The officially official Devuan Forum!

You are not logged in.

#1 2021-04-20 12:43:01

yeti
Member
From: I'm not here: U R halucinating
Registered: 2017-02-23
Posts: 334  

${THEY} continue crippling browsers...

Mozilla Add-onsFeature Removal Blog
What to expect for the upcoming deprecation of FTP in Firefox

——————————
Edit:  ...just for trying to remove the "[SOLVED]" in the title.  ;-)

——————————
Edit: Guess what... it worked!  \o/

Last edited by yeti (2021-05-02 15:17:22)


*𝚛𝚒𝚋𝚋𝚒𝚝!*

Offline

#2 2021-04-20 14:09:41

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

[sarcasm]Awesome... I'm sure they're dropping FTP in order to make room for great new features like Bonzi Buddy![/sarcasm]

Is there actually a way to look back through changes to FF code to determine just how much effort really IS required to maintain FTP?

Offline

#3 2021-04-20 16:15:25

andyprough
Member
Registered: 2019-10-19
Posts: 327  

Re: ${THEY} continue crippling browsers...

snork wrote:

[sarcasm]Awesome... I'm sure they're dropping FTP in order to make room for great new features like Bonzi Buddy![/sarcasm]

No - even better (or worse depending on your viewpoint): "Firefox 88 now supports PDF forms that have JavaScript embedded in PDF files... Apparently JS in PDF is a thing for form validation and other interactive elements." https://www.phoronix.com/scan.php?page= … 8-Released

I mean - what could possibly go wrong?

Offline

#4 2021-04-20 16:39:13

Altoid
Member
Registered: 2017-05-07
Posts: 1,581  

Re: ${THEY} continue crippling browsers...

Hello:

yeti wrote:

... upcoming deprecation of FTP in Firefox

Hmm ...
Many (many) years ago, I was a huge fan of FTP and used a very good FTP application under W95/98.
Like many other things from that age, I cannot remember the name but it was great and a free download for the likes of me.

Edit: it was WS_FTP LE 16-bit from ipswitch

It was back when there was a real/working FTP search engine permanently indexing the web (from Norway?), much better at finding files than any search site today.
I think it was bought out and shut down by Netscape. (')

I really would not going going back to using a separate FTP application, maybe one less thing for Google to spy into.

Just my $0.02

A.

Last edited by Altoid (2021-04-20 16:49:08)

Offline

#5 2021-04-20 17:08:33

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

Altoid wrote:

Many (many) years ago, I was a huge fan of FTP and used a very good FTP application under W95/98.
Like many other things from that age, I cannot remember the name but it was great and a free download for the likes of me.

Do you mean ws_ftp?  Bah!  I saw your update and clearly I was too slow in my reply. :-)

Altoid wrote:

I really would not going going back to using a separate FTP application, maybe one less thing for Google to spy into.

I figure since ftp hosts files in cleartext it is "spyable" regardless of which client one uses.  Kind of like how Devuan apt uses http by default, and I imagine many people never change it from that default.  I think:

  • ftp has its [arguably limited] uses

  • some people already use Firefox (perhaps for a digitally long time) to acces ftp services

  • removing ftp from Firefox will force those users to obtain a separate application (or alternative to ftp), which could potentially irritate some users enough to go looking for another browser

I'm not a Firefox developer but I still have a hard time believing the impact of ftp on the development process is significant.  At the same time, I also believe if the goal is to reduce bloat within Firefox there are some much bigger fish to fry before ftp.  It is hard for me to see the removal of ftp as a decision intended to serve users rather than to guide digital communications in a direction Mozilla prefers.

andyprough wrote:

I mean - what could possibly go wrong?

It's like they really can't see what's coming.  LAWL!

My 3¢ :-)

Offline

#6 2021-04-21 08:54:53

dice
Member
Registered: 2020-11-22
Posts: 559  
Website

Re: ${THEY} continue crippling browsers...

andyprough wrote:
snork wrote:

[sarcasm]Awesome... I'm sure they're dropping FTP in order to make room for great new features like Bonzi Buddy![/sarcasm]

No - even better (or worse depending on your viewpoint): "Firefox 88 now supports PDF forms that have JavaScript embedded in PDF files... Apparently JS in PDF is a thing for form validation and other interactive elements." https://www.phoronix.com/scan.php?page= … 8-Released

I mean - what could possibly go wrong?

good reason to never use the inbuilt FF pdf reader.

Offline

#7 2021-04-21 09:44:44

jobbautista9
Member
From: Philippines
Registered: 2020-07-11
Posts: 32  
Website

Re: ${THEY} continue crippling browsers...

dice wrote:

good reason to never use the inbuilt FF pdf reader.

Agreed. Even without the ability to embed JavaScript to PDF, it's a security risk nonetheless. pdf.js is also not as accurate as other dedicated PDF viewers, I heard.

The only good thing about pdf.js is the ability to embed PDFs in a website, instead of having to download them.

Last edited by jobbautista9 (2021-04-21 09:45:34)


Former maintainer of the iwd package. See #639! smile

You can also find me on the Pale Moon forums. I develop XUL add-ons for Pale Moon.
My PGP public key

Offline

#8 2021-04-23 16:10:12

siva
Member
Registered: 2018-01-25
Posts: 282  

Re: ${THEY} continue crippling browsers...

Not gonna defend Mozilla's questionable, if offensive, bloatware choices. But, honestly, does anyone use straight-up FTP anymore? sftp (or, better yet, the internal-sftp through ssh) seems way more preferable.

Offline

#9 2021-04-23 17:15:41

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

siva wrote:

does anyone use straight-up FTP anymore?

I downloaded an ISO via FTP yesterday.

s.

Offline

#10 2021-04-23 22:48:32

siva
Member
Registered: 2018-01-25
Posts: 282  

Re: ${THEY} continue crippling browsers...

well ctrl+f me sideways.

Offline

#11 2021-04-24 01:16:09

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

siva wrote:

well ctrl+f me sideways.

Just because my friends won't get that joke doesn't mean they won't have to listen to me tell it. :-)

Don't get me wrong, I don't think many people use FTP very often, and the fact that I went looking for some ISO's recently was mostly a coincidence... I just have a hard time buying the idea that FTP is a serious time sink for the Mozilla developers who took the time to implement crap like The Awesome Bar, Pocket, various telemetry garbage, Firefox Maintenance Service, Mr. Robot, forced Cloudflare DNS, and I'm pretty sure they never really deleted all those nude photos of me like they said they did.

Offline

#12 2021-04-24 06:59:00

yeti
Member
From: I'm not here: U R halucinating
Registered: 2017-02-23
Posts: 334  

Re: ${THEY} continue crippling browsers...

Read about the history of browsers.  They were meant as unified frontend to access information scattered around the net being accessible via many different protocols.  THAT is the way the web was born.  Many sites used FTP servers to present their documents.  And Gopher was very common back then too.

If protocol diversity is torn down, the web loses lots of dimensions, one for each discarded protocol.  And it already has lost so many of them, if viewed via mainstream browsers.

But there still are some browsers that offer a lot of protocols.

Look into elinks's features.conf for what all you are missing while using a mainstream browser!  Even FINGER and FSP are supported, and serverless local CGIs (W3M can do that too and implements a filesystem view and 'w3mman' as local CGIs), which turns such a browser into a standard frontend for own scripts.  Read that as 'file:///cgi-bin/...'.

Dillo has a simple plug in system, that looks like even a text mode fossil like me could be able to write add ons for other protocols.  This Gemini plugin for Dillo demonstrates it in Go.

And sure there is Emacs with different add ons to browse the web (Eww and siblings), but most of them are a bit lacking. OTOH via Dired+Tramp you get file systems access even to remote systems, Elpher does Finger, Gopher and Gemini, Magit can be seen as Git browser, with Eshell+Tramp the world is just a "cd" away, browsing into several archive formats (e.g. (Surprise: Emacs includes more than one editor plugin too!) transparently edit stuff in ZIP files) is naturally, four different "IRC browsers" are known, mail, news, jabber, ... Emacs is a browser!  Well... the renderer for HTML needs an overhaul... can you help there?

Browsers should unite the different dimensions (protocols, text formats, renderers) of the nets instead of being divisive.  And here I'm looking especially at the single protocol browsers for only HTTP+HTML, only Gopher, only Gemini, ...
Don't do that! That's divisive and considered unfriendly and may create locked in syndromes.  Ok, or at least it is very ugly, if we need a different program for viewing each (protocol,text-representation) combination.

Don't allow ${THEM} to turn the net/web/mesh into a one dimensional string!

Last edited by yeti (2021-04-24 08:04:52)


*𝚛𝚒𝚋𝚋𝚒𝚝!*

Offline

#13 2021-04-24 13:46:48

dice
Member
Registered: 2020-11-22
Posts: 559  
Website

Re: ${THEY} continue crippling browsers...

agree with you fully yeti, once "they" start stripping away the origins of how the web was created they will replace it with crapware.

https://man.openbsd.org/ftp FTW.

When i set my openbsd system up i purposely used ftp to get most of the parts i needed outside of openbsd that i wanted including suckless tools wherever i could, then it was git clone which i believe uses curl ftp. Of course i was able to get links and info using well "links".

https://everything.curl.dev/usingcurl/ftp

http://links.twibright.com/

Last edited by dice (2021-04-24 13:48:15)

Offline

#14 2021-04-24 14:13:04

blackhole
Member
Registered: 2020-03-16
Posts: 106  

Re: ${THEY} continue crippling browsers...

I still use ftp professionally. I've had to go back to filezillla at work for simple anon ftp etc.

There is nothing wrong with using it. If you download an .iso image and check the md5sum, that is really no different to using SSL/TLS.  Ultimately you should have the choice. They have willfully deprecated it as part of a wider industry led strategy and not because of any concerns over maintaining it.

HTTPS is being de facto standardised to force all traffic via google, faecebook, amazon, ms, cloudflare, et al.

Last edited by blackhole (2021-04-24 14:15:40)

Offline

#15 2021-04-24 15:53:40

siva
Member
Registered: 2018-01-25
Posts: 282  

Re: ${THEY} continue crippling browsers...

blackhole wrote:

If you download an .iso image and check the md5sum, that is really no different to using SSL/TLS.

I get your point but I don't know that I'd go this far. SSL has a purpose for securing the connection for web apps and the like. Preventing inline snooping is a big deal with mobile infrastructures. (Unfortunately, I think that proprietary mobile is the direction in which tech is heading.) Big tech and malware both take advantage of that, but SSL is a good thing when used correctly imo.

yeti wrote:

If protocol diversity is torn down, the web loses lots of dimensions, one for each discarded protocol.  And it already has lost so many of them, if viewed via mainstream browsers.

Severely underappreciated point. I think we are already seeing this kind of deconstruction, and I imagine it will only get worse over time. Mobile/web app development seems to be aggressively pushing the idea of (their own) services over anything else. (Edit: To clarify, I share your point of view. [Another edit] I did not realize that was a goal with the history of browsers. Thanks for sharing.)

Last edited by siva (2021-04-24 16:04:14)

Offline

#16 2021-04-25 20:09:28

mstrohm
Member
Registered: 2020-02-09
Posts: 37  

Re: ${THEY} continue crippling browsers...

snork wrote:

I just have a hard time buying the idea that FTP is a serious time sink for the Mozilla developers [...]

As someone who is writing a web browser including its engine from scratch, I would say it depends on the software architecture of your browser. If protocol implementations are "encapsulated" and use common interfaces for accessing network facilities (sending/receiving data) and for being accessed by the rest of the engine, the only times you would have to touch protocol implementations is when you fix errors, add new features or when you change the interfaces.

The Google groups thread that is linked in the Mozilla blog post is interesting, since the motivations for the removal of FTP are written there. At least one person argues that FTP is insecure and HTTPS should be used instead. One comment there is especially interesting since it says that the FTP implementation in Firefox is insecure and hard to maintain. I haven't looked at the Firefox source code, but judging from that Google groups thread, it might be that Firefox may not have a good abstraction layer for protocols so that supporting multiple protocols may indeed be difficult. Those that know the Firefox source code are more qualified to give an answer to that.

Offline

#17 2021-04-25 21:32:24

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

Please forgive me for being sceptical that Mozilla developers really spend much time having to think about FTP at all.  As a user who runs a browser, it is pretty disappointing to have "the features I use" disappear on me while truly garbage features, tracking, and even advertising find their way in. :-(

Offline

#18 2021-04-26 17:14:10

blackhole
Member
Registered: 2020-03-16
Posts: 106  

Re: ${THEY} continue crippling browsers...

They are developing and maintaining a boatload of "garbage features", yet FTP protocol handling has to go.

FTP is "secure" because it's used by those with a good understanding of why they use it, i.e. those who will check the md5sum of a downloaded file. It's just not useful to mainstream faecebookers.

People have more to worry about from malicious js used in websites served over over https run by phishing scammers and the like...

Offline

#19 2021-04-26 17:15:52

yeti
Member
From: I'm not here: U R halucinating
Registered: 2017-02-23
Posts: 334  

Re: ${THEY} continue crippling browsers...

Maybe ${THEY} would keep FTP if someone adds cookies and JS to it...  :-Þ


*𝚛𝚒𝚋𝚋𝚒𝚝!*

Offline

#20 2021-04-26 19:37:05

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

blackhole wrote:

It's just not useful to mainstream faecebookers.

Aye, there's the rub!

Booyeah!

Offline

#21 2021-04-26 21:17:59

mstrohm
Member
Registered: 2020-02-09
Posts: 37  

Re: ${THEY} continue crippling browsers...

blackhole wrote:

People have more to worry about from malicious js used in websites served over over https run by phishing scammers and the like...

yeti wrote:

Maybe ${THEY} would keep FTP if someone adds cookies and JS to it...  :-Þ

Protocols and malware are similar to pizza boxes with tainted pizza: It doesn't matter how the box looks like if the pizza is tainted. If you deliver a malicious web page via HTTP(S), FTP(S), Gopher or another protocol, the protocol doesn't matter.

Doesn't the FTP protocol removal follow the same pattern that can be seen around SystemD? Before it descended upon the GNU/Linux world, we had multiple init systems that other software had to interface with. Now a unification process is on its way, either by using SystemD directly or by using compatible implementations. The web also had many protocols besides HTTP(S) that were more common in the past to retrieve data: Gopher, FTP, (that one newsgroup protocol), QOTD and many more. A huge part of the Web is HTTPS now, so that we see a similar unification process.

blackhole wrote:

They are developing and maintaining a boatload of "garbage features", yet FTP protocol handling has to go.

Indeed, Firefox is bloated and there seems to be no incentive for Firefox project leaders to make the browser better, since Firefox and Chromium have almost no concurrency at the moment (Microsoft Edge is also Chromium) and Firefox can be seen as the lesser of the two evils in regard to privacy issues since you still can disable some antifeatures via about:config, which you cannot do with Chromium.

In the long term, the free software community has to build new browsers. Either by starting to code from scratch (like I did) or by taking the Firefox or Chromium source code and creating something better out of it (Pale Moon looks promising).

Offline

#22 2021-04-26 22:31:02

snork
Member
Registered: 2021-04-05
Posts: 17  

Re: ${THEY} continue crippling browsers...

mstrohm wrote:

Either by starting to code from scratch (like I did)

I like this solution best... it's time to throw away the baggage browsers have been dragging around for far too long.

mstrohm wrote:

or by taking the Firefox or Chromium source code and creating something better out of it (Pale Moon looks promising).

I use Pale Moon as my daily driver for sites I log in to, and ungoogled-chromium for general purpose searching and browsing.  I tried to make it the other way around but there seemed to be too many sites that were "not quite right" in Pale Moon.  Another option that people trying to flee Firefox may find useful is SeaMonkey.  A number of FF addons are compatible with SM, or can be made to work reasonably well with some minor touchups.  I don't think many people will wind up using it as their primary browser, but it might help bridge some gaps for folks who want to give up of Firefox (which I think is a good idea).

Offline

#23 2021-04-28 18:29:24

mstrohm
Member
Registered: 2020-02-09
Posts: 37  

Re: ${THEY} continue crippling browsers...

snork wrote:
mstrohm wrote:

Either by starting to code from scratch (like I did)

I like this solution best... it's time to throw away the baggage browsers have been dragging around for far too long.

Well, you have a clean start when you're doing this and it sure is fun programming all the different parts of a browser and you will learn a lot from it, but it can take a long time and a lot of programming effort until your browser will render a web page on the screen wink But it is a magical moment when you see your compiled code drawing the content of a web page, which makes it all worth it.

Offline

#24 2021-04-28 19:29:23

Head_on_a_Stick
Member
From: London
Registered: 2019-03-24
Posts: 3,125  
Website

Re: ${THEY} continue crippling browsers...

mstrohm wrote:

Pale Moon looks promising

No, it doesn't: https://digdeeper.neocities.org/ghost/b … l#palemoon


Brianna Ghey — Rest In Power

Offline

#25 2021-04-29 01:52:24

Ron
Member
Registered: 2018-04-22
Posts: 526  

Re: ${THEY} continue crippling browsers...

I call B.S. on that article. I've been using Pale Moon for close to a decade now and it's a great browser. Better than the Chrome clones.

Offline

Board footer