No Secret Data Project

Those concerned about the “Mozilla Stealth Data Project” should really check out the Data snooping discussion on mozilla.dev.planning.

I think many who has spent some time on the project found that recent TechCrunch post was more an effort to scaremonger and generate buzz, than anything else. I guess one could argue “there’s no such thing as bad publicity”. Just my personal $0.02.

I’ll put a few noteworthy chunks of that thread in this blog post for those who don’t have too much time to read, and leave anyone interested to read the entire thread. All of this has been published out in the open on dev.planning today.

From Mitchell Baker, Chairman of the Mozilla Foundation:


Some people have jumped to the conclusion that this means Mozilla would adulterate our core values and the primacy of user control. They assert, or assume, or worry that thinking about data means somehow that Mozilla will simply join the existing model of gathering and commercializing personal data.

This is us not the case.

From Mike Beltzner, “phenomenologist” (I’m pretty sure he made up his own title, but he can get away with that):


– no, there is no secret data project.
– no, there is no secret plan to snoop or collect user data
– no, we are not already secretly collecting data
– yes, we are trying to figure out how we can accumulate better data about how users are using their browsers, and what they’re trying to accomplish; as with everything we do, this starts with public discussion to make sure we do it right in terms of respecting user privacy and our own community ideals – that’s what Lilly was saying.
– yes, any such program would be opt-in, not opt-out

Mozilla Corporation CEO John Lilly blogged about the topic recently as well.

Considering the past efforts to keep user data private, you’d have to wonder when your talking about one of the only websites on the internet to hold public discussions before using Omniture for analytics. (I should mention there’s an opt-out page for that). Not to mention a rather lengthy post from Mitchell about the topic.

So go ahead and download Firefox 3.0 and future releases knowing that nobody really cares if you like to watch videos of gorilla’s doing it. Err… did I say that?

If any data collection is done on users browsing the web. I propose it be done like this, so at least it’s comical to use for research purposes.

Googlefox Redux

Yes, it’s another Google/Firefox blog post. This time in response to a CNet blog post regarding Google’s relationship with Mozilla. It makes a few interesting points, but quite a bit of it is silly or outdated. It was edited at some point late this morning or early afternoon from it’s original form (as it mentions).

While Apple also gets a nice chunk of change from Google for the search bar in its Safari browser, Apple has enough other sources of revenue that it can easily walk away from Google’s cash.

Yes, Google provides a great sum of cash. But indirectly. The real money machine is the search box, and the start page. Right now they are hooked up to Google per an agreement (which I haven’t seen in any way shape or form). In the future that money machine may be hooked up to something else. Will it? I don’t have a clue. Don’t forget $19,776,193 in expenses and $66,840,850 in revenue leaves quite a bit of cash in the war chest and that’s only for 2006. 2007 is rapidly approaching it’s end. There was a 2005 at some point in the past. With the mobile landscape just warming up (new potential for partnerships/revenue streams), there’s opportunity. Google is lucrative, no question about it, but it’s not the only means of survival. Yahoo is already used for some parts of the world. That relationship could be expanded in the future.

Fact: Users who enter keywords or misspelled URLs into the Firefox 2.0 location bar will essentially be running a Google “I’m Feeling Lucky” search. That is, they will be taken to the first result for a Google search query for those terms.

I believe Netscape had this feature about a decade ago, but with a different partner. Not really news here. Back then I believe you paid for that, now it’s about your rank in Google’s search results. I personally think the Google method is much more neutral.

Fact: In addition to the Google cash flowing to Mozilla, a number of Google engineers spend significant amounts of time working on Firefox. This includes Ben Goodger, the lead developer for the browser. Yes, other companies pay developers to work on Firefox, but none throw as many overall corporate resources at the browser.

Fact: This statement quotes things from 2005. I don’t think Ben is very (if at all) involved with Firefox in the past year. The other reference to Darin Fisher is also inaccurate since he hasn’t been very active (if at all) in the past year or so as well. There’s a reason why all those links are to 2005 stories. By the way, the Mozilla Corporation throws way more resources at Firefox than Google.

This begs the question: why doesn’t Firefox adopt the features of AdBlock Plus and CustomizeGoogle? While the terms of Google’s contract with Mozilla are not public, even if Mozilla were contractually free to include anti-Google-tracking features, it would not be a wise move, business-wise. After all, it is not too smart to anger the company that provides more than 85 percent of your financing.

It would not prove to smart to take the first step towards moving the web to a pay-per-site model. Firefox forced the IE development team out of retirement. If Firefox removed advertising, there would a strong amount of pressure on Microsoft to do the same. Microsoft relies on ads for several of it’s properties including MSN. Does anyone want to see the web as a subscription model? I’m pretty sure the answer is no all around. More and more sites have moved away from that such as the NY Times. While some users will block ads regardless of technology most won’t know how, or bother to providing revenue to keep the majority of internet content free. Firefox is about the open web. Payments for every page you visit isn’t anyones definition of “open”. Mozilla thus far has played things pretty neutral. Adblock Plus is treated like any other extension. It’s not shunned or hidden.

This brings us to a really interesting dilemma. Google has a well-known flaw in one of its Web sites that can be (ab)used by phishers and malicious hackers. Google refuses to fix the flaw, as it believes that it is not a problem. Google also operates the Firefox phishing blacklist. Will Google add one of its own domains to the phishing blacklist? Of course not!

Is this a Google issue? Or a company/organization/person issue? I’m not aware of any entity that is immune to this. I can’t even think of a company that hasn’t been down this road before. IIRC Microsoft disagreed with security researches on flaws more than once. Google shouldn’t have to add one of it’s own domains to the phishing blacklist. It has the immediate ability to report the problem internally and shut down the offending problem. For the record Google’s even willing to notify webmasters of certain problems. If your a webmaster, you should be signed up.

Google’s SafeBrowsing is mentioned several times as well. For the record there is a documented method for blacklist providers to use (and yes, you can bundle it as an extension). Thus far, there’s not much on the landscape of free blacklists. The only one I’m aware of is PhishTank.

So there you have it, nothing has changed, Google hasn’t taken over. Nothing to see here. IF Google were to stage a takeover, I’ll be sure to blog about it. Just keep an eye on this blog. Thus far I haven’t seen any evidence of it.

For the record, there was a bug fix committed today by someone at Google (not sure if it was Google backed, or just done by a Google employee). “Fix the incorrect function prototypes of SSL handshake callbacks”. And no, that doesn’t mean Google took over encryption.

MoFo’s MailCo To Coincide With MoCo

Did you catch that title? Thunderbird has a new home, but it’s not moving far. I mentioned this a few weeks ago. The most interesting bit is this:

The new organization doesn’t have a name yet, so I’ll call it MailCo here. MailCo will be part of the Mozilla Foundation and will serve the public benefit mission of the Mozilla Foundation. (Technically, it will be a wholly owned subsidiary of the Mozilla Foundation, just like the Mozilla Corporation.)

Awesome! And other minor details…

Mozilla will provide an initial $3 million dollars in seed funding to launch MailCo…. Mozilla may well invest additional funds; we also hope that there are other paths for sustainability.

It’s great to see it’s going to be well taken care of. Keeping it in the family is also good for XULRunner and the Mozilla platform since it ensures everyone will continue to work as closely as they have in the past. Also insures that the new organization will keep the same principles at heart that made Firefox what it is today.

The Rumbling Edge has a good list of media coverage.

In other news, Yahoo acquired Zimbra for a cool $350 Million. This has been the biggest week for email since Gmail launched.

Mozilla Corporation

For the most part, the news has been rather clear, though a few questions still remain.

  1. Who owns the trademarks? The Foundation or the Corporation? This doesn’t say if the corporation will be allowed to use the trademarks, or will inherit them. It hints at inheriting, though Asa makes it sound otherwise.
  2. Who ultimately has the final say? Is the Foundation ultimately still in charge? Or does the Corporation get the upper hand?
  3. Who do drivers@mozilla.org and module owners answer to? Foundation or the corporation? Mitchell said a while back

    The key responsibility is that the Module Owner’s job is to act in the best interests of the community and the project at large, not in the interests of his or her employer. Ben has lived with these responsibilities as a volunteer, a Netscape employee, a Mozilla Foundation employee and now as a Google employee. We’re confident that Ben will continue to help us drive great innovations in the browsing world.

    Speaking of Ben’s departure to Google. Now is the Foundation ultimately going to continue to lead the community? Or will the Corporation step into play here? Is it possible for the Foundation and Corporation to disagree? How will that be mediated?

  4. Since the creation of the Foundation, long term goals have been a bit more open (as opposed to Netscape). Will the Corporation be modeling it’s confidential information policy against the Foundation, or that of Netscape?
  5. Who is the property owner (office space, servers, other worldly possessions)? Corporation or Foundation (or some sort of split)?
  6. Is there any obligation (either by policy, or charter or contract) for the Corporations code to be open source? Or could they (in theory, don’t start the conspiracy train on me) fork it into a “Netscape” scenario? Who has a say in this (again Foundation or Corporation)?
  7. There’s some talk on the net about concerns regarding Mozilla’s Search relationships (and potential relationships). Does the Foundation have any say in potential business relationships? Can it prohibit or block them?
  8. Will SpreadFirefox be under the Foundation or the Corporation?
  9. Will products be moving to mozilla.com rather than mozilla.org? Or will they stay the same?

The ultimate question here is how much control will the Foundation have over the Corporation. As a wholly owned subsidiary, the Foundation should have substantial say, though it’s not quite clear just yet how a Corporation status will effect policies, most of the discussion thus far has been on day to day operation or “the basics” (will Firefox still be free? etc.) Hopefully a MoFo or MoCo (oh boy do I like the abbreviations) representative will be clarifying things in days to come. I’ll update this post if they do (nudges Asa and Mitchell).