Updated: May 9, 2009
It's almost exciting as Alien vs. Predator, only a little sadder. It's a tale of two Firefox addon developers, Giorgio Maone wielding Noscript and Wladimir Palant brandishing Adblock Plus, crossing swords in a battle of egos and subterfuge, while the poor world of Firefox users watched in consternation.
There's been a lot of talk on the subject, but I also felt compelled to seek attention, hence this article. Still, I have waited for the storm to calm down a bit before sharing my bit, now that things are a little clearer.
One thing is definite, though: the last week has not been a good one for the open-source world. Lots of mayhem and lots of disappointment. A sort of a myth has been shattered, that of a united and secure open-source community.
The story, like any good thriller, is about money. If you're wondering how women fare in the story, they don't. Either way, women are just a pretext for men to fight over bigger issues.
It started as a sort of a phallic e-contest revolving around advertisement. The Noscript developer Giorgio realized he was losing revenue because of the way Adblock Plus filters were written and decided to change his product, the highly popular security extension Noscript, to circumvent the barriers presented by the ad-blocking software. On the other end of the fighting ring, the Adblock Plus developer, Wladimir, started writing more complex filtering rules specially designed to block Noscript website content, including ads, from loading.
Eventually, Giorgio snapped and wrote a Noscript release that targeted the Adblock Plus extension and changed it so it would leave his sites alone. When Wladimir discovered this, he went postal.
The story caused quite a stir in the Firefox crowd. Noscript users were shocked to learn that their favorite piece of software, the one extension that made sure no website could cause any harm, was partaking in shady practices in the very heart of their browser. Some hurried to uninstall Noscript, while others rushed to vote down the extension on the Mozilla Addons site. Most people started reading hundreds of articles and blog entries debating the hot subject, trying to decide who the good and who the bad guys in the story were.
Giorgio quickly realized his horrendous mistake, released a new Noscript version that fixed the wrongdoing and apologized at great length on his personal website. Since, the fires have raged down a little, but the damage was forever done.
Mozilla decided to propose a new "no-surprises" policy regarding browser Addons, specifically what they could or could not do, as a direct result of the Noscript-Adblock war.
Worse yet, the long-earned trust in security that Noscript and Adblock offered their users was lost. It turned out that the developers forgot their call, abandoned their users and turned the public stage into their private feud.
It's up to decide what happens now. Personally, I have quite a lot to say, but I will focus only on most important things.
Errare humanum est
The Romans had figured this out before long there was Internet. It's human to err. Giorgio made a big, big flop. But he realized the enormity of his blunder and he has apologized. I believe his apology is sincere. I think we can forgive him for his mistake.
We have all learned something
We have learned that Internet security depends on more than just pure code. It depends on the integrity of people who develop software. We have all been taken without pants down when the Foxgate affair exploded and surely cannot be glad that it happened, but we must be grateful for the experience that it has taught us.
A more stringent Addons policy will ultimately benefit all of us, as users. The software will have to meet higher standards and compliance before it will be let into the circle of trust, making for better quality, stability and security. Mozilla also proved their integrity by responding quickly. They will not brook any nonsense when it comes to their dearie. Firefox users now know that attempts to sabotage their browser, even by trusted members of the community, will not go undetected or unpunished.
Developers have also learned a few important lessons. The first is that public responsibility surpasses ego and personal greed. The second is, people will not stand by idly as their trust is abused. And of course, let's not forget the basic rule of hustling - if it sounds to be too good to be true, it probably is - meaning there is no easy money.
Maintaining moral integrity is difficult, especially when you invest so much of your personal time and efforts into serving the wide public, most of which has never heard of you, seen you or cares about you. It's tempting to take shortcuts to glory. But they never work and they always backlash.
Given the choice between quick money and being the beloved underdog of the cruel world of the Web, I'd go for the more difficult option. User trust is the most important thing you can have online. It's the only tangible thing that actually means something. In the long run, it's what makes people stay and come back for more.
No reason to stop using either Noscript or Adblock
Many people have stopped using one or the other extension in the last few days. They probably believe their move sends the developers a harsh message, but ultimately, the users only harm themselves. Noscript and Adblock are excellent utilities. Using them significantly enhances the Internet experience.
Even if you're inclined to stop using these extensions, do take a deep breath and think through before acting. First of all, let the situation calm down. Never make hasty, emotional judgments - we've just seen an excellent example why this course of action can be wrong.
Furthermore, if we take into consideration every single aspect of moral life of software developers around the world, we probably won't be using any software any time soon. Hans Reiser murdered his wife with an axe and then buried her in the woods. This does not mean he did not create an excellent filesystem, does it? When you think calmly, logically, the murder has nothing to do with the choice of filesystem for your Linux installation.
We need to judge software by their usefulness: a) Does it hurt my machine? b) Does it offer me the functionality I seek?
In their current incarnation, Noscript and Adblock do not harm one another, other extensions or the browser itself, nor do they compromise the privacy or the security of the browsing experience.
In fact, Noscript was doing bad things before the story came to life, and back then, you were convinced that it was working as you expected.
Now that you know the whole truth, post-mortem, the decision is merely an outlet of rage, a reactionary protest. Our primal instincts call for revenge. But that's the wrong thing to do. Uninstalling the extension you help no one and nothing. If you want to make sure this never happens again, write about it, send an email to the develop, explain how you feel, make your demands known. This is the best way to strike back.
And Giorgio did repent his moves. That counts for something. Quite a lot. I believe he has learned the meaning of e-suicide. Any future mistake on his behalf will mean the end of his career as a developer. This means that you should expect high-quality, top-notch fruit from Giorgio from now on.
The same goes for every developer. As public servants, per se, they are here to make sure our demands are met. No one uses software for the sake of use. Software is not created for people to use it. Software is created because people want to use it.
Let your voice be heard. Free software does not mean the developer can rape your keyboard. Take it or leave it does not work here. You're the customer. Make sure the products you receive are the best.
Finally, to make a bad open-source week an even worse, a developer of one of the most popular Linux distributions decided to make a private, political statement on the official, public blog of the said distro, in which he called for people of certain geopolitical persuasion to stop sending help and donations - because he disagrees with them.
Again, this caused quite a stir, halving the distro community between fans and haters, supporters and opponents, dazed and confused.
More than that, the statement harmed the public image of the distribution and probably breached a few GPL laws, as it's against the Linux creed to discriminate against people based on their race, age, gender, political, religious, geographical, and other statuses.
Worse yet, blanket statement don't really help. Even if you have a very important message to deliver, you dilute it when you spread it too liberally.
Just like with Noscript and Adblock, the reaction was to stop using the distribution. Which is the wrong thing to do, because the distribution is still as good as it was two weeks ago, before anyone was privy to the private musings of a certain developer.
For some reason, people like to think in terms of punishment, which really beats me. Why? Why the need for destructiveness? Isn't it our goal, as people of the open source community to work together toward a better world? If there's one thing Linux does well, it's to unify people from all over the world in global projects that are blind to color and race and language.
I believe this article is complete. I have delivered the messages I wanted to be heard. It's up to you to decide who and where you want to be, among the crowds of little people, bickering about trivial things, or working toward the betterment of this world.