Lessons from the death and rebirth of Thunderbird
Ryan Sipes told the audience during his keynote at GUADEC 2024 in Denver, Colorado that the Thunderbird mail client "probably shouldn't still be alive". Thunderbird, however, is not only alive—it is arguably in better shape than ever before. According to Sipes, the project's turnaround is a result of governance, storytelling, and learning to be comfortable asking users for money. He would also like it quite a bit if Linux distributions stopped turning off telemetry.
Sipes is managing director of product for MZLA Technologies Corporation, the subsidiary of the Mozilla Foundation that allows Thunderbird to take donations and so forth. When Sipes joined the Thunderbird project on a part-time contract as community manager in December 2017, one of the most common questions he was asked was "isn't Thunderbird dead?" That wasn't, he said, an unreasonable question.
![[Ryan Sipes]](https://static.lwn.net/images/2024/Ryan-Sipes-sm.png "Ryan Sipes")
He joined five years after a TechCrunch article declared the death of Thunderbird. The author declared it dead because the Mozilla Foundation had announced that it was pulling resources from the project and putting it into maintenance mode. In 2016, Mozilla started looking to spin off the project. In May 2017 the Thunderbird project announced it was allowed to stay under the foundation as its fiscal and legal host but on the condition that Thunderbird operate independently. It's little wonder that many people thought that Thunderbird was dead.
Thunderbird was not dead, but it was not particularly healthy, either. Sipes said that, when he joined, Thunderbird was frequently in an unbuildable state. "We had what we called red-tree days where upstream (Firefox) broke us", and those "days" would actually mean weeks or months where the project wouldn't build.
But Sipes saw potential. Prior to taking the Thunderbird community manager role, he had worked for System76, a vendor that sells Linux laptops, desktops, and servers. He said that companies that were planning to deploy Linux across the organization or for their developer groups would often ask him what would serve as a one-to-one replacement for Outlook. He would recommend Thunderbird as the closest replacement, even though it was not a perfect fit. When the Mozilla job opened up, he said, "I thought I was super-hot stuff, I'll go over there and I'll fix this up". Seven years later, he's still at it—albeit in a permanent role in product management.
Sipes credited the Thunderbird Council (the project's elected governing body) for re-energizing the project by setting up open project governance, and ensuring that there were decision-makers with ownership to say where efforts should be focused. Governance, he said, was crucial to turning the project around. But that doesn't mean that it was painless. "Good governance, even the best governance, is never pretty":
I have yet to be in a community that works but doesn't have sparks flying every day, real debate happening. And I will say that if you look back on Thunderbird's mailing list at this time, it's not pretty, constant arguments, competing visions for the future. But what I'm telling you is you have to have that in an open-source community for things to actually move forward. If you don't, then the project is probably stagnating.
The project was no longer stagnating, but its revenue certainly was. Sipes said that Thunderbird's revenue "was on track that year to be $500,000", even though it had approximately ten million daily active users (DAUs). He recounted seeing an article that said that Slack also had about ten million DAUs, but its revenue was at one to two billion dollars at the time. What he saw happening at the time pointed toward the death of Thunderbird; it "is going to slowly just disappear". He wondered why Thunderbird could not be sustainable. There was no good answer, he said, so he kept asking.
Money (that's what I want)
The solution turned out to be simple, Sipes said. But first the project tried "all these super-complicated ways" to make money that did not work. Finally, he said, he asked "what if they [users] don't know that Thunderbird is going to die, and what if we just slap it like right in their face" and ask for money. Initially, he received a lot of pushback on the idea. People in the project didn't feel comfortable asking for money, "they said it's spammy, it's tacky". Sipes said that he eventually realized he was having the wrong conversation. So, instead, he started asking instead "which is more cool, we ask for money twice a year, or Thunderbird goes away forever?" Framed that way, he started getting somewhere.
So the project started running donation campaigns twice a year by using a dialog within Thunderbird that users would have to acknowledge one way or another. This did not, it turns out, offend its users. Far from it. Sipes said that he asked users what they thought of the appeal, and they would respond "what appeal?" People are so accustomed to seeing ads, promotions, and upsells in applications that it "did not trigger at all in their psyche". Either they gave or closed the appeal, and that was simply a two-second transaction in their day.
So this stuff is not as annoying as you think. We are coming off doing four appeals over the last 12 months. Four full-screen appeals. Still many of the users I ask say I honestly have never seen what you're talking about. So far we have not hit any kind of fatigue around the in-app appeals.
The appeals have been effective. The first year that Sipes was with the project, it wound up bringing in about $700,000 in revenue. The past year, he said, it has brought in $9.1 million. Its efforts haven't been limited to in-application requests, though. A blog post about Thunderbird's 2022 financial report published last May notes that the project also increased its work to communicate with users and explain how it uses money it receives in donations.
This bird has flown
Moving on from fundraising, Sipes discussed the problem of changing the perception that Thunderbird was dead. One thing that open-source projects are bad at, he said, is owning their image and brand. The participants in open-source projects are usually developers first, "so it's not an innate skill that a lot of folks possess in this space to tell a story" about the project or software that they are building.
One part of telling Thunderbird's story was to modernize the project's branding and add some excitement to its release announcements. The old logo, Sipes observed, looked like a wig on top of an envelope "and once you see it, you can't unsee it. This is not the future, this is not even today". His push for a new logo met the usual resistance, "everyone was telling me, don't do this [...] people will be confused with something new". Sipes said that users' familiarity with the old logo was a problem, not a positive. Even if Thunderbird changed everything, he said, users would still see the old logo and think that nothing had changed. "So fundamentally, we had to tell them 'no, you don't know what this is, you've never seen this bird'." Last year, the logo received an overhaul by the original logo's creator, Jon Hicks.
Another thing the project did to draw attention was to give the next release after the new logo a "fancy cool name". The Thunderbird 115 release was called Supernova, though there was no particular reason for the name choice. "I just thought this sounds cool, and people will want to know more."
More importantly, of course, the project did more than rebranding and coming up with release names. Sipes said that the project decided to "destroy expectations" and modernize the user interface. "Not without purpose, like we didn't change it arbitrarily" but to create an experience that matches expectations for what a user interface is like in 2023.
Telling a new story, Sipes said, worked. He showed a slide that showed the trend line for Thunderbird's DAUs that showed steady decline, but then ticking up substantially after the Supernova release.
Lessons learned
Sipes moved on from rebranding to talking about the lessons he'd learned from his time with Thunderbird that could be applied to other open-source projects.
The first lesson, he said, is that a successful project is not just about the code. Users make decisions about software that have nothing to do with the quality of the code, the language it is written in, or "the cool thing that you manage to do that no one else does on the planet." Understanding that is an important step in making other decisions to help drive a project to success.
Another lesson is that governance matters. Sipes said that no matter what happened to Thunderbird's revenue or its legal entity MZLA Technologies, the project would likely continue to exist: "Because we have a governance structure for the project that is independent of everything else." That structure, he said, was crucial for the longevity of open-source software when maintainers come and go. "We have maintainers all the time who have kids and then we have to find a new maintainer for the thing they maintained."
Even though Sipes noted that Thunderbird could exist without revenue, he wanted to make it clear that money was important. "I don't know who in this room needs to hear this, but somebody in this room needs to hear this: money is not necessarily bad." There are some "big hairy projects" in open-source, he said, that it's extremely difficult to get people to tackle as volunteers:
No one has ever, in the history of Thunderbird, updated the IMAP code for free. It has never happened. No protocol code has been updated, to my knowledge, by someone who is volunteering. [...] It's like 600 pages of RFC's! Who wants to do that? It is not like I'm going to get my whiskey, I'm going to sit in my chair, and I'm going to read through the RFC's tonight.
Even faced with that reality, Sipes said that it was eye-opening how much pushback he received trying to get money to move the project forward. That is a mistake that open-source projects should avoid. The vendors that make the software that open source is competing against, he said, "don't hold our values" and they have a lot of resources to promote software that embodies "in some cases, the antithesis of our values". If projects are not willing to use a tool in the toolbox, like money, to compete "then it is our destiny to get left behind forever".
The last lesson, he said, "is own your story". While some people were saying that Thunderbird was dead, "no one tried to tell another story" until 2017. Now, the story he wanted the audience to remember was that "we're here, we're alive, we are the open-source email client that's taking on Outlook, that's taking on Gmail" to show users that there is a better way to manage their email. The project wanted to help users accomplish what they want to do "with the least friction, and the least moral compromise possible".
GNOME, he said, should be telling the story that it is the "next-generation desktop". There has been a trend since the inception of GNOME where "we roll out a feature on the desktop, and we're like this is cool, and then eight years later Mac or Windows adds it to their operating system, their desktop experience". What you see in GNOME today, is what's going to be in other OSes in the future.
Questions
With that, Sipes opened the floor to questions. One attendee said that they were impressed by the revenue numbers; they wanted to know if there were any breakdowns by platform that could show whether Linux users were more generous than those on other platforms. The short answer was "yes", Linux users do tend to donate more per user than those on other platforms. The longer answer was an impassioned plea for Linux distributions to stop removing telemetry from Thunderbird:
We don't know whether we have two million Linux users or 500,000. Please turn telemetry back on. Let the user opt out if they want to. Guys we do not collect any PII [personally identifiable information], we need to know how many Linux users there are so we can make decisions about whether or not to solve problems for Linux users over existing problems on other platforms where we do collect telemetry. I believe that there are probably more Linux users on Thunderbird than on macOS, but the telemetry does not currently say that, and so we make decisions based on the platforms we can see.
Another attendee noted that it was "particularly difficult" to get Linux users to agree to provide metrics and telemetry. Sipes said that this was a good example of owning the story. Everyone here who cares about making good open-source software, he said, has to actively start telling the story that telemetry is needed. "We need to get past this as a community, it's like the money thing, it's another thing that we fight with one arm behind our back" because there are no metrics to understand users to help the projects make good decisions.
No matter how much Thunderbird improves, many users simply prefer using a webmail client that they do not have to install or maintain on their own desktop. I asked Sipes whether the project was ever going to offer webmail. He said that, if Thunderbird continued to draw in more users, he imagined that a webmail experience would happen. The project was already moving onto each mobile platform, Android with K-9 Mail, and an iOS version that would be starting this year, he said. "I think web is the last one we need to create a presence on" to be able to say that Thunderbird has a solution for users no matter what platform they are on. But there was no specific timeline for that to happen.
[Thanks to the Linux Foundation, LWN's travel sponsor, for supporting our travel to this event.]
| Index entries for this article | |
|---|---|
| Conference | GUADEC/2024 |
Posted Jul 24, 2024 14:52 UTC (Wed)
by sramkrishna (subscriber, #72628)
[Link] (1 responses)
Ultimately, telemetry will help drive better design decisions, and provide us with a rough number of what the install base would be. Having those numbers lets us have effective conversations with various vendors. But more than that, the more desktops that are on there the more we drive consumer grade hardware to support Linux -> more kernel patches.
Posted Jul 25, 2024 21:56 UTC (Thu)
by mcatanzaro (subscriber, #93033)
[Link]
Just want to add: I agree. This was a top tier presentation, worth watching if you're interested in Thunderbird or telemetry.
Posted Jul 24, 2024 15:57 UTC (Wed)
by micahrl (subscriber, #143652)
[Link] (1 responses)
Is there any third party community effort that evaluates telemetry gathering by vendors? I wonder if that would give people more trust that enabling telemetry is safe.
Posted Jul 24, 2024 20:08 UTC (Wed)
by Rigrig (subscriber, #105346)
[Link]
But if I have to find out somewhere else that software is phoning home without asking first? It's a toss up between disabling it, or looking for an alternative altogether.
Posted Jul 24, 2024 16:03 UTC (Wed)
by braye (subscriber, #162802)
[Link] (5 responses)
Wouldn't it make more sense to make telemetry opt-in on Linux builds, rather than having distros make the (correct) choice to disable their opt-out telemetry? Some is surely better than none, right?
Posted Jul 24, 2024 16:27 UTC (Wed)
by pizza (subscriber, #46)
[Link]
It is _worse_ than none, because that "some" is non-representative.
Posted Jul 24, 2024 16:53 UTC (Wed)
by Heretic_Blacksheep (guest, #169992)
[Link] (3 responses)
No. It's not. I recommend a good primer on statistics. You have to have enough data to draw meaningful statistics from it. Otherwise your data is skewed and worthless, or it's skewed, worthless, and because you don't realize you're working with a non-representative sample, you draw the wrong conclusions from the statistics you do have. I don't have a problem with properly anonymized and useful telemetry gathering in open source when the process can be audited from the beginning to the end. I do have a problem with people making uninformed accusations about projects with telemetry trying to understand how people, in general, use their software.
Telemetry, by the nature of the beast, should be opt-out. That way those that don't mind need do nothing to contribute, while those that don't want to contribute or have a situation where they can't do so may turn it off. The projects will get enough data to draw meaningful conclusions. You don't get that when it's opt-in (tyranny of the default - most people never change them even in Linux land).
Now, saying that, I'm tempering that with meaningful consent. That is, the user is fully informed of what the telemetry is collecting, how its stored and anonymized, and what the methodology and results of the data collection are. This absolutely not the case with proprietary software as there's no meaningful consent in most such schemes. Open source has the opportunity to be both better than that and still demonstrate how telemetry can benefit those projects both in resource allocation from developers, and benefiting the users - with caveats about relying too heavily on statistics for all decisions.
Posted Jul 24, 2024 22:08 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (1 responses)
The problem, in Europe at least (driven by rampant collection of personal data in America) is that that sort of thing by law has to be "informed consent", ie it's opt-in and you need to be told what you're opting in to.
But yes I agree with you about the fact that statistics is complicated, hence the old saw "There are lies, damn lies and statistics". Or as I like to rephrase it - "Statistics tell you how to get from A to B. What they don't tell you is you're all at sea".
Witness my earlier comment about lorry journey times. "We're applying bell-curve maths to a skewed distribution. For what we're doing it doesn't matter but you are getting the odd weird results because it's the wrong maths". (The skew - in MOST cases, wasn't enough to make any real difference. In a couple, it made a BIG difference.)
If you don't know you're applying the wrong maths to the wrong data, the answer won't be right. It won't even be wrong...
Cheers,
Posted Jul 26, 2024 15:20 UTC (Fri)
by immibis (subscriber, #105511)
[Link]
Posted Jul 25, 2024 10:01 UTC (Thu)
by opsec (subscriber, #119360)
[Link]
Nothing that is happening on my computers should be opt-out. As a friendly NSA boss once said: We kill on meta-data. So: No meta-data is the only option.
Posted Jul 24, 2024 19:23 UTC (Wed)
by tux3 (subscriber, #101245)
[Link]
In addition to this, they clearly list what is being collected (and even let the most inquisitve users view examples of what is actually being sent).
The sort of project that would take care to design this entire system is the sort of project that can be trusted with sensitive user data, including potentially uniquely identifying usage statistics. I remain more than happy to have turned their ping on, I'm sure it helps them.
--
On the Thunerbird website, there is a blurb about privacy. It says "data ownership and privacy are your right wherever you live" and "We do not collect or store [personal data] unless you ask us to."
I know realize Thunderbird is trying to make a distinction between personal data — explaining the pro-privacy branding on the website — and the collected telemetry, that is not considered personal. The latter does features less prominently on the website.
It's very possible that Thunderbird is only recording information that I'd be okay with sharing, but I don't feel particularly comforted by what I'm reading here.
I would expect Debian to protect me from software that thinks telemetry is not a big deal, consent is optional, and people should just get used to privacy violations. That may be my bias, or a reflection of my environment living in the EU, but I feel grateful for distributions that remind software to ask first.
--
A final suggestion, since Thunderbird is a Mozilla-adjacent project sharing some Mozilla resources, could there perhaps be some inspiration to be taken from https://public-data.telemetry.mozilla.org/ ?
Posted Jul 24, 2024 21:03 UTC (Wed)
by myUser (subscriber, #58242)
[Link]
I just found that out thunderbird on Windows has telemetry enabled by default (opt-out). And I just turned it off. FLOSS projects don't need the bad parts of commerical software.
Posted Jul 24, 2024 21:36 UTC (Wed)
by cen (subscriber, #170575)
[Link] (2 responses)
I'm also eagerly awaiting Sync to be added, that will help from needing to export/import across multiple devices.
And yes, a pleasant nudge to donate actually made me donate.
Keep up the good work.
Posted Jul 24, 2024 22:56 UTC (Wed)
by madscientist (subscriber, #16861)
[Link] (1 responses)
YMMV of course: email clients are pretty personal. But I've been using Evolution for something like 18 years, since I was forced away from Emacs VM by a previous employer's switch to Exchange. Since then I've used it with various mail servers including POP from the FSF, my own IMAP server, GMail, and Exchange both via IMAP and using Exchange Webmail (EWS). I use email extensively (I probably get 1000+ messages a day) and Evolution works great for me by combining (currently) 4 major mail accounts into one interface.
Now with a flatpak install which allows the latest version to be used even on fairly old systems (I use it on my work system which is required, for now, to stay with Ubuntu 20.04 LTS) it really works well.
I'm not trying to set up a competition or cast shade, just pointing out there are alternatives worth investigating (for some set of users).
Posted Jul 24, 2024 23:55 UTC (Wed)
by marduk (subscriber, #3831)
[Link]
No, seriously. I hadn't used it for so long. I just started it up and wow it has... evolved. I definitely need to take a new look at it. Thanks.
Posted Jul 25, 2024 0:58 UTC (Thu)
by cjwatson (subscriber, #7322)
[Link] (19 responses)
I sympathize with the need to keep the project alive, but I'm curious what UX testing they did with users who have greater problems dealing with change? This is not the sort of constituency from which you're necessarily going to spontaneously get informed bug reports (and in general bug reports about UI changes are a difficult proposition anyway); you tend to have to do the legwork yourself.
Posted Jul 25, 2024 7:54 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (17 responses)
:-)
(My in-laws are in their 90s, my wife has Parkinsons, both seriously interfere with their ability to adapt to change!)
Cheers,
Posted Jul 25, 2024 14:16 UTC (Thu)
by khim (subscriber, #9252)
[Link] (16 responses)
If the couldn't adapt to the change then why the heck they apply the change? That's what always surprised me: why the simplest solution to the constant interface change is reviled that much?
Posted Jul 25, 2024 14:24 UTC (Thu)
by pizza (subscriber, #46)
[Link] (15 responses)
Because the "choice" (if thre even is one) essentially consists of "continue to run known-vulnerable stuff that is being actively exploited" or "accept/deal with a lot of unrelated changes"
> That's what always surprised me: why the simplest solution to the constant interface change is reviled that much?
Because that "simplest solution" is almost never an option.
(If only because hardly anyone is willing to pay to maintain that option)
Posted Jul 25, 2024 14:40 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (14 responses)
> Because the "choice" (if thre even is one) essentially consists of "continue to run known-vulnerable stuff that is being actively exploited" or "accept/deal with a lot of unrelated changes"
The choice more often that not nowadays is "stop using the app because the cloud functionality it relies on has been removed", sadly. That's why I've pretty much stopped using my phone as a smart-phone - pretty much all the USEFUL functionality I enjoyed and relied on has been deleted ...
Google Maps is now useless as a *basic* satnav, MyTracks has been replaced by fitness apps that don't track, about the only apps that are used on my phone (by other people, not me) are battery hogs that kill my stand-by time ... pretty much everything is advert-laden crap that makes it difficult for me to access what I *want* to see rather than what *they* want me to see ...
(A *basic* satnav - one that shows me where I am, and the traffic around me, without demanding to know where I'm going. What makes them think *I* know where I'm going, I'd like to know ... the number of people who advised me "just type your destination into the destination bar", and really could not cope with the reply - in all seriousness - of "what destination?")
Cheers,
Posted Jul 25, 2024 15:14 UTC (Thu)
by pizza (subscriber, #46)
[Link] (13 responses)
True, except it's not technically "removed" so much as "to keep using the cloud functionality you need a newer client".
> A *basic* satnav - one that shows me where I am, and the traffic around me, without demanding to know where I'm going.
Google maps does that reasonably well; you can turn on the traffic overlay without having a destination.
(And even for navigation, OSM works quite well though of course it has no way to know about current traffic conditions, because OSM is "software", not "service". And it turns out that most folks actually want the latter)
FWIW Google Maps is the only 3rd party non-communication service I use. I self-host everything else, and nearly all of the installed software comes via f-droid..
Posted Jul 25, 2024 15:49 UTC (Thu)
by khim (subscriber, #9252)
[Link]
Precisely. And there are no free services: if you're not paying for the product, you are the product — it's as simple as that. Software can be bought once and there are plenty of free software, but services have to be paid for on the ongoing basis. And if you are not paying for services with your money then you have to be prepared to pay with your time.
Posted Jul 25, 2024 19:16 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (10 responses)
You certainly USED to be able to do that. But the way you used to be able to do it has disappeared, and I haven't discovered a new way. I can't get the map full screen any more, and the phone goes to sleep after a minute or so. In other words, it's useless ...
Cheers,
Posted Jul 25, 2024 19:34 UTC (Thu)
by khim (subscriber, #9252)
[Link]
If this article is to be believed you still should be able to do that. Just use old Google Maps client app.
Posted Jul 25, 2024 20:36 UTC (Thu)
by mjg59 (subscriber, #23239)
[Link] (8 responses)
Posted Jul 26, 2024 11:14 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (7 responses)
I've got the search bar with a mike, something that does nothing, and the circle with my picture. On the old version, I think it had the three horizontal bars in the place of the circle with my picture - they did pretty much the same thing. The old version had "driving mode", which was exactly the same as navigation but didn't navigate.
Now why is it people hate an ever-changing UI again???
Cheers,
Posted Jul 26, 2024 11:28 UTC (Fri)
by khim (subscriber, #9252)
[Link] (6 responses)
That's strange, because official Google help mentions said layers button, shows the picture of that layers button and on my phone it looks exactly like on that page, just an inch or so below your account picture.
Posted Jul 26, 2024 12:32 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (5 responses)
Thanks khim, found the layers icon. But that tells me how to display traffic on the map.
What I used to be able to do, and now cannot, is (a) display the map, and (b) KEEP IT DISPLAYED.
When I start Maps, it displays the map with loads of crud. Way back when, when I selected driving mode, the map went full screen and disabled the screen saver, just like when you're navigating. Now, I can't get the map full screen, and the phone goes to sleep after a minute or so.
So basically I want it to behave just like I'm navigating somewhere, but I'm not navigating, just driving. A lot of the time (a) I know the route well so I don't want the satnav "knowing better", I just want to know what the traffic is like on my chosen route. And (b) when there IS a problem, I can't trust the satnav anyway. Last time that happened it tried to divert an entire two-lane motorway down a single-track country lane !!!
Cheers,
Posted Jul 26, 2024 12:56 UTC (Fri)
by khim (subscriber, #9252)
[Link]
Maybe. That's service, not a software. And you either pay for service or you are the product to be sold to advertisers. You should still be able to do that if you'll find old phone and old version of Google Maps somewhere. Google maps is sort of exception from the rule that you need latest client to access it. Not because they want to support old clients, but because they have to: there are some people who actually pay for that service, even if indirectly, via car-makers — these are actual users, they are not a product to be sold to advertisers and thus these people can enjoy stability. You could piggy-back on that. But yes, it's very much an exception, not rule. Most of the time service providers don't even give an option to keep service access interface stable, not even for $$.
Posted Aug 3, 2024 6:33 UTC (Sat)
by cpitrat (subscriber, #116459)
[Link] (1 responses)
I also have an app called caffeine installed which provides a button in the shortcuts at the top (where you can activate wifi, torch, ...) to prevent the screen from turning off for a given amount of time (I set 1h by default but this can be tuned).
It could be better, but it kind of works.
You can thank telemetry for the disappearance of features. Nobody [1] uses it? Remove the feature[2]
[1] for Google "Nobody" means less than a billion users
[2] in some cases, this is very similar reasoning to not building cycle lanes because there are no bikes on the road. Or not building a bridge over a river because nobody crosses swimming. The feature may not be used because people don't know it exists. Sometimes, users even want it but don't find it. Unfortunately, telemetry is often used poorly ignoring this kind of bias. Another example is A/B testing a change measuring adoption, ignoring the existing user base. Or measuring "user engagement" by how long users spend on the app, meaning a change that confuses them and make something that used to be quick take longer is seen as positive. All this seems stupid and obvious, and yet I've seen teams of experienced engineers and PMs fall into this trap and even discard any concern. The metrics had become the objective for them.
Posted Aug 3, 2024 9:09 UTC (Sat)
by Wol (subscriber, #4433)
[Link]
Which is why, despite officially working at head office, I spend a lot of time "driving a desk" down the yard. I chat to the people at the sharp end.
I think Barclays have just fallen in to this trap, their "new improved" web site is a PITA of more clicks, less information, harder to read, ... etc etc.
And there's no way to give any feedback! I'd have thought a quick survey for logged in users wouldn't be that hard ...
Cheers,
Posted Aug 9, 2024 22:00 UTC (Fri)
by dswegen (guest, #4431)
[Link] (1 responses)
Posted Aug 12, 2024 21:56 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
That looks exactly like what I was looking for. So if it's still available as a widget, why on earth did they delete it from Maps itself? Oh well ...
And you can't find it (well I couldn't) by googling for it :-(
Cheers,
Posted Jul 26, 2024 10:35 UTC (Fri)
by paulj (subscriber, #341)
[Link]
Posted Jul 25, 2024 18:11 UTC (Thu)
by NYKevin (subscriber, #129325)
[Link]
Assuming you're using something based on Chrome, type chrome://settings/content/notifications into your URL bar (I can't link it, because the link would not be clickable anyway), and select "Don't allow sites to send notifications." Now, if a site tries to trigger the "enable notifications" prompt, it just gets auto-denied and the user never sees anything.
Unfortunately, this does not fix everything, because a malicious site can still display whatever it wants within the DOM, and so it can tell the user to e.g. add an exception for this individual site (which can be done by clicking the button at the left side of the URL bar and toggling the notifications switch). But it's a significant improvement, and at least it prevents non-malicious-but-spammy sites (such as news websites) from bothering you with the notification prompt.
Also of note:
* You can do the same for sound at chrome://settings/content/sound, but this will be more intrusive because there are some sites that probably should be allowed to play sounds (e.g. most streaming music/video services), so you will have to allowlist those individually.
Posted Jul 25, 2024 6:10 UTC (Thu)
by pmenzel (subscriber, #113811)
[Link]
Posted Jul 25, 2024 7:29 UTC (Thu)
by tjasper (subscriber, #4310)
[Link]
I don't know if it's feasible to collect telemetry like that but that seems to me to be a good compromise, much like the donation dialogs, and the project would then benefit from good known telemetry data that users have consciously agreed to send. I guess full details and/or links explaining what has been collected, where it's going and why would have to be part of the dialog. Again, much like explaining where donations are spent, explaining where the telemetry is being used and how that improves the product would surely benefit both the project and the users, and at the end of the day, the users get to make conscious decision about the telemetry every few months.
Just my $0.02-worth
Posted Jul 25, 2024 12:13 UTC (Thu)
by aragilar (subscriber, #122569)
[Link] (2 responses)
Posted Jul 25, 2024 14:19 UTC (Thu)
by khim (subscriber, #9252)
[Link] (1 responses)
I guess they just use an OS used for donation form filling. Some people may be Windows users who are donating via Linux system or the other way around, but I don't think we need much telemetry to assert that such cases are not too numerous.
Posted Jul 26, 2024 3:59 UTC (Fri)
by aragilar (subscriber, #122569)
[Link]
Posted Jul 25, 2024 21:08 UTC (Thu)
by decaffeinated (subscriber, #4787)
[Link] (15 responses)
Posted Jul 25, 2024 21:54 UTC (Thu)
by pizza (subscriber, #46)
[Link] (14 responses)
Yeah, how dare Thunderbird require the same information as any other online financial transaction?
"Payment Processing: When you purchase something via a Mozilla website, contribute funds or make donations, you will send payment through one of our third-party payment providers: Stripe, Apple Pay, PayPal, Venmo or Google Pay. Mozilla receives a record of your account (including your billing address and the last four digits of your payment method) and (where relevant) the status of your account’s subscription; we may also receive your name, mailing address, and/or email address. This data is used for payment processing, fraud detection and record-keeping purposes. "
Posted Jul 25, 2024 22:13 UTC (Thu)
by decaffeinated (subscriber, #4787)
[Link] (13 responses)
If some entity wants my home address for a donation, they're going to get garbage.
Posted Jul 25, 2024 22:43 UTC (Thu)
by pizza (subscriber, #46)
[Link] (12 responses)
They don't care about the *home* address; the *billing* address of the account is all that matters.
Your credit card merchant will give you better [1] rates with verified addresses because it greatly cuts down on fraud.
For charities this doesn't matter as much (as they usually operate under an "any money is better than no money" attitude and most have a very high fundraising overhead) but when you're trying to run an actual business, the rate difference can mean the difference between profit or loss.
Meanwhile, US-based entities are legally required to not do business with BadPersons and BadPlaces, and have to be able to prove they undertook at least a minimal amount of diligence should the government come knocking.
Posted Jul 26, 2024 11:41 UTC (Fri)
by kleptog (subscriber, #1183)
[Link] (11 responses)
I see this mostly on US sites. Everywhere else when I use my credit card it just asks for a 2FA (which is usually an app on your phone, or SMS), which also cuts down on fraud and doesn't require telling the payment processor where I live.
Posted Jul 26, 2024 12:26 UTC (Fri)
by pizza (subscriber, #46)
[Link] (10 responses)
News flash: Organizations have to follow local laws and regulations, and those tend to be quite strict (and voluminous) when money is involved.
> when I use my credit card it just asks for a 2FA (which is usually an app on your phone, or SMS)
That partially [1] addresses the fraud aspects; it doesn't address the "doing business with a sanctioned entity and/or country" aspects.
[1] SMS is nearly worthless as a 2FA mechanism, Putting aside fundamental flaws in its signalling protocol, if someone steals your phone (or force-ports your phone number), you're pretty much screwed, as countless cryptobros have discovered. App-based 2FA fares little better.
Posted Jul 30, 2024 6:45 UTC (Tue)
by LtWorf (subscriber, #124958)
[Link] (9 responses)
How?
If someone steals your phone you have got the same problem.
Even worse actually because you can report a SIM card as stolen and deactivate it, while you can't do that with a seed and a clock.
Posted Jul 30, 2024 15:17 UTC (Tue)
by DanilaBerezin (guest, #168271)
[Link] (8 responses)
Posted Jul 30, 2024 15:22 UTC (Tue)
by farnz (subscriber, #17727)
[Link]
You don't even need to do a SIM swap; if you have sufficient access to the SS7 signalling network, you arrange for all SMS to a given number to route via your systems. And as they're unencrypted, you get to inspect the contents before forwarding them to the original recipient.
This particular hole is going to go away eventually - once there are no more 2G or 3G networks anywhere in the world, nobody will consult SS7 systems as part of SMS handling - but not in the next decade or so. LTE and later standards can avoid this particular hole, because they can do everything via IMS (over IP), which has been secured a lot better than SS7 was (SS7's "security" is "only trusted telcos have access - and no-one working for a telco would ever do a bad thing").
Posted Jul 30, 2024 15:47 UTC (Tue)
by paulj (subscriber, #341)
[Link] (6 responses)
The time interval is almost always easily obtainable, in rare cases it is not, there's a few common values. Current time is known.
Posted Jul 30, 2024 16:10 UTC (Tue)
by pizza (subscriber, #46)
[Link] (5 responses)
If someone steals or otherwise gains access to your phone when it's not locked (and sometimes even if it is locked if you have sufficient resources to expend on unlocking it quickly) they typically will get full access to your 2FA/TOTP client _and_ the communication channels that are typically used to reset credentials.
(Most "2FA clients" don't have any access control, such as an additional PIN. Worse, some are effectively "new account sign-in request, tap here to grant access" tissue paper)
In other words, when the 2FA device is the also the communication device, you've reduced your 2FA effectively to 1 (if not 0) FA for many attack scenarios.
(Granted, this is more of a problem for the device owner should it get damaged, lost, or stolen -- how do they regain legitmate access? And how can that necessary backchannel not become the weak attack vector?)
Posted Jul 30, 2024 16:21 UTC (Tue)
by paulj (subscriber, #341)
[Link] (1 responses)
However: FreeOTP+ lets you set "authentication", which means you must pass system authentication (e.g., system PIN unlock, or whatever you have configured) to open the app. If you are diligent about swiping-away/closing FreeOTP+ once you're done with it, this can give an additional layer of protection from general-case phone-stolen-while-unlocked.
I assume anyone with TOTP codes protecting anything important is using an app with such security, and has it enabled.
Posted Jul 30, 2024 17:54 UTC (Tue)
by mb (subscriber, #50428)
[Link]
I don't use any of the "normal" apps.
TOTP is trivial to implement in a few dozen lines of Python code:
You can quickly write an authenticator with any additional access control and security guarantees that you want. (or just use mine ;-)
And an attacker probably won't know that it's there, if you wrote it by yourself.
Posted Jul 31, 2024 13:12 UTC (Wed)
by kleptog (subscriber, #1183)
[Link] (2 responses)
The threat model is someone has downloaded or somehow otherwise captured a whole lot of usernames/passwords and is trying them on all sorts of websites. For that 2FA works perfectly because they don't have your phone. They don't even know who the users are so couldn't find the phone even if they wanted to.
Against targeted attacks 2FA is obviously less useful, though still a step up from the example that started this conversation, which is asking people to include their zipcode when using a credit card.
You don't need to outrun the leopard, you just need to be faster than the next person.
(The bank's 2FA does require a biometric or separate pin code to unlock.)
Posted Jul 31, 2024 13:31 UTC (Wed)
by somlo (subscriber, #92421)
[Link] (1 responses)
Keeping the specific threat model in mind is important, and unfortunately underrated. When we lose track of that, we end up looking for *perfect* security that's somehow also palatable to the average normie user, which so far hasn't happened.
It's important to distinguish between the zombie that's chasing after *you* specifically, in which case you need to prepare by focusing on Rule #1 (Cardio) -- vs. a bear that's just chasing after *lunch*, in which case outrunning the poor sod next to you is perfectly adequate. :)
I find this very insightful on the topic: https://scholar.harvard.edu/files/mickens/files/thisworld...
Posted Jul 31, 2024 15:14 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
It's also worth being realistic about the outcome of defending against a specific threat; I can promise you now that if a sufficiently capable bad actor has taken me and my family hostage, and is going to kill us all if we don't give the bad actor everything they need to get into my accounts, that they're getting what they ask for, because the consequence of not giving them everything is bad enough that I don't want to risk it.
There is, of course, a relevant XKCD comic about this, with the bad guys not giving up because the computer security is too good, but instead assaulting the computer owner to get access, and we forget that observation at our peril.
Posted Jul 25, 2024 22:48 UTC (Thu)
by tokudan (guest, #104407)
[Link]
Mozilla has a bad reputation with telemetry, which is why so many people disable it by default. Give them the chance to allow telemetry again!
Posted Jul 27, 2024 16:43 UTC (Sat)
by DanilaBerezin (guest, #168271)
[Link] (16 responses)
Very simple solution that doesn't involve the violation of trust and autonomy of your users: prompt them to turn it on on installation/first use.
Posted Jul 27, 2024 20:37 UTC (Sat)
by pizza (subscriber, #46)
[Link] (15 responses)
According to that methodology there are exactly 234,284 Debian installations world-wide.
That's less than the number of unique publicly-facing web servers that claimed to run Debian.... two decades ago.
Care to revise your statement?
Posted Jul 27, 2024 21:29 UTC (Sat)
by DanilaBerezin (guest, #168271)
[Link] (14 responses)
My solution was a proposed middle ground between a silent opt in telemetry users don't even know exists and evil opt out telemetry. I never claimed it was a perfect solution without flaws (because such a thing does not exist) and I never said it was a complete solution. But I know it is *a* solution to the problem that is talked about in the article.
Posted Jul 27, 2024 22:50 UTC (Sat)
by pizza (subscriber, #46)
[Link] (13 responses)
Exactly what violations of user consent are being alleged here?
> In the real world your statistics will never be accurate,
Nor does anyone ever expect them to be. The question, as always, is if they are "accurate enough".
> My solution was a proposed middle ground between a silent opt in telemetry users don't even know exists and evil opt out telemetry.
In other words, you didn't even read the proposal.
If you had read it, you would have seen that it requires the user to explicitly consent before any data leaves the local system.
If you don't trust Fedora (and/or the the various upstreams and individual developers) to be honest about what they're doing, under what basis are you accusing them of bad faith, especially when the software in question (along with the entire source-to-deployed-binaries pipeline) is fully open for inspection?
Posted Jul 28, 2024 0:51 UTC (Sun)
by DanilaBerezin (guest, #168271)
[Link] (12 responses)
Opt out telemetry means that data is sent from a users computer by default, whether they consent to it or not. Hopefully the violation of consent here is self explanatory.
> If you don't trust Fedora (and/or the the various upstreams and individual developers) to be honest about what they're doing
Who said anything about Fedora or it's proposals? Fedora's proposal is opt in, and I have absolutely zero issue with that. The speaker in the article is a product manager at mozilla, advocating that:
1. Thunderbird's opt out telemetry policy is justified.
Mozilla =/= the developers of their open source software and it's entirely reasonable to not trust them. Either way, my personal opinion on Mozilla and their trustworthiness is irrelevant. User's should have 100% control of their machines and opt-out telemetry is in direct violation of that principle.
Posted Jul 28, 2024 12:18 UTC (Sun)
by pizza (subscriber, #46)
[Link] (8 responses)
Nope, it is not "100% the right thing for them to do in this case."
Maybe it is 99%, maybe it's 20%. But it's not 100% because there are clear benefits to doing so. That you disagree about the relative importance of those benefits does not mean those benefits do not exist.
> Mozilla =/= the developers of their open source software and it's entirely reasonable to not trust them.
Uh, WTF? Who do you think adds/commits code into "their open source software" if not "developers"?
Meanwhile. I have yet to read any specific objections to what Thunderbird claims to collect or if any PII is part of it. Whether or not you "trust" anyone involved, the source code of Thunderbird is F/OSS in every sense, and can be inspected to confirm that it does what its developers claim it does.
> User's should have 100% control of their machines and opt-out telemetry is in direct violation of that principle.
You can "should" all you want, but the harsh reality is that "100% control" hasn't been true since the WIPO copyright treaties of 1996 (making DRM legally enforceable) were ratified and subsequently enacted by nearly every nation on this planet. But even before that treaty made it effectively illegal to break the flimsiest of digital locks, nearly every computing device on the planet already had some degree of proprietary software embedded into it that the "user" has no meaningful control over.
Meanwhile, when you use a computing device you do not own, or use that device to connect to any external service (ie "someone else's computer") by definition you do not have "100% control" of anything. I can promise you that far, far, far more data (and personally identifiable at that!) is leaked (if not outright collected by every intermediary) with every email you send or receive than Thunderbird's documented telemetry can possibly gather.
Posted Jul 28, 2024 14:07 UTC (Sun)
by DanilaBerezin (guest, #168271)
[Link] (7 responses)
It's 100% because it's unethical to do so. Not because there are no benefits.
> Uh, WTF? Who do you think adds/commits code into "their open source software" if not "developers"?
Read again: Mozilla =/= developers
> You can "should" all you want, but the harsh reality is that "100% control" hasn't been true since the WIPO copyright treaties of 1996 (making DRM legally enforceable) were ratified and subsequently enacted by nearly every nation on this planet. But even before that treaty made it effectively illegal to break the flimsiest of digital locks, nearly every computing device on the planet already had some degree of proprietary software embedded into it that the "user" has no meaningful control over.
Yes and all those things are unethical too. The fact that there are already a lot of evil things in the world doesn't mean we should just be okay with other evil things being introduced.
Posted Jul 28, 2024 15:22 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (6 responses)
And who defines "ethical"? In this case, it's clearly you, which is in itself unethical. You are defining the scenario to your benefit.
> Yes and all those things are unethical too. The fact that there are already a lot of evil things in the world doesn't mean we should just be okay with other evil things being introduced.
And again, who is defining "evil" here? You are!
The fact is, "ethical" and "evil" are social constructs defined by the requirement for us to be able to live together with each other. I'm sure you would disagree with the fact I would define "Freedom of Speech" and "The right to seek happiness and wealth" as unethical, but it's an objective fact that both of these (as practiced by America today) are actively harmful to the majority!
And - in almost all cases - you fall foul of the "pick two, pick any two" dilemma. Is it unethical for other people to pick a different two to you?
You're effectively saying "I'm the most important guy in the world - nobody else deserves any say". That may be ethical and morally correct for you, but I bet everybody else in the world would beg to differ!
Cheers,
Posted Jul 28, 2024 17:43 UTC (Sun)
by DanilaBerezin (guest, #168271)
[Link] (3 responses)
Posted Jul 28, 2024 19:07 UTC (Sun)
by DanilaBerezin (guest, #168271)
[Link]
*like pushing opt-out telemetry
Posted Jul 28, 2024 22:26 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (1 responses)
So you consider it evil and unethical to break into a hijacked computer, in order to stop it being used in ransomware attacks? Because without the consent of the owner you can do nothing?
Life is not black and white. The Synnovis ransomware attack has had a massive - and seriously damaging - impact on my family ...
Cheers,
Posted Jul 28, 2024 23:00 UTC (Sun)
by DanilaBerezin (guest, #168271)
[Link]
Posted Jul 30, 2024 6:51 UTC (Tue)
by LtWorf (subscriber, #124958)
[Link] (1 responses)
Uh?
Saying "I don't want this to be done to me" and saying "I want this thing to be forbidden for everyone" are not the same.
I don't think there's any request to completely remove telemetry from everyone's computers here.
There is a request to ask for consent before doing things that clearly many people don't want done to them. And of course you can't give consent if you're not informed.
Posted Jul 30, 2024 7:22 UTC (Tue)
by Wol (subscriber, #4433)
[Link]
The GP says "this is 100% wrong". Given that ethics and morals are inherently a grey area, saying something is "100% wrong" IS forbidding it for everyone (which is, itself, wrong!!!)
Cheers,
Posted Jul 28, 2024 12:23 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (2 responses)
It's also illegal in many jurisdictions. Doesn't matter whether it's PII or not. If I'm on a metered internet connection, and I don't know it's happening, it's "theft of electricity" or something like that. (Google Prince Philip and the Ceefax scandal or whatever it was back in - iirc - the 1980s.)
(Okay, the chances of it being prosecuted are probably the wrong side of zero, but never mind ... :-)
Cheers,
Posted Jul 28, 2024 12:34 UTC (Sun)
by pizza (subscriber, #46)
[Link] (1 responses)
Even in the EU, automatic opt-out data collection is not inherently illegal.
> If I'm on a metered internet connection, and I don't know it's happening, it's "theft of electricity" or something like that.
So... if you don't want your email client to send or receive data, then switch it off and don't use it?
Posted Jul 28, 2024 13:28 UTC (Sun)
by Wol (subscriber, #4433)
[Link]
I don't want it to send or receive data I DON'T KNOW ABOUT. Big difference.
By my definition, spam is also illegal. Doesn't stop the authorities doing nothing about it.
It's like trespass, in the UK at least. The law defines trespass - aka being on someone else's property - as illegal. But it doesn't care about it. It presumes that the property owner will grant retro-active permission.
But if the trespasser knew - or should have known - that permission would not be granted, it is THAT that is the serious offence. That is why there are notices "Trespassers will be prosecuted" - it places people on notice that retroactive permission will NOT be granted. So what would have been treated as an "innocent incursion" becomes a criminal offence.
So using my internet connection, to send telemetry data that you have reason to suspect I would be unhappy about if I knew, is in principle exactly the same as Criminal Trespass (which is classed as "the same sort of thing as burglary").
Cheers,
Posted Jul 27, 2024 16:53 UTC (Sat)
by tdz (subscriber, #58733)
[Link]
Posted Jul 28, 2024 16:50 UTC (Sun)
by KJ7RRV (subscriber, #153595)
[Link] (5 responses)
Posted Jul 28, 2024 23:51 UTC (Sun)
by somlo (subscriber, #92421)
[Link] (4 responses)
Re-enable by whom? If it's by the end user, that's just a deliberate "opt-in", which nobody should have anything against.
If we're talking by the original software author, then, thank $deity, it's Free/OpenSource, so any intermediary (like e.g., a distro) could modify that source, rip out the re-enable-telemetry-after-distro-disabled-it functionality, and redistribute so modified copies to their downstream.
This would be an example of why distros are a *good* thing, when they advocate on behalf of their users when users' interests are at odds with those of upstream software authors.
Posted Jul 29, 2024 20:35 UTC (Mon)
by KJ7RRV (subscriber, #153595)
[Link] (3 responses)
Posted Jul 29, 2024 20:49 UTC (Mon)
by pizza (subscriber, #46)
[Link] (2 responses)
Assuming your distro didn't patch it out altogether (highly unlikely), this should just be a matter of turning the default back on. See this page for the specifics:
https://support.mozilla.org/en-US/kb/thunderbird-telemetry
(That page also shows how to examine the gathered data, for those that want to ground this discussion in facts rather than conspiratorial hand-waving)
Posted Jul 30, 2024 1:53 UTC (Tue)
by KJ7RRV (subscriber, #153595)
[Link] (1 responses)
Posted Jul 30, 2024 14:48 UTC (Tue)
by pizza (subscriber, #46)
[Link]
It looks like you're going to have to either run an upstream-provided binary [1] or compile your own. [2]
You might consider filing a bug ticket against your distro's package requesting that instead of completely disabling telemetry capabilities, they leave it in but set the default to off.
[1] Obtainable via Snap and Flathub, and from thunderbird.net directly.
Posted Aug 1, 2024 8:46 UTC (Thu)
by callegar (guest, #16148)
[Link] (4 responses)
IMHO, there are two threats that could rapidly lead to the redeath, though, and both are serious.
The first one is on the side of the email client itself. The mass of archived email is constantly growing and Gmail has taught everybody never to delete email. Email clients must remain fast and *practical* enough even where the folders are huge. Thunderbird currently fails on the practicality side. When you search email, the message list view often starts "jumping" all around (see https://www.reddit.com/r/Thunderbird/comments/176y7z8/kee... or https://bugzilla.mozilla.org/show_bug.cgi?id=1827042 or https://bugzilla.mozilla.org/show_bug.cgi?id=1860875). On the speed side, it is a bit on the boundary (still on the good side, because web-mail interfaces are slow themselves).
The second and more serious one is on the providers' side. In many cases they have stopped serving IMAP altogether. For instance, schools in Italy provide an email address to students used for parents to receive communications from the school, but you can only access that from the provider web mail interface (often gmail). This was already discussed on lwn. While the matter involves many aspects, most of it has ultimately to do with "what email is". Apparently, many institutions/companies, etc would like email to be "revokable" and to be able to "remove" what you have already received. This is clearly diverging from the original concept of email as the electronic counterpart of physical mail. Clearly, anything that helps local email storage is undesired in this model, in which there is no space for thunderbird or any other email client.
Posted Aug 1, 2024 18:47 UTC (Thu)
by madscientist (subscriber, #16861)
[Link] (3 responses)
I work with email the same way in all the accounts including creating folders and filters to automatically sort mail, my calendar shows the sum of appointments on all the different calendars, email To: lines auto-complete from all the contact lists, etc. You can also download and store mail to access locally and remove it from server storage, if needed.
I will admit I'm not sure whether Evo's GMail support relies on GMail IMAP being enabled or not, but ultimately if you have a browser that can access your email then it can also be accessed by an email client, pretending to be a browser (I'm not saying this is how it works, but it COULD work that way if there's no better option).
I've not tried Thunderbird in many years so I don't know if it's kept pace. But this capability is still available, in at least some places.
Posted Aug 1, 2024 21:48 UTC (Thu)
by pizza (subscriber, #46)
[Link] (2 responses)
Only if your "organization" allows external client access..
Many do, many don't. Anectdotally the trend is towards the latter.
> I will admit I'm not sure whether Evo's GMail support relies on GMail IMAP being enabled or not
It does not, but it still relies on API access that your organization admin can disable.
Posted Aug 9, 2024 13:58 UTC (Fri)
by smurf (subscriber, #17840)
[Link] (1 responses)
… or can they disable that too?
Posted Aug 9, 2024 14:12 UTC (Fri)
by pizza (subscriber, #46)
[Link]
They not only can, but do, and IMO should.
Putting aside the obvious security concerns, it's also a spam vector.
Posted Aug 1, 2024 23:20 UTC (Thu)
by raven667 (subscriber, #5198)
[Link]
Excellent keynote
Excellent keynote
How to tell what telemetry is trustworthy?
How to tell what telemetry is trustworthy?
If a first-run dialog asks whether it's ok to collect some data, I'm usually fine with it. Especially given that somehow the people implementing it that way tend to also include a list of what will be collected.
Telemetry
Telemetry
Telemetry
Telemetry
Wol
Telemetry
Telemetry
Telemetry in KDE, Thunderbird, and Mozilla's public-telemetry datasets
- Basic system info, which is really a couple version numbers and the name of the distro
- The above plus basic usage statistics, which include usage times.
- The same with more system info, like some hardware details
- And all the above with full usage stats.
Now there is a reasonable argument that it's too complicated to have multiple levels and to list what is being collected, but it makes for a salient point of comparison.
English is not my first language, so I must apologize for what is my misunderstanding. But I have to admit reading this impassioned statement on privacy did not prepare me to expect a silent, opt-out implementation of telemetry.
By contrast with KDE, I'm much less inclined to trust an opt-out being pushed with a slightly cavalier attitude about consent and no clear idea of what is being sent.
If the project feels the data they collect is not sensitive, such that they feel they can collect it without consent, then committing to making your telemetry public would be a way of keeping yourself honest, and a good-faith show of transparency all at once?
Telemetry must be opt-in
Great
Evolution works better for me
I thought Evolution was dead
UI and elderly users
UI and elderly users
Wol
UI and elderly users
UI and elderly users
UI and elderly users
Wol
UI and elderly users
> And it turns out that most folks actually want the latter
UI and elderly users
UI and elderly users
Wol
UI and elderly users
UI and elderly users
UI and elderly users
Wol
UI and elderly users
UI and elderly users
Wol
> And we're talking past each other again...
UI and elderly users
UI and elderly users
UI and elderly users
Wol
UI and elderly users
UI and elderly users
Wol
UI and elderly users
UI and elderly users
* There are quite a few other toggles you can play with at chrome://settings/content, including an option to globally disable third-party cookies.
* I'm not sure how Firefox or Safari do this, but I imagine they probably have analogous settings, at least for notifications.
* I work for Google, but not on Chrome. Opinions/suggestions are my own.
Recording of keynote
How about telemetry like the ads that ask for donations
What donation information is tracked?
What donation information is tracked?
What donation information is tracked?
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
SS7 network and SMS hijacking
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
>and has it enabled.
https://github.com/mbuesch/pwman/blob/master/libpwman/otp.py
Some donation data prompts are nasty
Some donation data prompts are nasty
Some donation data prompts are nasty
Telemetry again...
Why is opt-out the only way they want telemetry?
Add a page to the settings with these options for telemetry:
- Automatically send
- No
- Manual (with a textbox showing the exact data that will be sent and a "Send now" button)
On first run just ask! If you want to be fancy, remind the user e.g. once a month if telemetry is set to manual.
Opt-out telemetry
Opt-out telemetry
Opt-out telemetry
Opt-out telemetry
Opt-out telemetry
2. That distros should stop circumventing that policy by packaging the software with telemetry disabled by default, which mind you is 100% the right thing for them to do in this case.
Opt-out telemetry
Opt-out telemetry
Opt-out telemetry
Wol
Opt-out telemetry
Opt-out telemetry
Opt-out telemetry
Wol
Opt-out telemetry
Opt-out telemetry
Opt-out telemetry
Wol
Opt-out telemetry
Wol
Opt-out telemetry
Opt-out telemetry
Wol
Fantastic talk and article.
Re-enabling telemetry
Re-enabling telemetry
Re-enabling telemetry
Re-enabling telemetry
Re-enabling telemetry
Re-enabling telemetry
[2] Perhaps by taking your distro package and removing the "Telemetry removal" patch?
Rebirth of the email client
Rebirth of the email client
Rebirth of the email client
Rebirth of the email client
Rebirth of the email client
>… or can they disable that too?
Thunderbird LIVES