They're right, recently I've installed some Windows update for my parents and I had to reject like 5 suggested changes - installing Office trial, switching default browser to Edge yet again, and more.
But this goes way beyond the browsers - I've never explicitly installed Keychain on my iphone and yet it shows as an option next to 1password every time I fill in a password field. Google calendar asks me to install an app every time I open a web version on my phone, my work laptop has 1 active notification in system settings for a year because I didn't enable iCloud backup.
I'm not sure what's the solution here. I stick to the apps I use because I know what I'm doing, but so many users will just click "yes" when shown a pop-up. On the other hand, the built-in integrations provide value (e.g. it's better that people use and save random passwords in Keychain than using the same one everywhere). I feel it's always a cat-and-mouse game where the big tech is punished after they've already gained a lot, so they win anyway.
The win11 / Edge bullshit finally pushed me to migrate my last win machine to linux. I used to love Windows, nowadays it just makes me bitter. Do you know typing "torrent" in the start menu doesn't find "qbittorrent"? In 2022. It sums it all.
And the acquisitions...
I've had countless minecraft sessions ruined because of microsoft account / store issues. Don't even get me started on realms and the chat policing bullshit.
Github new PR review UI is great on paper yet completely useless to review large PR because of performance issues.
It took me one month to upgrade a zoom account to pro because the checkout would just show a blank page. Oh and I can't stay signed in on zoom.us because I disable "Functional Cookies", yet that's the only website that's ever had an issue, and I'm not using a hardened setup, just vanilla FF.
So much for the modern, developer and open source-friendly narrative.
> Do you know typing "torrent" in the start menu doesn't find "qbittorrent"? In 2022. It sums it all.
It's even worse. I want to open Notepad++ and begin to type
N -> notepad.exe
No -> notepad.exe
Not -> Notepad++
Note -> notepad.exe
Notep -> Notepad++
Notepa -> Notepad++
Notepad -> notepad.exe
The times I actually wanted to open notepad.exe is exactly 0 but the stupid algorithm sees me mistakenly opening notepad.exe because of the aforementioned stupid algorithm and recommends it even more often. It's like it's designed to create the most annoying search experience possible.
Ugh, Apple is guilty of this too in spotlight search. Actually worse, because it randomly changes after maybe 500ms, randomly, after typing a character, sometimes.
N -> OneNote.app
-> Then (maybe) quickly changes to Notes
No -> Notes.app
-> Then (maybe) changes to OneNote
Not -> OneNote.app
Note -> Notes.app
I'd say the way around it is to install Alfred [0] and be done with it. Just have to disable the web search option. Because no, I did not want to open a browser and search for "norepad", I just fat fingered it. Luckily once disabled it works just right.
That one is at least malleable. Suffer through invalid suggestions, wait, select the one you need, and after 10 or so attempts it finally learns that you always want that particular app as your first choice.
At least that's how it was before. I wouldn't be surprised if they broke it.
At least you guys have software conflicts. I try to run "runemacs.exe" (I have no idea how you're supposed to run Emacs on Windows, but that's what I do), and it's:
R -> "R, the project for statistical computing" (fair I suppose)
Ru -> Run (what is "run"? It's that little dialog box from Windows 3.1 where you can type in an executable to run)
Run -> Run
Rune -> RuneScape (not something I have installed)
> Ru -> Run (what is "run"? It's that little dialog box from Windows 3.1 where you can type in an executable to run)
This is the best. It opens immediately, no animations, ads, etc. I have a .bin folder in my home dir with full off shortcuts, this folder added to the $PATH so I just need to type my shortcuts to open any app.
It sounds like you're trying to run an executable that's on your PATH. The start menu search does not apply fuzzy search to locations in the PATH environment variable (reasonably so, most of it is either going to be command line tools that need additional arguments and spawn a console window that instantly disappears or just junk that most users don't care about).
If you want fuzzy searching to work, add a shortcut in the start menu for runemacs by placing the shortcut in %APPDATA%\Microsoft\Windows\Start Menu
It gets a lot better when you turn of web searches for the start menu search. Perhaps some people like having a single place to search for applications to run, documents on their PC, and things on the web. But I'm not one of them, and it slows down the search as well.
It's also slow[0], or not properly cached. Half the time I bang out 'c-m-d-<enter>' to open a command prompt and I either get nothing or a program that doesn't contain any of 'c' 'm' or 'd' in its name. Which is aggravating because the 'Win then type the first 3ish letters of the program you want then hit enter to open it' workflow is so good[0] but MS makes it hard to be smooth and repeatable with it.
[0]Honestly how? I have 32GB of ram, the name and directory of every program I've ever run probably fits in 100kB. You could even presort the list by the first two possible letters (26^2) at a tolerable memory usage.
I think that's down to the way it has remembered/saved your search as I get a similar behaviour with "Camera" and "Turn off camera access systemwide" -- "c", "ca", and "came" suggest the Camera app and "cam", "camer", and "camera" suggest the system setting.
I use both of these, and it looks like Windows has remembered I select one or the other at a given point, so is saving that suggestion.
It also likely has built in associations for the default applications (notepad, camera, etc.) that you've overridden by selecting notepad++ at those points. If you select/locate notepad++ at the other positions, I wonder if it will start suggesting that instead.
> The win11 / Edge bullshit finally pushed me to migrate my last win machine to linux. I used to love Windows, nowadays it just makes me bitter. Do you know typing "torrent" in the start menu doesn't find "qbittorrent"? In 2022. It sums it all.
Heh, try KDE's KRunner. I type 'kt' and it matches ktorrent. But if I type 'kto' it switches to matching "Desktop 8". 'ktor' once again matches ktorrent.
That's a common autocomplete behaviour. It's trying to be helpful. If you actually wanted ktorrent, you probably would have selected ktorrent on 'kt'. By typing another letter you're hinting you might want something other than ktorrent. Not sure if I agree with the behaviour, but I understand it.
That is a good explanation. The behavior is reasonable if we all type one character at a time, wait for the list of suggestions to update and stabilize, and review the list before typing the next character. Unfortunately, some of us are impatient and just type a bunch of characters at once. But I understand the type of audience the designers are going after.
When you enter your birthday during Windows installation (yes, you have to have a Microsoft network account to log in to your own computer, and you have to supply a birthday), the button for confirming the date is a small, grey checkmark hiding below the date picker. Clicking the big, blue “Continue” button in the lower corner will discard your date choice (since it wasn’t picked) and then fail form validation because you didn’t pick a date.
There is a certain cubicle masochism associated with this kind of system. I’m convinced that computers did not get easier to use since all of them had command prompts. But you know, it’s got windows!
To install Windows 11 without a Microsoft account involves bringing up a command prompt in the middle of the installation process and typing some magic incantations. It's clearly not what Microsoft wants users to be doing.
I got Windows 11 Pro on my new machine for the sole purpose of avoiding that BS (and have it running without an account), but now you can't even do that on new installs without those workarounds. It's a dark pattern akin to Amazon trying to get you to use Amazon Prime when purchasing something on Amazon.
I guess I get it, but it doesn't work well for me. By the time I recognize the ktorrent icon and hit enter, my fingers have already typed the next letter. With this system I have to deliberately pause pressing enter.
So much for the modern, developer and open source-friendly narrative
That's exactly what it is: encouraging "developers", some of whom IMHO shouldn't even be writing software, to indulge in "coding" while completely ignoring and antagonising the user perspective. Countless users' workflows just broken with no recourse just because some selfish bastard wanted to use something "new and different" without considering the wider effects. When the culture only cares about promoting new and shiny tools/frameworks/etc. to developers and feeding their appetite for otherwise useless things, and in doing so, forsakes the original purpose of software, this is the result.
This is my experience as well. All I want is a solid block task bar and solid black window title bars. Since Windows 7 it's become next to impossible to do that without uxtheme.dll patchers. I'm done. Linux all the way now.
I loved my Linux setups so much I automated them with some Ansible and a bunch of scripts and config files in a git repo to set up my user profile too.
I can't seem to get two Windows installs to be functionally identical the same way. I also can't believe winget is a relatively new invention.
You can turn off most of the annoying stuff, for a time. I'm convinced that sometimes settings just change on their own.
A couple of days ago, I give a very brief workshop of Arduino. All the students with Linux boxes have some kind of problems, like the user was not a member of the dialout group or the group does not exist at all. I still prefer Linux, but no everything works "out of the box".
> All the students with Linux boxes have some kind of problems, like the user was not a member of the dialout group or the group does not exist at all. I still prefer Linux, but no everything works "out of the box".
This (requiring elevated privileges) is a very niche thing, though (raw access to the serial port).
But the students with Windows laptops did not have these kind of problems. Although I can think of a lot of issues, in this "very niche thing" Windows worked "out of the box" and Linux didn't.
> But the students with Windows laptops did not have these kind of problems. Although I can think of a lot of issues, in this "very niche thing" Windows worked "out of the box" and Linux didn't.
Yes, for this very niche thing Windows works out the box. For other not so niche things, Linux works out the box. For the not so niche thing of "set up a LAMP stack" and similar, Windows is pretty poor at it, compared to using apt-get.
Also, for this very niche thing, I'm pretty certain that the arduino IDE I installed from the repository worked out the box for serial port access.
I'm guessing that you pretended the Linux boxes were Windows, and installed on Linux by downloading it off the arduino distribution site?
> I'm guessing that you pretended the Linux boxes were Windows, and installed on Linux by downloading it off the arduino distribution site?
Yes, that was a mistake. But it was not as simple as saying "install from apt-get" because some where using Arch-based distros (pacman), a few were using Fedora (yum) and others Ubuntu. Even so, not always that the user is added to the right group. Also, we wanted to show the new 2.0 IDE.
I'm one of those weird people that genuinely enjoys using windows as my main OS. vc++ and c# stuff is very nice on that OS, but I still feel like wsl is a bit like shoving a square peg into a round hole. too often, things that "just work" on a full-fledged linux install fail on wsl for some obscure reason.
my solution is to use windows for GUI things, and a remote linux instance for actual building/running/deploying services. vs code server is really nice for this, you can essentially run it as a GUI thin client locally that controls a headless remote that does all the heavy lifting. it's pretty seamless if you're willing to accept that you need a network connection to get any work done.
probably not for most use cases, but I build some fairly large projects. it's nice to interact with a 16C/32T xeon node through an ultrabook. downloading tools/assets runs at the speed of the datacenter link rather than coffeeshop wifi. if nothing else, my battery lasts longer this way.
I moved away from Windows for the same reason. Edge is a highly anti-competitive and privacy invasive browser. I'm surprised people don't care as long as the data exploitation is not directly visible to them.
Not to mention their new loan scams. Edge is a spyware/adware first and browser second.
As far as Chrome and its myriad knockoffs go, I'd say Edge is probably the least bad. It at least works as a browser, and it's among the few that has an option for a vertical tab bar instead of shoving all the tabs into the top and squishing them together into teeny tiny slivers like an absolute fucking maniac.
Yea before I switched to PopOS due to the Windows 11 online account/edge browser fiasco I used the launcher "Executor[0]". Exectuor is by far the most powerful launcher I have ever used, to bad there isn't a launcher in Linux that has all of the features.
You can remove the 'iCloud' notification by starting the setup for it, and then cancelling.
It's a dark pattern Apple repeats with a lot of notifications - they are not dismissible and give the appearance they are only resolvable by completing the notified request, but it actuality just starting the setup and then cancelling will resolve it.
Honestly that sounds more like a dark pattern (advertising "notifications" you can't dismiss) + what they would consider a bug (dismissing the adware on installation start instead of finish).
zealot? this is why i switched... so many times i need my computer just to work when turned on but with Microsoft you have to wait for a mandatory update and then have to jump through hoops like we are installing windows software that you have to remember to unchecked all the stupid extra crap they will install on your computer vs just having a single place for all your software and where it all gets updated from.
this person complained about it and switching to Linux would solve their problem
Telling someone to just use Linux comes from a position of privilege. Not everyone is tech savvy (no, I don't care about your grandma being able to write her own video drivers) and many people must use software that's not available on Linux. No, the open source version isn't the same thing and saying "just use WINE" is once again coming from a position of privilege. Overall, telling people to just use Linux is one that lacks empathy for individual circumstances.
even if everything you said is true (and thats a stretch), what does that have to do with the person calling the other a zealot for using the word Linux?
It seems by your logic, calling a Linux user a zealot is fine. Also by your logic, if someone casually suggests trying Linux, then that person is abusing their privilege and lacks empathy.
Zealot: „a person who is fanatical and uncompromising in pursuit of their religious, political, or other ideals.“
Calling someone who says „just use Linux“ from a position of privilege due to a lot of domain knowledge, and therefore being uncompromising, does make sense though.
Regarding keychain for password filling, you can choose to disable it in the settings -> passwords -> options. It’s selected by default but if you tap it it will deselect it.
Oh, please don't! I use both 1Password and keychain for different purposes, and I want access to both. I definitely don't want keychain silently disabling itself just because I installed 1Password!
Or at least asked you outright when installing a new one; "Please choose a default app to perform this function: Password Management" and then show you a list of currently installed ones (+ the newly installed one of course)…
I actually use both Keychain and LastPass. They are more or less in synch. I need LastPass (or at least another non-Keychain alternative) because I don't just work in the Apple ecosystem, but I use Keychain as well because it is very convenient when I'm on an Apple device.
- The keychain is an essential part of macOS and iOS; if an application wants to securely save data then that is the interface it uses. This is not optional because a huge proportion of applications would break if it were removed.
- iCloud Keychain is the feature of iCloud that syncs your keychain to iCloud. iCloud itself is opt-in, and this particular feature of iCloud is opt-in as well, I think, or at the very least optional even if you use iCloud.
- Safari has a built-in password manager, like every other browser these days. This saves to the keychain, whether that’s synced or not.
> I've never explicitly installed Keychain on my iphone and yet it shows as an option next to 1password every time I fill in a password field
It is worth noting that KeyChain was introduced in Mac OS 8.6 in 1999, and has been part of every version of macOS since then, as well as every version of iOS ever. It's basically the user credential subsystem for Apple operating systems.
As I understand it, 1Password came out in 2006.
When I looked at it last, it seemed that 1Password didn't interoperate well with KeyChain and also required a subscription - decisions which I found unappealing.
It's also impossible to set up someone less technical with an alternative. The platform will keep prompting them incessantly and in various different ways, and sooner or later they'll switch or activate something by mistake.
It really needs to be possible to say "no means no". But somehow, continuously nagging seems to have become acceptable.
Not entirely true, but they certainly don't make it simple and I don't think the government will care because they benefit from browsers trying to revert people out of privacy enhancements.
Keychain is opt-in. If you have it configured on your iPhone, it's because you accepted it when configuring your iPhone for the first time. You had to choice to refuse it - and you still have the possibility to disable it in your iPhone settings.
It's unclear how it works, I received a prompt in Firefox to save my password, and I thought that it was the Firefox browser that would be saving my password however, it turned out to be keychain. Now the keychain message pops on all the time, I will have a look in the settings to see how to disable it.
I wish I could just mail Microsoft a check and a note that says "I am not a tech ignoramus, stop treating me like your side bitch" and get the same Windows experience I was enjoying a decade ago.
Also there was an uptake in integrations that open edge irregardless of what your default browser is, like start menu search results if you happen to have web search enabled in it.
I think the deeper question is: Are you truly being allowed to opt out if you can't disable (or aren't ever prompted to disable without knowing an arcane set of menus) the UI elements (e.g. the aforementioned prompts on password fields, or the prompt to install an app whenever opening the mobile web version of a site) that serve as an advertisement for the specific service?
To be sure, this isn't just restricted to "please install this" dark patterns, and in certain ways it's been central to the ad-supported business model ever since the first television ad was shown on a network channel. But arguably we shouldn't give any of these examples credit for truthfully being "opt out."
I guess if you define "forced" as "completely 100% impossible to avoid or prevent" then yes. But I think it's reasonable to say that "forced" is acceptable shorthand for "coerced by dark patterns in such a way that 99% of actual users will end up doing what the vendor wants whether they want to or not".
You get prompted once on Windows unless you use Edge again. I don't think that would be considered force either. Force would be like a prompt on every reboot or whenever you opened Firefox.
That's not true. Major patches all have some dialog full of dark pattern suggesting you browse with the most secure, bestest browser. Within the last year I've had multiple family / friends ask me how to get back to their normal browser, not knowing why Edge was now launching by default whenever they clicked a link.
Edge even has special behavior to show you the same bullshit when you try to download another browser [1] [2]. But no worries, they might get a slap on the wrist for it.
For a few things (the one thing I'm familiar with is the lock screen if you've left the "show random pretty pictures" option turned on, but I think there are a few more places besides that) Microsoft does force links to open in Edge instead of the default browser.
- Any links from many Microsoft apps (including searches in the Start Menu that silently turn into web searches)
- PDFs (sometimes, even if you don't have Edge set as your default PDF app) (even though Edge is actually the least unusable non-paid PDF viewer for Windows)
Besides that, Edge will randomly reset itself as the default on updates.
On desktop there's emails, chat apps, etc. On mobile the default browser is often used for the webview within apps, e.g. on Android I have Firefox doing the rendering for webpages inside other apps' UI, which means I can block ads thanks the uBlock Origin.
Mobile is different. But on a desktop, most people use webmails, and many chat apps are web based. I barely click any link outside of a browser on a desktop.
I click on links all the time from email (not everyone uses webmail), console, IDE, etc. Enough that yes, it very much matters. Even if not that many links happen, there's 0% chance you wouldn't end up by default using whatever browser it is that opens when you click one.
You're right, it doesn't matter, they spend so much time and take so many risks (and pay so much in fines) to push their own settings for absolutely no reason.
Without commenting on the claims, it's interesting to consider how times have changed. Microsoft originally lost an antitrust lawsuit [1] over little more than tying Internet Explorer into their OS and not readily including alternatives. They not only lost that case, but the initial judgement was that the company was to be broken up.
Microsoft started spending dramatically more money on "lobbying" following that.
Amazing that 20 years on, the USA has essentially given up on anti-trust tech regulation.
Facebook acquired and repeatedly copied its closest competitors, no problem. Adobe buys up its competitors, no problem. Google aggressively pushes Chrome and fails to makes its own websites fully compatible with competitors, carry on. Apple refuses to give users the freedom to run their own apps on their purchased phones, no biggie.
Was there some kind of official policy shift, or did the government just give up?
My guess is that the government realized that FAANG makes for better bedfellows than sworn enemies. They can wave economic incentives in front of their face in exchange for international power beyond what other countries can offer. Having Google, Amazon, Apple and Microsoft under your thumb gives you control over ~80% of the internet and <95% of all PII. There is obviously a domestic interest in controlling that, so it would make sense that our intelligence agencies trade surveillance capabilities for SEC mulligans. That also explains our bipartisan indifference towards real data regulation and privacy legislation.
From an intelligence perspective, I agree w huntergatherer that everyone's not under active surveillance. IMO the problem is:
- once you are its far cheaper and more complete to surveil than it used to be, and...
- the bar to be a "party of interest" is far lower than it used to be. We can see this especially as some tech filters downwards into local police stations.
Its also tremendously useful for FAANG/MAANG to ensure their interests are adopted by elected officials and US officials are pretty cheaply bought. Honestly two senior SWE salaries for a year would do it for most congressmen. Just like Altria, or energy companies, tech companies donate to both sides of the fence, solicit tax breaks from both sides of the fence and look to keep labor cheap and competition low so that their owners/shareholders/investors are enriched.
From a federal government perspective, we need these companies to be 'American'. It doesn't matter where they pay their taxes, how much they off-shore work, etc. these companies trade on the US stock exchange, make up one of the strongest economies in the world, driving capital and human talent from every corner of the world to the US.
Why slow all that down in the name of 'fairness', user protection, competition and a lack of predictability
Well, I guess the NSA makes the most sense. They've been integrated into the corporate structure of FAANG for over a decade now, and they're the primary government entity making demands over this stuff. The who is a lot harder to track down - maybe there is a Wizard of Oz hiding behind one of our administrative curtains, but I think it's more of a bureaucratic process. Judging by what we know about America's surveillance infrastructure (eg. XKeyscore, Tempora, Boundless Informant), it would make sense if most of this software is developed in-house and then passed off to FAANG to implement and obfuscate.
Again, all of this is conjecture. There's a lot of strangeness that surrounds the US intelligence agencies though, so I'm inclined to make some sense of it.
I'm sure I'll get downvoted for this and not believed by hardly anyone on this crowd so I'll keep it short and without evidence, only testimony:
I was a US intelligence officer for some time. Not woth NSA, but did a lot of work with NSA, CIA, and the Bureau. The involvement between the US intelligence agencies and FAANG (in terms of the rough narrative involved) is a lot less impressive and threatening than people here suppose. The reality is that the US government hires some smart people to solve hard problems. When the problems get harder, they higher more smart people. The costs arent completely opaque, either. So at the end of the FY the costs get seen by elected officials and actions get justified and legally scrutinized. As it turns out, the US government is a lot less interested in spying on people who aren't threats to the state, and the intelligence agencies have to be judicial in who they target, because there are limited resources for such activities.
The US intelligence service is also a bureaucracy, and people seem to forget that. Just because something is "secret" doesn't mean it is romantic or Bornesque.
Context: I have not held a TS clearance or been employed with the US government nor contractor for a little over 3 years.
This directly contradicts nearly everything that was stated by Snowden, where his identity is not only known and affirmed, but also came with extensive documentation affirming, more or less, everything he said. For one such example, here's a fun manual from the NSA on spying on Skype in realtime [1].
It even comes with a handy Q&A technical FAQ like ensuring you can also get the chat of the person the target is speaking to, or why you might receive multiple copies of one message (a target that is synching on another device has all of that data forwarded onto the NSA as well, so you get repeat messages). Quite user friendly! I'd love to see the UI.
---
Incidentally, I'm not saying you're lying. The reality is that most of government is just bureaucracy. The NSA has tens of thousands of employees, a budget in the tens of billions of dollars, and their fingers in everything all the way down to World of Warcraft. [2] The guy tasked with spying on elves and death knights (which, shockingly, never turned up anything) is going to have a different view of the agency than the guy who is doing things like spying on people's Skype conversations, or the person who is producing the metadata upon which people end up being killed.
My theory behind snowden is that the NSA "leaked" a bunch of stuff through him that isn't actually true. It was there to provide a chilling effect so that people would use the internet with fear. After all that came out people started self-censoring.
I won't downvote you, but I have a really hard time believing you (and prefer to entertain the possibility you didn't have complete insight into the intelligence agencies). Thank you for replying though, it's interesting to hear alternate perspectives on the topic!
I've previously held a TS SCI clearance within an organization. I wasn't an S-2 guy, but worked with them and troubleshot stuff in the SCIF from time-to-time. I did some auditing in well-known buildings, blah blah blah.
Basically, the more secretive things get, the more bureaucratic and tedious they get. The more impossibly hard it is to do literally anything without at least 5 or 6 meetings to discuss the poteintal outcomes and risks therein. I suppose when you get to the kinds of things POTUS wants done right now, it could get weird? I don't know, never been in that position. But the amount of oversight and auditing that gets done by people that refuse to do anything that could risk their retirement? It is excessive. At more than a few points I found myself "preparing for the pre-inspection, inspection." That inspection, which would happen however often, was essentially always happening. You were either "learning from the last one" or you were "cleaning up for the next one". Just absolutely soul crushing.
I should also mention, even though some of the words I used above might sound interesting, it really comes down to carpeting. Carpeting sucks everywhere in the government. They can spend tons of cash on stupid meeting room tables for conference calls or whatever, but the thing you walk and stand on is just absolutely awful. Except in an executive officers office. The office that goes completely unused because they're out doing...whatever it is they do. Golf? Lunch? Who knows. Once you notice the little things like that, or light fixtures just looking like trash, you realize that all of the magical ideas people have about the big scary government is just kind of...quaint. Like things can be important or sensitive or whatever, but it's just not the way people imagine it being. It's too bogged down in the mud to be what people think it is.
Getting basic things like light fixtures changed out becomes a major hassle because, if it requires a dude on a ladder, now that dude on a ladder also has to have a clearance, and the room has to be sanitized. Don't forget to turn on the red light, so no one forgets that there is a guy up on that ladder! Getting one bulb changed can interrupt your work for at least an hour or two. It's insane.
Like, we had one cleaning lady. For a building of...a lot of people. Everyone loved her and treated her great. Do you know why that was? (Well, she was totally awesome and nice. But besides that.) It was because if she quit, there would be no one to replace her. That would mean every desk jockey in the building would be lugging their trash to the locked dumpster halfway across the parking lot in the hot sun. Then have to go through all of the fun stuff that goes with getting through the front door. They treated her like royalty!
Right before I left, they did actually get some young guy in there. If I had to guess, they went with him because they were hoping he would stick around for at least two to three decades.
Mostly think tanks, policy circles, and White House wonks over every successive Internet-age administration. All segments of the U.S. government pay close attention to, among many people, geopolitical analysis of all stripes, who can help them understand how to remain the world hegemon. The U.S. frequently commissions studies by outfits like Booz Allen Hamilton on geopolitical matters (you can browse the "DoD Reading Room" to read plenty of the these thanks to FOIA requests[0]).
"Breaking them up would hurt the U.S." isn't just a lobbyist argument, it's deeply understood at all levels of the government. The White House absolutely understands that Silicon Valley is part of the U.S.'s soft power, draws plenty of international students to the U.S., and helps the U.S.'s cultural hegemony. It's not just about the most popular social networks and search engine "belonging to them" (though that's obviously important, and an advantage no rational nation would give up); Google and Meta's R&D spending are also huge elements of the U.S.'s "artificial intelligence dominance" over China, and the U.S. will never break them up simply because it sees AI-dominance as one of the most important elements of its geopolitical strategy.
It's easy to get the impression that the government mostly deals with domestic politics; but at its root, it is deeply and overwhelmingly concerned with fundamental strategic questions. The government cares deeply about U.S. universities remaining the world's best; about immigration remaining high (Republican administrations too) so that it can attract as much skilled labor as possible, grow the economy, compete with China's 1.4B population, and avoid an aging population that would decimate the economy for decades.
Policy debates "inside the government" bear very little resemblence to the TV version the American citizenry is obsessed with.
[0]: see, for example, "The Future of Europe", a 177 page evaluation of Europe's future economic, industrial, demographic, and political trends. https://www.esd.whs.mil/Portals/54/Documents/FOID/Reading%20... After you read it, you'll understand that the "policy debates" the masses are exposed to have very little resemblence with what preoccupies decisionmakers! The government, no matter the administration, is far more rigorous and strategic than people give it credit for.
> After you read it, you'll understand that the "policy debates" the masses are exposed to have very little resemblence with what preoccupies decisionmakers! The government, no matter the administration, is far more rigorous and strategic than people give it credit for.
In this case the example document you quote is rather poorly chosen and does not really seem "rigorous" at all. Most if not all topics the document touches are basically the same that monopolize "policy debates" everywhere all 24h of the day (immigration, nationalism, welfare, and immigration. did I say immigration?), and the conclusions are defended as poorly as your average comment from Reddit. The document does not even get the names of many regions and cities correctly; the grammar is at many points terrible; many of the figures and charts look as if made with Paint, and whenever they are not, they are screen-scrapped from random websites and then poorly JPEG recompressed. Heck, at some point they even use Google Trends as source...
My humble opinion about these "think tank" reports that get "leaked" is that they use "commissioned by X government" just to advertise themselves, and it's either false or meaningless. I'm quite sure that the "serious" government analysis, if they exist, don't get leaked since that would probably immediately ruin all the predictions.
The most maddening thing is how little other governments seem to care about it it.
Forcing windows, android, and ios on your citizens and gifting silicon valley a constant worldwide surveillance feed is incredibly harmful to long term interests. Forcing every business to use office365 to interact with any government office is a 1% income tax gifted to the american economy.
The U.S. would never allow the EU to ban American web services to try to foster European innovation like China's doing. They have strong ways to enforce this including by starting a trade war.
But there's no reason for countries like India not to do it. Russia did it; it's not just massive countries that can get away with it.
No need to ban it. Just stop enforcing it by only allowing access to government services (or any services during covid) via apps only on play and ios stores. Stop mandating teams for business communication with any government department. Stop publishing things in closed formats.
Could even mandate that any inter-operation occurs over open protocols with at least two implementations (many governments even have this policy for essential systems, they just forget to enforce it around microsoft).
I mean... It's pervasive? Many elected officials across both parties in the United States have advanced the surveillance state and have passed legislation at the behest of 3 letter agencies. Of the last 4 presidents, 3 were pretty involved with advancing it: Bush, Obama, and Biden. I don't know if Trump did anything to advance the surveillance state.
A notable quote from the above video from Senator Wyden suggests the 3 letter agencies are harvesting location data in mass from cellphone towers.
You see surveillance legislation move forward with support from both parties - often under the guise of protecting children or stopping terrorists. It's not a stretch to connect the dots between our 3 letter agencies working with legislators in the background to advance the surveillance state, and those legislators simultaneously working with MAANG on multiple fronts, to assume there is some level of crossover with the surveillance agenda. It would be more unreasonable to assume they keep their surveillance objectives isolated from their interactions with industry after the Snowden revelations - which showed us that they absolutely worked with industry to collect PII of U.S. citizens in mass.
In the 80s a bunch of federal judges adopted the "consumer welfare" standard, which argued that we should only consider antitrust violations that harm, well... consumer welfare.
Since this was the 80s and Reagan-style free market rhetoric was in fashion, this became the new law of the land.
Problem is, very few antitrust violations actually meet this standard, because most companies aren't buying other companies purely to jack up prices. The harm is a lot more subtle. If you remember the days of "disruptive innovation", that could be looked at as monopolists getting punished for being too large and ignoring new technologies. Now, because antitrust is basically not enforced anymore, incumbents just buy their disruptors and integrate them into the whole. Startups no longer exist to create new products, but to eat up chunks of a big company's M&A budget for that year.
I'm hopeful that Lina Khan turns the ship around on this but it will take a decade, at least.
> Was there some kind of official policy shift, or did the government just give up?
It's not just government - every single day I'm seeing Americans being directly hostile against free markets and choice. A lot of people (and media) expect and demand that a single corporation builds all of their things and owns all of their data. Plenty of people get outright hostile and dismissive of anything and everything that might create competition with the brand they're religiously following.
"Plenty of people get outright hostile and dismissive of anything and everything that might create competition with the brand they're religiously following."
Do they? I am not aware of many FB, Android or google fanboys. People just use it. But surely would use something better, if avaiable.
Religious passion is more happening with apple, but it seems to me, they lost faith quite a bit. People use it and are entrenched in the apple universe, but fanatic worship and praise I am hearing way less nowdays, than back in the day, when Jobs was alive.
Yes, the US Government pretty much gave up on meaningful anti-trust regulation along about the Reagan era, as they pretty much gave up on a lot of stuff. The Biden administration via FTC Chair Lina Khan have declared they're trying to turn things around, but it's a big ship with a small rudder. We'll see.
no - there are consent decrees and internal legal agreements that you and I will never see, in effect now. Combine that with soft-pressure in thousands of (real) ways..
The Wikipedia page does not make this clear but Microsoft did not actually lose on the tying claim. The district court ruled against them but this was appealed and the appeals court vacated that ruling and remanded the case for further analysis (which never happened as the case was then later settled).
> They not only lost that case, but the initial judgement was that the company was to be broken up.
That judgement was also vacated by the appeals court who concluded that the district court "failed to provide an adequate explanation for the relief it ordered".
Microsoft got smacked because they weren't playing ball with Washington politics, they weren't bribing enough congressmen nor capitalizing on their market dominance to make themselves strategically useful to national interests. Since then, big tech companies have known to grease the gears and befriend power brokers in Washington. They now contribute to political campaigns, and have made themselves useful to the defense and intelligence sectors.
While this does align with my beliefs and biases, do you have any proof or evidence to point to that was the case? Specifically that the antitrust suit was due (in whole or in part) to Microsoft not engaging with politics, and that the result has been a trend towards big tech playing ball, and hence future antitrust being unlikely?
The spy shit is hard to back up, due to the inherently secretive nature of spy shit. However I can back up the lobbying aspect of my claims above:
Fortune magazine article about it from 2002 (hosted by CNN):
> For a couple of embarrassing years in the mid-'90s, Microsoft's primary lobbying presence in D.C. was "Jack and his Jeep." As the software giant's sole in-house lobbyist, Jack Krumholtz, then 33, had to battle endless traffic jams to get from Microsoft's suburban sales office to Capitol Hill. "Early on I spent most of the day in my Jeep Grand Cherokee on my cellphone," Krumholtz says. "I hit an all-time low on the day I was parked on a Capitol Hill side street reading through my mail with the laptop on the steering wheel."
> No longer. After the Justice Department filed its antitrust suit in 1998, Microsoft--a company famous for its disdain of government--undertook the largest government affairs makeover in corporate history. The company now boasts one of the most dominating, multifaceted, and sophisticated influence machines around, one that spends tens of millions a year. It's no great surprise that one of the country's wealthiest companies can bankroll a beefed-up lobbying operation when it faces a crisis. But what few people realize is that Microsoft has reached the very highest ranks of lobbying so quickly. Says David Hart, a lobbying expert at Harvard's Kennedy School of Government: "Microsoft has joined the top tier"--with such longtime heavyweights as Philip Morris, Lockheed Martin, and AT&T.
> "I was naive at Microsoft and didn't realize that our success would lead to government attention," Gates said, referring to Microsoft's antitrust challenges from more than 20 years ago. "And so I made some mistakes — you know, just saying, 'Hey, I never go to Washington, D.C.' And now I don't think, you know, that naivete is there."
They had bought/partnered there way into their own 24/7 cable news network a good bit before that, which is probably worth a thousand lobbiests politically.
The meme that MS lost the case about bundling IE with Windows is about as false and pervasive as “cable TV was once ad free”.
MS won the case on appeal and absolutely nothing changed in the US. Even the cited Wikipedia article says as much. There was never a time since IE was bundled with Windows that IE didn’t come with Windows in the US. There was also no browser choice mandate in the US.
Not only that but barely anything changed in Europe either. They were required to show a browser choice screen... for 4 years. Only a tiny fraction of the population will have ever seen it.
I wouldn't say nothing. Europe and Korea respectively have, "N" and "KN"versions of Windows from XP onwards that unbundled Windows Media Player and other preinstalled apps.
One of the next frontiers as a barrier to browser switching will be "software"-backed WebAuthn/FIDO2/"passkeys".
If you look at the APIs available on MacOS/iOS at present [0], and how WebAuthn works, you need to "trust" the client-side software to correctly identify the site origin (i.e. protocol, domain, port) and pass it to a physical security key. In the case of a software token, you need to restrict which app(s) can pass this information through to the system carrying out authentication.
The end result right now, as I can see it, is that if you sign up to a website using a "passkey" via Safari (for example), there is no real supported workflow that isn't site-specific, for migrating to a new browser - you are effectively beholden to Apple's keychain for getting you back into that site.
If you want to enrol a new device (say an Android phone using its own software implementation of WebAuthn), you would need to find a way to sign into your old account (which requires your MacOS/iOS passkey to log in), then enrol your Android device (which is a separate physical device). You'll likely get stuck here.
An expert user could add a physical FIDO2 token to their account from the old device (Safari), and use that as the authenticator to log in on the new device, but this is significant friction for a non-technical user.
While moving users away from passwords might make sense, I do think we'll see these "passwordless" authentication mechanisms become the next major point of friction in user browser choice. Even if you can implement WebAuthn in your rival browser, unless you get access to the system key store, you won't be able to let users sign in. That will prevent them switching.
As long that is true, it's also going to block widespread adoption of this stuff. Terrible usability is just not a great feature from a security point of view: it leads to people working around security measures.
I have to support some non technical people in our company once in a while. Trust me, this stuff is way too hard for normal people. People I know that own things like a ubi key are almost without exception IT professionals that know what they are doing. Outside IT professionals in IT departments, I don't know a lot of people that have much awareness of this stuff.
The trend in this space is to not have dependencies on dedicated hardware and use multi factor via phone apps and other things. It works, it's easy to explain to users. And lots of apps do this now. Google authenticator is still used but is increasingly positioned as a backup option to more user friendly alternatives.
WebAuthn is not a great success so far. It launched with a lot of fanfare a few years ago and then nothing much at all happened. In it's current form, that's not going to change any time soon.
I think you're absolutely right - my worry is that while passkeys are very usable, they also effectively create inescapable inertia and friction to ever changing browser or device ecosystem.
Today there is no migration path from one MacOS WebKit browser (Safari) to another (which also has an implementation of PassKey), since the third party browser can't share the same authenticator key.
As you say, all of this is far too complicated for an end user - my suggestions to avoid the problem and migrate only work for tech savvy users that know every site they use. That's maybe 0.1% of users.
My worry if we see adoption of passkeys is that only 0.1% of the browser market becomes contestable, as everyone else is stuck locked into their incumbent browser with no way to enroll their new browser's passkey into the sites they use.
Is there any chance that third party password managers like Bitwarden and 1Password will be able to implement add-ons and apps that replace this functionality, and that could open up migration paths? Or is the passkey future even worse than I feared?
Certainly - WebAuthn is an open standard, and passkey appears to just be "passwordless FIDO2" (all open standards) with shiny branding around it.
That means anyone can implement it, including a physical token (which can be entirely open source, like the solokeys dongle).
The real concern here is friction for the "average end user" - passkeys IMHO are a net-good thing, as long as we don't see this result in everyone regressing towards "single factor auth" in some way. As it stands though, WebAuthn/Passkey gives you a level of phishing resistance that ought to raise the bar on compromising accounts.
The part I do fear about third party password managers is that they'll potentially end up lowering the level of security that WebAuthn heralded, by normalising pure "software" authenticators - putting TOTP seeds into bitwarden alongside passwords feels like putting all your eggs in one basket, even if it's a reasonably good basket. A physical WebAuthn key gives you a level of hardware isolation (limited attack surface, time-bounded attack surface, physical contact required per-authentication) that will be lost if everyone moves to software-based tokens.
On the other hand, if people are replacing a globally re-used password with a "passkey", it's a lot better. If they are replacing a hardware token with a software token, that's a small step backwards. If most people are still manually using the same password everywhere, it's probably a net step forwards.
I believe 1password will implement passkeys at some point in the future. However that doesn't take away from the concern that passkeys are designed from the ground up to ensure vendor lock-in (there almost certainly won't be a way to migrate passkeys from Apple's or Google's keychains to 1password). With passwords there is a clear, if insecure, fallback -- simply copy the password over. With passkeys, you're subject to Big Tech's whims.
It is not possible to take anything Apple or Google do in this area to be in good faith.
> there almost certainly won't be a way to migrate passkeys from Apple's or Google's keychains to 1password
If that happens it will be 100% the fault of those specific passkey implementations. There's no reason why exporting a passkey database should be any more difficult than exporting a password database.
I agree - I think password managers will (soon enough) implement passkeys. As you say though, the current implementations deliver lock-in "by-design" (but with legitimate reason - you don't want to have an API that shares the AES-256 root key that decrypts passkey keyblobs!)
This could all be mitigated with a little bit of tooling (allowing an existing passkey to enrol a new passkey from another device), which would also help users of hardware tokens to potentially create a way to auto-enrol an off-site key.
I do believe WebAuthn is a good-faith attempt to get away from the pervasive problem of "use the same useless password everywhere", but it makes a range of compromises which (intentionally or otherwise) create a level of cryptographic vendor lock-in that I don't think many people have recognised yet.
I've flagged these concerns to several people involved in Webauthn, privately and publicly, and passkey portability is pretty clearly low-priority (i.e. never going to happen) for them.
The technology is safe enough to use, as long as you stick to hardware tokens - I have accumulated a few of them over the years (quite affordable), and you can get USB-A, USB-C and NFC versions.
You shouldn't get locked in with a USB hardware token - you can enrol it in Chrome on one computer, and then authenticate via Firefox in another computer.
The issue is really the software-based "passkey" implementation. As long as you're not solely reliant on one company for login (i.e. you enrol multiple keys, one of which is portable and interoperable, AKA a hardware token) you can safely add software-based ones for convenience without getting locked in - you can always use the hardware token to get back in and enrol a new device.
The problem is that a lot of people are going to unintentionally lock themselves in due to Apple's and Google's marketing. It's going to be a miserable few years.
This is a shame to see - it's understandable that there are some technical challenges in it, but it does seem possible (via a mutual auth handshake) to introduce portability. Kudos to you for arguing the case though!
Before "cloud keychain" (i.e. software-backed, like Apple's implementation), your only "safe" option was to have 2x hardware tokens, and try to keep one off-site, but still accessible enough you could enrol it on all the sites you use.
I fear with "cloud keychain" Webauthn, we are heading for a world where getting locked out of (or banned from) your "FAMNG" account will lock you out of everything else, to an extent we've not really seen before - no access to your synced keychain secret will prevent you from logging in to everything. Physical tokens remaining interoperable should give technical users an insurance policy against this, but without some kind of portability (i.e. pairing hardware webauthn keys), I fear it won't be practical enough to keep users safe, and independent of the keychain providers.
This has existed for years. I use 1Password for all my passwords and it shows up as an option when entering or creating a password in any browser on iOS. Furthermore, all browser can access the keychain if the user authorizes it.
Passkeys are a little different - at heart, you can export or write down (on paper, if it comes to it) your passwords, and then import them into another password manager if you choose to. If you want to move from the built-in keychain to 1Password, you can do an export/import operation, and have your passwords in 1Password.
You inherently can't copy-paste a passkey, since it's an asymmetric public/private keypair authentication. These keys are (usually) decrypted by a single symmetric key that you protect well. If you allow that key to be exported, you're back to "one password for every website"!
When this is done on a hardware-protected security engine (which doesn't permit any extraction of the key), it's arguably quite secure, but you don't then have any migration path.
Well, the point of such keys is that you can't extract the private part. I've never met a single service that supports Webauthn and doesn't allow you to have multiple tokens: every time I enroll into a new service, I do this: add physical key, add desktop (Windows Hello) if it's personal, add laptop (Touch ID) of it's work and maybe Face ID on iPad.
I have close to a thousand unique websites and passwords in my password manager. It is completely unreasonable for me to expect to re-enroll a thousand times.
> you would need to find a way to sign into your old account (which requires your MacOS/iOS passkey to log in)
Chrome and iOS will pop up a QR code for webauthn over BLE or whatever it's called (there's also caBLE[0]) whenever you're either enrolling or trying to log in via webauthn. This means that, as long as you have access to any device with your old passkeys, you can log in on your browser/android phone.
I wasn't sure what your concern was, but is it that?
1 ) Hardware authenticators won't spit their root secret, almost by design.
2 ) Webauthn doesn't require that the authenticator store the list of accounts, also by design (for privacy). So if you want to switch from iPhone to Android, you have to remember all websites you used Passkey on, and go one by one hunting down the right security settings page.
My concern isn't either, although both are interesting discussions - 1 in particular is relevant but understandable, as this prevents you from pairing tokens so you can maintain an off-site backup you don't have to retrieve every time you make a new account.
The specific challenge here is around software webauthn for passwordless access (think using Safari to create an account on a site). In this scenario, the average user has no portable authenticator. They cannot move to a new browser - you install Chrome, but can't log in from Chrome, as only safari can do a passkey login.
Even if chrome supports an equivalent setup (their version of passkey over Google sync, for example), you can't enroll it - to enroll, you need to sign in using Safari. To enroll your new device (chrome), you need to use it. You can't get logged in on chrome to do this. The average user has no option. A tech savvy user could manually copy session cookies to steal their own session, perhaps, or use a hardware key as a "bridge".
In essence, if you sign up for something using a passkey, you won't be able to easily leave that ecosystem at all, without pretty advanced tech knowledge (using a dedicated hardware webauthn key, or stealing and porting session cookies).
My separate observation about a lack of support for hardware keys to be "paired" to support an off-site backup use-case is unrelated, but perhaps relevant for tech savvy users who want to better "own" their own identity, and link their webauthn keys together for backup use-cases. Otherwise you have to maintain a list or spreadsheet of every site you use - I have one, so I can ensure I enroll each token I have with each service!
Thanks for your reply. I think the issue you describe is more due to the website. A website that accepts Passkeys should provide a way to enroll a competitor. In this case it could be as simple as copying a code in one browser and pasting in the other. This isn't too bad if you consider that typing a user+password pair is also annoying though more familiar. Of course, it gets near impossible if the device is dead and the user wants to switch brands without any backup. But again, websites enrolling only one authenticator and no alternative are somewhat negligent.
I think people who evangelize Webauthn need to carefully convey the risks and remind everyone that end users need backups (multiple authenticators, backup codes...). Hopefully, down the road, it will force interoperability between big manufacturers so one authenticator can authorize another for all websites in one go (this probably requires websites to have a standard way to enroll new authenticators).
> My separate observation about a lack of support for hardware keys to be "paired" to support an off-site backup
This is worrying me more. Interoperability between tech giants is bad but the sovereign solution may never get there.
Passkeys do have a (partial) solution to this problem: multi-device credentials. See the videos at the bottom of [1].
Say you install an app/visit a website on your phone and register an account with a passkey. My current understanding is that on iOS 16, the passkey lives in your iCloud keychain. If you want to sign in on a Mac on Safari, you can just visit the website and the discoverable credential from your phone will appear when you try to log into the site with webauthn. The website will be able to tell that you're logging in from a new device and optionally require additional authentication.
If you want to sign in on a device that doesn't have access to your keychain, you can use your phone as an authenticator over a combination of Bluetooth and a tunnel server by scanning a QR code on that device with your phone. The site is then supposed to prompt you to register the new device with whatever its local passkey solution is.
The best source I could find for how this protocol works at a technical level is an episode of "Security. Cryptography. Whatever" on passkeys. I guess the specs aren't exactly public yet (at least since I last checked) and are only available to fido alliance members.
I've been trying to work on figuring out ways to build a "passkey manager" of sorts to live up to the potential webauthn offers with hardware-backed credentials that are also synced and backed up (to an offsite key). As far as I can tell, as mentioned in another comment, this just doesn't seem to be a priority for the fido alliance, which is a real shame.
I'm cautiously waiting to see how 1Password deals with passkeys, given that they're one of the few FIDO members with a vested interest in being cross platform, but I'm betting they'll just implement a software keystore built into their current vaults without any hardware backing.
While Google, Microsoft, and Apple clearly factor into the equation here (especially Google — when Chrome first came out the marketing for it was a real force to contend with, and they've aggressively pushed Chrome ever since), the other big thing is that Mozilla ceased to be a leader. They started chasing Chrome and put Firefox on the back burner, and now they're reaping what they've sown.
I am a huge proponent of web engine diversity, but Mozilla is going to have to do some serious self-reflection and enact major changes internally to have a fighting chance. As things stand, even if regulation limiting MS/Google/Apple's abilities to self-promote went into place it will make precious little difference because Firefox gives few reasons for non-technical users to switch to it. As big of a splash as Manifest V3 has been, it's ultimately a storm in a teacup that only a portion of technical users know and care about.
Google pushing their product while allowing anyone to easily change default browser on Android is called competition.
Somehow though, that is the worst for you, while Apple simply blocking any competition on iOS (everything is Safari under the hood) is fine.
The amazing thing is that you say you are a huge fan of engine diversity - exactly what Apple is totally blocking.
Not much Firefox can do with their engine when iOS is their most important platform by far (note the countries they are strong in). Unless Apple changes policy they isn't much point in FF investing in their engine.
My comment said nothing about Safari or iOS, and Google's pushing goes far beyond just Android. Using any Google product in a non-Google browser will trigger a "Download Chrome!" dialog, and that includes things like Google's search which practically everybody uses. It's even present in Gmail, Sheets, etc on iOS, where instead of using the default browser when tapping links it will show a chooser that includes Chrome even when Chrome isn't installed. Furthermore, Chrome is bundled in the installers of various other things.
I'm saying to go ahead and put those regulations in place to force browser choice, but that alone won't save Mozilla. People will switch browsers on iOS in large numbers, but it won't be to Firefox because as I mentioned, to average users it offers nothing that Chrome doesn't. A handful of technically inclined users will start using Firefox on iOS while everybody else switches to Chrome or keeps using Safari.
Firefox needs a differentiator that Joe Q. Public cares about, and I sincerely hope they can come up with something once enforcements have been put in place because otherwise its course will remain unchanged.
> Using any Google product in a non-Google browser will trigger a "Download Chrome!" dialog, and that includes things like Google's search which practically everybody uses.
This has not been my experience. I even did a Google search for something random and could not find any "Download Chrome!" message anywhere (I'm using Firefox). I do remember some years back there was such a message somewhere on Google search, though. I wonder if maybe one of my uBlock Origin lists has it blocked.
I just tested and I couldn't get it to appear when using Firefox on macOS or Windows or under Edge on macOS, but it appeared right away under Edge for Windows[0] and Safari on macOS[1]. So it seems that they target default browser configs specifically.
On iOS in a private tab, Google doesn't try to push Chrome but instead the Google app, which functions as a browser.
I don't see those particular popups anymore, but I do see ones just like that for websites that will now let me log in with my Google account. They've become almost as obnoxious as the GDPR banners that "Hush" finally extinguished.
Now I’m starting to wonder … perhaps you aren’t aware that all that stuff you are writing about iOS is simply not relevant to your stated goals. I’ll say it again, Apple simply does not allow competing browser engines. Complaining about Google competing hard, while refusing to even acknowledge that Apple simply refuses to compete is weird.
I fully expect that Apple will be forced to allow other engines on iOS. It's inevitable. My point is that the opening up is very unlikely to be the saving grace that some seem to think it will be.
> while Apple simply blocking any competition on iOS (everything is Safari under the hood) is fine.
I see people using Chrome on iOS - they use it not because they think they're running Blink/V8, they use it because Google brings their own password syncing and UI to it. Same for something like Firefox Focus.
Is it really anticompetitive if allowing a different rendering engine would result in less than (maybe) 0.01% of users actually switching due to the change?
The quality of Firefox has nothing to do with the anti-competitive actions of platforms. This affects Vivaldi, Brave, and all the 3rd-party web browsers (or the platform browsers on other platforms, e.g. Chrome on Windows).
Mozilla doesn't make this argument because their browser share is lower than it used to be, but because diversity, not domination, is the goal.
I would say that diversity without significant numbers, at least when it comes to web engines, is meaningless. If Firefox remains at ~2% marketshare, web developers will pay it no more regard than they do now. It needs to be more popular so proper support for it can't be shrugged off, and so Mozilla has a stronger hand at the web standards table to stop Google from railroading whatever they please through.
I'm writing this from Firefox, having used it ever since the days when Firefox releases used to have launch parties, and tabs was the revolutionary killer feature.
Let me rephrase the question: does Gecko/Spidermonkey have a future?
I think it's clear the Firefox branding will live on, since it is Mozilla's crown jewel.
But in today's landscape, you can target WebKit (Apple) and V8/Blink (Chrome) and you've surely covered 98% of all use cases.
Surely these competing engines have far, far more resources pouring into them than Mozilla can afford.
Since the balance of power has shifted towards the owners of these huge players, how can Mozilla keep its browser engine competitive, given that all these new features (such as wasm) surely require massive investment?
I know these questions have been asked already a million times, but it keeps me wondering. Will Firefox eventually need to become a fork of Chromium like everyone else, just to keep pace? Can Mozilla keep its entire browser stack afloat in these shifting currents? (pardon the gross metaphor)
Supporting Firefox continues to be way easier than Safari for web developers. Chrome and Firefox are very compatible with each other. It's essentially almost no effort.
Mozilla seems to do fine keeping up. Wasm and Rust originated in Mozilla even and they are still very active on that front as well.
I seriously doubt Mozilla will kill their company by switching to Chrome. It would be suicidal for them. Users would revolt and fork the code base probably. Mozilla developers especially and without their developers Mozilla is nothing. Just look at what happened to Opera after they switched to Chrome. They technically still exist. But they are a footnote in web server statistics at this point. A rounding error basically. I've not seen anyone using it in many years now.
So, I doubt a move to Chrome would end well for Mozilla if they ever were to float such an idea. The history of Mozilla is that they bootstrapped out of AOL's Netscape division which was being mismanaged by AOL. Once the code base was OSS, people just left and created mozilla.org to cut loose from the failed corporate entity. AOL ended up with nothing. That can and will happen again if it needs to.
In short, users and developers would abandon a Chrome based Firefox in a hurry and it wouldn't take long for them to get organized with a new foundation. Wikimedia manages fine based on donations. Millions of Firefox users would be able to keep the project going pretty much indefinitely. Mozilla would lose control over most of its key people, users, and assets. Which is why they will never do this. It would be corporate suicide.
Maybe it's just the contrarian streak in me, but Firefox being on Gecko is why I haven't left. There must be more than just one browser engine to rule them all! We got rid of our trident just to get blinkered.
Firefox moving to Blink means I'm just hopping over to whoever has the slickest Chromium clone right now.
It seems all but inevitable. Regardless of the technical feasibility of keeping your own browser engine going, much of the missions of the foundation and overall company do not really depend on having a truly separate browser at all.
If anything, it is an albatross around the necks of the groups and management that care more about the 'mission' of an open web and the advocacy and other programs that are largely unrelated to the Firefox browser, and certainly don't require the browser to be its own thing rather than a chromium fork.
For the short and medium term goals, a browser is just another tool and vehicle for pushing their vision for the future of the web... But it's an extremely expensive and difficult tool with comparatively little short and medium term importance. So why keep it? You don't need a 'real' browser to put up surveys or blog posts, or to attend or run conferences, or to join web working groups or participate in RFCs. Not having to pay for almost any engineers or teams for something the rest of the foundation could categorize as a pyrrhic project? That would be simply wonderful, I'm sure.
Vasselization simply makes more sense in the foreseeable future.
I'm not an expert on the web tech. so apologies in advance but wouldn't it be great if Mozilla spent all that money Google gives them on something more revolutionary like a new runtime for ephemeral apps and the corresponding UI engine that's not bound to the legacy JS and HTML and has near native performance and access to hardware sensors? Add to that the support for multi device setups where you can move an app session easily from your phone to your desktop. There're so many cool things to do there.
Instead we're dealing with the "diversity" of the web (HTML,CSS,JS) engines and endless arguments around Manifest v3, etc. So many precious man hours are going to waste.
HTML/CSS/JS are the most superior UI engine that exists right now, especially when used through something like React/Vue/Svelte. So creating an even better one is quite a tall order.
A non-profit with lots of talented devs like Mozilla is in a good position to do just that. I do understand it'd be at least a 5 year long effort by a talented team of 200 engineers but it's still better and more fun than iterating on Firefox.
Gecko was used in other small browsers in the past but it was always hostile to it, SpiderMonkey is used by some external projects but they clearly aren't interested in it (no releases, api stability, documentation, etc).
Well, mobile is the future of computing. Does Firefox have a future on mobile? I think the answer is clearly no.
Firefox will be relevant only until the Desktop PC paradigm fades into obscurity.
Eventually Chrome and Safari will join Firefox in obscurity, as more content moves behind apps and walled gardens, and as the desktop paradigm falls into disuse.
I personally think they should think about maintaining a chromium fork.
It will relieve a lot of resources to be spent on other things like user experience, and they will benefit from all the development resources devoted to chromium, while being able to remove anything they don't like, like MV3 limitations on adblockers.
I really like what brave is doing, I switched because I lost hope Mozilla is going to do anything, they are funded by google, and therefore afraid to do anything impactful.
While brave has privacy by default, has an independent search engine, an independent ad network(that is privacy friendly and isn't enabled by default), and they aren't afraid to do anything against big tech, like banning AMP, removing social trackers and other things.
> while being able to remove anything they don't like, like MV3 limitations on adblockers.
… which might actually not be as easy as it sounds. Sure, as long as Chrome/Blink internally retains MV2 compatibility behind a configuration setting for enterprise customers you job is easy – just hard-code that setting back to enabled for everybody instead of just enterprise users and you're done.
However once Google starts ripping out the MV2-related code from the Chrome/Blink code base, all that code suddenly becomes your responsibility to maintain – and from that point on there's always the risk that Google suddenly decides do to some large scale refactoring or internal architectural change that radically conflicts with your attempts to maintain those old features alive.
Once you reach that point, you've then got the choice to either spend ever increasing amounts of effort on maintaining those features on top of the current code base, doing a hard fork and therefore having to suddenly maintain the whole shebang, which would be an even larger effort, or instead giving up and dropping those features after all.
not to mention that google still controls the chrome extension marketplace, and will stop accepting mv2 extensions by the end of the year. So not only do you have to maintain the mv2 related code, and keep reintegrating it whenever google moves a bunch of code around (which from what I hear they do quite aggressively) or hard fork, you also need to maintain your own repository of browser extensions, and get developers to actually develop them for your browser specifically, rather than just for chrome, too.
It drives me nuts that a fresh install of Android apps defaults them all to "in-app" browsing instead of my default browser. And you have to go to each app and turn it off in a different place. Wish I could just override all of them and "open every web page in My. Default. Browser."
But how else could they inject their JavaScript into the pages you read so that they can capture every page you view, every link you click & every key you press?
If apps are written correctly, they can use the Custom Tabs protocol with your default browser (which can be Firefox, as it has support). You'll get the same embedded browser experience, support for add-ons and ability to pop out the site into a separate 'window'/activity.
Of course, many apps don't properly do this and end up hardcoding references to Chrome...
I've set my default browser on Android to Firefox Focus, and found that many "in-app" sessions appear to be running an in-app variant of Firefox Focus.
It's not quite the same as running actual Firefox Focus, but there's a drop-down menu option to let you switch to launching the in-app page in proper Firefox Focus. That's almost instant and appears to preserve the page state. So between that and the way cookies always seem to be reset in in-app sessions, which is great, that's why I think the in-app sessions are using Firefox Focus.
What exactly are these companies supposed to do? Web access really is the meat behind modern OS usage. Say what you want about Microsoft, but that's exactly what they realized when they began shipping Internet Explorer with Windows (and got into hot water over it). Safari can't be deleted from iOS, but aspects of Safari are integral to the OS. As long as someone can use another web browser for actual web browsing, as opposed to something that an app might use as a web view, I really don't see what the big deal is. Not being able to delete apps sucks, but this goes beyond browsers, and is hardly the worst thing any of these companies are up to. Should there be an initiative to create a standard pluggable API for web views that operating systems comply with? Oh boy, let's create yet another worthless committee!
Maybe Mozilla can knock off the grandstanding, the money wasting, the back patting, and just work on making a competitive browser. Also completely remove Pocket and anything else like it.
> What exactly are these companies supposed to do? Web access really is the meat behind modern OS usage.
I mean, Europe used to mandate a selection screen on first boot that would just ask the user what browser to install; that seems pretty reasonable. Failing that, they could let the user actually change their default browser without harassing them or resetting it constantly (Windows) or allow people to actually use other browser engines at all (iOS).
> just work on making a competitive browser
They did. But it's hard to get people to switch when the OS vendor makes it artificially hard to switch.
I think the issue here is that Mazilla feels that they do. The problem for the average user is not “Do I want to use a Porsche (Chrome) or a Mercedes (Firefox)?”. It’s “Which icon is the one that makes The Internet open up and show me all the things I want to see?” They don’t care beyond that.
Firefox is by no means the "best" product, it's an average Chrome clone that's worse than competing Chromium derivatives (Brave, Vivaldi, Edge, etc) from a compatibility and performance point of view.
Back when Firefox actually was the best product, it stole ~30% (or even more?) marketshare from Internet Explorer, despite the latter being bundled with the OS.
Firefox can be the best browser with third-party add-ons (such as uBlock Origin) and a custom configuration, but Mozilla would rather puff more hot air like this (and their other commitments to "privacy", despite their telemetry implementation not even being GDPR compliant) rather than actually making Firefox the best product.
> Firefox is by no means the "best" product, it's an average Chrome clone that's worse than competing Chromium derivatives (Brave, Vivaldi, Edge, etc) from a compatibility and performance point of view.
1. I admire the irony of calling Firefox a Chrome clone when Firefox far predates Chrome.
2. That's purely your opinion. I personally find Firefox to be more performant and customizable than Chrome but to each their own. I'm not going to fanboy browsers here.
3. Where exactly did I claim Firefox was the "best" product? I made a generic statement saying that you can have the best product in the market but when the market discriminates towards you so that it's impossible to get users it doesn't matter how good your product is.
> I admire the irony of calling Firefox a Chrome clone when Firefox far predates Chrome.
You are right about the technical details, but my intention was to compare it from a non-technical user's perspective. For the non-technical user, modern Firefox is a Chrome clone (and strives to be that) with a very similar UI. The browser engine being different is a technical detail that isn't relevant to the average user who doesn't even know what a browser engine is, and they are not aware (and don't care) about Firefox's history. Stock Firefox is very similar to Chrome and Mozilla wants it to be that way, having removed many features that differentiated it in the past.
> but when the market discriminates towards you so that it's impossible to get users it doesn't matter how good your product is
Potentially, but you can't say for sure that market discrimination and anti-competitive practices are what is holding Firefox back when there are no compelling reasons for a non-technical user to use Firefox over Chrome, so I disagree with the argument that anti-competitive practices are what is holding Firefox back - Mozilla is holding Firefox back by not actually making it a better product to the eyes of a non-technical user (ignore the fact that FF can be a better product with enough customization & add-ons - people competent enough to do so already use Firefox and are its only remaining users).
When stock Firefox is good enough to appeal to and impress non-technical users out of the box (such as by having good, built-in ad-blocking), I will believe in the anti-competitiveness argument. Until then, my opinion is that it's yet another excuse for Mozilla to waste time & resources on anything but actually building a good browser.
> Firefox is by no means the "best" product, it's an average Chrome clone that's worse than competing Chromium derivatives (Brave, Vivaldi, Edge, etc)
This is software comedy gold. If Firefox is a clone of Chrome then what isn't a clone? Is Safari a clone of Chrome because it has the tabs that Chrome took from Firefox?
> Also completely remove Pocket and anything else like it.
Yeah - hard agree. Pocket feels like a sheer gimmick. It cheapens the experience, and it hurts the trust people have for Firefox when they jam it in your face.
I remember the original Firefox ethos where it was just a browser, and that was awesome.
At one point Firefox's slogan was "Your web the way you like it."
Now it's more like "You can disable that new change by installing an extension and trusting its developer and whoever they might sell it to at a date TBD."
Yea. I'm just not thrilled to be returning to Firefox after over a decade of Chrome use. 2023 is going to be rough with the removal of the webRequest extension API.
I feel like Mozilla is having an identity crisis - but then again... when were they not.
Unfortunately in the current landscape, I think Firefox will unlikely gain the traction again even if we can bring those big techs to a fair playground. Browser development becomes an extremely complex, expensive project that requires at least hundreds of engineering headcounts and Mozilla cannot simply afford it. Worse, Servo was a kind of big bet to change the equation from the ground but Mozilla decided to abandon it. I don't see a plausible scenario to recover the market share in this situation?
Servo was not abandoned, it was setup to act as a proving ground for various techniques, and the things that worked out well were integrated into Firefox. The group was disbanded because they accomplished their initial goals.
And most of its developers got laid off. At the moment, Mozilla told that they need to "put a crisper focus on new product development and go to market activities" because "economic conditions resulting from the global pandemic have significantly impacted our revenue".
I don't think it has achieved its original goal and gracefully disbanded, unless I see any strong evidence that the decision was primarily and independently driven by the Servo/Rust engineering leaders.
See my other comment: https://news.ycombinator.com/item?id=32959277 - Firefox is not failing because of anti-competitiveness, it's failing because in its default configuration it's not bringing much to the table for the average user compared to Chrome or Edge.
One of the things that piss me off is that sometimes even forks are not accepted.
For example Formula 1 TV doesn't work on my SmartTV or on some of my browsers despite them being forks of Chrome, where it works just fine.
Not only that, it used to work there in the past, what happened is now it actively detects if the browser is a real Google Chrome from Google (not a recompiled version), and refuse to work otherwise, even if technically it could work just fine.
I thought it was that and installed the DRM needed (widevine) on other browsers. Unless the browser is basically official Chrome or official Firefox (and even then it fails often on Firefox) it just barfs.
Firefox has some really good privacy features built-in (some aren't enabled by default and requires minor configuration by users). In contrast, some big tech firms (you know who they are) that have a business model that involves profiting off of users' data are inherently deterred from delivering really good privacy features.
Firefox's built-in privacy features are meaningless as long as it has single-digit marketshare and the user-agent itself sticks out like a sore thumb.
Furthermore, the only real way to make a difference by actually blocking malicious domains and resources - uBlock Origin - still isn't bundled by default despite being permissively licensed and Firefox having a way to install extensions at first run (that's how Pocket is distributed - it's not built into the browser, instead it's an extension automatically downloaded on first run).
Mozilla should build a better browser and fix their marketing if they want to gain back market share. Other browsers have managed to find ways to gain market share. I mean Brave has grown extremely rapidly headed by the ousted Mozilla CEO during Mozilla's decline
Yeah this is the correct answer. They're a privacy focused browser, which includes not collecting specific user data or letting other people collect user data. So if you send a request to their browser asking what it is, it'll tell you it's google chrome and not Brave
Google Chrome is highly successful on Mac and Windows so it’s clear that Microsoft and apple aren’t forcing that hard. Mozilla is just not doing so hot.
* Got years of free advertising real estate on the most visited website on the internet, but hid the ads if you were using Chrome already
* Payed the likes of AVG, Avast, Adobe, Oracle and others to have their own software installers automatically install Chrome and make it the default browser unless you uncheck the boxes
* Repeatedly leveraged nonstandard and Chrome-specific APIs (Polymer v0) on their websites which caused other browsers to need slow and clunky polyfills.
Your second point is such a lost gem of history. I still remember it well and remember how upset it made me. But it seems the world has forgotten, and just assumes that Chrome just meteorically shot up in usage just on its merit.
Did you just update Java? Looks like a new browser you've never used is your default now.
Just like you've seem to have forgotten just how much lighter and faster Chrome was that people took to preferring it without looking at Java installers.
It had to compete against the default interenet icon on both major operating systems and the OSes themselves were marketing themselves loudly as well.
Neither of those things would necessarily keep users using Chrome, however.
Once exposed to it, many people chose to continue using Chrome because Chrome offered a better experience than browsers like Firefox and IE did at the time.
Early on, Chrome felt faster and sleeker than its competitors, without sacrificing functionality.
You've forgotten the part where browsers at the time sucked. They crashed all the time and were slow, and chrome was 1000x better than anything that existed on the market. It was a significantly better browser which is why everyone chose to abandon their web engines and move over
And none of that comes close to being installed as a default handler for every single web interaction as Safari and IE/Edge were.
Chrome, for a long time, was simply _better_. It's bizarre how you want to erase history when we installed Chrome originally because of how much darn faster it was than Mozilla (not to mention IE7 and that crap).
Yandex Browser, a custom Chrome build, is doing very well both on desktop and mobile.
However, it has a slew of useful features tailored for its audience (perhaps reminding of "big apps" of Asia) while also leveraging all kinds of ways to get installs such as bundling, etc.
I'm just not sure what are the selling points of Mozilla Firefox in 2022. They discontinued their plugins to be like Google Chrome and enforce the same censorship as Google Chrome without being Google.
It would be cool if every Chromium clone had a page where they explain how is the browser different to standard Chromium. Many of them feel like rebuilding Chromium with something like sed -i 's/Chrome/MyBrowserName/g'
Sorry, but comparing Mozilla to the company that offers the about most visited website ever isn't exactly fair. Google had a lot of opportunities to push Chrome and they did. Doesn't really say a lot about product quality imho
10-12 years ago, when Chrome appeared, HN was full of posts like "I switched my parents computer to Chrome", "I convinced my company to switch to Chrome", ...
Mozilla and its defenders love bashing others about anti-competitiveness but the truth is that their product, in its default configuration, doesn't bring much to the table for the typical user.
They'll always use "security" as an excuse to force you into doing what they want, and this is just another instance of that tactic. Don't be fooled into giving up your freedom. I wish more people would be aware of that.
It's not just apple/google/microsoft, it is a whole lot of companies that state the "recommended"/"supported" browser is chrome. Full stop.
This is just something that has slowly/linearly been moving in that direction. Many, many years ago it started with bank's declaring "unsupported" when I'd connect with seamonkey et al.
The initial lever was security, now it's purely client/server features that only google engineers can deliver in the next quarter.
This claim is so obviously true, that it's hardly a claim.
We should treat it like a fact, and talk about what we want to do about it.
If we do nothing then these megacorps will use their power to unfairly outcompete or plain buy up all competition but the other megacorps.
We can either have a world with maybe 50 gigantic corporations or thousands of smaller, but still large businesses. I personally think the latter would be much better for democracy and distribution of wealth.
Is their Google search deal (~$400m a year) that expires next year being renewed? If not, might explain some of the desire to bite the hand that has fed it for so long.
If google cuts funding from Mozilla, its probably an existential threat for them, it's really their main income, anything else is tiny and won't be enough.
But in the same time, brave seem to be growing quickly, pushing privacy by default, and doing more impactful things for Digital Privacy, on probably a much smaller budget...
(1) That's Mozilla Foundation, which doesn't produce a browser in the first place. And (2) that article is not even anti-decentralization. It's just calling out that the same old stuff is happening in that world too, and the same tools that (poorly) combat that stuff won't work in the decentralized world. The only value judgement is against emergent effects like radicalization; nothing against decentralization itself.
> That's Mozilla Foundation, which doesn't produce a browser in the first place
And I suppose Meta doesn't produce a social network?
Also the fundamental analysis of the article is that we need to have centralized control over decentralized networks (which they refer to as networks of trust and abuse audits), making the decentralized part inept. If you can no longer run a decentralized service without getting permission from a centralized authority, it's not really a decentralized service
I'm on a macbook currently using firefox for my default browser, haven't been forced to use safari. On my windows rig I use chrome, haven't been forced to use edge. This is provably false. Haven't been forced to use any specific browser across various operating systems and hardware.
There are a few places in Windows where Microsoft does force links to open Edge instead of whatever your default browser is. Depending on your usage patterns I guess it is possible to never stumble across those places [1], but they do indeed exist [2].
[1] E.g. I've only really encountered them in one place so far, and it's easily possible to avoid that place, too.
[2] That one place I certainly know of is the lock screen in case you've kept the default "Show random pretty pictures" setting turned on.
On macOS it's easy to change this, but things like the "tips" notification it displays after a major update still opens on Safari, ignoring your setting.
>"Mozilla, the non-profit proprietor of the Firefox browser, has accused Google, Microsoft, and Apple of "self preferencing" and nudging consumers towards using their own browsers."
Is it not odd that that Mozilla is taking a stand against tech giants abusing their position when the giant with largest share of the browser market is the same company that pays them hundreds of millions a dollar a year to be the default search engine on Firefox.[1] Don't they basically survive on this Google money? Don't they basically promote Google with this arrangement?
> Google’s president of global affairs Kent Walker said that potential antitrust regulations "would impose one set of rules on American companies while giving a pass to foreign companies" and that they "would give the Federal Trade Commission and other government agencies unprecedented power over the design of consumer products". Walker added: "All of this would be a dramatic reversal of the approach that has made the U.S. a global technology leader, and risks ceding America’s technology leadership and threatening our national security, as bipartisan national security experts have warned".
What. That must be the most ridiculous excuse I've heard so far.
Antitrust regulations "would impose rules that are bad for our bottom line, and would offer consumers choice."
"We got so big because of lax regulations and mergers like the Doubleclick merger that weren't stopped, and we still want to keep buying out any potential competitors."
I'm not seeing the force here; maybe dark patterns... I seem to remember being able to change default browser on Win 11 to Firefox/chtomium without much hassle. Its just the edge:// links that will still open with edge (understandably). I was even able to uninstall edge altogether with winget.
Well, a part of Mozilla (the foundation) keeps calling out Apple, Google and other big tech companies for their control, censorship and browser monopolies. However, another part (the corporation) keeps accepting regular pay checks from Google to fund themselves, can't really wrap my head around this "Mozilla Foundation vs Corporation" conundrum!
The EU's browser ballot was a solution to the wrong problem. The problem wasn't that IE had a monopoly within Windows; it was that Windows had a monopoly on computer OSes.
(And Microsoft actively reinforced it by saying that if you sell other OSes on a “PC” they won't let you sell Windows.)
Does Linux force you to use Firefox? Every distro I know has it by default. Yet the first thing I do on a new install is install Chrome...
And of course everyone does the same on Windows. Only Edge has started to slightly change that trend, and that's with some very aggressive tactics by MS.
I hate to be pedantic, but Linux doesn't 'force' you to do anything. By default, it doesn't even have the dependencies required to render HTML. Linux is just a kernel, and various maintainers package it into software distributions.
The main problem with including Chrome/Chromium/Ungoogled Chromium is the license. Mozilla's MPL is straightforward and compatible with most FOSS licenses. As I understand it, Chromium's codebase is still a melange of different licenses (and some proprietary code) that is generally unfit for packaging with other free software. Most repositories will still have it on-hand though, since it would be pretty silly to prevent you from using the browser you want.
If you'd rather avoid Firefox altogether, run archinstall and add chromium to your extra packages field. Many build-it-yourself distros like NixOS exclude browsers altogether.
If you want to (or have to) use Apple Business Manager (web portal to remotely manage a number of IOS devices) Apple explicitely requires you to either use Safari or Edge, Firefox doesn't work.
So much for the web as the "OS agnostic" interface for the 21st century.
Hmm, I’m reading this on my apple iPhone using Orion - not really had any interest in using Mozilla for years ! I use mostly safari in my MacBook, but also use Firefox and chrome at times, safari is weapon of choice there
Brave and Duck Duck Go on my S21 phone. Edge on Windows 10 and Mac. I have Firefox on all, but it's secondary, and launched rarely. It just doesn't work as well.
And yet Brave has been "Growing 2x for the Fifth Year in a Row". Mozilla should stop whining and focus on building a browser that regular non technical people also want to use. How can I recommend Firefox to a family member when it absolutely chokes on 4k videos on YouTube and makes the laptop sound like a rocket lifting off (macOS, older intel MBP, Chromium based browsers work without a hitch and barely spin fans)?
> Mozilla should stop whining and focus on building a browser that regular non technical people also want to use.
This, they're right you know.
Mozilla has being whining for years despite living off of Google's money and even with that they are still complaining and more websites are continuing to require Chromium browsers over using Firefox for their sites as they know the site breaks with Firefox.
That's why little to no one is using it. Like when you have the choice of Linux distros, you have the many choices of Chromium browsers and it seems that Brave is the recommended one.
The most recent W11 update turned on hypervisor on my machine, which I had off to be able to use Bluestacks 5. That config being on/off probably does not make that much money - yet Msoft decided to mess with my settings (not the first time this has happened in W11 and, were I to bet, not the last time either).
Why wouldn't Msoft NOT force Edge as the default browser; a company could fill their coffers hugely if they had a lot of browser market share.
Since Windows 10 plenty of security features rely on Windows actually running as a guest OS on Hyper V, like secure kernel and device guard, hence turning on the hypervisor.
Keep the sheeple dumb and dumber, and two generations later they'll be even more subservient and docile, pleading to be milked incessantly for $$$ all of their life instead of actually learning and exercising critical thinking, and thus possibly turning on your efforts to milk them.
You can only learn if you make mistakes. They want to "protect" you so they try to stop you from making mistakes, and in the process, take away your ability and will to have individual agency. Fortunately, people are starting to realise the truth.
You could develop a different browser, but not change the underlying runtime.
But asking from a web based OS to be able to run a different web runtime is a bit like expecting that you can provide your own SurfaceFlinger on Android or the equivalent on iOS; there are reasonable limits to what can be swapped out by a 3rd party app.
Late to the party but Microsoft's arguments fall flat for me, at least with regards to Apple and Google, moreso Apple but can give Google _some_ credit on this one.
Neither "forces" their respective browser in the same way that Microsoft does. Putting iOS aside for a minute to be addressed later, on an Apple device, the number of times you will get a pop-up telling you how insecure and slow and bad other browsers are is practically 0. Apple has the MacOS spam banner, but either they've toned it down or walked it back completely based on my experience purchasing an M1 this year. Never did Apple try to make you use Safari as your PDF reader, it doesn't change or add shortcuts for Safari on updates, it doesn't insert a banner on other apps or locations to tell you to use Safari, changing your default browser is as simple as opening System Preference and searching "default browser", then picking another one, and MacOS doesn't say a word about it. Spotlight is the one place that might surprise people but even it respects changing the default browser and will search on your set one.
Google, as annoying as it is, also doesn't seem to care much which browser you use on Android; I don't own a ChromeOS device so no idea what it's like on that, but you're free to install just about anything and set it as default without so much as a hiccup, and similar to Apple, I have not seen it try to set itself via other common OS features. Granted, Google is a dick with Chrome in many other ways (other commenters have already noted how they use their control of the web to force Chrome), but I don't quite put it in the same way.
iOS is special I guess in that you can install any browser "skin" you want, but it's webkit underneath. I'm mixed on this as I understand the arguments against this and it's definitely not good on Apple, but at the same time, if you're talking about what browser to use to get the features like sync, iOS lets you do it without a peep from iOS about it and for the grand majority of users, the rendering engine isn't what they care about, it's the other features of the browser which you can happily use. Still not good you can't use another engine, but I would still put it in the "okay, but needs improvement" area.
All of this compared to how Microsoft handles Edge on Windows is a pittance. They really want you using Edge for everything, and there are so many system hooks that open Edge without you wanting it to. Changing the default is much more daunting, and it's far too easy to let it get set back (in general I've noticed Windows has some weird stuff about default applications in Win11. It might just be the release we use for our lab environments, but it refuses to let me set notepad++ as default text editor without resorting to the command line, but it could be just a strange situation).
I have a hard time seeing this as anything but Microsoft muddying the waters with such arguments and I definitely don't see them as good faith. I suppose it's just good business sense that they don't try to tie Azure features/performance to "best viewed in Edge" as I imagine an exodus towards AWS/GCP, but for the mythical average user, they do a lot to get you onto Edge no matter what you actually want.
On Android all Google apps default to opening in Chrome with no option to change it, even if you change the default URL configuration that only seems to work outside of Gmail / News Feed. This also applies to their search widget, which you cannot remove at all.
Incredibly frustrating end user experience when I have everything in FireFox, and Adblock too.
My default browser on my phone is Firefox, and even when I open articles from the news feed in the Google App, they open from Firefox as well. I guess it's possible that this could vary by phone, but I've never had an issue with an Android phone using my non-default browser when opening a link from an app in years.
But this goes way beyond the browsers - I've never explicitly installed Keychain on my iphone and yet it shows as an option next to 1password every time I fill in a password field. Google calendar asks me to install an app every time I open a web version on my phone, my work laptop has 1 active notification in system settings for a year because I didn't enable iCloud backup.
I'm not sure what's the solution here. I stick to the apps I use because I know what I'm doing, but so many users will just click "yes" when shown a pop-up. On the other hand, the built-in integrations provide value (e.g. it's better that people use and save random passwords in Keychain than using the same one everywhere). I feel it's always a cat-and-mouse game where the big tech is punished after they've already gained a lot, so they win anyway.