Not a good look for Firefox. Third partners and device fingerprinting clearly mentioned in the documents.
The move is the latest development in a series of shifts Mozilla has undergone over the past year.
The gecko engine and Firefox forks, such as Tor, Mullvad, Librewolf, and Arkenfox, are stables of private, open source web browsing.
In fact, Mozilla’s is one of the few browser engines out there, in a protocol-heavy industry that many say only corporate or well-funded non-profits can reliably develop.
What is more, daily driving the more hardened-for-privacy Firefox derivatives can be frowned upon by many sites, including your bank and workplace.
Mozilla’s enshittification leaves the open source community without a good alternative to Firefox, after years of promoting it as a privacy-friendly alternative to spyware-cum-browser Chrome.
The choice of C++ + Swift feels strange and off-putting to me. Swift, at least, is pretty safe as languages go, but does leave me scratching my head a bit. C++, though, frankly should have no place in a new browser project. For a piece of software whose whole purpose is to essentially download and run untrusted code, C++ is unacceptable.
It’s realistically not gonna happen, but what I’d really like to see is Servo developed into a full browser.
Could you explain how their language choice affects the security of the software? Because it’s open source and easier to find cracks?
No, the industry consensus is actually that open source tends to be more secure. The reason C++ is a problem is that it’s possible, and very easy, to write code that has exploitable bugs. The largest and most relevant type of bug it enables is what’s known as a memory safety bug. Elsewhere in this thread I linked this:
https://www.chromium.org/Home/chromium-security/memory-safety/
Which says 70% of exploits in chrome were due to memory safety issues. That page also links to this article, if you want to learn more about what “memory safety” means from a layperson’s perspective:
https://alexgaynor.net/2019/aug/12/introduction-to-memory-unsafety-for-vps-of-engineering/
Cool, it makes sense I guess. But why would other languages not also be succeptible to memory injections?
In simple terms, they just don’t allow you to write code that would be unsafe in those ways. There are different ways of doing that, but it’s difficult to explain to a layperson. For one example, though, we can talk about “out of bounds access”.
Suppose you have a list of 10 numbers. In a memory unsafe language, you’d be able to tell the computer “set the 1 millionth number to be ‘50’”. Simply put, this means you could modify data you’re not supposed to be able to. In a safe language, the language might automatically check to make sure you’re not trying to access something beyond the end of the list.
deleted by creator
Yeah, I know the history. And if they fully switch to Swift and manage decent performance, that would be acceptable, just strange. And it would also be fine to use whatever language if it were only a hobby project. I just reject the notion that C++ is an acceptable choice for new projects in security-critical positions.
deleted by creator
Yeah, it was ok when the project started. The issue begins once it transitions from a toy to a potential competitor with Firefox.
deleted by creator
And as I said, if they manage to entirely switch, I won’t have reservations.
As far as security in extant browsers and C++, see here: https://www.chromium.org/Home/chromium-security/memory-safety/
It’s a serious issue.
deleted by creator
Of course! Thanks for the discourse. Makes the world go 'round.