Feeds

Firefox passive-aggressives adjudicate Nerd Law

Better than a severed horse head

Internet Security Threat Report 2014

NoNoScript

For years, NoScript had been using some tricks to keep Adblock Plus from working on its update landing pages. Palant didn't pay it much mind for some time, until he recently recommended that EasyList explicitly block ads on the NoScript servers. Successive iterations of this blocking rendered the NoScript website useless to Adblock Plus users, to the point where they could not even download NoScript without some serious hunting. Having enough of this passive-aggressive posturing, Maone released a version of NoScript that would interfere with the internals of Adblock Plus to allow ads on the NoScript servers.

What followed was a public airing of grievances that brought in the Mozilla Foundation, who came down on Adblock Plus's side. (Yes, the Mozilla Foundation that's kept afloat by advertising revenue from Google, that Mozilla Foundation). It ended with Maone apologizing for interfering with Adblock Plus and issuing an update to NoScript that un-did his fiddling.

If you step back and look at this, it was not nearly a crisis of the magnitude the internet would have you believe. This slug-fest only affected people who use both Adblock Plus and NoScript. Each of these extensions has about 50 million downloads, and if you assume a really generous amount of overlap and adoption, this amounts to about 18 per cent of Firefox users. Woo, let's alert the BBC.

The real cause of this dispute is something I like to call Nerd Law. Nerd Law is some policy that can only be enforced by a piece of code, a public standard, or terms of service. For example, under no circumstances will a police officer throw you to the ground and introduce you to his friend the Tazer if you crawl a website and disrespect the robots.txt file.

The only way to adjudicate Nerd Law is to write about a transgression on your blog and hope that it gets to the front page of Digg. Nerd Law is the result of the pathological introversion software engineers carry around with them, being too afraid of confrontation after that one time in high school when you stood up to a jock and ended up getting your ass kicked.

If you actually talk to people, network, and make agreements, you'll find that most are reasonable. If Maone had talked with the EasyList maintainer, perhaps he could have convinced them that showing AdSense on the NoScript site wasn't a huge affront to users. After all, if those ads really pissed off a user, he could explicitly block them with Adblock Plus.

If the EasyList maintainer contacted Maone about what implications his explicit blocks on the NoScript site would have, maybe the two of them could have come to a mutually-agreeable solution.

But no. Sadly, software engineers will do what they were raised to do. And while it may be a really big hullabaloo to a very small subset of people who Twitter and blog their every thought as if anybody cared, to the rest of us, it just reaffirms our knowledge that it's easy to exploit your average introvert.

After all, what's he gonna do? Blog about it? ®

Ted Dziuba is a co-founder at Milo.com You can read his regular Reg column, Fail and You, every other Monday.

Beginner's guide to SSL certificates

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Post-Microsoft, post-PC programming: The portable REVOLUTION
Code jockeys: count up and grab your fabulous tablets
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.