No, I didn't get it installed either because I've been far more strict about trying to turn off any and all reporting, analytic and telemetry options in any software I run, so at some point I turned off the option that would have let that thing get installed. I'm guessing you did the same.
Here's something that I don't understand. Mr. Robot is ultimately owned by Comcast. Comcast of course has spent an enormous amount of money destroying net neutrality. Why is Mozilla supporting a company that's at odds with Mozilla's claimed goals?
A redditor manages a computer lab that is heavily secured for specific tests which require locked-down computers. They decided on Firefox for the browser, and the Mr.Robot plugin stunt invalidated a test series because it was an unofficial plugin.
They installed chromium as a workaround. Their CIO was not happy.
Tests were re-validated after some review by the test provider. While I can't in any way condone how Mozilla violated user trust when they side-loaded that extension, perhaps the test provider should specify Firefox Extended Support Releases (ESR) if they're going to require specific fixed setups like that (with all auto-updates disabled). A signed golden master provided by the test service would also go a long way in preventing problems like this, or at least providing a means of redress for already thinly stretched university IT departments.
Finally, I'm surprised they haven't blocked any and all network access, except for registered testing servers, via netfilter. So, there's that.
My experience with the test providers is that often they partner with another company that handles the technology side of things, which is often hack-ish at best. Universities often have the choice of directing their students to authorized test centers with heavily locked down machines (and a nominal testing fee), or try to recreate such an environment with their own equipment and rooms. The difficulty with this is that often the provided tools for locking down a computer lab are woefully out of date, relying on old browsers or software components that are EOL or just quite out of date, which isn't very compatible with the trend towards auto-update software/OSes. It's a bad situation for students and educators alike as they have no professional alternative for their careers and it just ends up being an awkward time of the year for many people.
Some of my most stressful memories from my professional career were simple compatibility issues that got overlooked during a wave of updates, and suddenly a bunch of nursing students or education students have a ticking timer on a certification test where parts of it won't load because X plugin is incompatible with Y part of the test.
If I was preparing a locked-down environment, I would probably turn off just about every single feature of the browser which could lead to uncommanded. No automatic updates, no telemetry, no "safesearch", no plugins, no history saving... basically almost how browsers used to be configured by default, actually.
It's actually quite disturbing and creepy, to think that a lot of the software today is silently doing lots of things "behind your back", most of which users are not aware of, but some things which users would definitely not want to happen if they knew it was happening.
That's certainly true. While hiding complexity is the largest benefit, and some might say is the aim, of technology; it also opens the door to this type of abuse. Technology is a tool, and good tools do not hurt their users. However, the more complex the tool, the harder it is to verify that, in all cases, the user is not hurt (what does it mean to hurt someone's privacy?). This is one of the largest challenges we're facing now -- making sure our tools work for us and only us. In this case, open source is only the first step; policy must also adapt and Mozilla needs to take a good hard look at what permitted this to happen.
18 comments
[ 2.9 ms ] story [ 43.1 ms ] thread[1] https://gizmodo.com/after-blowback-firefox-will-move-mr-robo...
A redditor manages a computer lab that is heavily secured for specific tests which require locked-down computers. They decided on Firefox for the browser, and the Mr.Robot plugin stunt invalidated a test series because it was an unofficial plugin.
They installed chromium as a workaround. Their CIO was not happy.
Finally, I'm surprised they haven't blocked any and all network access, except for registered testing servers, via netfilter. So, there's that.
Some of my most stressful memories from my professional career were simple compatibility issues that got overlooked during a wave of updates, and suddenly a bunch of nursing students or education students have a ticking timer on a certification test where parts of it won't load because X plugin is incompatible with Y part of the test.
It's actually quite disturbing and creepy, to think that a lot of the software today is silently doing lots of things "behind your back", most of which users are not aware of, but some things which users would definitely not want to happen if they knew it was happening.