- cross-posted to:
- firefox@lemmy.ml
- technology@lemmy.world
- news@lemmy.linuxuserspace.show
- cross-posted to:
- firefox@lemmy.ml
- technology@lemmy.world
- news@lemmy.linuxuserspace.show
Mozilla Corp., which manages the open-source Firefox browser, announced today that Mitchell Baker is stepping down as CEO to focus on AI and internet safety as chair of the nonprofit foundation. Laura Chambers, a Mozilla board member and entrepreneur with experience at Airbnb, PayPal, and eBay, will step in as interim CEO to run operations until a permanent replacement is found.
Official Blog Post: A New Chapter for Mozilla: Focused Execution and an Expanded Role in Charting the Internet’s Future
I’m no cryptography expert but I don’t see how they could implement this with true anonymity or without it being spoofed in other browsers. There is currently no way to know with absolute certainty what browser/client web traffic is actually coming from and game anti-cheat devs will probably tell you it’s a nightmare of a problem.
The way I see this working is making it a Mozilla account thing and not a Firefox thing through some sort of stateless cross-origin cookie the sites agree to support. But then, you’re giving up at least some privacy because even if the sites you visit don’t know who you are, you’ll still have to trust that Mozilla is logging anonymized visit counts and that some CEO 5 years from now isn’t going to change that for a quick buck.
Maybe I’m just out of my depth here and someone’s gonna correct me (please do if I’m wrong).
Here’s the way I see it working:
Each week (or more often), you get a new signed token with no reference to the old signed token. In the event that you use more than your agreed-on balance, you must pay the difference or you won’t get a new token. So here’s the information each party needs to know:
The only way Mozilla could know your identity is by sending data from your browser that links id info (i.e. Mozilla account details) with that stable payment id. Mozilla could even move the stable id and token generation to a separate legal entity entirely (say, an extension) with publicly audited data transfers w/ Mozilla, and Mozilla just gets a summary from each client (unrelated to the payment id, signed by the extension) so they know which sites were visited with what frequency. They would get a bill from sites based on usage, which they’d compare with the data collected from individual browsers to sort out payment.
In terms of user experience, you’d just get a prompt from the extension asking whether you’d like to see ads and the cost, and if you choose ads, the header would include that info as well (i.e. process this payment token as ads or cash) and Firefox would serve privacy-respecting ads from Mozilla’s domain.
I haven’t fully ironed out the details, but I think this proves feasibility.