I'd read it more as "I don't particularly care about what ends up as the standard or who ends up writing it, I just wish that it's nearly as capable as the non-standard implementation that exists and is useful."
Mozilla's objection is to having the capability at all, on the basis of "USB devices are too easy to hack" and "users are too dumb to give informed consent, regardless of what we tell them". And GP's objection to Mozilla's objection ultimately comes down to having the capability or not.
Mozilla's objection, among others, isn't "users are too dumb to give informed consent, regardless of what we tell them".
It's "we have dozens of APIs that require user consent and it's nearly impossible to contain this barrage, or to make sure that users fully understand the implications of consent for the more complex APIs and integrations"
Why do people in these discussions pretend that it is only WebUSB that needs a permission and consent?
There’s also the possibility of social engineering that compounds with lack of technical understanding to produce some nasty results.
It’s been proven that many users will click “Allow” for just about any dialog when instructed to if a sufficiently juicy carrot is promised as a reward. With WebUSB this could easily result in hapless users’ phones and whatnot getting malware/spyware installed on them… elderly and kids seem particularly vulnerable.
Okay, fine, there are a few other proposals regarding information about or control over the local device that Mozilla disapproves of on similar grounds. But it still comes down to "We don't think users can ever understand the security risks involved with this kind of access", which I've abbreviated as "users are too dumb". You can argue that "they're not dumb, they're just human/inattentive/fatigued by warnings/whatever", but it still comes down to having the knowledge or not. (After all, if it were just "We don't want a single click to give immediate access", they could just make the prompt/warning harder to mindlessly click through.)
Of course, the alternative to the user getting a browser prompt to communicate with their USB device is for the user to download a program to communicate with their USB device. So if they're set on doing whatever they are attempting to do, then it's not like they can ever avoid the risk of threats they don't understand, since desktop sandboxing is still mostly nonexistent.
Stop projecting your own view of users on what Mozilla is saying.
> Of course, the alternative to the user getting a browser prompt to communicate with their USB device
It's amazing you write this literally after I wrote "Why do people in these discussions pretend that it is only WebUSB that needs a permission and consent?"
It's actually exasperating to see almost the same people go "oh yes, permission dialogs in Android are overly broad, and people just click yes without reading, yes cookie consent popups are annoying, people just click yes" and then turn around and say "how dare Firefox assume people are stupid to read and understand the consent popup for WebUSB (and WebHID, and WebSerial, and WebMIDI, and NFC, and Network Information, and Bluetooth, and Location, and FileSystem Access, and Camera, and generic sensors in general, and...)"
I’ve heard both opinions at the same time because they’re both true.
A technical audience will actually read prompts and understand what they’re consenting to. I, for one, actually read cookie prompts and will say no to as much as I can.
Most people don’t, and the number of people who don’t is growing, because we keep adding prompts.
Mozilla's objection is to having the capability at all, on the basis of "USB devices are too easy to hack" and "users are too dumb to give informed consent, regardless of what we tell them". And GP's objection to Mozilla's objection ultimately comes down to having the capability or not.