• apis@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 months ago

    Am tired, but bit confused at sequence of events.

    Did Russia ban Mozilla from offering specific extensions, whereupon Mozilla removed for Russian users the banned extensions?

    Or…

    Did Russia ban Mozilla from offering some undefined type of extension, whereupon Mozilla removed for Russian users any which seemed to fall under the ban under an abundance of caution until they could assess each & reinstate those which did not fit the ban?

    Or, more worryingly, but maybe implied by the supposed temporary intent of the ban…

    Did Russia ban Mozilla from offering specific extensions, whereupon Mozilla temporarily removed for Russian users the extensions in order to give Russia the ability to track or otherwise meddle with Russian users of those extensions… or to enable Russia to interfere with the extensions’ code for their own ends?

    I feel I can make a reasonable guess, but there’s a fairly big safety issue here depending on what happened.

    Anyone dissenting within an authoritarian regime knows to exercise extreme caution, but always good to put out reminders to have multiple layers of protection, so if one fails you are still ok.

    • SpaceCowboy@lemmy.ca
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      6 months ago

      From the article:

      The browser extensions, which are hosted on the Mozilla store, were made unavailable in the Land of Putin on or around June 8 after a request by the Russian government and its internet censorship agency, Roskomnadzor.

      or to enable Russia to interfere with the extensions’ code for their own ends?

      Well for the extensions that are open source it is possible for Russia to meddle with the code, but they’d have to get past code review. But this is concern for anything open source not just Mozilla stuff. It’s rare that something gets bad gets into an open source project, but it did happen a few months ago with ssh. Didn’t get past testing and required someone to work on open source projects for years before they got a level of trust to get something pulled into main source tree. So it’s basically the equivalent of getting a job at a company for years just to put malware into some proprietary software. Which could also happen, but if there’s a good code review process it shouldn’t happen.

      Excepting those kind of weird scenarios, unless they’re extensions made by a Russian company that Moscow control over, then no, the extensions wouldn’t have been fiddled with by the Russian government. And if they were extensions the Russian government had the ability to change, they wouldn’t be trying to ban them.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        I highly doubt that a browser extension is going to allow a bad commit. It seems like that would be way more obvious as it is at a much higher level. (No C)

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    arrow-up
    4
    arrow-down
    7
    ·
    6 months ago

    Eh, I’m not so sure it’s “well done.” They should comply with local laws and perhaps respond by making it easy to add your own addon repo or sideload addons.

    Getting banned just reduces your impact.

    • SpaceCowboy@lemmy.ca
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      6 months ago

      What impact? You mean having Russians use a browser that allows the state to spy on them? If someone goes to prison for using Firefox to post something critical of the government, is that the impact Mozilla wants to have?

      At a certain point you have to say “if the government of an authoritarian makes it illegal to use our browser because we aren’t going along with them spying on their citizens then so be it.”

      It’s debatable at what point a software company becomes morally complicit with the oppression done by an authoritarian government. But it seems to me the wisest choice is to say “this is our software, take it or leave it.”

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        Yes, there certainly is a point, and removing 3 add-ons from the default add-on store isn’t that point. They should instead make more ways for people to get those add-ons (e.g. separate add-on repos and easier side-loading) instead of just forcing the government to block them.

        Getting Firefox blocked doesn’t accomplish anything other than a one-time publicity stunt, which will probably get censored anyway. If they don’t have many users in Russia anyway, maybe that’s worth doing to get more exposure in other markets. But if the goal is to help Russians, I don’t see how this helps.

        • Bigfoot@lemm.ee
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          6 months ago

          Eh, anyone who knows what “Install an add-on from a repo” means also knows how to install firefox despite it being “censored”.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            arrow-up
            4
            ·
            6 months ago

            Perhaps, but perhaps the police would monitor attempts to download Firefox and put those individuals on a watch list. They’re probably less likely to monitor various repos and their mirrors.

            I just don’t see much of a benefit for Firefox to push back too hard here. If they required Firefox to censor things that’s another story, but putting up a “this addon is not available in your region.”

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      By doing this they are setting a strong presence. You either can have full Firefox or no Firefox. It isn’t right to censor for specific countries.

      It is the same thing with EU chat control and Signal.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        Idk, I think an addon store is different. Some regions could restrict certain types of addons (e.g. porn, gambling, crypto, language support, etc), and that should be fine. They shouldn’t compromise on core Firefox features, but I think region-gating extensions is fine, provided they have a way to side-load extensions.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 months ago

          We aren’t talking about gambling here we are talking about massive censorship and attacks on human rights.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            6 months ago

            It’s the same general idea. Blocking gambling add-ons is just another form of censorship. As long as countries aren’t dictating core browser features, I don’t see why Mozilla shouldn’t comply with blocking access to certain third-party add-ons in their add-on store, but they should allow users to select third-party add-on repos if they so choose (afaik, that’s not a thing yet).

            • Possibly linux@lemmy.zip
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              2
              ·
              6 months ago

              Gambling has nothing to do with Democratic speech and access to information. We are talking about add ons that might show people the truth. Russia and Putin fear that greatly.

    • lambalicious@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      They should comply with local laws

      To my knowledge Firefox / Mozilla does not have an office in Russia. And even if they had, the argument can be made that unlawful / authoritarian laws by any ethical perspective have to be fought against.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        6 months ago

        Sure, but you have to weigh the pros and cons. This request seems benign enough that Mozilla shouldn’t be limited in delivering on its mission in Russia by following it, but they would certainly would be limited if they’re completely blocked.

        If Russia asks Mozilla to do something that compromises their core mission, that’s the time to refuse.

        • lambalicious@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          That’s how it starts. Mozilla itself is maybe not hindered on its mission, but the people who depend on them are: the extension was blocked, and there is no official way that I know of to add third-party extension repositories to Mozilla. And sure, the more important part of the problem is you cede just one bit, but the authoritarians won’t stop. They know now Mozilla will spread their legs so they’ll ask more and more, and Mozilla will for sure choose to bend over for them than to act for the people they were supposed to be fighting for.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            arrow-up
            1
            ·
            6 months ago

            You can sideload if you have the extension file.

            The proper response, imo, is to implement third party add-on repos, so if Mozilla is forced to remove access to something, someone else can make a mirror or something. That way someone could create and host a repo that has blocked extensions and Mozilla doesn’t get in trouble for it.

            There should absolutely be a line drawn here. Mozilla shouldn’t make any code changes to any of their services to appease censorship orgs (e.g. domain block lists). Blocking access to services that can be hosted/replaced by someone else shouldn’t be an issue.

    • SpaceCowboy@lemmy.ca
      link
      fedilink
      arrow-up
      3
      ·
      6 months ago

      Eh… an organization will generally just comply with any law at first. Senior leadership would have to approve of not conforming to a law, so there would be meetings and deliberations on it. Considerations need to made about the safety of the employees and that kind of thing.

      The extensions were only blocked for a week. So it’s not fair to claim Mozilla was licking Russia’s boot.

      • lambalicious@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Mozilla licked Russia’s boot for a week. And that’s only what we publicly know.

        No matter for how short you taste shit, the shit stink stays – if anything, in your memory.