What Changed in Firefox’s Terms of Service?

On February 28th, Mozilla added terms of service to Firefox for the first time. Previously, the browser operated without formal terms, which in itself is unusual for a modern software product. The new terms grant Mozilla a non-exclusive, royalty-free, worldwide license to use any content you input into the browser. While Mozilla claims this is necessary for basic functionality—such as processing search queries and managing bookmarks—the vague wording of these terms raises concerns about the potential scope of data collection.

Why These Changes Are Concerning

Unlimited Data Access: The broad language in the new terms potentially gives Firefox access to everything you type and upload through the browser. This includes any content you interact with on websites or services accessed via Firefox.

Automatic Acceptance of Updates: Mozilla can update these terms at any time without requiring explicit re-acceptance from users. Continued use of Firefox is taken as acceptance of any changes, which could lead to situations where users are unknowingly agreeing to new data practices.

Termination Rights: Mozilla now reserves the right to terminate anyone’s access to Firefox “for any reason.” While it is unclear how they would enforce this, it introduces a restrictive clause not typical for open-source software.

The AI Connection: Why Mozilla Might Be After Your Data

Mozilla has expressed interest in developing open-source AI tools. AI requires large datasets to train on, and browsing data could be a valuable resource. The concern is that Mozilla might be setting the groundwork to either develop its own AI or sell data to third-party AI companies, potentially turning Firefox into a data collection tool.

A History of Questionable Moves by Mozilla

This isn’t the first time Mozilla’s actions have raised eyebrows:

• Executive Raises Amid Decline: In 2023, the CEO received a 23% raise despite Firefox’s declining market share.
• Privacy-Preserving Attribution: Mozilla previously pushed ad-tech features into Firefox without informing users.
• Mr. Robot Extension Incident: Mozilla installed a “Mr. Robot” tie-in extension on Firefox without user consent, causing backlash.

Conclusion: Time to Move On from Firefox?

Given the new terms of service, the unclear motivations behind them, and Mozilla’s track record of questionable decisions, it might be time to consider alternatives. Browsers like LibreWolf, Mullvad, Waterfox, and others offer similar functionality without the baggage. If Mozilla’s direction continues down this path, even a switch to Chromium-based browsers might be a safer bet for privacy-conscious users.

Key Changes:

Prohibition of Abusive Practices

One of the most notable aspects of the new AI regulation is the explicit prohibition of certain AI applications that pose ethical and privacy risks. The following practices are now banned:

• Emotional monitoring in the workplace: Employers can no longer use AI-driven sentiment analysis tools to assess employee emotions through facial expressions or voice patterns.
• Psychological manipulation of online users: AI-powered algorithms designed to exploit user behavior or decision-making vulnerabilities for profit are now restricted.
• Social scoring systems based on irrelevant data: Systems that rank individuals based on behavioral predictions unrelated to legal or economic activities are forbidden.
• AI-based prediction of criminal behavior without solid justification: The use of AI in predictive policing must be evidence-based, ensuring that technology does not reinforce biases or lead to unfair profiling.
• Facial recognition in public spaces without explicit authorization: The use of AI-powered biometric identification in public environments is only permitted under strict legal frameworks and oversight.

Encouraging Innovation

While imposing necessary restrictions, the EU is also keen on fostering AI advancements. The regulation includes measures to reduce bureaucratic obstacles for startups and companies investing in ethical AI development. Some initiatives include:

• AI sandboxes: Controlled environments where businesses can test AI solutions without immediate regulatory barriers.
• Funding and grants: Financial incentives for companies that prioritize transparency, fairness, and security in AI design.
• Harmonization of compliance frameworks: Reducing fragmentation by aligning AI regulations across EU member states to create a more predictable investment environment.

Consequences for Businesses

Non-compliance with the AI Act carries severe penalties, with fines reaching up to 7% of global revenue for serious violations. Companies operating within the EU must implement robust risk assessment and mitigation strategies to:

• Ensure AI models are transparent and explainable.
• Maintain human oversight over high-risk AI applications.
• Develop bias-detection mechanisms to prevent discriminatory outcomes.

The regulation also requires companies to document and report AI model decisions to facilitate regulatory audits and ensure accountability.

Global Impact and Future Trends

The EU AI Act is expected to influence AI governance worldwide. Other jurisdictions, including the United States, Canada, and Japan, are closely monitoring its impact, potentially adopting similar regulatory measures. Additionally, discussions are ongoing to establish international AI ethics standards to ensure a harmonized approach to responsible AI deployment.

This new framework demonstrates that AI can be both innovative and ethical. As professionals, it is essential that we stay up to date with these developments and ensure that AI solutions remain transparent and responsible.

This is a simple example on how people tend to use arrays in their projects.

$person = [
    'name' => 'John Doe',
    'age' => 30,
    'email' => 'john.doe@example.com',
];

$name = $person['name'];
$age = $person['age'];
$email = $person['email'];

This works, but it’s not the best way to do it. We can use array spreading and destructuring to make this code more readable and maintainable.

[
    'name' => $name,
    'age' => $age,
    'email' => $email,
] = $person;

This will assign the values of the array to the variables. This is a very simple example, but it can be used in more complex scenarios.

Let’s see a more complex example and how you maybe doing it at the moment and how you can improve it using array spreading and destructuring.

function hello($name, $age, $email) {
    return "Hello, my name is $name and I'm $age years old. My email is $email.";
}

$person = [
    'name' => 'John Doe',
    'age' => 30,
    'email' => 'john.doe@example.com',
];

echo hello($person['name'], $person['age'], $person['email']);

This will work, but it’s not the best way to do it. We can use array spreading and destructuring to make this code more readable and maintainable.

echo hello(...$person);

This will pass the values of the array as arguments to the function.

Very cool, right?

One other thing I like to do is maybe add some conditions to the array spreading and destructuring. Let’s imagine I want to add some elements to the array, but only if the user has a specific role.

$person = [
    'name' => 'John Doe',
    'age' => 30,
    'email' => 'john.doe@example.com',
    ...$user->role === 'admin' ? [
        'permissions' => ['create', 'read', 'update', 'delete']
    ] : [],
];

This will add the permissions to the array if the user has the role of admin.

These are just a few examples of how you can use array spreading and destructuring in PHP. I hope you found this useful and that you will start using these features in your projects.

Here’s an example of some PHP code with some levels of nesting in it. To be precise it has 4 levels of nesting.

function calculateSum($numbers) {
  $sum = 0;
  if (is_array($numbers)) {
    foreach ($numbers as $number) {
      if (is_numeric($number)) {
        $sum += $number;
      } else {
        throw new Exception("Error: Non-numeric value found in array.");
      }
    }
  } else {
    throw new Exception("Error: Input is not an array.");
  }
  return $sum;
}

This function takes an array of numbers as input and calculates the sum of all the numeric values in the array. It has three levels of nesting:

1 The outermost level is the calculateSum function itself.

2 The second level is the if statement that checks whether the input is an array.

3 The third level is the foreach loop that iterates over each element in the array.

4 The fourth level is the if statement inside the loop that checks whether each element is a numeric value.

Each level of nesting is indented to make the structure of the code more clear and easy to follow. Or is it?

Basically with a never nesting concept everything that goes beond 3 levels should not exist. We basically have two ways of achieving this, we can use Extraction or Inversion.

Extraction method

With the extraction method basically we should create new functions to remove some the nesting. So with the same code we can do the following.

function calculateSum($numbers) {
  $sum = 0;
  if (is_array($numbers)) {
    foreach ($numbers as $number) {
      $sum += isValidNumberSum($number);
    }
  } else {
    throw new Exception("Error: Input is not an array.");
  }
  return $sum;
}

function isValidNumberSum($input) {
  if (is_numeric($input)) {
    return $input;
  } else {
    throw new Exception("Error: Non-numeric value found in array.");
  }
}

The isValidNumber function is a now a new function that encapsulates the is_numeric check. It returns true if the input is a numeric value, and throws an exception if it is not.

You now have an extra function that can be used in other contexts and better yet, your initial function only goes 3 levels deep nesting.

Inversion

To rewrite the calculateSum function using an “inversion of control” concept, where it focuses on failure cases first and then the actual use of the function, we can use the following approach:

function calculateSum($numbers) {
  if (!is_array($numbers)) {
    throw new Exception("Error: Input is not an array.");
  }
  $sum = 0;
  foreach ($numbers as $number) {
    if (!is_numeric($number)) {
      throw new Exception("Error: Non-numeric value found in array.");
    }
    $sum += $number;
  }
  return $sum;
}

n this version of the function, the first thing we do is check whether the input is an array. If it is not, we throw an exception. This is an example of “failing fast,” as we are immediately handling and reporting an error condition rather than continuing to process the input.

Then, we iterate over each element in the array and check whether it is a numeric value. If it is not, we again throw an exception.

Finally, if all of the input values are valid, we calculate and return the sum of the numeric values in the array.

This approach allows us to handle and report errors as soon as they are detected, rather than waiting until the end of the function to check for errors. This can make the code more robust and easier to maintain, as it is clearer which conditions can cause the function to fail and how to handle those failures.

Combine both Inversion and Extraction

The best way of doing things is to combine both. And in this case you’ll end up with something like this:

function calculateSum($numbers) {
  if (!is_array($numbers)) {
    throw new Exception("Error: Input is not an array.");
  }
  $sum = 0;
  foreach ($numbers as $number) {
    $sum += isValidNumberSum($number);
  }
  return $sum;
}

function isValidNumberSum($input) {
  if (!is_numeric($input)) {
    throw new Exception("Error: Non-numeric value found in array.");
  }
  return $input;
}

In this case we even went a step further and removed the else statement in our isValidNumberSum function, we just apply the same concept of validation first and return after.

I’ve been adapting all my code to this approach and its way more redable because I know the start of any function is focussed on the errors and exceptions and the actual code will be in the end.

There’s a few requirements to do this. First you need to install LSP globally in your machine. To do this you need to do the following:

$ cd ~/
$ mkdir .phpactor
$ cd .phpactor
$ git clone git@github.com:phpactor/phpactor
$ cd phpactor
$ composer install
$ cd /usr/local/bin
$ sudo ln -s ~/.phpactor/phpactor/bin/phpactor phpactor

This will make phpactor avaiable globally. To do a small health check on the binary that you just installed go into a project you’re using. Phpactor works best when used with Composer, and is slightly better when used with Git.

Check support using the status command:

$ phpactor status
✔ Composer detected - faster class location and more features!
✔ Git detected - enables faster refactorings in your repository scope!

You might get a different output saying tha there’s some config files missing, but that’s not a problem.

After this you need to install 3 sublime packages.

• LSP
• LSP-intelephense

After that you need to restart sublime text.

Configuration

Configure the intelephense language server by accessing Preferences > Package Settings > LSP > Servers > LSP-intelephense.

Also in your Preferences > Package Settings > LSP

// Settings in here override those in "LSP/LSP.sublime-settings"
{
    "clients": {
        "phpactor": {
            "enabled": true,
            "command": ["/usr/local/bin/phpactor", "language-server"],
            "selector": "source.php"
        }
    }
}

Now play with the settings to your needs.

Let’s say I did:

$ ping localhost

Everything was working out as it should. However I had quite a few more host rules there. like

127.0.0.1    foo.loc

However when I tried to ping foo.loc it was not working at all. Tried to flush my DNS cache and nothing was working. Then I ran into a post on stackoverflow that did the following solution was to edit /etc/nsswitch.conf file (you may use command sudo vim /etc/nsswitch.conf). I’ve changed line:

hosts:          files mdns4_minimal [NOTFOUND=return] dns

to:

hosts:          dns files mdns4_minimal [NOTFOUND=return]

and now it is working as expected!

I hope this helps anyone that comes accross the same problem.

For the last month or so I’ve been learning a bit of Angular along my team. With it we decided to try vscode mostly for its intelisense features when working with JavaScript.

At first I didn’t like it that much, but then I started to fidle with it and it grew on me. Then if I was to move to it full time I had to make it behave well with our team standards, regarding code standards and stuff like that. Here’s what I did.

Look and Feel

I used the same exact theme on sublime and font for a few years. It takes quite a while for me to change that.

The theme I use is called Material Theme. You can find the link here. You can install that with just one line.

Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.

ext install Equinusocio.vsc-material-theme

With it I also installed the propper icons for the material theme, Material Icon Theme.

Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.

ext install PKief.material-icon-theme

Then I had to fix the problem with the wasted space on the sidebar. Vscode by default has this bar called activity bar, where you can go from file manager, to version control and your settings. I could just hide it but I didn’t want to have to use my mouse to hide and show that bar. Then I found and extension called Costumize UI. With it you can move that bar to the bottom part of your sidebar.

This was gold, because now I can just toggle the sidebar with ctrl+b and this bar goes along with it.

PHP Development

After this step my install of vscode looks exactly like sublime text 3 and the transition was going good.

Then I needed to install some extensions more towards the PHP development than.

First installed the PHPDoc Comment this helps with writing documentation for your code.

Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.

ext install rexshi.phpdoc-comment-vscode-plugin

Then the main reason we moved to vscode. It’s called PHP Intelephense. This is PHP code intelligence for Visual Studio Code. Intelephense is a high performance PHP language server packed full of essential features for productive PHP development.

Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.

ext install bmewburn.vscode-intelephense-client

In our team are using PHPfmt for our PHP projects and this is something that we absolutely needed to continue using with the same settings. This is very important so can maintain the same file formats on any project we open and use.

After this I changed a bunch of settings in the editor to suit my needs. Here’s my complete settings.json file.

Complete settings

{
    "editor.fontFamily": "'M+ 1mn light', 'Droid Sans Mono', 'monospace', monospace, 'Droid Sans Fallback'",
    "editor.minimap.enabled": false,
    "php.executablePath": "/usr/bin/php7",
    "workbench.colorTheme": "Material Theme",
    "workbench.iconTheme": "material-icon-theme",
    "editor.cursorBlinking": "smooth",
    "files.exclude": {
        "*.exe": true,
        "*.pyo": true,
        "**/.pyc": true
    },
    "editor.rulers": [
        80,
        120
    ],
    "diffEditor.wordWrap": "on",
    "phpfmt.php_bin": "/usr/bin/php7",
    "phpfmt.passes": [
        "ConvertOpenTagWithEcho",
        "PrettyPrintDocBlocks",
        "ReturnNull",
        "OnlyOrderUseClauses"
    ],
    "editor.formatOnSave": true,
    "[php]": {
        "editor.defaultFormatter": "kokororin.vscode-phpfmt"
    },
    "editor.lineHeight": 24,
    "composer.executablePath": "/usr/local/bin/composer",
    "gitlens.hovers.currentLine.over": "line",
    "gitlens.currentLine.enabled": false,
    "gitlens.codeLens.enabled": false,
    "gitlens.statusBar.enabled": false,
    "gitlens.hovers.enabled": false,
    "gitlens.blame.toggleMode": "window",
    "gitlens.changes.toggleMode": "window",
    "grunt.autoDetect": "off",
    "editor.wordWrap": "on",
    "customizeUI.stylesheet": {
        "workbench.useExperimentalGridLayout": true
    },
    "editor.multiCursorModifier": "ctrlCmd",
    "customizeUI.activityBar": "bottom",
    "window.zoomLevel": 2,
    "editor.fontSize": 15,
    "editor.folding": false,
    "editor.glyphMargin": false,
}

With Pi-hole you'll get this set of features:

Network-wide protection

Instead of browser plugins or other software on each computer, install Pi-hole in one place and your entire network is protected.

Block in-app advertisements

Network-level blocking allows you to block ads in non-traditional places such as mobile apps and smart TVs, regardless of hardware or OS.

Improve network performance

Since advertisements are blocked before they are downloaded, network performance is improved and will feel faster.

Monitor statistics

Our Web interface offers control of your Pi-hole and a central place to view statistics. We also include an API for extending these stats. I wanted to re-utilize an old Raspberry Pi version 3 I had laying around that I haven’t used in a long time so here's the process. First, you'll need a Pi, a zero could work fine just make sure you have that, a case, a power brick and an SD card.

Setup the Raspberry Pi

Head on to the Pi website and download the latest version of the Pi software. You don't need a desktop environment for this so the lite version should suffice. Then you can use any tool to flash your SD card. Since I'm on Linux I used Balena Etcher way easier than using dd. After this you want to open the boot folder in your SD card and create an empty file called SSH and we're ready to start.

Update your system

Insert your SD card into your Pi and boot it up. Then you'll need to find your Pi IP address in your network. You can easily find this on your router. Once you've done that open up your terminal and access your Pi via SSH.

$ ssh pi@youripaddresshere

This will ask you for a password and that will be raspberry by default. After this you might want to change the default password.

$ passwd

Then enter your old password and your new password 2 times. To update your system just do the following:

$ sudo apt update && sudo apt upgrade

This might take a while. Once it's done you might need to check if you have curl installed and if not, install it.

$ sudo apt install curl

Install the Pi-hole software

Here we take the easier route. One-Step Automated Install those who want to get started quickly and conveniently may install Pi-hole using the following command:

curl -sSL https://install.pi-hole.net | bash

During the process of install you'll be asked a bunch of question, but my process was very straight forward. Just say yes to all the default options and you'll be fine. Once the process is complete, you'll be presented with your Pi-hole password. Make sure to save that somewhere. You can now access your Pi-hole admin panel by just typing the IP address of your pi in your browser.

Setup your Pi-hole so it can be used in your entire network

There's two ways you can use the Pi-hole. You can use it in a per device choice. This way you basically should only go into the router to make sure your Pi always uses the same IP. The best way you can use the Pi-hole is to setup the system to be used by all the devices in your network, and that's what I did. To do that the next steps are different on every router so you might need to do some googling at this point, but here's what I have and what I did.

Setup the IPv4 and IPv6 static IP. In my case these are my settings, you can find yours in your information tab on your Pi-hole admin panel.

192.168.1.2 and 2001:818:xxxx::192:168:1:2 in my case.

Huawei HS8247W (Smart Router 2) (Specific to my router)

Step 1 Advanced settings -> LAN -> DHCP Settings Primary DNS Server: 192.168.1.2

Step 2 Advanced Settings -> IPv6 -> DHCPv6 Server DNS LAN administrative origin: Static config Preffered DNS: 2001:818:xxxx::192:168:1:2

Step 3 Advanced Settings -> WAN Config -> DNS Server configuration IPv4 / Origin: Personalized Primary DNS: 1.1.1.1 Secondary DNS: 1.0.0.1

Step 4 Advanced Settings -> WAN Config -> DNS IPv6 Server configuration / Origin: Personalized / Primary DNS: 2606:4700:4700::1111 / Secondary DNS: 2606:4700:4700::1001

That's it, now always leave your Raspberry Pi on and you'll be fine. If your internet connection goes out for some reason, just make sure your cat didn't disconnect the Pi.

Installation

The installation process was really straight forward and really fast too.

Desktop Environment

I opt-in for KDE. This was something that I changed a few months ago in my workflow, I moved from gnome into KDE. I even made a video recently about my KDE workflow. You can see it here. The fact that the Manjaro team leaves the KDE environment almost untouched is quite good. They just made their own theme and icons and thats it. Other than that you get the latest and greatest from KDE. Love it!

Base tools

The base tools the distributions comes with are quite good, sure I installed a lot more things that I use on my day to day, but for normal usage you get a lot.

Package management and other tools

Pacman

This was probably what I liked the most about Manjaro. I never works with pacman before, I always used apt distros. Pacman is for sure the best package manager that I ever used. Intuitive to use, fast and even the output you get during updates and stuff like that is pretty good.

Pamac & AUR

Manjaro brings a AUR helper called Pamac, works amazing and also pretty intuitive and easy to use.

Other tools

Manjaro doesn’t push you towards one container app environment like snap, appimage or flatpak. You can just activate the ones you want to use and just use whatever you want. It’s not really that intuitive to do, because its kinda hidden in the add/remove software app.

The add/remove software app

This was probably what I liked less in the distribution. I think the Manjaro team should work on this app and just make it more like a store, something like PopOs did when they boroed the app from Elementary OS.

Final thoughts

I need to actually format my main production machine at the start of 2021. I want to re-arrange my disks and the way I have things. Therefore I really consider moving from Pop!OS to Manjaro for 2021. I’ll keep you posted.

I made my USB stick and went with the KDE version of Manjaro. The installation worked like a charm, even the live USB worked incredible.

Even thought I had my computer configured with my /home in another partition I decided to do a clean install and just format my home directory since if I end up installing it on my Desktop that’s what I’ll do.

After the install I updated the system, but a new version of Manjaro just came out, so I zero updates to do. I was not expeting that.

Then I started to tweak the KDE settings and most of all the “add/remove software” app, where you can configure how you wan your package manager to work.

I decided to enable pacman, AUR, flatpak and appImages.

Just a few momments later I started to install my software and adding my dotfiles from github.

First of all I was quite impressed with te amount of software available on pacman and AUR. I didn’t have to add any sources like ppa on debian. Everything was avaiable and I could install it with one click or via terminal.

One basic example is docker and docker compose. Tools that I use everyday at work and at home. On debian based distros I had to read one or two pages of documentation to get them installed and working. On Manjaro?

$ sudo pacman -S docker docker-compose

That’s it!

So far first impressions are looking really good. I’m impressed with the package manager, the speed of everything, even the KDE theme is impressive.

Let’s see how it goes next week.