return to table of content

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

cbsmith
28 replies
22h58m

I get the concerns about conflict of interest, but I can get behind the CEO's point that their expertise in the space helps them to build better defenses.

munchler
11 replies
22h36m

Sure, let’s put the fox in charge of defending the hen house. He’s an expert on chickens and I’m sure he’s changed his ways!

cbsmith
6 replies
22h25m

We hire black hat hackers to help with computer security.

justinclift
5 replies
22h11m

Why would you do that?

cbsmith
4 replies
22h4m

Because it's effective.

lcnPylGDnU4H9OF
3 replies
21h47m

It sounds like you're hiring penetration testers. Why do you call them "black hat"?

p1esk
1 replies
21h25m

How do you know the penetration testers you hired are not black hat hackers?

doktrin
0 replies
20h59m

How do you know the penetration testers you hired are not black hat hackers?

Is the implication that all pentesters are black hats until axiomatically proven otherwise? High bar.

fullspectrumdev
0 replies
21h11m

A lot of the better pentesters/security consultants have “colourful” backgrounds.

vlovich123
1 replies
20h25m

A fraudster who by all accounts continued fraud by making up a life story filled with largely fictional details (including that he worked with the FBI)? Some people are like George Santos and exaggerate constantly in addition to constructing wholesale false stories about themselves.

It’s fascinating how easy it is to fall prey to a fraudster when they claim they’ve gone legit. You’re probably better off believing they’re still a fraudster.

https://louisianavoice.com/2021/04/26/new-book-further-debun...

https://en.wikipedia.org/wiki/Frank_Abagnale#Relationship_wi...

jart
0 replies
18h47m

That Wikipedia section makes it sound like his whole life story is just an elaborate work of fiction. I don't think that counts as fraud. It's more like santa claus and the deception fits in with his story. Is he doing any actual damage other than annoying the FBI?

giuseppe_petri
0 replies
21h5m

"An old poacher makes the best gamekeeper."

refulgentis
6 replies
21h55m

quick note, after I almost did: Please don't feed the trolls: they're replying to every. single. reply. with more bait.

StressedDev
4 replies
20h24m

Good catch - I have noticed that Mozilla gets a lot of unjustified hate and criticism. Does Mozilla make mistakes? Yes. Does it do a lot of good? Yes. Does it deserve the abuse it gets online? Absolutely not.

refulgentis
0 replies
18h18m

Not Mozilla; the silly "hmm isn't it actually good he ran it? whats the difference between that and black hat hackers?", except its slow drip one at a time one sentence comments that don't acknowledge his interlocutor at all.

olyjohn
0 replies
19h34m

I really believe it's because deep down, people love the big shiny brand Google Chrome, yet they know it's kinda fucked. So when they see things like this, they are able to justify it in their minds that they made the right decision. Confirmation Bias?

nottorp
0 replies
18h51m

Problem is, Mozilla is running in all directions at once like a headless chicken.

So we worry Firefox will die.

cbsmith
0 replies
16h29m

Just to be clear, I wasn't criticizing Mozilla. I think they did what they had to do, but it's unfortunate the skills can't be harnessed.

cbsmith
0 replies
20h52m

Fair advice.

AdmiralAsshat
3 replies
22h55m

Except the CEO still operates Nuwber. It's hard to believe he's learned from his mistake if he's still actively helming said mistake.

Drakim
1 replies
22h52m

Yeah, I'm 100% for forgiving and giving people a second chance. It's no different than a black hat hacker becoming a security researcher.

But there is a clear conflict of interest if he is still actively engaging in the dubious behavior.

cbsmith
0 replies
22h4m

I think there's a distinction between criminal activity and the usual conflict of interest.

cbsmith
0 replies
21h58m

I wasn't saying he has learned from his mistake. I'm just saying he no doubt has expertise.

abhorrence
1 replies
22h56m

Couldn’t you make a similar argument about protection rackets? Their experience shaking down places for money helps them build better defenses against it, right?

cbsmith
0 replies
22h9m

You could, particularly since protection rackets actually do compete with each other. I wouldn't want to hire a criminal, but if someone did, they'd likely be effective.

int_19h
0 replies
22h29m

Per TFA, the guy is literally running ads for Onerep on his people-search platforms. His "business" is pure unadulterated blackmail.

catchmeifyou
0 replies
22h44m

Or, his expertise from Onerep helps him build a better Nuwber.

arp242
0 replies
21h22m

I kind of agree, but there does need to be a baseline of trust, and that's rather difficult to give when they're operating both types of services at the same thing.

If it had been "I have worked on identity-selling services for 15 years, saw it wasn't a good thing, and now I'm trying to fix the problem" then okay, fair enough. This is something we can at least start with. but this doesn't seem to be that.

AdmiralAsshat
22 replies
22h53m

I think Mozilla's heart was in the right place here, but pretty disappointing that they didn't vet their partner more thoroughly than what some GMU grad students were able to uncover.

Also makes me wonder what other shady connections fellow services might have, waiting to be uncovered. Looking at you, popular podcast sponsor, DeleteMe!

jqpabc123
13 replies
21h42m

... pretty disappointing that they didn't vet their partner more thoroughly

Kinda like partnering with Google while promoting Firefox as the "privacy browser".

arp242
12 replies
21h26m

I assume you're referring to the default search engine deal? What influence does that have on Firefox's privacy features? How does it make Firefox not a "privacy browser"?

dotnet00
9 replies
16h46m

Kinda skews their incentives heavily when that deal represents a large chunk of their revenue

arp242
8 replies
16h18m

Why would it? Harvesting data is not even Google's entire revenue, and Google would be phenomenally stupid to mess with Firefox, because if that would get out it's major anti-trust headaches waiting to happen.

What specifically did this influence, or is likely to be influenced? What specifically is made worse by this?

There's always these vague accusations, but never any specifics.

jqpabc123
7 replies
15h1m

By default, Firefox makes it real easy to uniquely identify and track you, refuses to block ads and apparently, don't care much about marketshare. Wonder why?

Details are readily available if you know how to search.

arp242
6 replies
14h51m

Any browser makes it easy to track you because that's how the web works and it's hard to fully prevent without significantly affecting compatibility and/or feature set. Firefox does have some "Enhanced Tracking Protection" features for this though. And (extensively) changing the content of webpages by default would be inappropriate for a mainstream browser; it's not their job to curate what you see, and this includes ads (for starters, it's not so easy to even classify what an "ad" is).

These are just more vague accusations, and just as unencumbered by any evidence as your previous vague accusations were.

arp242
1 replies
6h47m

And that is because of Googles influence on Firefox, how?

You are not engaging with anything I said. I asked for evidence of Google's control over Firefox beyond "they have a search engine deal", and you seem unwilling or unable to provide it. Therefore I can only assume it does not exist and are simply making spurious claims for which no evidence exists.

jqpabc123
0 replies
5h9m

Almost all their revenue comes from Goggle and you demand evidence that this influences them? How could it do otherwise?

The lack of default privacy and ad blocking in Firefox is the evidence.

The fact that Google continues to pay even as Firefox marketshare shrinks to irrelevance is evidence.

The more pertinent question for potential users is evidence that it does not influence tbem. By any reasonable measure, default Firefox is not "the privacy browser".

Nextgrid
2 replies
6h57m

it's not their job to curate what you see

In this case why does the browser have a pop-up blocker? Or why does it warn about potentially malicious websites (via SafeBrowsing)?

If it's not their job to curate what you see then it should show you the raw unfiltered badness of the web and let you deal with it yourself.

arp242
1 replies
6h35m

What a boring "gotcha". By that measure a browser should also allow any HTTPS certificate, self-signed or expired, and any other invalid certificate, and allow unrestricted unlimited access to all storage and all features. Oh no, that would be idiotic... Just as silly as conflating not implementing a technical feature or basic safety protections with "curation".

Hey your email provider also shouldn't do curation either, then why does it have a spam filter?!?! Checkmate atheists!

Nextgrid
0 replies
3h9m

I'm curious about where you draw the line between basic safety features/spam filtering and "curation" and the reasons behind that.

Ad blockers just use a list of known malicious URLs/domains/CSS selectors and use that to block/hide elements.

This is identical to Safe Browsing (preventing loading of known malicious domains) which you seem to be fine with and don't see as "curation".

Terretta
1 replies
21h16m

What influence does that have on Firefox's privacy?

Don't you mean on your, the user's, privacy?

arp242
0 replies
20h55m

Well, more like "Firefox's privacy features". I'll edit to clarify.

IntToDouble
4 replies
22h26m

Puzzling they chose to partner with Onerep when Kanary was part of Mozilla's incubator and is just a fundamentally stellar service.

ckozlowski
2 replies
21h3m

Can you share more?

IntToDouble
1 replies
20h52m

In terms of the incubator, looks like it was replaced with Mozilla Ventures:

https://builders.mozilla.community/ https://builders.mozilla.community/old/alumni.html

With respect to Kanary, I have my entire family the platform and it's drastically reduced the amount of garbage (figurative) that comes through our door. Needed help with something non-standard the CEO personally took care of things while learning more about our specific use case.

griffinkelly
0 replies
16h38m

Second the recommendation for Kanary. Formerly had a lot of inbound spam, has seriously cut it.

throwanem
0 replies
20h59m

"Puzzling" is a good description of just about every business decision Mozilla has made over at least the last decade.

People complain about the Google search deal and I get why, but I've been using the browser since back when it was called Phoenix, and at this point I'm pretty sure the Google deal is the only reason it's still alive. The engineering is still solid; its stewardship seems anything but.

wolverine876
0 replies
21h5m

pretty disappointing that they didn't vet their partner more thoroughly than what some GMU grad students were able to uncover

What did it take for them to uncover it?

Generally speaking, GMU grad students may have have more time and plenty of expertise. When those grad students leave school and get jobs at Mozilla, they may be too busy to go down rabbit holes looking for long shots.

slvrspoon
0 replies
2h6m

Co-founder DeleteMe here. Been building and delivering privacy tools and chatting on HN for 15 years. Happy to answer questions but please easy on unfounded accusations :)

donmcronald
0 replies
21h47m

Also makes me wonder what other shady connections fellow services might have, waiting to be uncovered.

This is why it's so important to require disclosure of beneficial owners for all companies. The world is filled with people that will poison you just so they can sell you an antidote, or, better yet, life long treatment.

ds
19 replies
20h51m

All the existing databroker remover tools are flawed because they make use of manual labor to remove you from sites, primarily done by people in third world countries.

We @ https://redact.dev are working on a pure software mechanism for doing these optouts directly from your own device. We already have full mass deletions for over 40 social media and utilitys.

vohk
9 replies
20h37m

I really dislike the trend of making everything a subscription service. I can imagine a niche market that wants to continuously delete content older than an arbitrary window but isn't this the sort of service that most users would need only need sporadically?

The pricing seems to implicitly acknowledge this: $35/m billed monthly vs $8/m billed annually! Would you really expect anyone to intentionally renew monthly? I can't argue that people forgetting to unsubscribe pays the bills, but as a business model it leaves a bad taste.

micromacrofoot
8 replies
20h29m

Data brokers are like the hydra, one goes down and another 2 new ones pop up. It's a lot of work to keep on top of deletions if you want privacy.

quatrefoil
6 replies
18h6m

Not really. There's a fairly small and stable number of companies that actually collect and resell information about you. There is also about a zillion ephemeral web front ends that republish this data, however. I suspect this is done for a reason, but a bit of sleuthing quickly reveals who the big players are.

These "data removal" services spend a lot of effort going after the frontends, which is pretty self-serving: they can show the customer that there's something new to remove every single month or quarter, so you have to keep paying forever.

jart
5 replies
17h55m

What else could they do? They're working within a system that the government designed, and the government always designs things to keep people running on the hamster wheel.

quatrefoil
4 replies
17h21m

Request deletion from backend brokers? Many have some mechanisms for opt-out, either in general or for people in specific states (e.g., California).

jart
3 replies
17h4m

OK so if Optery reports 330 removals, how many removals did they actually have to do on their end? A hundred? Thirty? Ten? Why should we care? If you pay a man to remove the snow from your driveway, would you be upset if he used a plow rather than a shovel?

makeitdouble
2 replies
16h15m

Wouldn't you be upset if you paid him hourly so he used a spoon and went slowly enough that snow accumulates faster than he'll ever clear your driveway ?

Parent's argument is that current approach leads to an endless cat and mouse game the user ends up paying, when there would be ways to end it faster and cheaper.

jart
1 replies
15h35m

Yes but how is that the fault of removal services? They can't do anything to stop the usual suspects from filing for a fresh corporation from Delaware each week.

makeitdouble
0 replies
14h42m

That makes it a weirder proposition to me.

Does that mean the user keeps paying just to have someone somewhere do "something" ?

And that, even if fundamentally it can't solve the sutiation, can't prove it's even improving in any specific ways (telling you it removes hundreds of instances doesn't tell you how many have been added in the meantime), and they also have no incentives to be too zealous as the numbers in the reports would be going down and the motivation to subscribe also diminish.

Ps: perhaps the way out of this is to make it a non profit that provides jobs to people in need, and have the subscription a recurring donation ?

bigyikes
0 replies
19h42m

I don’t necessarily doubt you, but do you have any source for this, or in general any information on the landscape of data brokers?

It’s hard to imagine what the situation actually looks like behind the scenes.

mgiampapa
5 replies
20h44m

This explains some trends where posts are being edited on Reddit with nonsense then deleted. Personally, I think this kind of behavior makes the web poorer as a knowledge base. Yes you have a right to do it with your own content, but doing it at scale makes the internet a less useful tool and it makes me a bit sad since the scrapers will already have the data anyway.

Brian_K_White
3 replies
18h50m

Hopefully it just makes sites remove the ability to edit or delete things once they've been published. Especially forums where things have been referenced by other things.

As much as I routinely fine-tune and fix up a comment after initially writing, I will happily go back to the old days before such ability became common, in trade for the sanity of references that don't disappear or change meaning after the fact. The typos don't hurt as much as the swiss cheese and schitzo conversations.

superq
1 replies
16h9m

Personally I think we need the ability to delete more, not less.

Yes, I do see the irony of writing that here. :'(

arp242
0 replies
14h35m

The problem with the wholesale deletion of comments is that it also affects other people. For example if we have a back-and-forth constructive conversation here and one of us deletes all comments, then the value of the other person's comments are diminished, and sometimes even incomprehensible.

It's pretty clear you're putting something in the public when you're commenting on HN; this isn't a surprise and nothing is done surreptitiously. If you contribute to a debate in some TV discussion programme then you can't have that deleted later either.

And there are options without wholesale deletion: specific comments can be deleted or edited for specific reasons, and your account can be "soft-deleted" by changing your username to something random.

If you want to have more ephemeral temporary conversations then that's fair! But HN is not the right platform for that, IMHO.

CaptainFever
0 replies
15h4m

A good compromise in the meantime would be the Internet Archive. A lot of useful data is preserved there.

This made me curious about archivist ethics: https://www2.archivists.org/statements/saa-core-values-state...

Privacy: Archivists recognize that privacy is an inherent fundamental right and sanctioned by law. They establish procedures and policies to protect the interests of the donors, individuals, groups, and organizations whose public and private lives and activities are documented in archival holdings. As appropriate and mandated by law, archivists place access restrictions on collections to ensure that privacy and confidentiality are maintained, particularly for individuals and groups who have had no voice or role in collections’ creation, retention, or public use. Archivists should maintain transparency when placing these restrictions, documenting why and for how long they will be enacted. Archivists promote the respectful use of culturally sensitive materials in their care by encouraging researchers to consult with those represented by records, recognizing that privacy has both legal and cultural dimensions. Archivists respect all users’ rights to privacy by maintaining the confidentiality of their research and protecting any personal information collected about the users in accordance with their institutions’ policies.
dotnet00
0 replies
16h52m

Those are mostly in response to reddit's API changes. By editing the comments before deletion, the archives also get wiped and it takes a bit more effort for reddit to restore deleted comments behind users' backs.

Yes, it makes the web poorer as a knowledge base, but it's in response to companies like reddit ruining the internet by baiting in users, changing the agreement and then trying to keep the content that was written under the previous agreements.

stainablesteel
0 replies
19h11m

that's not actually a flaw

a real flaw is that companies in this niche are actually centralizing data to re-sell while adding a new line in the dataset that says "wanted to remove their data footprints"

shrimp_emoji
0 replies
20h39m

In other words, would you describe your site as the Gillette razor attachment mechanism of online data deletion?

miguelazo
0 replies
20h40m

Many databrokers make it very difficult to remove your info, on purpose, of course. That is why the legit removal providers have to rely on manual labor for some. I'd love to see it fully automated, but I'll believe it when I see it. Last I checked, Optery was removing 325+. Best of luck-- you have a long way to go.

Edit: this looks like a totally different service. Mass deletion of old posts is one thing, removing PII from data brokers is another.

neilv
8 replies
21h5m

I suspect that vetting this kind of partnership needs someone who is ferociously knowledgeable, principled, and skeptical. Not someone who's mainly looking at it from a business development or career angle.

Now the aftermath could use a fighter, looking for how they could legally disassemble the entire racket. Not only because it's arguably on-mission, but more importantly because Mozilla has a reputation to redeem on this now.

(For example, no matter how that party has squeaked by wrt consumers, maybe there's a new angle in their dealings with Mozilla, such as a different kind of fraud. And Mozilla is much more able to pursue the matter than most individuals would be.)

stefan_
3 replies
19h48m

Pursue what? God knows they should pursue building a browser. It’s a simple concept, it doesn’t need ChatGPT-set-to-dramatic words.

Nextgrid
2 replies
3h7m

Building a browser is harder than posting puff pieces about privacy. Mozilla has sadly strayed away from being a browser company into being some PR company that happens to make minor changes to a browser once in a blue moon.

neilv
1 replies
1h36m

Agreed, a lot of the behavior looks like that. But if we ask why we want them to build a browser, would you agree that privacy+security+freedom+democracy online are the main reasons we have?

If so, then would you say much of their current messaging has the right idea?

Would you also say that we've seen genuine progress (and also regression resistance) in that direction with the browser?

Personally, I'd say yes to all those. Two things that I don't understand are what one executive was getting paid, and some of their decisions during that executive's tenure, for a long time.

One guess is that some people were letting it be run like a tech company, and furthermore a tech company coasting along in some ways without being very effective. And that would have to be multiple people, since everyone answers to someone. If that guess were accurate, then not only do you have to ask the watchers why that was allowed to happen, and figure out how to fix that, but you also have to look for cascading effects within the organization from that having gone on.

Nextgrid
0 replies
1h0m

Mozilla has gone all-in on talk (or "messaging") and but very little action. In some cases I would say they are actually giving people a false sense of security because despite all the claims, Firefox in its default configuration isn't actually great privacy-wise (for starters, default-on telemetry is in direct breach of the GDPR).

Mozilla could massively help non-technical people regain privacy by shipping Firefox with actually private defaults and uBlock Origin built-in (they've got the infrastructure to download Pocket on first run, so they can do the same for uBlock), but doing would actually mean "doing something" and put them at risk (I'd expect the Google money to stop the second this is released, meaning they'd need to actually start operating a real business with a real business model), where as merely writing puff pieces is safe as it doesn't really hurt anyone.

noqc
2 replies
1h48m

I like this comment, and I'll pitch in my two cents on it.

Suppose Joe Salesman sells your friend Al a used car and it turns out they got a bad deal, the car was a lemon. What lesson should be learned from this?

a) This was an honest mistake. We expect this kind of variance in used vehicles, and the market works out kinks. I should feel comfortable buying a used car from Joe, should the need arise.

b) The information that this car was a lemon was available to Joe, who did not share it with Al because Joe thought Al was a sucker. I am better at diagnosing cars than Al, (or better at reading people), and I should feel wary about buying cars from Joe.

c) Joe only sells lemons, his business model is to rip people off, and there's no way to get a good deal on a used car from Joe. I should look elsewhere to buy a car.

d) This describes the business model of all used car salesmen, I should not buy a used car from a business that sells used cars.

e) This describes all business models when there is information symmetry between buyer and seller. I should not buy anything whose utility I cannot bound from below. (I need a warranty or similar arrangement from the seller).

There are obviously other options here, this is just to illustrate the spectrum of assumed adversariality. There was an article on HN recently declaring that salesman were more likely to get ripped off. I think this is because salesmen tend to think the answer to this question is (b) because salesmen exclusively interact with people who think that the answer is either (a),(b), or (c).

It's not just salesmen, actually. I think the phenomenon is equally well represented in people with business degrees. The core belief of an MBA is that you can subvert the regulatory structure, and people's psychology, to get them to give you more money for the thing than it costs you to make the thing. That's after all, where MBA income comes from. I think this comes much more naturally to people who think that the answer to the question above is (b).

I think by and large, whenever you hear that their company decided to purchase anything at all (but particular some sort of service), your instinct is that the purchaser was a gullible idiot, and that things would obviously work much better if no one was allowed to buy anything.

Personally, I do not think that ferocious skepticism is necessary to solve this problem. I think that it is much more cheaply and easily solved by having a moratorium on buying shit. Mozilla does not, EVER, need to be a customer.

neilv
1 replies
1h27m

Mozilla does not, EVER, need to be a customer.

Does Mozilla still need to be the seller or partner in deals with commercial entities (e.g., Mozilla getting paid to be the default search engine or LLM within the browser UI)?

If so, would ferocious skepticism within Mozilla be appropriate in vetting and monitoring those deals?

noqc
0 replies
1h25m

No

myself248
0 replies
20h29m

This. If they can go after the guy for fraudulent misrepresentation or something, I'd be on the sidelines cheering every jab, maybe contributing if there's a legal "attack the stalker companies" fund.

hayst4ck
8 replies
15h46m

If company A creates a problem that company B is paid to solve, then company B benefits when company A is able to make the problem bigger. Therefore Company A and company B both have a vested interest in the problem continuing to be problematic. Both are in a symbiotic relationship that allows them to both extract a profit while providing no net benefit to society.

This is rent-seeking (https://en.wikipedia.org/wiki/Rent-seeking). Rent-seeking is an economic drag and ethically indefensible.

Regulation is how this problem gets solved and it's the only way it gets solved.

BLKNSLVR
6 replies
15h5m

There was an article on HN recently about government agencies (but also applied to private companies) that are setup to solve problem X and often evolve to, not necessarily causing it, but making it harder to solve.

Brananarchy
2 replies
15h1m

If it's the one I'm thinking of: the title was about government, but all of the examples in the article were private firms with profit motives. The author implied that government must work the same way as industry, but that's a huge assumption.

The article had no examples of public agencies perpetuating the problems they set out to solve.

legacynl
0 replies
4h38m

It's because the article and website is stupid, and is trying to make you believe public agencies are ineffective on principle.

Public agencies don't exist because of profit. They exists because of government mandate.

Also the website states it's just a single PHD that claims "I created Effectiviology to provide people with research-based information about psychology and philosophy they can use.", but it's in reality owned by 'Super Privacy Service LTD' according to https://www.whois.com/whois/effectiviology.com.

Don't trust this source.

MacsHeadroom
0 replies
14h44m

Were these private firms funded by the government?

karmakaze
0 replies
2h48m

I also apply the Shirky principle at larger scale when solutions have become an industry, e.g pharmaceutical industry.

legacynl
0 replies
4h37m

But that blog post was wrong an ill informed.

croemer
0 replies
15h41m

Protection racket...

micromacrofoot
5 replies
20h56m

I used OneRep for a few years and it did what it advertised, but that's certainly shady as hell and I'm glad I stopped using their service.

Are there any more trustworthy alternatives? data brokers are scum.

beyondd
4 replies
20h36m

For an alternative, take a look at Optery (YC W22). We've been flagging the situation at OneRep for years and put a statement out following the Krebs article (link below). We launched to the public as a Show HN in 2021 and as a Launch HN in 2022. Full disclosure, I'm one of the Optery founders.

https://www.optery.com/optery-statement-following-investigat...

michael9423
1 replies
20h11m

What do you think about Kanary?

eaurouge
1 replies
18h22m

Why don't you ask Google to remove pages, while you wait for the perpetrators to honor your page removal requests? I believe Google recently added tools to make this possible.

beyondd
0 replies
42m

Optery hasn't addressed that yet, but right now starts at the source (the data brokers), and then submits removal requests to Google directly via their Outdated Content Removal Tool. Here's now it works: https://www.optery.com/optery-and-googles-content-removal-to...

Sephr
4 replies
18h29m

I would only trust a tool for sending mass opt-out requests to every company that I've interacted with if it was free and open source. Even with good intentions, commerce becomes yet another tracking instrument.

jart
3 replies
17h48m

Not possible. Open source code doesn't have limited power of attorney. Data brokers would also read its code and thwart whatever logic it uses to fill out forms.

Sephr
2 replies
15h57m

You have power of attorney for yourself. Open source tools can run on your own systems and represent you.

jart
0 replies
14h28m

If the open source software interacts with the data brokers as you, then how would it do that without giving up even more of your personal information? Services like Optery also lose the ability to remove your information from a data broker if you have a direct account with them. So you better hope that open source maintainer doesn't lose interest after a while, since if they do, you'll be permanently doomed to logging into hundreds of broker sites each year to refresh your opt-out.

Zuiii
0 replies
14h32m

Exactly. What we really need is a public, open list of all tracker companies that anyone can contribute to (like adblock lists). What we do with that list is up to us and our governments.

SpaceManNabs
3 replies
21h21m

I thought people were being ridiculous when they were angry at mozilla for bundling with Pocket. After this, maybe the slope was more slippery than I thought.

wolverine876
2 replies
21h11m

How would this situation indicate a slippery slope of decision-making? Mozilla didn't know about OneRep's CEO's history; nobody did until Krebs uncovered it.

krebsonsecurity
0 replies
4h58m

Their earlier statement said they were aware of the CEO's history but were assured that part of his life was behind him. From that statement on March 15: “We were aware of the past affiliations with the entities named in the article and were assured they had ended prior to our work together,” the statement reads. “We’re now looking into this further. We will always put the privacy and security of our customers first and will provide updates as needed.”

https://krebsonsecurity.com/2024/03/ceo-of-data-privacy-comp...

is_true
2 replies
19h27m

Wow, this kind of companies should be nuked. I cannot wait the EU to notice this problem.

petesergeant
1 replies
18h26m

At least as scary are the companies (company?) who allow you to do a facial recognition search over the entire crawlable web.

is_true
0 replies
6h22m

Yep.

johnea
1 replies
20h9m

I definetely wouldn't want Mozilla to support people-search organizations, but I also wonder if that's really happening here.

I have to believe the expertise gained in people-sesarch would be exactly the expertise one needs to remove people from the roles used by those organizations.

The real question is whether or not there is data brokerage out of Onerep.

This seems like a triumph of optics over substance...

toyg
0 replies
16h54m

It's not just experience, the guy is still invested in a company that does the Bad Stuff. He's playing both angles.

citizenpaul
1 replies
20h3m

I've had to make the hard acceptance that privacy is absolutely irrevocably dead. Anyone with power or money can now find out not only anything about you but likely even more than you know or realize about yourself. Who has time to do a through documented introspection of every aspect of their own life and actions regularly. Along with every possible connection that this also leads to? No one.

Unless there is massive senate/house/pres unification on absolutely crushing the endless disgusting behavior of spying on people to diminish them and enrich yourself is made illegal WITH CONSEQUENCES. Nothing will change. This will never happen because the US gov is the both the biggest customer and purveyor of these services.

Mozilla is basically the last place that even gives lip service to privacy and they are in bed with this guy. That is how hopeless the situation is.

jart
0 replies
17h35m

Anyone with power or money

Data brokers post a lot of your PII on the clear web for free. It doesn't cost anything to find out someone's names, the address of every place they've lived, the names of their family members, etc.

legacynl
0 replies
4h32m

Yeah but you provided no evidence, no reasoning, or anything else that might have elevated your comment above a mere guess. If you throw enough spaghetti at the wall, some will stick.

reilly3000
0 replies
19h49m

What a win for internet journalism.

noqc
0 replies
1h42m

@dang, why did this get delisted?

cooper_ganglia
0 replies
21h0m

Talk about hedging your bets!

codehalo
0 replies
18h2m

Svd Cfg DC as c

Zuiii
0 replies
14h23m

In the sprite of ad-block lists, I suggest we create an open list of all known companies that people can easily add to. Information about these shady-ass orgs should be divorced from enforcement against them.