I'm not a fan of telemetry in any browser (I love Lynx because of this), but Mozilla is definitely more trustworthy than Google or Microsoft.
Edit: I'm not saying that Lynx should be a daily driver or that it's more secure, but it's a neat little project that avoids some of the bad patterns in modern browsers.
Taking stock of the connected devices and software that I am familiar with, I'd say there is a strong correlation between detailed user tracking and worse UX. It seems weird at first glance but I think there are some solid explanations for why that might be.
Data analysis is difficult to perform and understand well. It is easy to draw mistaken conclusions or to twist results to show the conclusion a person wants, and using detailed numbers can lead to a false sense of confidence in the results.
Companies are first and foremost optimizing for their benefit, not the user. Detailed tracking can uncover interesting ways for a company to make more money at the expense of the user.
Others have answered this, but I just wanted to point out the software devs have been managing to understand how their products are used for improvement purposes from long before telemetry was a realistic possibility.
Telemetry doesn't make it possible, it makes it less expensive.
Do you think it is the same asking a small subset of users than having info on all the users? I work as a Product Manager, and trust me, it is not the same.
How are companies that aren't software vendors and aren't able to spy on their customers able to do it? Did software companies not have good ways to do this before spying on their users?
1 and 2 are problematic because it's very hard to get representative data from either one. The people who have time for user studies or post on your forums are not representative users.
Only listening to data from 1 & 2 results in the sort of angry posts you frequently see on HN complaining that devs aren't listening to "real users" or have the wrong priorities.
You end up needing data from additional sources, telemetry being one of them.
You do not need it. This is a really weird attitude. Until like the late '00s "telemetry" was, full stop, spyware (still is, for those of us who didn't shift our attitudes with the prevailing winds). I wouldn't say that responsiveness to user needs and desires has improved since then, in software design.
But what is the problem? That I can know that you press the print button? That you chose the Edit menu? I really don't see the problem. Please, explain, I really want to understand.
You don't see the problem of someone recording the actions you take using your own computer in your own home or office? It's like having a stranger sitting over your shoulder watching you. It's creepy and weird, and it's gross that people try to do it at all.
It's one thing to argue over whether basic user facing software like an image compressor or a text editor should have telemetry, but a web browser is one of the least controversial scenarios for telemetry I can imagine. It is constantly sending and receiving data on your behalf with hundreds or thousands of servers spread across the internet as a user agent. Your usage patterns - i.e. is it crashing, is the feature you're trying to use failing to work for some reason, is it rendering at a good framerate, is it running out of memory, are you having trouble finding the information you're looking for - are going to be incredibly complex and specific to you.
Significant bugs can affect only 1% or 0.1% of a browser's userbase but at Chrome scale or even Firefox scale that's like a million people. If you don't have telemetry it is REALLY hard to hear from those people about their problems and understand them. There simply are not alternative solutions that work half as well as opt-in (or opt-out) telemetry. People who say web browsers don't need telemetry are simply ignorant of what it's like to ship one and try to keep it working in the face of a constantly shifting environment - broken drivers, broken VPNs, malicious websites, malicious extensions, broken hardware, and users who are confused or tired or simply just bad at using software. No one is speaking on their behalf, you have to dig their suffering out of the data by looking at crash reports and performance metrics.
Shipping a web browser used by a million (or a billion) users means that you have a responsibility to do a good job. If your browser is not well engineered and reliable and responsive to users' needs that can result in data breaches or third-party server outages when your browser misbehaves or incorrectly channels user intent.
I'm personally a fan of making usage telemetry opt-in instead of opt-out, but browsers are a case where I don't opt out because I know how important the data is for browser vendors to make informed decisions.
This is of course different from sending your browsing history to Google, Microsoft, or any other company. I encourage people not to opt in to that stuff and not to sync their history/bookmarks/etc to those companies.
> It's one thing to argue over whether basic user facing software like an image compressor or a text editor should have telemetry, but a web browser is one of the least controversial scenarios for telemetry I can imagine. It is constantly sending and receiving data on your behalf with hundreds or thousands of servers spread across the internet as a user agent.
It's probably no accident that spying on users got popular just as this became the case. Constant network traffic while web browsing didn't start to become the norm until late in the '00s, either. If you weren't clicking links, you could often open Wireshark or sniff with Netcat and see nothing. Not from your browser, not from anything. Certainly ~nobody was collecting heatmaps of where you move your mouse, or firing a network request if you selected text. Or recording entire user sessions for playback, or so you can watch them live (god, those tools are creepy as hell)
The prevalence of "every app you use is a web browser now" is absolutely a catastrophe for user privacy and software reliability for this reason, IMO. Every tiny component now has a thousand moving parts that can spy on you.
> But what is the problem? That I can know that you press the print button?
When the internet was young, and most people were using dial up connections, just collecting the dates and times that a person was online and using a program was (and still is) a massive violation of privacy. Software "phoning home", even just to check for updates (collecting IP addresses, timestamps, and version numbers) was enough to get your software branded as spyware.
No software company needs to know which hours I'm awake, when I'm using my computer, which hours I work, which hours I use their program, how long I use their program, how long it's been since I last used their program, etc. It's intrusive, entirely none of their business, and it's insane that they all feel entitled to that kind of information.
If I print something, don't print something, or what the things I print are is also none of their business. Neither is what I'm printing it for, where I put the printout after I take it from the printer tray, or if I use tape or a thumb tack to secure it in place, but you can bet that if software could easily collect that data it would and somehow it would be considered impossible to write good software without that information.
From a privacy standpoint telemetry is always invasive, which is why I disable it any way that I can. Even without the privacy aspect telemetry is a bad idea. I don't want program updates that remove features just because I (and others) don't use them very often. I don't want updates that constantly shuffle the UI around according to how they think "most" people have been using it this week. I don't want my workflow disrupted every few months because it's uncommon. I don't want the way I choose to use the software on my device to influence how other people are expected to use it either.
Telemetry is much better when it's limited to reporting errors and bugs, but even that should be opt-in only.
You don't need spyware just to improve a product. Dev teams were able to produce great software before we were constantly online.
If a team is so unfamiliar with their product and customer base that it cannot take action without telemetry, maybe they're not the right team to make that product. Statistics are not a substitute for domain knowledge.
By reading up on those decades-old bugs in the issue tracker, by making said issue tracker easier to vote on and pleasant to look at, by making other easy feedback submission mechanisms that don't become black holes themselves, by many other options mentioned elsewhere
Mozilla, the legally registered non-profit foundation with a mission statement[0], for sure is more trustworthy than a for-profit data behemoth whose sole revenue comes from collecting as much data a possible, or a for-profit tech company with a history of corporate abuse and user hostile behavior.
That's the Mozilla Foundation, the Mozilla Corporation is the for-profit developer of Firefox that's owned by the Foundation. If Mozilla never established the Corporation I'd give them more slack, but from a "it's nonprofit" perspective it's on the same level as IKEA, which is also owned by a nonprofit foundation.
Technically, google doesn't sell people's data. It uses data to train AIs to predict people's behaviour, modify that behaviour, modify attitudes/beliefs (it's an ad company), and eventually replace people
Thanks, I updated my original post because how they profit from the data is immaterial to the fact that they want it and they coax people into letting them collect it.
I'm not trying to be a contrarian, but Google paid Firefox lots of money to force Google as the default search. Likely an offer they would refuse at their own peril, but I really liked how my search engine settings persisted when I reinstalled. Now it defaults to google.
There's also a ton of promoted garbage on your homepage and privacy switches that need to be toggled off by default. Those settings don't carry-over when you sync your account settings.
I still prefer Firefox, but they are not immune to the encroaching enshittification.
I agree they're not immune whatsoever. In fact I hold them to a higher standard than the others because it's their mission to do it, so their failures sting much harder.
But I hold the others to zero standard. There is less than zero trust there. I expect to be abused by them because their mandate requires them to ignore my wishes. It's not a failure but a success to them.
Well wait, I don't think jeffbee was saying it's bad to enjoy things, but rather that the person they were responding to was implying something, namely "Lynx is (in some way) better than Firefox because it doesn't take telemetry data."
Lynx definitely takes less telemetry data than Firefox, but it also gets substantially fewer updates, including security updates. I think text-based browsing is pretty fun but I don't really use it in no small part because of the infrequency of updates.
I can see how the post could be interpreted that way. I've added an edit at the bottom to clarify that I'm not suggesting people actually use it as they main one.
Yeah, right after I hit post it occurred to me that assorted media codecs (pictures, video, audio) were probably the next largest attack surface that lynx would also necessarily be immune to :)
I don't know about Lynx, but terminal browsers can display images. w3m is able to do it on virtual terminals and terminal emulators that support it if you install the right packages (w3m-img on Debian for instance).
I don't know nothing about Lynx, except that I always wanted to write a CLI web browser that did support all web features like JavaScript, just to see if it'd work.
This advice mainly applies to people using old OSes or who don't update their browsers.
I just went through Lynx's the <20 CVEs over the last 20 years and couldn't find any that haven't been fixed. Same cannot be said for Chrome or Firefox which have dozens every year.
> Pseudonymous user so concerned about privacy that they use the browser with by far the greatest density of exploitable flaws.
"I love Lynx" is different from "I use Lynx for security-sensitive browsing," and "greatest density of publicly documented exploitable flaws" is, even if true (I don't know), not the same as "greatest density of exploitable flaws."
Edit: I'm not saying that Lynx should be a daily driver or that it's more secure, but it's a neat little project that avoids some of the bad patterns in modern browsers.