Waterfox: A Firefox fork that could teach Mozilla a lesson

Why are some of Moz's axed projects bigger than its flagship?

Comment As Firefox's share of the browser market continues to slide, the Waterfox Project shows some of the ways that Mozilla is failing to listen to its users – and it's far from the only example.

Waterfox, which has just released its fourth version, came to your correspondent's attention after the arrival of Firefox 57, codenamed Quantum, which represented a major change in the program, complete with parts of the browser engine written in Rust.

(The Rust language itself started out as a Mozilla project. Despite Rust's popularity, within three years, Mozilla would also lay off members of the Rust language team.)

The problem with Firefox Quantum is that it also dropped a very significant feature: Netscape's XUL-based extension engine, added way back in 1997. To quote the Classic Addons Archive, dropping XUL meant losing "19,450 Firefox add-ons created by 14,274 developers over the past 15 years." At a stroke this crippled one of Firefox's killer features: how users could extensively customise it – unlike, say, Google Chrome.

This isn't the first time Mozilla has alienated its users. But one of the great things about open source is that if enough users are unhappy with some change a company makes to its software, they can just fork it and carry on. And if such forks already exist, dropping popular features gives them a chance to shine.

For instance, Mozilla's more Chrome-like Australis theme was upsetting users back in 2013. Nonetheless, it became the default in Firefox 29. That prompted some Firefox users to switch to a fork, Pale Moon, which is still in active development for both Windows and Linux. Pale Moon kept the pre-Australis UI, it's still single-process (so more memory-efficient), and it still supports classic Firefox extensions. It also begat a successor project, Basilisk, based off a later version of the Firefox codebase.

Waterfox targets higher-end PCs and Macs. Lead developer Alex Kontos started it when he was a student as a project to build a 64-bit edition of Firefox long before Mozilla offered such a thing. He went on to remove controversial features such as Mozilla's telemetry, sponsored links, and bundled additions such as Pocket.

Notably, the project forked and continued work on Firefox 56, the last version to support classic add-ons, while back-porting subsequent security fixes. That branch is now known as Waterfox Classic. Along with supporting older extensions, Waterfox Classic also supports older versions of Mac OS X back to 10.7, making it useful for users left stranded when new Apple OS releases no longer support their hardware.

Meanwhile, development based off the modern Firefox codebase continues. The third release, Waterfox G3, was based on Firefox 78 and added support for Chrome and Opera extensions, allowed the tab bar to sit below the URL box, and re-enabled the status bar. Waterfox G4, based on Firefox 91, adds support for Arm-compatible Macs (and soon Arm Linux), and starts the process of switching from tracking Mozilla's ESR releases to the central branch.

The project is not without its own controversies, such as its purchase by ad vendor System1. But currently, it's thriving, unlike its progenitor.

Alongside Waterfox and Waterfox Classic, Pale Moon, and Basilisk, other Mozilla forks carry on work in which the Mozilla Foundation lost interest. Until just last month, there were a handful of Firefox forks to help keep elderly Macs useful, such as Parrotgeeks Firefox Legacy for Mac OS X 10.6 and TenFourFox for PowerPC Macs.

Before Netscape was squeezed out of business, "Mozilla" was its internal codename for its product. Afterwards, it became the name of the newly open-source integrated internet client suite: browser, email, IRC, and webpage editor. Remarkably, this is still around too as Seamonkey.

Despite Moz's repeated attempts to evict Thunderbird from its nest, the app remains the leading cross-platform email (and Usenet and RSS) client. Even if you're happy with your free webmail, Thunderbird remains a handy way to keep a local backup of your messages and contacts in case, say, your provider randomly deletes your account.

Some of these ex-Mozilla products are doing relatively well. Rust is doing great. Waterfox is thriving. Thunderbird enjoys regular releases and remains a best-of-breed tool. But another has more users than all of them put together.

The Register memorably wasn't impressed by Firefox OS: "This desperately unimaginative product won't be bought as much as left behind after a mugging." Just two years later, Mozilla announced it was killing it off and the devices that ran it.

But it gave up too soon. A fork under the name Boot to Gecko lived on, then was adopted and taken commercial by KaiOS Inc – a company backed by Chinese phone giant TCL, which also makes modern Blackberry phones.

By 2018, KaiOS was the fastest-growing mobile platform and attracted backing from Google as well as Reliance Jio, India's largest mobile network. KaiOS phones cost as little as $17, and although they're basic, they give over 100 million people access to WhatsApp, Google Maps, Facebook and so on.

In time, the cheapest phones will become able to run richer and more full-featured smartphone OSes such as Android Go... But there's always room at the bottom. Back in 2013, it was already possible to profitably sell a $13 phone. Unfortunately, there are a great many very poor people in the world, and the cheaper tech gets, the more it can help them.

Mozilla was the power users' browser, even in the early days of Mozilla 0.6 and 0.7, when it became the default browser for almost all Linux distributions. Products based on Mozilla's technologies, including Rust and KaiOS, are used by hundreds of millions of people, even if they have no idea of it. Firefox doesn't need to be No. 1, but the Mozilla Foundation should stop trying to copy Chrome and try learning from its many forks and spinoffs. ®


An interesting side-question is how the open-source Firefox OS turned into the proprietary KaiOS. Since Mozilla is reportedly helping to update KaiOS, perhaps someone could ask. Maybe Mozilla CEO Mitchell Baker: Boot To Gecko was licensed under the Mozilla Public Licence 2.0, so if it was due to some issue with the licence, she should know – she wrote it.

Other stories you might like

  • How ICE became a $2.8b domestic surveillance agency
    Your US tax dollars at work

    The US Immigration and Customs Enforcement (ICE) agency has spent about $2.8 billion over the past 14 years on a massive surveillance "dragnet" that uses big data and facial-recognition technology to secretly spy on most Americans, according to a report from Georgetown Law's Center on Privacy and Technology.

    The research took two years and included "hundreds" of Freedom of Information Act requests, along with reviews of ICE's contracting and procurement records. It details how ICE surveillance spending jumped from about $71 million annually in 2008 to about $388 million per year as of 2021. The network it has purchased with this $2.8 billion means that "ICE now operates as a domestic surveillance agency" and its methods cross "legal and ethical lines," the report concludes.

    ICE did not respond to The Register's request for comment.

    Continue reading
  • Fully automated AI networks less than 5 years away, reckons Juniper CEO
    You robot kids, get off my LAN

    AI will completely automate the network within five years, Juniper CEO Rami Rahim boasted during the company’s Global Summit this week.

    “I truly believe that just as there is this need today for a self-driving automobile, the future is around a self-driving network where humans literally have to do nothing,” he said. “It's probably weird for people to hear the CEO of a networking company say that… but that's exactly what we should be wishing for.”

    Rahim believes AI-driven automation is the latest phase in computer networking’s evolution, which began with the rise of TCP/IP and the internet, was accelerated by faster and more efficient silicon, and then made manageable by advances in software.

    Continue reading
  • Pictured: Sagittarius A*, the supermassive black hole at the center of the Milky Way
    We speak to scientists involved in historic first snap – and no, this isn't the M87*

    Astronomers have captured a clear image of the gigantic supermassive black hole at the center of our galaxy for the first time.

    Sagittarius A*, or Sgr A* for short, is 27,000 light-years from Earth. Scientists knew for a while there was a mysterious object in the constellation of Sagittarius emitting strong radio waves, though it wasn't really discovered until the 1970s. Although astronomers managed to characterize some of the object's properties, experts weren't quite sure what exactly they were looking at.

    Years later, in 2020, the Nobel Prize in physics was awarded to a pair of scientists, who mathematically proved the object must be a supermassive black hole. Now, their work has been experimentally verified in the form of the first-ever snap of Sgr A*, captured by more than 300 researchers working across 80 institutions in the Event Horizon Telescope Collaboration. 

    Continue reading
  • Shopping for malware: $260 gets you a password stealer. $90 for a crypto-miner...
    We take a look at low, low subscription prices – not that we want to give anyone any ideas

    A Tor-hidden website dubbed the Eternity Project is offering a toolkit of malware, including ransomware, worms, and – coming soon – distributed denial-of-service programs, at low prices.

    According to researchers at cyber-intelligence outfit Cyble, the Eternity site's operators also have a channel on Telegram, where they provide videos detailing features and functions of the Windows malware. Once bought, it's up to the buyer how victims' computers are infected; we'll leave that to your imagination.

    The Telegram channel has about 500 subscribers, Team Cyble documented this week. Once someone decides to purchase of one or more of Eternity's malware components, they have the option to customize the final binary executable for whatever crimes they want to commit.

    Continue reading
  • Ukrainian crook jailed in US for selling thousands of stolen login credentials
    Touting info on 6,700 compromised systems will get you four years behind bars

    A Ukrainian man has been sentenced to four years in a US federal prison for selling on a dark-web marketplace stolen login credentials for more than 6,700 compromised servers.

    Glib Oleksandr Ivanov-Tolpintsev, 28, was arrested by Polish authorities in Korczowa, Poland, on October 3, 2020, and extradited to America. He pleaded guilty on February 22, and was sentenced on Thursday in a Florida federal district court. The court also ordered Ivanov-Tolpintsev, of Chernivtsi, Ukraine, to forfeit his ill-gotten gains of $82,648 from the credential theft scheme.

    The prosecution's documents [PDF] detail an unnamed, dark-web marketplace on which usernames and passwords along with personal data, including more than 330,000 dates of birth and social security numbers belonging to US residents, were bought and sold illegally.

    Continue reading

Biting the hand that feeds IT © 1998–2022