Similar boat. I release an extension with about 1 million installs across Chrome/Firefox/Edge for work.

Firefox (despite being the smallest usage) is utterly insane with regards to process. They demand a reproducible build, but then can't do things like install the right version of yarn (no - npm install -g yarn is not correct, our readme says it in bold like 5 times and provides the exact correct command to install the right version), or follow basic setup steps like "Use this version of node (complete with exact steps to install it and a script to automate that for them)".

God fucking help you if you try to do something completely crazy as a private company like - checks notes - use a private NPM module. Despite providing them with access on a pre-configured account, or offering to give a review account access according to Mozilla "It's too hard to use external accounts during review".

Honestly - having to interact with the browser review team is a BIG reason I no longer recommend Firefox. They're incompetent at best, and I'm fairly convinced they're just milking the google search deal income for as a much as it's worth - I don't think they really want to provide an alternative and secure browser anymore.

> We cannot reproduce your source

This is the biggest issue we had, and we had to add a decent bit of complexity to our builds to support reproducible builds in the exact way they want. But the silly part is that our extension involves building a wasm file from Rust, and after some back and forth it turned out that they don't require it to be reproducible (despite being core of our extension and containing 99% of our logic), which honestly feels like it defeats the point - who cares if JS reproduces if you can hide any arbitrary possibly-malicious code in wasm.

For a while we were seriously considering putting our prebuilt wasm in the source package or on npm, just to make the "reproducible build" on AMO side simpler, despite this making it even further from how it's actually built.

Every time I hear about the review processes for browser extensions I'm shocked that the it involves humans having to read your README and manually plumb together the build process. Sometimes I hear that reviewers are even reusing VMs when doing reviews, or even not using VMs at all. I'd have expected the review form to have a textbox where you paste your git link and a well-documented automated pipeline that stands up a specified VM with a specified amount of RAM and disk, clones the git, descends into it, and executes `docker build -t ./docker/review/Dockerfile`. I'm surprised that the reviewers themselves haven't outright demanded such tooling from their larger organization, just as a matter of job satisfaction - I can't imagine all the abuse they get from angry app owners.

Also had these issues when working on my previous job's extension. The Firefox review process was a real nightmare to work with. Same heavy delays and misunderstandings your mentioned. Eventually the company just stopped updating the Firefox extension as often since usage was low and the review process was such a pain. Unfortunate for me, as the only engineer (maybe employee) at that company that used Firefox.

The problem with these types of things is that the people who are qualified to do good reviews are also the sort of people who can typically get a far more interesting job building stuff, rather than just reviewing code. It's work that does require a certain level of skill, but at the same time is also quite boring.

And that more interesting job will probably pay better as well.

> that's because you didn't follow instructions and are in the wrong directory.

You just need to have a shell script in the root directory that assumes the person running it has 0 clue about your extension.

Also some of this reminds me of Apple. They clear something up, then bring it up again the next time review is needed.

That's not just mozilla. Google's review team all are in India and they cannot write clear English. It's a mess.

I had these issues too a few years ago. Now the review time is shorter than Chrome’s and hasn’t been flagged in a few years. However my extension has about 10k users, if that makes any difference.

this seems like the kind of place where user-based reviews would be more efficient, better, and more open

having the makers of a browser do this is bound to create both efficiency and political problems for extensions. im remembering dissenter now

That's interesting to hear. Do you also offer your extension on the chrome store? How did the review process differ? I ask because I've only published on the chrome store in the past.

[flagged]

The reproducible build requirement seems to be a major blocker for many addons, including one I use for Twitch: https://github.com/FrankerFaceZ/FrankerFaceZ/issues/1495#iss...

I disagree here. You don't want to allow people to review their own code. That defeats the purpose of a review. No matter if he's a superstar, have someone else look at his code so that he doesn't get sloppy with security practices.

And if you allowed this, then more borderline superstars would want the same privilege.

In scientific publishing, even if you're the editor in chief, your paper gets reviewed by someone else and the whole decision process happens away from your eyes; this is good for science.

This sounds like a proposal to make the review process giving more weight to reputation, unlike the current process which is supposed to be entirely technical[1]. This might be a good idea, but I can see how Mozilla would get a different set of complaints about reputation not being consistently evaluated.

[1] https://wiki.mozilla.org/Add-ons/Reviewers/Guide/Reviewing

Probably a big ask, but could you find out why one is not allowed to add your own root cert to FF and sign an addon yourself, instead being forced to use an ESR/develop/nightly version and setting xpinstall.signatures.required to false, significantly reducing your security?

I suspect he will simmer down a bit (I do not at all blame him for what he did, it has to be frustrating to dedicate thousands of hours into something just to have some clueless person pull it). I think it will be back inside of a week, it’s important and can save battery over regular ublock origin on Firefox.

I think it’s reasonable to expect that one of Firefox’s most popular extension publishers gets a higher tier of review service. Gorhill (and other top extension devs) are providing real value to Firefox, and have demonstrated good behavior for years.

This doesn’t mean they should get to publish whatever they want, but if a reviewer is about to reject a high profile plugin, they should get a second set of eyes on it. Which would have obviously caught the mistake here.

Feels like another “Firefox is underinvested in developer relations” story, which is surprising given how much they rely on them.

Edit: honestly the idea that gorhill doesn’t have a dedicated rep at Mozilla is baffling to me. According to their stats the extension has 8.4 million users. They should call him on the phone to let him know there’s a problem with his extension.

I'm not even surprised the addon got flagged. The linked files in the Github issue all had file names insinuating a direct connection to known trackers (which, of course, uBOL is blocking). Whatever automated scanning tool Mozilla uses probably latched on to "oh this is Google Tag Manager" and issued the warning that is normally handed out to addons that do include sketchy scripts like these.

HOWEVER: the email clearly states:

> Your Extension uBlock Origin Lite was manually reviewed by the Mozilla Add-ons team in an assessment performed on our own initiative of content that was submitted to Mozilla Add-ons

Either that is a lie, or the manual reviewer that did the "review" doesn't understand that the automated tool they ran is capable of false positives.

Nothing wrong with automated abuse assessments on a platform like Mozilla's, but don't lie in your communications about it (or hire people who know what they're doing when it comes to blocking addons).

Maybe a less crappy review system at least?

"The burden is that even as a self-hosted extension, it fails to pass review at submission time, which leads to having to wait an arbitrary amount of time (time is an important factor when all the filtering rules are packaged into the extension), and once I finally receive a notification that the review cleared, I have to manually download the extension's file, rename it, then upload it to GitHub, then manually patch the update_url to point to the new version. It took 5 days after I submitted version 2024.9.12.1004 to finally be notified that the version was approved for self-hosting. As of writing, version 2024.9.22.986 has still not been approved."

Doesn't sound like something I'd enjoy as a hobby.

https://github.com/uBlockOrigin/uBOL-home/issues/197

I agree with what you say about the tradeoffs of a review process, but strongly disagree that Raymond Hill overreacted. He's a solo dev working on uBlock as a hobby who doesn't even take donations; he doesn't owe us anything. He gets to decide if the review process frictionless enough for him to contribute his time and energy, and even though he decided it's not in this case, he made his extension open source, so anyone else is free to publish uBlock Origin Lite in his stead.

I don't think the author has overreacted, but your first paragraph doesn't seem to match the timeline, so maybe the article didn't portray it correctly. For a better understanding have a look at the Github issue: https://github.com/uBlockOrigin/uBOL-home/issues/197

It was not an automated review, it was a manual review, poorly done. The author then explains that they don't want to deal with the stress (there are also some extra explanations of what's involved in the AMO review process), and also that they left a somewhat harmful version of the plugin up. Not wanting to deal with stress is a perfectly understandable reaction.

> manually review every add-on revision for safety in a timely manner

Sure, but uBlock Origin, lite or not, is one of the most important browser add-on, if not the single most important one. This may not justify to give it a pass without looking, but it should certainly be reason enough to jump it in front of the queue and review it manually every time.

No he did not. Mozilla is in situation where they should bend backwards with very popular extensions, which I believe both uBlock Origin versions must be. Ensure anything you do with them is absolutely correct.

In general quite many extensions are done for passion. And any chance of destroying that passion will make your product less desirable to work with and thus in long run less popular.

Mozilla is not a single person in a basement with a 20 year old second hand computer. They spend hundreds of millions $ per year. uBlock origin has 8+ million installs. The second extension by install count has 4 (four) times less. If if anything to do with gorhill and their extensions is not priority one in their review system, then something is really wrong at Mozilla.

Don't remove stuff that are used for some time using only automatic tooling ...

And from the start the review was supposedly: "Your Extension uBlock Origin Lite was manually reviewed by the Mozilla Add-ons team".

> No pre-release review at all?

certainly not leaving only the oldest version of the extension up.

Can we build a better sandbox? exfiltrating data is the issue, but if the extensions just weren't able to reach out arbtrarily but could only download a specified url, then that would eliminate the problem for plugins that could adapt to only using a specific permission and then not need manual review.

Meh, it's perfectly reasonable to decide that you don't want to deal with this kind of bullshit and pull the extension from problematic stores. There's probably a miniscule amount of people using uBO Lite on Firefox anyway.

I think that the alternative is some form of "per review", where the effort of performing reviews is spread out among a volunteer f with reasonable "reputation" management and in which a party can accelerate their own review by contributing to the reviews for others.

Exactly. And this is why we need paid browsers. If the ad-supported/donation-supported browsers like Firefox need to apply low-quality automated solutions to approving/rejecting even their most popular addons, then clearly the business model isn't working.

So? Mozilla inserted themselves as middlemen into addon delivery. Even for the so-called selfhosted addons. They can just not do that if doing it properly and without undue delays means more work than they can handle.

I'd pay for speedy reviews. I don't think it would resolve to paywall, but the reviewers are not free.

> removing XUL

Nah, XUL had to go. The other stuff wasn't really related. It was a more "if we are going to break most extensions we may as well use this time to push everything else we want". If anything XUL is a scapegoat.

I know because I maintained VimFx for a while after the XUL removal. It was difficult to keep up with internal APIs that are changing, but I can't blame them, they need to develop their product. The thing that really made me give up on maintaining VimFx was the signing enforcement. They just keep tightening the screws so that I couldn't even run "my own" code with any reasonable UX.

What I would have like to have seen:

1. Provide WebExtensions as the recommended way to do things with some compatibility and deprecation guarantees.

2. Stop caring about compatibility of other APIs.

3. Still allow outside "full access" extensions that use those internal APIs. You can give warnings in the store "this extensions uses unsupported APIs and may break at any time and steal all of your personal data" and make the install button bright red but still allow it.

4. Keep supporting self-distributed extensions with developer managed signing keys and update URLs.

Since there are no compatibility guarantees on these APIs it wouldn't have been much extra work. Just a bit of UX work to add scary warnings and maintenance of the non-store update code.

> Imagine you would need approval from Microsoft to distribute software.

You mean like how you need permission to distribute software on MacOS/iOS? More and more platforms are moving in this direction and I wouldn't be surprised if Windows goes the same way in the future.

What?You can install extensions in Firefox easily without going through the Firefox extension store. XUL had to go.

On desktop Firefox, you can download an extension from anywhere and install it. All they're gatekeeping is their own repository, which I think most of us would like them to do.

I think mobile requires using a nightly build to install extensions from outside Mozilla's repository, and that suggests their thinking is becoming contaminated by the rest of the mobile ecosystem.

It appears all of the companies that are gatekeepers to apps, extensions and similar user-generated stuff are really quick to overreact and unless you are a high-profile person, have a lot of followers or a really popular app or an extension, good luck resolving it in a timely manner.

They are too busy working for the advertising companies Mr. Gorhill is blocking. Most recently adding ‘privacy preserving attribution’ - a feature that no user has asked for.

For the few good reasons Google had for restricting addon manifests: performance and security. Declarative domain lists are easier to cache and lead to fewer (unnecessary) addon activations. Fewer permissions means the impact of a malware-infected version hitting the addon store in the future is a lot lower. uBlock's rule engine is incredibly powerful, to the point where a custom ruleset can inject code into any website. That applies to custom rulesets, but also to the built-in ones that may or may not get their accounts/hosting hacked, or bought out in the future.

Not that I would use the lite version myself, or that I agree with Google's choice, of course; they killed ad blocker APIs without providing an alternative API, after all. With the code already out there anyway, for the people stuck in their ways still using Google Chrome, they may as well make this version available for Firefox.

Because it's lighter on power usage, and that matters for firefox on android.

It can run with way less permission as opposed to UBO.

It’s faster and has less security implications. I accept that UBO is more powerful even if it has a slightly less secure footprint, but that’s a decision, others may choose for more security per V3

> why would you ever install the inferior edition

It's my computer. I paid for it and I maintain it. I'll do whatever I please with it.

> instead of the one that blocks ads properly that's meant for Firefox?

I have a better question. Why even use Firefox if it refuses to do what I want?

manifest v3 is actually not a bad idea at all. it's more efficient, more private.

Remember why uBlock Origin exists in the first place: Raymond Hill was fed up with the chore of all the administrative crap around uBlock¹. They wanted it to be a hobby and it started feeling like a job.

https://github.com/gorhill/uBlock/issues/38#issuecomment-918...

So it’s predictable they’d get fed up with that Mozilla review process and call it quits too.

¹ Which led them to hand the project to an unscrupulous rando that immediately tried to monetise it, leading Raymond to hate the outcome and having to decry his own previous project and ending up essentially where it all started but with a bunch of extra work in the middle.

The author is a volunteer and the software is a labor of love: of course it's personal. Such projects thrive when the author feels like they are giving a valuable gift to a community which is receiving and appreciating it. Being required to submit your creation through an impersonal "review" process which rejects you in such a way that it's obvious nobody cared enough to even look is not just a buzzkill: it's an insult.

I would walk away, too.

Mozilla sent a template email and you're acting like they did anything beyond that. They didn't even assure the author that their add-on wouldn't be removed without prior two-way communication ever again.

Mozilla has a press page -- they could issue a clear, open press release talking about what went wrong, how they're changing going forward, etc. They could even acknowledge that this extension is awesome and contribute capital to making it available to their users.

But, instead, they did the minimum amount possible to save face after one of their reviewers royally messed up. The things the reviewer cited in the first review are plainly wrong and a junior JS developer could tell you that.

Heck, an AI reviewer would have done better (ChatGPT 4o mini):

"No, this file does not appear to contain minified code. Minified code is typically compressed to remove all unnecessary characters such as whitespace, line breaks, and comments to reduce the file size, making it harder to read.

The code you provided contains readable formatting, including comments, indentation, and well-structured functions, which are not characteristics of minified code."

> author took this a bit up personally

Yea, those pesky unpaid developers, letting their emotions get mixed into their personal projects. Why can't they be cold and unfeeling, like the people who run the firefox "store?"

I can’t fault gorhill for not wanting to play the “give large rich organization infinite second chances” game. Sometimes enough is enough even if you think you’d act differently in his shoes.

> Mozilla apologized

No they didn’t. Now I’m not here to play apology police or anything. But that’s just a perfunctory customer service voice statement which happened to include the word “apologize”. And that’s fine. Nobody expects more. We can acknowledge it for what it is tho.

Judging from his replies, this is not the first time he had problems with the review system

Feels like they were just waiting for a reason to pull out – likely feels its a hassle to upload and have it review and just want everyone to trust them and keep it simple

And I guess some people would claim that since its an open source addon no one can feel entitled to anything else

[flagged]

This is about uBOL. I haven't seen much delays for the main extension. It is always more up to date on Firefox compared to Chrome/Edge.

> uBO is THE killer extension

Now that you say that, I wonder if that's Google's end game: keep Mozilla on the payroll, disincentivise them from innovating on their product and wait for Firefox to slowly bleed users until nobody is using them and solidify Chrome's position. And that's how they take care of adblockers. They already have wide control over Chromium so that would only leave Safari as the last viable browser alternative (a much harder product to attack).

Now, Google can't stop Firefox from allowing ad blocker extensions, but they can encourage Mozilla to run Firefox in all but abandonware mode, until it dies out.

It's embarrassing how hard the Mozilla Foundation has fumbled their position and I'm having a hard time attributing their actions simply to incompetence.

uBlock Origin is likely the primary reason Firefox has any amount of meaningful browser market share today. If Firefox didn't support it then I would be using another browser. Seeing as Mozilla has been struggling to get anything right, they should be kissing gorhill's behind.

> I worry about how that will affect uBlock Origin's long-term stability as a project.

I wouldn’t be surprised if UBO has more users across all browsers than Firefox has users at all, and expect it’s at least within an order of magnitude.

To imply it’s in any danger at all because a minor platform is recalcitrant is ridiculous.

Latest update from the link you provided: The Mozilla review team acknowledged their error and rectified it. Hopefully that allows it to continue existing.

uBlock Origin 1.60 is still held back for review by Mozilla. Despite it being out for about a week 1.59 is the latest available on the Firefox add-on site.

Yes. I never took the review process seriously, I assumed people could publish pretty much whatever. Today I learned it's meant to be tight as well as that you can't run your own code anymore; that it needs to go through review or you get to reinstall every time you start your browser.

I've held out for a long time with Mozilla, trusting they thought it's a useful thing to do when they partner with Facebook to make privacy preserving adtech. This is a big ask of me though. I don't use it myself but I'm constantly running into limitations on Android and, at work, iOS because you can't simply do what you want on the devices without all sorts of hoops and fearmongering surrounding having actual access to your own device—the stuff I use my phone for simply doesn't run without root and one can't even make a full system backup without. It's not your device. Learning this about Firefox makes me feel it's not my browser...

Because there was a privacy policy it's hard to understand how that could be a mistake. The insinuation is the reviewer was not acting in hood faith.

Pretty clear: because it's a quote form the Mozilla's response

"We apologize for the mistake and encourage"

Yes, uBlock should incorporate Firefox, rather than Firefox incorporating adblocking.

That obvious mistakes can happen is itself a problem.

latest message from moz on the GH issue is from the day back

From a security standpoint the opposite is true: false negatives are to be avoided at all costs, even when that posture increases false positives. There’s always a trade-off.

Mozilla is definitely doing the right thing by reviewing the extensions, but the issue here is that were wrong, they found issues that didn't exist (such as claiming it contained obfuscated code and collected private data).

It appears the issues were found using simple heuristics (e.g they detected string pagead2.googlesyndication.com in a comment) and these detections weren't then manually reviewed as claimed, which is wasting everybody's time.

Absolutely. But: I don't think anybody is saying that high profile extensions should receive less scrutiny?

For high-profile extensions, the impact is higher for both false negatives and false positives. So they should receive more attention.

I do not know anything about Mozilla's internal procedures regarding add-on approvals. However, for a high profile extension like uBO/uBO Lite... it should either require multiple reviewers, or maybe just an escalation to a senior reviewer or something. You should never be a single human error away from a high impact mistake.

Maybe they do that already, I dunno. But it seems hard for me to believe that multiple people approved uBO Lite's yoinking.

Extensions are SUCH a crucial part of FF's appeal. And uBO/uBO is arguably the most important of them all.

> I find Mozilla's process to be quite reassuring

The fact that a review process exists might be reassuring, but the way they went about it surely isn’t.

https://github.com/uBlockOrigin/uBOL-home/issues/197#issueco...

Mozilla has the capability to handle compromised addons; this whole mess happened because they wiped out every version of uBOL except for the earliest one.

They just haven't used that capability responsibly... Yet.

There is a difference between questioning if a review process should exist for the official addon index and questioning if the implementation is any good.

You address the former when it seems like the issue is the later.

What's reassuring about the lack of basic competence? Why would you think such people/processes will help catch the types of issues mentioned in the Chrome link?

Mozilla has been trying to become an ad company for a while now. A built-in ad blocker would mess that up for them.

So many people in this comment thread commenting stuff like this, that it should be included, it's the only reason to use Firefox, etc. Meanwhile I use Firefox every day at work without uBlock Origin or any other ad blockers, and it's perfectly fine. Why do you think they should it?

The replacement is Brave browser https://brave.com/. Skip the crypto. Enjoy the integrated ad blocking.

Yep. Fuck Google, I won’t use a desktop browser without it.

We're at a really dangerous point with browsers at the moment where there's really no consumer-friendly option available.

I'm scared to say that Safari comes closest but you're just in Apple's walled garden then instead of someone elses'.

Our only hope seems to lie with Ladybird, if that even ends up being good and it seems extensions aren't on the agenda at least for a while.

ublock origin is still available in the Firefox add-on store.

The developer has pulled the 'lite' version, which is developed mainly for Chrome because Google killed some APIs the full version was using.

You can continue to use Ublock Origin, which uses the v2 manifest.

The delisted extension, Ublock Origin lite, is a v3 manifest plugin. Apparently it was created to address chrome blocking the v2 extension, but you can continue to use the v2 extension on Firefox

Neither of those work with ublock. I'd sooner disconnect from the net than not use ublock. (Same reason i don't use qutebrowser.)

I like SeaMonkey, it works with a legacy version of ublock. It's like using firefox back when it didnt suck.

Blink is to Servo what Chromium is to Firefox.

Supporting Servo on its own doesn't really move the needle a whole lot if it's missing all of the rest of the bits that make a comprehensive browser.

Firefox is already using Servo (at least in the form of Quantum) under the hood and is still the best option available to prevent more of a complete Blink monoculture than already exists with every other major browser being Blink-based or some reskin/fork of Chromium

Seems a bit extremist. I get being mad at microsoft for trying to charge for their software (gasp). I also get being mad at Chrome for trying to monetize their software (gasp) with ads. But now if you somehow get upset at Mozilla, it's more likely that you are the problem.

Nostr.

I am pretty sure Chrome has also added the forced restart for a bit now. It might not show up right after the update, but it doesn't take long. I don't remember if it was straighforward, or just crashed new tabs.

You don't have to use the developer edition to run unsigned addons; you can use the ESR version or nightly as well.

The article is misleading. The lite version is recommended on chrome because very soon the non lite version will stop working.

It doesn't apply to firefox.

Recommended for Chrome. I'm not sure why anyone would want this for Firefox.

These "lapses in judgement" are driven by Mozilla's brass representing the desires of their real masters. A post-Google Mozilla may be smaller, but I bet Firefox would be better and more popular.

> It's going to be much trickier for people to get uBO Lite onto their Firefox for Android installations now, or even if they can, they might just not bother.

Why would they bother? Firefox - Android or desktop - runs full/regular uBo just fine.

He gains by not having to interact with them for UBOL.

When you waste people's time sometimes an apology is not enough for them to want to continue to work with you ...

> I'm not sure what he gains from continued intransigence offers after Mozilla admits their mistake and apologizes.

What would he gain from submission to Mozilla? Either way he gains $0 for all the work he's done to improve the Internet for millions of people.

True, I never thought about it that way.

/thread

Generally, yes: follow the money.

But that does not mean that random errors can be always attributed to malice or financial interests.

You think that's how Mozilla would kiss up to Google? "Hey, we disabled an ad-blocking extension (although not its more popular and powerful big brother) for half a day! And then we put it back up!"

If I'm Google, that is not really thrilling me or making an impact.

Also, the Google/Mozilla relationship goes both ways. Mozilla is dependent on Google for cash, which I absolutely dislike.

However, Google also needs Mozilla as a hedge against antitrust claims. From an antitrust standpoint the ideal situation for Google is that Google continues to fund Mozilla, and Mozilla continues to allow ad-blocking (looks good to regulators) while continuing to have a tiny market share (so that FF's uBlock users don't actually have much of an impact on Google's advertising biz)

How is that at all relevant here? Google doesn't have this same review process for Chrome?

From the article:

> uBlock Origin Lite is a Manifest V3-compatible version of the content blocker. It is less powerful, but since Google is disabling Manifest V2 support in Chrome, it is what will remain from uBlock Origin for Chromium-based browsers.

> Does it affect uBlock Origin? The core extension remains available for Firefox. Unlike Google Chrome, Firefox will continue to support Manifest V2 extensions. Mozilla has not flagged this extensions or disabled it

But somehow it is Mozilla who is the bad guy not Chromium-based browsers.

Per the article, uBlock Origin is still in the Firefox store at https://addons.mozilla.org/en-US/firefox/addon/ublock-origin... ; it's the lighter MV3-based uBlock Origin Lite that was removed. So the general population can continue to use the full Origin.

And because the original non-lite uBlock Origin supports much more complicated rulesets, it should be effective even without code updates... but it still is concerning that the same Mozilla errors that caused Origin Lite to be flagged might extend to time-sensitive updates to the original Origin as well.

You do not read this right. Mozilla goofed, then goofed again, then again, then again, then again, then the developer got fed up of having every single version reviewed incorrectly and pulled it, then Mozilla apologised.

I'd do exactly the same thing.

I can see how having to jump pointless bureaucratic hoops in a volunteer project can cause throwing out toys.

When Mozilla is being gifted enormous amounts of free labor, they should be more careful with the donor.

Nobody is forcing you to put your website on the open internet, you're doing it because you're making a value judgement about how much money you can make by not closing or paywalling your system. Nobody cares what your business model is (that's your business and your decision barring illegality), and if it's not working for you, you should change it or shut down. Why should anyone have any sympathy for you?