monkeedude1212 (1560403) | more than 4 years ago | (#32619606)

Same people who enjoy popsicles with a spoon.

Re:forks are so important (-1, Offtopic)

MrEricSir (398214) | more than 4 years ago | (#32619642)

Forks are best used for eating candy bars. /bass riff //mouth pop

GPL better exactly how? (5, Insightful)

fotbr (855184) | more than 4 years ago | (#32619472)

Google released theirs with the Apache 2.0 license. Someone else took that, re-wrote (apparently significant) portions and released it with a different name. THAT PERSON then sold it to a company, who then decided to bundle a bunch of for-pay stuff with it. People didn't like it, and forked the previous version.

Exactly HOW would the GPL have been better? There's still a fork of the last "good" version, which you can use if you like.

Re:GPL better exactly how? (1)

nunojsilva (1019800) | more than 4 years ago | (#32619568)

The GPL would forbid the proprietary version.

Re:GPL better exactly how? (0, Offtopic)

abigor (540274) | more than 4 years ago | (#32619666)

So what?

Re:GPL better exactly how? (2, Insightful)

nunojsilva (1019800) | more than 4 years ago | (#32619888)

As said by others, this would force the proprietary version to be released under the GPL.

Now, about how much better that is, it would allow you get the newest version and strip off any bloatware. Instead of just forking, you could maintain kind of a parallel fork, stripping each new release, or incorporate useful enhancements in Beef TACO.

Re:GPL better exactly how? (3, Insightful)

abigor (540274) | more than 4 years ago | (#32619966)

Yeah, I know that. Let me rephrase: why is it so important to force the proprietary version to be released? It makes no difference. The original code is still sitting there.

Re:GPL better exactly how? (2)

Changa_MC (827317) | more than 4 years ago | (#32620276)

They based their proprietary version off the work of people they did not pay who had released it into the wild. Under the GPL, they would owe the community something. As it stands, they owe nothing.

Those who believe that the original copyrighted work had some value, believe the folks who took the work and modified it ought to owe something.

Re:GPL better exactly how? (4, Insightful)

fotbr (855184) | more than 4 years ago | (#32620362)

Except the people who wrote the original work didn't feel that way, so why is it even an issue?

Re:GPL better exactly how? (0)

Anonymous Coward | more than 4 years ago | (#32623060)

Except the people who wrote the original work didn't feel that way, so why is it even an issue?

Because of that, it is an issue of persuasion.

If the GPL community grows by having more projects adopt the GPL, everyone in that community benefits from a larger codebase that they can readily use. This is helpful for both the developers and the users. For each developer, it's a question of whether it's helpful in a way that they appreciate and that's what the advocacy or persuasion is about.

Re:GPL better exactly how? (1)

commodore64_love (1445365) | more than 4 years ago | (#32620988)

+1 informative. NOW I understand the advice not to contribute unless it's GPL copyleft. It protects your volunteer work.

Question:

It appears the TACO tool only stops the behavioral advertising. It doesn't stop them from spying on you and seeing which sites you visited. Right?

Re:GPL better exactly how? (1, Informative)

rtfa-troll (1340807) | more than 4 years ago | (#32623182)

+1 informative. NOW I understand the advice not to contribute unless it's GPL copyleft. It protects your volunteer work.

Exactly right; lots of of the anti-GPL FUD spread around has it's origin in people, like Microsoft, who don't want you having their work, but feel they have the right to steal yours. There's another group which is specifically doing the free stuff now with the hope of getting people addicted and then doing a bait and switch later (look for FreeBSD developers who switched over to Apple e.g. or Nessus which was under the GPL but with one primary copyright owner who could just change the license). The MIT / X11 people made a really big effort to try to get people to switch from copyleft to unprotected licenses and then almost got away with completely closing X; a big warning against contributing without some protection.

However there's also a bunch of people who simply disagree. E.g. some of the OpenBSD developers. They really do believe what they say and (I believe) they are doing something good for the sake of it. When you work with these people you get some protection simply from who they are and what they believe. If you have some simple fixes e.g. to OpenSSH, then contributing them back really does save effort and get more F/OSS software written, so the general advice is that you should contribute smaller / more integrated changes directly back to them. When it comes to bigger / more independent changes, e.g. a new library, those might be better in a separate project with a copyleft license.

Question:

It appears the TACO tool only stops the behavioral advertising. It doesn't stop them from spying on you and seeing which sites you visited. Right?

TACO seems to opt out of as much as it possibly can. The advertising networks should be "voluntarily" stopping tracking you at that point in order to comply with various privacy laws/regulations/standardards/policies. However, you can't be sure of that. You might find looking at the EFF Panopticlick [eff.org] and other similar privacy tools will help you find out how easily you can be tracked by people who aren't following the "rules".

Re:GPL better exactly how? (4, Interesting)

erroneus (253617) | more than 4 years ago | (#32620288)

I'll field this answer. There is more to it than what a commercial/proprietary interest will not be able to "take" from the community. There is also the moral, ethical and even emotional/spiritual aspects of F/OSS that need to be guarded. I don't use "spiritual" in the religious or supernatural sense either. I mean the "spirit of" meaning sense of the expression. When some people are working to build something and then some jackass comes along and uses it to make his fortune, it really takes the community spirit out of a project. It is rather like "RebelEFI" versus EmpireEFI. EmpireEFI is a nice project. RebelEFI has tainted it with their motives and their generally deceptive and selfish nature.

So while it is true that the community still has the untainted version(s) available to them, there is still some ugliness that really tends to sap the positive energy out of a project when commercial proprietary for-profit people come along to do selfish things with it. And I don't expect you or anyone else to fully understand it. If you do understand what I am saying, then you probably already agree with me -- so I'm not changing anyone's mind or giving anyone something new to think about by stating any of this. But by seeing and acknowledging this view point and rejecting it for whatever reason, you have to be honest with yourself about who you are inside and what drives and instincts you more closely identify with. If you disagree with the perspective I have expressed, then you are quite likely from the other camp who essentially believes it is okay to use the work of others for your personal gain.

So in short, part of the benefit of the GPL to to preserve the spirit of open source as well as the software itself.

Re:GPL better exactly how? (3, Insightful)

Goaway (82658) | more than 4 years ago | (#32620002)

More realistically, it would force people to rewrite the GPL'd parts when making it proprietary. You'd still be in the exact same situation.

Re:GPL better exactly how? (1)

icebraining (1313345) | more than 4 years ago | (#32620246)

You would have drained some of the "evil company" resources to do it...muahahah!

Re:GPL better exactly how? (1)

mysidia (191772) | more than 4 years ago | (#32621690)

If you make a work based on a GPL work, even if you "rewrote" parts of it, it is still non-literal copying of the work, if the structure of the program is based on the GPL program, which is copyright infringement (unless you obey the GPL license, and distribute the rewritten non-literal copied work under GPL terms.)

Re:GPL better exactly how? (-1, Offtopic)

smartr (1035324) | more than 4 years ago | (#32620048)

Is this the same GPL where no dual-licensed proprietary and GPL licensed software exists? If someone purchases a different licensing agreement, all the GPL has done is assured the author a cut of the proprietary code money - which means a higher upfront cost, which means it's less likely to be used. I suppose the GPL code authors could outright refuse to re-license their code for an over-market-value of money, in which case a company can just have the code rewritten proprietary style making for more inefficient markets. What are you going to do? Sue the company with a patent suit for making code that does the same thing?

Re:GPL better exactly how? (1)

jim_v2000 (818799) | more than 4 years ago | (#32620766)

They already released the source for 3.0: http://www.abine.com/taco_source.php [abine.com]

Re:GPL better exactly how? (1)

rtfa-troll (1340807) | more than 4 years ago | (#32623224)

They already made an offer to release the source for 3.0: http://www.abine.com/taco_source.php [abine.com]

FTFY. On their page it says:

To get a local copy of the source just contact us at support@getabine.com

This is even less than Microsoft shared source. If I was basing something, for example a security audit, on this offer I'd want to know that someone independent had actually downloaded the source and verified that they could build the end module.

Re:GPL better exactly how? (1)

jorgevillalobos (1044924) | more than 4 years ago | (#32619846)

The add-on being proprietary or not is pretty much irrelevant. People are complaining about the "bloat" and very different user interface, contrary to what the summary suggests.

Re:GPL better exactly how? (1)

at_slashdot (674436) | more than 4 years ago | (#32619582)

I agree. The only thing lost is the name, not sure how important is that, sometimes it might be important....

Re:GPL better exactly how? (1)

srw (38421) | more than 4 years ago | (#32619858)

Hmmm... does anyone remember Mambo?

Mambo? (1)

warrax_666 (144623) | more than 4 years ago | (#32619902)

Are you talkin' about Number Five?

Re:Mambo? (1)

srw (38421) | more than 4 years ago | (#32620262)

Maybe you've heard of Joomla! ? http://en.wikipedia.org/wiki/Joomla [wikipedia.org] which was basically my point. Today, if you think "Free CMS" you'll probably think "Joomla!" long before you think of Mambo, who mishandled the open-sourciness of an open/closed joint project.

Re:GPL better exactly how? (1)

BrettJB (64947) | more than 4 years ago | (#32620214)

Clearly some do: http://mambo-foundation.org/ [mambo-foundation.org]

And I suspect at least some of these folks still remember Mambo as well: http://www.joomla.org/ [joomla.org]

Re:GPL better exactly how? (1, Funny)

Anonymous Coward | more than 4 years ago | (#32619610)

If it was GPL'd, then they would have had to release their changes. That means we'd all have the bloatware version of TACO and no irrefutable reason to fork it.

Re:GPL better exactly how? (5, Informative)

Hatta (162192) | more than 4 years ago | (#32619656)

Someone else took that, re-wrote (apparently significant) portions and released it with a different name. THAT PERSON then sold it to a company, who then decided to bundle a bunch of for-pay stuff with it.

Had this been GPL, the person who rewrote significant portions of the software would have to have released his derivative works as GPL. He could have sold his portion of the software under any license, but the work as a whole would have to be GPL. The company that bought the rights to the software would have to remove any GPL portion, or release the entire thing (including proprietary addons) under GPL.

Re:GPL better exactly how? (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#32619836)

If what was added was so bad, then why would you want it released under GPL?

On another note, you GPL nutjobs are a bunch of stupid fucks. It's about time I started bashing in your little fucking skulls.

Re:GPL better exactly how? (0, Troll)

wampus (1932) | more than 4 years ago | (#32620290)

AC, have my babby.

Re:GPL better exactly how? (4, Insightful)

Kjella (173770) | more than 4 years ago | (#32620000)

But you're also making the assumption that if the code was under the GPL would he have bothered to rewrite it since the sales value would have been near zero. There's no guarantee there'd be more open code using the GPL, there'd possibly be one less proprietary competitor but the Google explicitly released it under a license that permits it and I doubt they're so incompetent they didn't know it. If Google don't like it then it's their own mistake and they'll choose a better license next time. If they don't care, then this is just someone in the open source community being butthurt over code they didn't get the same way the MAFIAA is over a sale they didn't make.

Re:GPL better exactly how? (1)

Kjella (173770) | more than 4 years ago | (#32620250)

Note to self: Don't try to rewrite sentences without reading them again, the post by Yoda written look.

Re:GPL better exactly how? (2, Informative)

Changa_MC (827317) | more than 4 years ago | (#32620370)

There's no guarantee there'd be more open code using the GPL, there'd possibly be one less proprietary competitor...

For some people, that's a good thing(TM).

But really, this whole argument is irrelevant. We have Beef TACO, the hypothetical open-source version that might never have existed. No need to worry about proprietary bloatware.

Re:GPL better exactly how? (1)

fotbr (855184) | more than 4 years ago | (#32620420)

That's pretty much my point. Why would someone say that Google using the GPL would have avoided the issue? It was an open project that got forked when one party did something others didn't like. With or without the GPL, there'd be a fork if someone added that much extra stuff to what was a very lightweight and fast addon, and there was, no GPL needed.

Hilarious that Google is releasing ad-opt out code (0)

Anonymous Coward | more than 4 years ago | (#32622788)

LOL, trust Google, but not the add-on authors...

Re:GPL better exactly how? (1)

foxtyke (766988) | more than 4 years ago | (#32620008)

If the original author re-wrote substantial portions which allowed change of license from the Apache license and then licensed it under the GPL, the sold their rights and copyright to a new buyer, the new buyer has full rights to take future versions closed source provided no other open source code was utilized or a compatible license (BSD) was covering the source code included within the whole of the source.

Re:GPL better exactly how? (2, Informative)

unix1 (1667411) | more than 4 years ago | (#32619658)

Exactly HOW would the GPL have been better? There's still a fork of the last "good" version, which you can use if you like.

The company would have to release the source code (because it would have been a derivative of a GPL software), so their users would know exactly what was added. Then, they could make an educated decision whether to upgrade and continue using the product, or find an alternative/fork. Some would qualify this as "better."

Re:GPL better exactly how? (2, Funny)

wampus (1932) | more than 4 years ago | (#32620346)

That has to be the stupidest goddamned thing I have ever read. You audit every piece of software you use? How do you find time to pick bugs out of your neckbeard?

Re:GPL better exactly how? (-1, Offtopic)

Rockoon (1252108) | more than 4 years ago | (#32620412)

Mod parent Funny Because Its True

Re:GPL better exactly how? (0)

Anonymous Coward | more than 4 years ago | (#32621572)

In the current scenario, the user still gets to make the decision: "Do I use this proprietary closed-source version, or do I use the version with the source code that I can read"?

Re:GPL better exactly how? (0, Flamebait)

Sir_Lewk (967686) | more than 4 years ago | (#32619692)

You're on slashdot and you really need this explained to you? Do you even know what copyleft means, or should we start from the top?

Re:GPL better exactly how? (1)

Darinbob (1142669) | more than 4 years ago | (#32620126)

GPL software also forks all the time. It's not a big deal. The only argument on the GPL side seems the old dubious "proprietary is evil" one.

The original software did not become proprietary anyway. If it did it would be impossible to fork it legally. Instead, someone added some proprietary chunks to open source software; the original software did not become proprietary and no one lost any rights anywhere regarding this software.

Re:GPL better exactly how? (1)

fotbr (855184) | more than 4 years ago | (#32620398)

OK, that's pretty much my understanding as well. GPL or not, there most likely would have been a fork anyway at this point when it got so much un-wanted stuff added to it, so Google using GPL instead of the Apache 2.0 license wouldn't have avoided anything.

Re:GPL better exactly how? (3, Insightful)

wrook (134116) | more than 4 years ago | (#32620952)

Exactly HOW would the GPL have been better? There's still a fork of the last "good" version, which you can use if you like.

There is always a balance when choosing a license. The main advantage (IMHO) with choosing the GPL over something like the Apache
license is that you don't have to compete against proprietary versions that are based on the code you wrote. As an author this is a
significant consideration for me. If I am the primary author, it would suck to have features from my free version used with impunity
when I am unable to use features from the proprietary version. It gives the proprietary version an unfair advantage (unfair in that as
the primary author I can't enjoy the same privileges).

However, there are lots of reasons to choose non-copyleft licenses for work. Sometimes the benefit you receive from extended
exposure outweighs the disadvantage of unfair competition. Given that Google was the primary author and *they* aren't complaining,
I have to agree with you that there doesn't seem to be a problem. If they got what they want, then it is all good. However, I can
understand if the authors of the forked version want to use the GPL to avoid having to unfairly compete against the proprietary
version.

Dupe story is dupe (2, Informative)

surveyork (1505897) | more than 4 years ago | (#32619516)

This story is a dupe of: http://slashdot.org/firehose.pl?op=view&id=13491118 [slashdot.org] I know it. I submitted it.

No, just a fork... (5, Funny)

Saeed al-Sahaf (665390) | more than 4 years ago | (#32619580)

It's not a dupe, it's a FORK! Quit your complaining...

Re:No, just a fork... (1)

surveyork (1505897) | more than 4 years ago | (#32619648)

XD It's a fork, yes. But it's also bloatware.

Re:No, just a fork... (1)

Saeed al-Sahaf (665390) | more than 4 years ago | (#32619922)

Nothing says a story fork has to be lighter, though at Slashdot it usually is - lighter on facts generally!

hi (-1, Troll)

CatarsisDesign (1835986) | more than 4 years ago | (#32619524)

that is great

Shouldn't that be sporked? (1)

Sir_Dill (218371) | more than 4 years ago | (#32619564)

Ba dum dum!

you change the terms, you change the name (0)

Anonymous Coward | more than 4 years ago | (#32619630)

sorry, but it should not be called TACO 3.0, but SHIT TACO

CmdrTaco (1)

tepples (727027) | more than 4 years ago | (#32619698)

sorry, but it should not be called TACO 3.0, but

How about "Rob Malda"?

I removed it right away (5, Insightful)

Anonymous Coward | more than 4 years ago | (#32619706)

The TACO guys did it wrong. First, they changed what the add-on fundamentally did. Second, they slapped their company name all over the thing. Third, they displayed a pop-up after the update. Fourth, they loaded a web page after the update. Fifth, that web page was loaded with lots of "selling" language but no substance.

They triggered every single warning about malware I have in my brain. I didn't even bother to look into what it was they were trying to sell. I uninstalled the add-on immediately.

I'd say this is example #1 in the upcoming book, How Not To Commercialize A Firefox Add-on.

Re:I removed it right away (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32619794)

Was similarly surprised with how TACO changed.

Re:I removed it right away (3, Insightful)

Luckyo (1726890) | more than 4 years ago | (#32620540)

"How not to commercialize an anti-commercial firefox addon"

Going commercial: not just for money-grabbers (1)

hkmwbz (531650) | more than 4 years ago | (#32619712)

It can feel frustrating when something you are using goes from free to commercial. You often get the "sold out" feeling.

But there's also a different perspective:

If someone makes something, and loves working on it, why wouldn't he want to try to be able to work in it full-time? But to do so, he needs income. He needs to survive. I suppose he could ask for donations, but that might not be a viable option.

It can be frustrating for the rest of us, but personally, I understand it if someone would want to work on something they love working on, and make money at the same time.

Re:Going commercial: not just for money-grabbers (0)

Anonymous Coward | more than 4 years ago | (#32622504)

It can be frustrating for the rest of us, but personally, I understand it if someone would want to work on something they love working on, and make money at the same time.

+1

This made open-source and other things we value successfull... RedHat, SuSe & IBM for Linux, JBoss for JBoss, and Netscape/Google for Mozilla Foundation and Firefox. It may be frustrating, but any sufficiently complex software requires commercial backing to change the world.

Re:Going commercial: not just for money-grabbers (2, Insightful)

rtfa-troll (1340807) | more than 4 years ago | (#32622872)

It can feel frustrating when something you are using goes from free to commercial. You often get the "sold out" feeling.

I love when something free goes commercial. Red Hat is one of my favourite companies. What annoys me is when something "Free" goes proprietary. These are are two very different things. For such a license change Mozilla should be insisting on a change of name so that people who don't want the change still have their computer free of that stuff.

This is good news (5, Interesting)

gooman (709147) | more than 4 years ago | (#32619738)

Just last week I got a notice to "upgrade" TACO to 3.0 and foolishly did so. A tiny little 8KB add-on became a 3MB disaster. Now it has new features which clash with other add ons or were redundant for me. Music streaming was broken for some sites and best of all, the old version, while available (and compatible), will no longer install on Firefox 3.6.

After uninstalling it, I downloaded the source for 2.0 and was planning attempt a fix, but now I don't have to. Obviously someone else was just as irritated, to that individual I say, "Thank you."

Forked After Proprietary Update? (5, Informative)

BoppreH (1520463) | more than 4 years ago | (#32619832)

I thought it was forked only because of the bloatware, not the license as the headline suggests ("meaningful headline in slashdot", etc etc).

Actually, the fork's author only mention about the license in his blog post [velvetcache.org] was:

This classic version didn’t have much to it, and what’s more it was licensed under the Apache 2.0 License. Fork’s Away!

If I read that correctly, he seemed happy about the license only because it allowed him to fork it.

Re:Forked After Proprietary Update? (0)

Anonymous Coward | more than 4 years ago | (#32622844)

This is John Hobbs (the forker, is that how you would say it?).

You are right, I like the license because it let me fork. I'm an MIT license guy personally, but I'm just happy it was released under any open license. It seems to have a very strange heritage if you go back from 2.0 down, several authors and re-writes.

As far as commercializing, they are welcome to it, and they can keep their source to themselves. I wouldn't want to try and wade through the 3.0 code anyway.

They are 'anonymising' the data then selling it (5, Interesting)

Sonny_Jimbod (836857) | more than 4 years ago | (#32619954)

This way, they can sell the data on and still stick to their 'privacy policy': "Our Abine browser add-on uses hashes of unique identifiers that are not tied to you or your IP address, to help you track versions and updates for the add-on, and a different set of randomly generated identifiers to validate service requests such as creating or updating disposable email addresses. If you chose to provide more data in order to take advantage of additional services, such as webmail, add-on identifiers are never used in a way that ties it to your name or personal information to the best of our ability." Also, Eric Jung is on their 'Advisory board': http://abine.com/team.php [abine.com] If you don't know who he is, he is a board member of Mozilla Add-Ons governing board. This 'update' has made a mockery of the update mechanism in Firefox and severely undermines it in my view. Here's a link to the support board over at Abine, where I have been voicing my disapproval and I recommend you do the same: https://www.getabine.com/phpBB3/viewtopic.php?f=4&t=7&start=10#p37 [getabine.com]

Re:They are 'anonymising' the data then selling it (2, Interesting)

Sonny_Jimbod (836857) | more than 4 years ago | (#32620134)

It gets worse, check this page out: http://forums.passwordmaker.org/index.php/topic,1654.0.html [passwordmaker.org] Surely it's a massive conflict of interest for Eric Jung to be a board member of the Mozilla Add-ons governing board and to be actively working on an Add-on, especially one like this?

Re:They are 'anonymising' the data then selling it (4, Informative)

jorgevillalobos (1044924) | more than 4 years ago | (#32620140)

Also, Eric Jung is on their 'Advisory board': http://abine.com/team.php [abine.com] If you don't know who he is, he is a board member of Mozilla Add-Ons governing board.

Wrong. Eric Jung is on the board of Mozdev [mozdev.org] , and independent organization dedicated to hosting Mozilla-related projects (like a specialized Sourceforge). He is not part of the Mozilla Add-ons team.

I'm in charge of the add-on review process at Mozilla, and I personally reviewed and approved the TACO update due to its complexity. I have no relationship with Abine whatsoever.

Re:They are 'anonymising' the data then selling it (3, Insightful)

Sonny_Jimbod (836857) | more than 4 years ago | (#32620190)

Then why does it say that on the Abine site. I'm sorry, but you should be ashamed to let this past you. It went from 8K to 3MB, that is not a simple update and I fear this is breeding a lot of mistrust in the Firefox update mechanism. How are you going to regain users trust after this?

Re:They are 'anonymising' the data then selling it (4, Informative)

jorgevillalobos (1044924) | more than 4 years ago | (#32620298)

The page was wrong, and it looks like they updated it already.

The update was approved because it passes all our quality checks. It is not up to us to determine what features a developer can include or not, and it is not a new thing for an add-on to change hands like this. It is up to the developers (new or otherwise) to give their users what they want. If they screw up, they will lose their users. Our job is to make sure the add-on is safe to use and it does what it claims it does. The new TACO has a ton of new features, most disabled by default, but its core functionality remains.

Most users are complaining about the package size and the new user interface, which are things that won't get the add-on rejected unless they make it unusable, and that it not the case for TACO. I see nothing to be ashamed about.

Re:They are 'anonymising' the data then selling it (1)

Sonny_Jimbod (836857) | more than 4 years ago | (#32620408)

The problem was, this wasn't an update, it was a total rewrite. Therefore I feel you were wrong to let this be allowed to downloaded via updating TACO 2.0. This should have been treated as an entirely seperate Add-on and it was very deceptive for it to be included in the TACO 2.0 update. Maybe it's time to have rules that state if the Add-ons original function, codebase or license changes radically then it shouldn't be allowed to update via the Firefox update mechanism?

Re:They are 'anonymising' the data then selling it (4, Interesting)

jorgevillalobos (1044924) | more than 4 years ago | (#32620522)

We have an unexpected features policy, also called No Surprises [mozilla.org] . We wouldn't have allowed the update if it enabled unexpected features for users, or if it had really changed its core functionality. But it didn't. It added several features, but they are also privacy and security tools, and they're turned off by default.

I don't agree that we should warn about codebase changes, since that's the developer's prerogative, but I do agree that we should communicate privacy policy or EULA changes. That's something that we can't do through Firefox at the moment, but we definitely want to include in the future.

Re:They are 'anonymising' the data then selling it (1)

Sonny_Jimbod (836857) | more than 4 years ago | (#32620658)

I would really like to see the ability for me to see if an Add-on changes it's EULA during an update. Thanks for taking the time to respond to my questions.

Re:They are 'anonymising' the data then selling it (4, Insightful)

Luckyo (1726890) | more than 4 years ago | (#32621076)

We have an unexpected features policy, also called No Surprises [mozilla.org] . We wouldn't have allowed the update if it enabled unexpected features for users, or if it had really changed its core functionality. But it didn't. It added several features, but they are also privacy and security tools, and they're turned off by default.

So, in your opinion, a change that makes an add-on with no interface that just works out of the box with no interface elements at all into an add-on that adds multiple interface elements, pop-ups on pretty much every page (as almost every nominally popular site nowadays uses cookies in one form or another), and begins by flashing an introduction menu that contains among other things advertisement for "premium service"...

Is not a change that changes core functionality?

I mean really. One can split hairs and claim that it's "an add-on that generally protects your privacy by opting out of...", but in my, and apparently pretty much everyone's opinion, the sudden appearance of "features" like interface, pop-ups etc is a very, very serious change to core functionality. Which was from end-users point of view to STFU and just opt us out.
The worst part is, this approval essentially dropped my trust towards Mozilla's auto-update function and add-on review process from full one hundred to zero. Because trust is hard earned (and mind you, you earned it with your hard work so far), and lost over one major failure. And allowing a hijack like this to be piggy backed as an "update" is a pretty damn major breach of trust. Whether you like it or not, this raises a question if the next update that you will decide that change is "minor" will get our UI painted full of targeted ads, which apparently will pass your check just as well so long as ads are relevant to core functionality of an add-on?

For the next time: if an add-on that previously required no user action other then installation and didn't do anything to tell user about itself starts using flashy pop-ups to advertise itself, adds elements to UI and gets a flashy configuration window with advertisements for its host company, it's a change of core functionality for end user. Even if developer in you feels it's a "small upgrade", for end user it will be a major change and in this case, a game breaking one.

Re:They are 'anonymising' the data then selling it (3, Informative)

jorgevillalobos (1044924) | more than 4 years ago | (#32621200)

What I've been trying to communicate here is that it is not our job to judge if an add-on is pretty or ugly, lightweight or bloated, subtle or in-your-face. Our job is to attest for its security, privacy protection, usefulness and ease of use. We reject add-ons that are impossible to figure out, have overly intrusive UI, or are annoying to users. The previous TACO did have some UI, little as it was, and the new one can be configured to be like that.

I know the new TACO is annoying to many, but I'm sure many others think otherwise. It's obvious that many TACO users like the minimalist interface it used to have, and are angered by the change, but that's something that the users need to judge, not us. There's already an alternative available if you want to switch.

And yes, when we say "core functionality", in this case it would mean warning about cookies and other trackers, and providing the means to block them.

FWIW, the people at Abine are well aware of the reception of this upgrade, and are already working on improving it.

Re:They are 'anonymising' the data then selling it (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32621290)

You are beginning to sound like an Astroturfer, tbh. Is there any chance someone other than yourself could carry out a code review?

Re:They are 'anonymising' the data then selling it (2, Insightful)

jorgevillalobos (1044924) | more than 4 years ago | (#32621652)

Feel free to review it yourself if you like. Here's all the necessary information:

Our policies [mozilla.org]

Editor Guide [mozilla.org]

Code validator [mozilla.org]

You can also send a message to our mailing list (see wiki link) and ask another editor to corroborate.

Re:They are 'anonymising' the data then selling it (1)

Sonny_Jimbod (836857) | more than 4 years ago | (#32621710)

But it's not open source?

Re:They are 'anonymising' the data then selling it (1)

jorgevillalobos (1044924) | more than 4 years ago | (#32622118)

Extensions by their nature have most of their source code in the open. You can easily read it, but not copy it of course. There's a part of this extension that is compiled code and you won't be able to read, though. Senior reviewers do get access to the compiled component source code in order to review.

Re:They are 'anonymising' the data then selling it (1)

rtfa-troll (1340807) | more than 4 years ago | (#32622900)

You are beginning to sound like an Astroturfer

c'mon. Astroturfers by definition do not identify themselves. He's clear about who he is, why he's involved etc.

Re:They are 'anonymising' the data then selling it (4, Insightful)

Luckyo (1726890) | more than 4 years ago | (#32622550)

What I've been trying to communicate here is that it is not our job to judge if an add-on is pretty or ugly, lightweight or bloated, subtle or in-your-face.

Except that it is. The very name of the policy, "No Suprises" clearly shows intent to prevent massive change from subtle to in-your-face, as you put it.

The problem that we have reading your replies is that you chose to go with utterly classic response that corrupt officials and companies go with when they get caught. They proceed to find a small ambiguous technicality in the letter of the policy, while murdering the entire spirit of the said policy in progress, smiling in and proclaiming their complete innocence and blaming the policy. The entire wording of the name of the policy clearly suggests that you are there to weed out "subtle to in-your-face" changes. Yet because of technicality in the policy that you as a mod can use every time you want, it actually means absolutely nothing. Nothing in it actually stops you as a moderator from, for example, paying back a "monetary favor" by allowing a company that purchased a known add-on from making it a targeted advertisement add-on, full with annoying pop-ups, as long as it mainly does what it did before. Even if doing it is a small fraction of the new version and bulk is focused around selling unwanted crap, and in fact flies in the face of everything the previous versions of add-on stood for.

I'm sorry, but this stinks. In a major way. It essentially means that the moment someone finds a morally weak spot in the mod chain, millions of end users can be literally fucked over with no recourse whatsoever.
And it's the lack of recourse that's most bothersome. There isn't even a way to properly complain about a clear breach of trust issue, because it still adheres to letter of the policy, even if spirit of it is murdered in the process, at least according to you.

I think AC below put it best:

The Changing of Defaults and Unexpected Features [mozilla.org] add-ons policy appears to address what an add-on does when it's first installed. It doesn't adequately address notifications of changes pushed in updates to add-on functionality.

Essentially there's a nice and functional loophole in the policy that allows anyone with sufficient interest in the issue to circumvent the policy entirely by publishing new add-on as a continuation of a popular existing one and making sure that mod happens to be someone he knows well enough and owes a favor, or is sufficiently naive to imagine that this isn't a "surprising change". This in spite of add-on update policy naming scheme that clearly shows that it was its intent to do the same as policy on what review happens when add-on is first installed.

Once again, the stench can be felt even across the internet.

Re:They are 'anonymising' the data then selling it (0)

Anonymous Coward | more than 4 years ago | (#32622698)

Except that it is. The very name of the policy, "No Suprises" clearly shows intent to prevent massive change from subtle to in-your-face, as you put it.

TACO 3.0 still does cookies... what's your problem? Sounds like they did their job unless there's malware... which there isn't.

The problem that we have reading your replies is that you chose to go with utterly classic response that corrupt officials and companies go with when they get caught.

You're an idiot. Really.

Nothing in it actually stops you as a moderator from, for example, paying back a "monetary favor" by allowing a company that purchased a known add-on from making it a targeted advertisement add-on, full with annoying pop-ups, as long as it mainly does what it did before.

Ehm, interesting hypothetical, but... there are no pop-up ads in the TACO update, so how is this relevant again?

...a morally weak spot in the mod chain, millions of end users can be literally fucked over with no recourse whatsoever.

Dude, they did their job... If you don't like the software, uninstall it and roll it back.

...sufficient interest in the issue to circumvent the policy entirely by publishing new add-on as a continuation of a popular existing one and making sure that mod happens to be ...

Huh?

Once again, the stench can be felt even across the internet.

Probably your breath, though. Flaming the add-on editors for doing their job seems kinda pointless.

Re:They are 'anonymising' the data then selling it (1)

rtfa-troll (1340807) | more than 4 years ago | (#32622892)

Thanks for that; now I understand your policy clearly; that you insisted on the features being switched off and that you would have liked to warn about the license, I'm much happier about the Mozilla update process than I was. Is there any bug related to the lack of license change notification that we can vote for??

Re:They are 'anonymising' the data then selling it (1)

eloquent_loser (542470) | more than 4 years ago | (#32623072)

"We reject add-ons that are impossible to figure out, have overly intrusive UI, or are annoying to users."

Strangely, you have summarized most succinctly my exact impressions of the new TACO. Yet still it remains.

Re:They are 'anonymising' the data then selling it (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32621474)

+1

All the comments moaning about licenses miss this point:

Any Firefox extension you have could be bought out and converted into something you don't like. And Mozilla (at least in the person of the reviewer who approved the changes to TACO [slashdot.org] ) offers only limited protection [slashdot.org] from this.

The Changing of Defaults and Unexpected Features [mozilla.org] add-ons policy appears to address what an add-on does when it's first installed. It doesn't adequately address notifications of changes pushed in updates to add-on functionality.

Not all new "features" are turned off by default (1)

rwade (131726) | more than 4 years ago | (#32621238)

It added several features...and they're turned off by default.

What about the icons in the bottom right and top right of the display? What about that silly and obtrusive notification window that pops up? I'd say those are new features that were enabled.

And according to the Register article linked, it slowed down the browser.

Re:Not all new "features" are turned off by defaul (0)

Anonymous Coward | more than 4 years ago | (#32622446)

What about the icons in the bottom right and top right of the display?

Easily turned-off.

What about that silly and obtrusive notification window that pops up?

That window displays cookie & tracking information the first time you visit a site during a given browser session. It comes up once per site per session, and is easily turned off permanently with one click.
Basically, it is an alternative to the nice Ghostery add-on.

I'd say those are new features that were enabled.

And according to the Register article linked, it slowed down the browser.

Did it slow down your browser?

Re:Not all new "features" are turned off by defaul (1)

rwade (131726) | more than 4 years ago | (#32622888)

My point is that there are new features that were enabled by default. Doesn't matter if it's easily turned off.

TACO extension? (0, Troll)

syousef (465911) | more than 4 years ago | (#32619978)

Is that some sort of euphemism for vaginal plastic surgery? They're having them extended nowadays?

Mozilla should pull them (4, Interesting)

mrmeval (662166) | more than 4 years ago | (#32620338)

And perpetually ban that developer/team/company from every having access again.

Re:Mozilla should pull them (4, Insightful)

Saeed al-Sahaf (665390) | more than 4 years ago | (#32620640)

And perpetually ban that developer/team/company from every having access again.

Or change their rules for updates, because according to the "official" Mozilla response, TACO 3.0 passed all the requirements. Mozilla doesn't seem to have a problem with it.

It's not like it's never happened before. (0)

Anonymous Coward | more than 4 years ago | (#32620608)

DownThemAll... oh how the mighty have fallen.

Their Advisory board members dirty laundry (5, Informative)

Sonny_Jimbod (836857) | more than 4 years ago | (#32621410)

http://www.getabine.com/team.php [getabine.com] Jules Polonetsky - Co chair of Future of Privacy Forum, which coincidently enough was funded by AT&T. No conflict of interest there. Chief Privacy Officer at DoubleClick, you know, the people who sell lots and lots of adverts on the internet? Seems strange that he would be interested in something that was designed to stop that? Jim Jorgensen - CEO of AllAdvantage, you probably won't remember the name but you probably remember them as the company that tried to pioneer 'Paid to Surf' by bombarding users with adverts. Again, why would he be interested in something designed to thwart that? Why are these people interested in a company that seems to have no others means of making money apart from charging $50 to take down a youtube video? http://www.getabine.com/deleteme/request.php?item=youtube [getabine.com] This company stinks, I'll continue digging because I'm sure there's more

Wrong TACO (1)

Mister Fright (1559681) | more than 4 years ago | (#32621644)

Damn. From the title of this story, I thought there was a Firefox extension for the ACM's Transaction on Architecture and Code Optimization.

"Open taco" (0)

Anonymous Coward | more than 4 years ago | (#32622998)

Who else thought of porn? Me and mah blue cojones...

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?