Mozilla is held to a higher standard
If you follow tech news or my site, you have probably stumbled upon the Firefox uses Google Analytics controversy by now.
Let me refresh your memory if you have not. A user of Firefox discovered that Mozilla Firefox connects to Google Analytics when users of the browser load the Get Add-ons page of about:addons.
That page displays a remote web page on Mozilla's website when loaded, and that's where the Google Analytics connection comes into play.
Mozilla stated in a response that it has brokered a special deal with Google which anonymizes the data, and prevents Google from using it internally or externally.
While that is commendable, it does not touch the core of the issue that privacy-conscious users have with the implementation.
The core issue for users who criticize Mozilla for using Google Analytics is the connection to Google Analytics, or in broader terms to Google, and that Firefox does not inform users about it, or provide the means to block it by default, or that the connection happens at all.
Note: Mozilla reacted quickly to the reported issue, and Firefox users may enable Do Not Track in the browser to disable the Google Analytics script on the Get Add-ons page of the browser.
Firefox users may enable Do Not Track by loading about:preferences#privacy in the browser's address bar, and setting the option to "always". Note End
Mozilla may be right when it states that Google won't touch the data because of the deal. There is no evidence that the company does otherwise, even though it would be difficult to prove that. The whole incident may be blown out of proportions, but that is not what is bothering users who criticize Mozilla for the use of Google Analytics.
What Mozilla fails to realize in my opinion is that there is a subset of Firefox users which holds the organization to higher standards than any other browser maker when it comes to privacy (except the Tor Browser guys probably).
This does not come out of the blue, as Mozilla presents itself as an organization that values user privacy and security. The fourth principle of Mozilla confirms this for instance:
Individuals' security and privacy on the Internet are fundamental and must not be treated as optional.
A connection to Google Analytics goes against these privacy principles, at least for Firefox users who take privacy seriously. It does not really matter whether Mozilla brokered a special deal with Google or not, what is collected and what is not, or what happens to the data that gets collected.
The fact that data lands on Google servers, and thus outside of control of Firefox users or Mozilla, is what is bothering users who criticize Mozilla for integrating the script on the page that Firefox loads.
In short: The stance that privacy conscious Firefox users have is that Firefox should never make connections to third-party sources, especially not to Google, Microsoft or any other major player in the advertising world, without user consent.
So israeli, you have nothing to hide eh?
Have a look at the following site and then let us know if you still feel the same way afterwards: https://en.wikipedia.org/wiki/Portal:Mass_surveillance
In which country do you live so concerned about privacy and espionage?
So do you want to be treated like an inmate in an institution with all your activities, thoughts, and relationships being monitored by tech corporations and unnamed agencies? Who has access to that data? Any spying by a private, for-profit corporation would have been illegal years ago in a sane world, today they’ve managed to sneak in under the radar claiming to be benevolent. “Do no evil”? What a joke.
in israel almost everyone use google search ,google chrome, android, google map, gmail ,waze,facebook, whatsapp. users firefox, linux, mac and iphone few.
Not really fear Spying , privacy and Tracking
From what Paranoid?
To what extent do ad-blockers block connections from browsers to analytics/telemetry/etc sites?
And if ad-blockers do not block such connections, could and should they be enhanced to do so?
Can you make a article on Firefox that will focus on making Firefox privacy respecting again? What stuff should we enable or disable or edit in about:config
Here you go: https://www.ghacks.net/2015/08/18/a-comprehensive-list-of-firefox-privacy-and-security-settings/
That page needs a big bold statement at the TOP that it is OUT OF DATE and point to at least the “ghacks user.js goes github” page, or better to the github repo
Don’t wish to tell you how to run your site or drive traffic away (hence link to your own article re going github), but could you do something please Martin – I mean we’re over 300 commits and 4 FF releases down the track (currently on 55-beta)
@jasray and others
There will always be a need for people to monetize and to include ads and a ‘requirement’ to track visit numbers to see ad effectiveness for example. Whether those connections like adsense are not to be trusted is *almost* a separate issue to a webmaster’s needs.
The root cause of this is a very fundamental issue with the internet in general. Companies who place ads on TV base their payout on number of people who watched the program – that the ad appeared in. That is the calculation. The TV stations make no guarantee that after seeing the ad 10% or 50% or whatever will buy the product. On the net watching/loading ads is a small (and getting smaller) part of that, clicks and purchases count. As long as this difference exists good luck trying to “trust”.
Is there a web browser that today is not a clone of Google and using Google?
I have found it to be impossible today to block all of Google off of my computer.
Firefox. Pale Moon. Midori (Linux), Konqueror (Linux).
Personally, I use Firefox, VIvaldi, and Brave. I alternate between Vivaldi and Firefox on desktops, and use mostly Brave on Android (Safari on IOS with 1blocker).
https://en.wikipedia.org/wiki/List_of_web_browsers
Anyone check the site you are currently viewing? Anyone have a clue about the Google Trackers in use? And Google Analytics? Does anyone, who is truly a privacy advocate, trust this site to promote and maintain one’s privacy?
googletagsservices.com
googlesyndication.com
Critec-Portugal
Criteo.com/Criteo.net
And, of course, google adsense
From the comments above, it seems Martin’s reader’s are oblivious to the source the of problem–unethical webmasters. Yes, point out that Mozilla is the “bad guy,” pretend to be the “good guy,” and then use readers as pawns in a game of chess.
64% of non-related, Ghacks.net requests are currently blocked; to block more would most likely break the page.
“Just sayin'” Martin has ya’all barking up the wrong tree.
People have double standards. Usually if a huge corporation do something about tracking, they will cry.
Commenters here have been saying that Chrome is privacy breaking browser and they use Firefox because they care about privacy. When I read your comment I remembered that and laughed.
I still don’t understand why they’re so mad at Mozilla. It looks to me they’re acting like Mozilla is exposing their porn stash. Even ISP nowadays track activies of the users so if they care so much about their privacy, they better don’t use internet.
Yes there are a lot of trackers on this site 8O) If people donated enough to run the site without ads, it would be a different story. I block all the ad’s and trackers here and everywhere else (At home I run a pi-hole for added protection on all our devices).
I donate money to gHacks to compensate for doing that (As I do for a few other sites as well). It is better the ad’s are around to help cover what costs are not supported by donors.
Mozilla? Standards? Just embrace Chrome, Martin. Mozilla today is worse than Microsoft or Google. They screwed Firefox users way too many times with various issues. The straw that broke the camel’s back was the retiring of all addons and declaring them “legacy” in favor of WebExtensions. Firefox began as an open browser (where open stood for choice and freedom). Today it’s open only by source code, but there’s nothing really open about it any more.
BFD. Don’t like it? Don’t use “Get Addons” (I never did). It’s easy to block GA anyway–everywhere.
With webextensions coming it isn’t straightforward to block GA. You’d have to run something external on your computer or network to do that, (hosts file which the operating system may choose to bypass (in windows case), pi-hole, etc.).
Official response by Palemoon developer to same issue:
“Since more than a few people have contacted us about what is just an assumed privacy issue without checking first, a few notes about our in-application privacy:
Our add-ons manager does not use Mozilla’s page to display add-on “discovery” content (we haven’t used that for years now, since we have been removing reliance on Mozilla services as much as possible). As such, the recent stir about “Google analytics” being used on Mozilla’s in-application page used in Firefox absolutely does not apply to us. You can open your add-ons manager as much as you like and Google will not get the first scrap of your data.
Many people may not be aware of this, but Firefox also sends a full enumerated list of all your extensions and plugins to the add-ons server when opening the add-ons manager on its first request. Yes, that’s right, just opening the “get add-ons” tab sends your full list of add-ons to Mozilla and by extension to any analytics service in use by Mozilla (all passed in plaintext in the requested URL). Pale Moon also does not do this.
If an add-on update request is not served by our add-ons server itself, your request will be forwarded to Mozilla’s add-ons server to check for extension updates, but with the difference that only the bare minimum of data needed to check for and request an update is being passed on. Everything else is dropped on the floor by us.
When you use the add-ons manager search function, we currently still use the Mozilla add-ons API, so those requests are sent to Mozilla directly. We do plan to change this in the future, as well.
Pale Moon, unlike Mozilla products, does not use Google for geolocation, and does not send detailed data about your local/wireless network to the geolocation provider (that Mozilla products do). Our geolocation is done with a simple, IP-based lookup using only public data (your internet-facing IP address). As a result it is slightly less accurate but fully respects your privacy.”
Can Privacy Badger add-on suffice to close this problem for the ordinary user?
https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/
I have been using https://tools.google.com/dlpage/gaoptout Google’s own extension for disabling Analytics for many years, not to mention No-Script which I have marked Google Analytics as untrusted, so I think that covers all the bases.
It’s called NoScript not No-Script
Nailed it.
We want Mozilla to be a true independent privacy conscious organization that we can trust.
A lot of the decisions they have made in recent years don’t fit in to that vision. For example – purchasing pocket (which collects anonymous data on what articles people read to make those articles pop to the top).
While the point of your article is well taken (i.e., the need for full disclosure), I’m not sure how much difference it actually makes. There are so many privacy landmines, I doubt they can all be avoided.
Hillbilly trappers had a saying when setting up bear traps: “Iffen one don’t git ya, another one will!” The trappers would set up a visible trap, which the bears would learn to avoid. However, as they walk around the visible trap, they’re caught in one of two hidden traps on either side, proving the value of a good decoy.
So let’s say you avoid the Analytics beacon. Even if there are no other obvious beacons, you will, more likely than not, get caught by the drive-by webfonts download. I forget where I first learned about it (possibly here at gHacks), but it’s another, auto-downloaded, tracked page element. For more, see:
http://fontfeed.com/archives/google-webfonts-the-spy-inside/
And unlike the Analytics beacon, I’d wager Mozilla has no agreement with Google as to how any collected data from the auto-downloaded fonts or other sources is used… Oops!
Your only real option is to set Firefox to always start in private browsing mode and block — using the HOSTS file or similar methods — most beacons from Google and others, including those piggybacked via fonts and other ancillary services, such as certain APIs.
In no particular order, here’s the short list of Google beacons:
googleads.g.doubleclick.net
pagead2.googlesyndication.com
http://www.google-analytics.com
ajax.googleapis.com
google-analytics.com
googleadservices.com
http://www.googleadservices.com
partner.googleadservices.com
apis.google.com
http://www.googletagmanager.com
http://www.googletagservices.com
ssl.google-analytics.com
fonts.googleapis.com
fonts.gstatic.com
tpc.googlesyndication.com
clients1.google.com
ads.g.doubleclick.net
bids.g.doubleclick.net
googleads4.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
One or more of the above appear on most sites served from within the USA. However, it’s just a small fraction of the total.
Plus, each country has several Google beacons unique to their specific TLDs and regional CDNs.
StevenBlack host file on github is powerful too — https://github.com/StevenBlack/hosts
WARNING: Google has already been caught doing the same with Safari users data and Google analytic in 2012:
-=- 😱😱😱 Google to Pay $5.5M to Settle Claims It Hacked Apple’s Safari Browser 😱😱😱 -=-
Sources:
* http://appleinsider.com/articles/15/03/27/google-loses-uk-appeal-in-safari-cookie-tracking-case-could-face-trial
* http://mashable.com/2012/02/17/google-caught-tracking-safari-users/
* https://www.cnet.com/news/google-loses-appeal-in-safari-tracking-case/
* https://www.theguardian.com/technology/2012/feb/17/google-admits-tracking-safari-users
N.B.: Maybe Mozilla honestly trust Google but I don’t trust Google at all and IMO Mozilla should NEVER use G.A. in Firefox, doing this defeat the main purpose why I use Firefox over Chrome.
I agree with the article title. But why are you not talking about Safebrowsing ? Safebrowsing is a connection to Google servers and there is a deal there too so that no data is collected or used. The Safebrowsing cookie has been given special care in that it is never ever used by Firefox for anything else but the Safebrowsing connection, but it still exists and can persist over connection if not cleared.
There isn’t that much difference between Safebrowsing and that GetAddons page in terms of using Google. The difference which consists of giving Mozilla more talkative data through GetAddons is compensated by the fact that this page is almost never used (never ever here, I use AMO directly), while Safebrowsing does very frequent connections to protect users from bad URLs.
The other difference is status: Safebro is a feature built into Firefox, while GetAddons is a mere web page being loaded in the shiny context of the add-ons page, with images, CSS, HTML, JavaScript files loaded from a URL and cached like any other web page, including that damned Google Analytics script. And it has been like that since what, Firefox 17 ? I don’t even remember when that GetAddons page was brought to existence, probably at least 6 years ago. We’ve known all along that there was tracking in it because there is tracking on AMO, so I don’t buy the sudden outcry, even though it can prove useful in helping Mozilla stand for itself, it also makes some people think they’ve suddenly been betrayed, which is anything but true, tech literate people who commend and recommend Firefox for its privacy have been doing it for years knowing about GetAddons and knowing how to disable it.
For me, and I dare say I am more privacy centered than most of the privacy centered people currently waving torches, this is non-news and non-shocking. It’s just something to be fixed, something super tiny in terms of impact, and if I had to rank privacy improvements by order of priority, that certainly would be very very low considering all the good stuff on the blocks.
As a side note, I’ve seen that Mozilla started this year to deploy its own servers for Safebrowsing. I don’t know if they intend to get rid of Google at some point, if these servers are acting like proxies or are a real backend, but nobody has been asking them anything about that for years and yet they’re doing that somehow. I don’t know why. I know it’s costly. And since it’s done silence and nobody is here patting Mozilla on the head, you know it’s not a stance.
Finally I condemn the attitude that consists of barely passing over the good, painting it neutral if it is ever mentioned, and completely overblowing the tiniest of bads, making an outcry. That’s a spoiled attitude. Mozilla is indeed held to a higher standard, but I’ll tell you, nowadays any random person relaying information is. Otherwise you get fake news, misrepresentations of reality, propaganda and general unfairness.
That said, get Mozilla to be done fixing this and finding a proper solution to WebExt and about: pages. The nature of the fix is the part where it is actually justified to put pressure.
@Drum: Your post is a long read when it comes to comments, yet I still read it with great interest. I agree with you mostly, but there are still some points I’d like to comment on:
> I agree with the article title. But why are you not talking about Safebrowsing ?
We do, it is one of many privacy problems currently present in default Firefox installations. There are just too many of them to cover here, but I think this has been brought up quite frequently here at gHacks.
> The difference which consists of giving Mozilla more talkative data through GetAddons is compensated by the fact that this page is almost never used (never ever here, I use AMO directly), while Safebrowsing does very frequent connections to protect users from bad URLs.
Yet one could also argue that Safebrowsing is doing something useful for the user, that is, protecting him/her from malicious software. Whereas the Google Analytics tracker is just an unnecessary, uncalled for tracker. And really, there is no way a privacy issue can be compensated by saying “Nobody uses this page anyway…” For one, some people certainly do, and then this shows a lack of concern for privacy issues on Mozilla’s part. It is an unfixed problem, period. I don’t hold Mozilla accountable for what other website owners do, yet if this supposedly privacy-oriented organization fails to keep their own websites clean, they simply don’t deserve their users’ trust.
> Finally I condemn the attitude that consists of barely passing over the good, painting it neutral if it is ever mentioned, and completely overblowing the tiniest of bads, making an outcry. That’s a spoiled attitude.
Well, speaking for myself, I can only say that I’ve mentioned several developments at Mozilla in a positive way, such as e10s, the new search bar etc. There were some things you could find either good or bad, like Australis. Yet most of the things were just flat-out bad. Examples? Here you go:
– the DRM blackbox
– ads
– uncalled-for Pocket integration
– Add-on Signing
– removal of Tab Groups
– deprecation of XUL/XPCOM add-ons (ongoing)
– privacy-evading things like those mentioned above
…
You see, the negative news are more recent, have more impact, and are of higher number. People have a right to be angry about this, as long as their anger rests on factual basis (mostly does). Should I praise Mozilla for those things? My negative comments stem from negative developments, not the other way around.
> Mozilla is indeed held to a higher standard, but I’ll tell you, nowadays any random person relaying information is.
No, Mozilla is held to a higher standard because they (falsely, see my comment above) claim to protect their users’ privacy. By the way, I feel that people rather care less and less about their privacy… Most people use outdated Android phones with Google software and are not even able to install security updates on their PC if the device doesn’t do it automatically. That’s the reality.
> Otherwise you get fake news, misrepresentations of reality, propaganda and general unfairness.
Hyperbole… As if these things didn’t exist since the inception of the Internet (and of humanity in general, just in an offline manner). Why is there so much shenanigans around it today?
> That said, get Mozilla to be done fixing this and finding a proper solution to WebExt and about: pages. The nature of the fix is the part where it is actually justified to put pressure.
Don’t get your hopes up. WebExtensions were designed to limit extensions (which can also have negative effects as seen here), so I doubt the fix will come via WebExtensions. Rather, they will continue to use Google Analytics, only making an exception for users who ticked the “Do not track” option in the settings. And how many people have done that? Mozilla is once again successfully playing on the stupidity of its users.
This is not meant as discouragement for you, it’s just the way I see it.
Mozilla plans in extending their implementation of WebExtension beyond the current limitations. This is specifically to allow extensions that had become untenable because of XPCOM add-ons being removed. This time however they plan to implement things properly to prevent add-ons from interfering with each other too much and to prevent those add-ons from degrading performance in e10s or compromising core browser security.
It’s a shame that they actually start removing XPCOM add-on support before these extended WebExtension support are ready, but as a software developer myself, I can understand why they choose to do this. Supporting parallel API would only combine the worst of Webextension world, XPCOM world, and e10s world.
Note to readers: By lame Chrome I mean that I don’t like that browser and its almost-monopoly status, not that it is objectively lame. The reason I put that personal opinion forward was to highlight how I acknowledged Chrome’s objective superiority in a particular domain. Although I expect that what remains of this superiority will not last much longer; we’ll see! ^^
> Well, speaking for myself, I can only say that I’ve mentioned several developments at Mozilla in a positive way
Heh. You’re not allowed to say this, you anti-Mozilla crusader xD
And you prove it right away after the quoted sentence, even as you try to appear magnanimous.
> Should I praise Mozilla for those things? My negative comments stem from negative developments, not the other way around.
Regarding privacy only, since this is the gist of the topic (many other topics are hugely praiseworthy too, the loss of add-ons to come being the only negative, albeit a substantial one), I’ll redirect you to my comments as Drool here.
https://www.ghacks.net/2017/07/07/firefox-add-ons-webextensions-state-july-2017/#comment-4216045
One can dislike Firefox for X or Y reason but it’s just a fact of life that privacy is light years ahead in Firefox than anywhere else except Tor. Just as it used to be a fact of life that lame Chrome was the fastest, most reactive browser when it was first released, and to this day still has an edge in several areas such as CSS. (Until Firefox 57)
Mozilla is just flat out lying when it comes to their privacy statements. Martin, you have refreshed some your points, let me once again bring up some of the about:config settings in Firefox evading privacy:
– “extensions.getAddons.cache.enabled†is true by default. It sends information about what add-ons you have installed to Mozilla. It is not related to the add-on update process. Why does Mozilla collect such data?
– “network.captive-portal-service.enabled†contacts the following website… http://detectportal.firefox.com/success.txt …every single time you connect to a new WiFi hotspot, even if your computer handles the WiFi hotspot all by itself already. Why does Firefox need to do this?
– “security.family_safety.mode†is set to 2 by default. It will censor content Microsoft wants to be censored via a local man-in-the-middle proxy in Windows 10.
– “dom.event.clipboardevents.enabled†is set to true by default. It reports to the website owner every cut/copy/paste you perform on his website. Veeery private…
– “dom.battery.enabled†is set to true by default. Websites can access your battery count and related information, e.g. what programs you use. Mozilla allows this by default.
– “beacon.enabled†is set to true by default. Website owners are able to receive information from Firefox once you’ve left the website. Only useful for tracking, and Mozilla allows this by default.
So, Mozilla is only more privacy-conscious when you fall for their untrue marketing statements. I always was critical and quickly found out that Firefox needs to be unfucked just like every other browser out there. Everyone who claims orherwise (that is, contrary to the obvious evidence provided above) is deluded. There is no other interpretation for some of these settings really. The Google Analytics stuff is just the cherry on the cake.
You’re missing a couple there buddy, like health reports
All these preferences can be turned off in Firefox
By using
1) https://addons.mozilla.org/en-US/firefox/addon/privacy-settings/
2) about:config
That is heaps and bounds more options than what we have in other browsers.
heck, It’s not even possible to fully “unfuck” other browsers… except for Tor (probably).
This is extremely ignorant. Captive portal is usually configured as an Open Wifi. Just because the system is successfully connected to the Wifi does not necessarily mean that you have successfully authenticated to the captive portal and can access the internet on that network. To correctly detect captive portal, you need to actually connect to a non-HTTPS service for which you know the response to expect, so you can check whether the captive portal have intercepted it. The alternative detection method is to wait until the user actually fails to connect to a HTTPS service (and then displaying certificate error) or worse when the user tries to open an HTTP page (possibly sending sensitive data in that request).
Clipboard events, battery, and beacons are web standards. There are openly accessible web specifications which details how these standards are supposed to work. These are enabled by default because they’re part of the web standards, and users and authors have expected all browsers to support these standards. Mozilla’s implementation of clipboard API is actually the most privacy conscious compared to other browsers. In Firefox, websites can only read clipboards when the user pressed the Paste shortcut or buttons, scripts can’t read clipboards by itself when handling any other input events. This is why Google Docs don’t support paste from their custom context menu on Firefox. On all other browsers, on the other hand, scripts can read the clipboard on every click or keyboard presses, not just on Ctrl+V.
The fact is, Firefox is the most privacy conscious browsers among the mainstream browsers, while supporting as much of the web standards as possible. For example, Firefox is the only mainstream browser that doesn’t enable Widevine DRM by default.
However, the fact is also that Firefox is a general purpose browser, it’s not a privacy focused browser. Therefore there are times when the trade off is often leading towards mainstream users rather than the most extremely privacy sensitive users. There are many Firefox forks and add-ons that trades off some core functionalities that regular users have expected from their browser with defaults settings to improved privacy.
If you follow Mozilla Foundation’s privacy advocacy and newsletters, you should realize Mozilla has always been very clear what their stance on privacy are. For Mozilla, privacy is not about never being tracked, but rather about being in control over who, when, and how you are tracked. Firefox’s design decisions reflects that, it allows web authors to track users, because some tracking is necessary to allow web authors to figure out what their users wants or needs, and for some core web functionalities to be possible to begin with. But most importantly, Firefox allows the user to take control of that tracking. If you didn’t want to be tracked at all, Firefox allows you to do exactly that, by installing add-ons or toggling various settings, or by using privacy centric forks like Torbrowser. Their stance on privacy have always been very clear and not just hidden under some legalese.
If you don’t want sites to read your Clipboard on Firefox, that’s simple. Just don’t press Ctrl+V. Mozilla’s implementation does not really add any new privacy risks, as sites has always been able to receive clipboard when they pasted something to textboxes.
Mozilla was against adding DRM from the start. It’s the users that forced them to implement DRM, as users says they want to view DRM-content like Netflix. Even after they implemented DRM, they’ve deliberately crippled their implementation as far as possible to make it effectively useless for user tracking and to disable them by default.
Yes, sites do use these APIs that you mentioned. Just because you’ve never seen it doesn’t mean that they’re not being used. Many sites uses Beacon to save unsaved data, and to keep track page exits, which sometimes indicates pages that confuses users or ineffective; some in-page crash handlers sends crash data on Beacon request. Some web applications uses beacon so it can immediately release resources on the server, to prevent the server from locking up resources longer than is necessary.
Battery status were envisioned to be usable for many adaptive behavior (https://hacks.mozilla.org/2015/05/lets-get-charged-updates-to-the-battery-status-api/). Yes, it turns out that very little web applications actually ended up adopting them, which is the reason why it’s being considered for removal. Enabling the API allowed developers to experiment with it and move the web forward, even if the result of the experiment is that the web does not really need Battery API all along, knowing that is more valuable than twenty thousand pages of pre-implementation discussions of why the web needs or does not need Battery API.
Without these capabilities, there are many apps that would not have been possible to be implemented as Web applications. They would have forced developers to implement them as native apps, which is a step backward and is contrary to Mozilla’s primary goal of advancing the Web.
@Mawaru:
> It is. See down the comments of this very article, a conversation you started but oddly never finished when confronted with hard facts.
It is your analytics skills which have suffered apparently. Of course these switches can be turned off, I never argued against that fact. The problem here is that they are active by default, which is just a little bit odd for a browser vendor claiming to protect privacy. And there are no “hard facts” Pants or Ryan have presented. Pants just said that those can be disabled (big surprise) and Ryan pointed out that some of them are (uncalled for, unnecessary) “web standards”, which is no justification at all (and once again, no big surprise). Just because something is a “standard” does not mean that it respects your privacy. This logic is just flawed. Ryan never argued against these settings evading privacy at all, he just tried to justify them. Which is not really adding anything to the topic concerned (privacy).
> Between the “extremely ignorant” bit from Ryan, Pants’ “hate hard-on” and my line, perhaps it is you who should question your either your technical competence or analytics skills.
Yeah, keep whining. This ad-hominem stuff usually comes around the corner when believers are confronted with facts. Could it be that you guys are merely trying to justify this unjustifiable stuff by declaring it to be a (pseudo-)standard, and to calm things down by stating that this can be disabled (a tacit admission that these settings are not as harmless as you might claim)? Because this is all you did up to now.
Oh and would you be so kind to show me the commits Mozilla has ported from the Tor project? Because it’s always the other way around, and then the Tor project has to unfuck things (like this Google Analytics stuff you conveniently omitted when talking about the two getting “closer and closer together”)…
Despite what you may think about yourself, Appster, you are not what I call a privacy-conscious user.
The first step towards being a privacy conscious user is making choices. Decide what kind of privacy you want for yourself, everyone have a different ideas about what they constitute acceptable tradeoffs between privacy, anonymity, security, and self customizations. You seem to have made up your mind about this, which is great, but unfortunately you haven’t moved on to the second step, which is to take actions to change your browser configurations to enforce your decision. What YOU want is for Mozilla to make the decisions for you, and it has to always be the right decisions just for you, screw everyone elses. That’s not being privacy conscious, that’s just blatant entitlement.
Unfortunately, the world does not revolve around you, different people draw their lines on different places; and unless you make deliberate action to change your choices of browser, choices of sites, and choices of activities, you are always going to be disappointed. Any defaults that Mozilla decides is always going to be wrong for some people, all they can do and have always consistently done is to empower people to make these informed decisions, to encourage site developers to provide users to make informed decisions, and to provide the tools to implement them, and not to make the decisions for everyone. This is oft-repeated in their privacy advocacy.
Someone who *choose* not to encrypt their data so that they can be intercepted by their government or the company they work for is just as privacy conscious as someone who *choose* to use Tor full time. Both persons have made informed decisions about what they want out of their privacy and have taken steps to ensure that their decisions are respected.
Some people are fine with first party ads and/or tracking as they want to support content creators they love. Some people are fine with certain Analytics program but not others. Some people want to be tracked so they get the most relevant ads and offers. Some people doesn’t trust anything that’s not .onion.
Mozilla’s stance on privacy is extremely clear and is overall quite consistent with the products they made; they may not be the decisions you would have ended up with, and it certainly isn’t one that I would have decided for myself. But to say that Mozilla are liars because they don’t make the same privacy decisions as you do is just ignorant of what being privacy conscious means.
Did you know that Pale Moon contacted the CA every time you connect to a website serving HTTPS? Yep, awful tracking. Did you know that Pale Moon allows third party cookies by default? Shudders. Did you know that every time you visit palemoon.org’s website, you are sending all your data through Cloudflare, one of the biggest CDN providers that’s pretty much in every website now, and is probably just as if not more dangerous than Google, in terms of what they could do if they turn rogue? Yep, super awful. Do you know that Pale Moon’s Geolocation sends your IP address out to a third party site? Are these Pale Moon developers liars who try to pass their product as more privacy conscious browser? For some people, they are.
> That’s not the reality. All I see the team behind Tor do is to unfuck ever more privacy-evading settings Mozilla introduces.
It is. See down the comments of this very article, a conversation you started but oddly never finished when confronted with hard facts.
—
> “This is extremely ignorant.” Words of Ryan, chapter one, verse one. Mawaru, are you acting as Ryan’s parrot?
> This whole conversation makes me think that I’m dealing with people who WANT to believe here, other than with rational beings
Between the “extremely ignorant” bit from Ryan, Pants’ “hate hard-on” and my line, perhaps it is you who should question your either your technical competence or analytics skills.
> “This is extremely ignorant.” Words of Ryan, chapter one, verse one. Mawaru, are you acting as Ryan’s parrot?
Between the “extremely ignorant” bit from Ryan, Pants’ “hate hard-on” and my line, perhaps it is you who should question yourself.
@Mawaru:
> It’s true of the default configuration. Firefox is very much privacy focused, it’s just that many privacy improvements are opt-in.
So YES and NO, right? Let me simplify it for you:
opt-in: privacy-friendly
opt-out: privacy-evading
Mozilla doesn’t ship a privacy-conscious product BY DEFAULT. And the default settings are what 99% of all users out there work with.
> at every release Firefox and Tor Browser are getting closer and closer.
That’s not the reality. All I see the team behind Tor do is to unfuck ever more privacy-evading settings Mozilla introduces. They had to fix the Google Analytics atuff via a hotfix for example, because it deprived Tor users of their anonymity. That’s not what I would call getting “closer and closer together”.
> Even Firefox’s default config benefits from it,
Not even in the slightest.
> but anyone who wants reasonable privacy while browsing has to tweak it.
So once again:
opt-in: privacy-friendly
opt-out: privay-evading
Nothing more to add here.
> Firefox should get more unified opt-ins for privacy protections, similarly to Tor Browser, so that higher privacy levels are accessible to users who are clueless about such things.
Hahaha, what kind pf dreamer are you? Mozilla is moving into the opposite direction.
> I’m sorry to say but Appster’s list shows that he doesn’t know what he is talking about.
Yes, definitely. I don’t know what I’m talking about, and neither does the Tor and Pale Moon developer teams, because they have disabled most of the settings I’ve mentioned. We are all clueless, just like all the privacy guides out there advising for those settings to be turned off, thanks that you and Ryan have enlighted us with your wisdom and superior knowledge! How would our surfing experience be like had you not intervened? :D
>
When I hear words spoken with such certainty combined with such a level of obfuscated ignorance, it’s hard not to call out…
“This is extremely ignorant.” Words of Ryan, chapter one, verse one. Mawaru, are you acting as Ryan’s parrot? Ryan has just tried to justify some of these settings by telling the non-news that they are “web standards”, which means standards defined by a council influenced by Google, the biggest online advertiser worldwide. What he forgot or omitted to mention is rhat you will likely see zero breakage after disabling these settings, which can only mean thatthey are not necessary at all (other than for calling home). But of course I’m the ignorant one here… This whole conversation makes me think that I’m dealing with people who WANT to believe here, other than with rational beings who understand that Mozilla is under the pressure of online advertisers like Google and is thus not able to lay emphasis on privacy at all (but claiming so, making liars out of themselves).
@Ryan: Just because something is a “web standard” doesn’t mean it **has** to be implemented. Pale Moon for example chooses to not include most of this list, and I have not seen any site breaking. That should tell you something. Why should websites be able to access my battery? What use is there for Beacon other than tracking? Still, the Captive Portal setting can be abused. That’s why Pale Moon never implemented it. Furthermore Firefox contacts this website with every single startup, which is plain unnecessary.
Don’t argue with web standards – even rather unethical blackboxes like DRM are now considered “web standards”. Same goes for Clipboards. This shouldn’t be reported back at all, not even in somewhat diminished form.
> However, the fact is also that Firefox is a general purpose browser, it’s not a privacy focused browser.
Mozilla claims otherwise, which is clearly a lie. In short: opt-in: privacy is taken serious, opt-out: privacy is not a focus at all (because: How many people are actually gonna change these settings?)
Furthermore you failed to point out which kind of “core functionality” I have lost? The sites operate just fine with these settings off, otherwise I wouldn’t be able to use Firefox as a web browser at all. Otherwise projects like Tor wouldn’t exist, because you would not be able to use any website properly. Should any website (for whatever rather shady reason) make use of these settings I have not encountered it yet.
In summary you stated that Firefox needs to have some questionable switches on by default because otherwise functionality for the mainstream users would break… Which is not true. Which website is really going to need these functionalities to be loaded properly?
> For Mozilla, privacy is not about never being tracked, but rather about being in control over who, when, and how you are tracked.
Hahahahaha… Nope. They loaded Google Analytics on their own add-on site without the consent of their users, sharing the data with Google. Now you’re going to tell me that the “Discover” functionality is just a website and not technically part of Firefox… But then again, Mozilla does not allow WebExtensions to access “about:” pages, which means this tracker is not covered at all. This is not what I would call “giving the user control over, who, when, and how he is tracked”. Quite the contrary. By the way, this would be the situation on nearly every website if the user is not to become active and disable this stuff. If “privacy is not about being tracked” the question of what is your very special definition of privacy remains. Again, not letting trackers through has not **ever** broken a website here.
Since you indirectly admitted that Mozilla is not all about privacy (you contradicted yourself quite a bit in the browser) I don’t know what is your argument with me. I absolutely don’t care whether this stuff is justified by being a “web standard” or not. The most influential voice when it comes to introducing new standards is Google, owner of possibly the biggest advertising network worldwide. Once again, you don’t need to support every (uncalled for, unnecessary” pseudo-standard in order to enable a decent browsing experience. Pale Moon is a good example for that.
> However, the fact is also that Firefox is a general purpose browser, it’s not a privacy focused browser.
It’s true of the default configuration. Firefox is very much privacy focused, it’s just that many privacy improvements are opt-in. You say it yourself in the last part of your comment but I wanted to lay it out clearly.
The best browser of all for privacy is Tor Browser, and at every release Firefox and Tor Browser are getting closer and closer. Even Firefox’s default config benefits from it, but anyone who wants reasonable privacy while browsing has to tweak it. Some future version of Firefox should get more unified opt-ins for privacy protections, similarly to Tor Browser, so that higher privacy levels are accessible to users who are clueless about such things.
I’m sorry to say but Appster’s list shows that he doesn’t know what he is talking about. When I hear words spoken with such certainty combined with such a level of obfuscated ignorance, it’s hard not to call out…
FYI: dom.battery.enabled: FF52+ Battery Status API is only available in chrome/privileged code – see https://bugzilla.mozilla.org/show_bug.cgi?id=1313580
network.captive-portal-service.enabled – interesting that this is an unencrypted connection – can you confirm that? (I never checked it out in total, just disabled it since it landed in FF52 – hidden pref too!)
The good news is that these are all configurable. Sucks that some things are at the state they are in default. But I also think you’re being disingenuous with the likes of `dom.event.clipboardevents.enabled` – this is a web standard, and is used by numerous sites. If Mozilla were to disable it, people would not say the browser is broken – they have a duty to be compliant. As I said, at least they give you the ability to turn it off (as with hundreds of other settings).
There is also a difference between Mozilla’s own telemetry (eg extensions.getAddons.cache.enabled is for Mozilla’s own use) and 3rd party (GA being used in about:* pages FFS!), and you’re blurring the lines a little. I know you have a massive hate hard-on at times, but the truth is, FF is STILL, by far, more “private” than anything else (TBB aside). Not saying it’s perfect (just look at all the shit in the ghacks user.js), but YOU have the flexibility.
@Appster:
Agree with most of your thoughts, just be aware though that they will always have your addons that are installed as an update check is essentially a ping to AMO. If you fully would want to keep it secret you would have to to manually update FF, addons and alike. Manually downloading installers and XPIs.
I personally only have a problem how much they depend on Google in the past and present.
Uhm, Pants… It does not only “suck” (sure does), but it is also clear evidence that Mozilla is lying with their privacy statements. They are counting on the stupidity of their users, who they think are unable to change these hidden (= not in the preferences menu) settings. And frankly, in 99% of all cases they are right. Care to explain why Mozilla needs to know which add-ons I have installed (except for the update process)? Isn’t it enough that they are using Google Analytics already? Note that I’m not blurring the lines at all. Mozilla collecting these data alone is bad already (Do I have a way to know with whom this is shared? They better don’t collect it at all?), but giving 3rd party trackers like Google Analytics broad access by loading them in an iframe is outrageous.
And regarding my supposed “hate hard-on”… All things provided here are fact-based. This has nothing to do with mindless hatred or something. Me being critical about WebExtensions has something to do with this as well: According to the uBlock Origin developer the WebExtension version of his add-on is unable to prevent the Google Analytics tracker calling home, because Mozilla does not allow WebExtensions to access about: sites in their APIs. There you have it, you won’t have the means to stop it anymore, just like in Chrome. Now go on and accuse me of having a “hate hard-on”, which in itself is ridiculous.
I must admit that between Mozilla’s statement,
“Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional.”
and many privacy related settings which are not by default to the advantage of the user (but they ARE accessible whereas not always in other browsers than Firefox), I remain puzzled and even annoyed in some circumstances.
The settings you mention, Appster, are indeed relevant, but there are many more.
If you consider available settings for the user.js file (that is for automatizing about:config settings) and look at what is explained and proposed with a tool such as Pants’ Ghacks user.js’ [https://github.com/ghacksuserjs/ghacks-user.js], you will notice that the majority of the proposed settings are privacy related. I believe that all settings related to privacy should be active by default and not require the user’s input.
“Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional.”
This is clear : security and privacy is NOT an option, hence if a setting prioritizes privacy with a consequence on speed or available functions then it is up to the user to opt-in and decide to prefer speed, functions to privacy, and NOT the other way around.
I continue to believe that there is an internal debate amid Firefox developers concerning priorities, should they be those of security/privacy or those of running after the latest innovations in order to compete with other browsers. But Mozilla has to choose : if top-notch is its aim then the company should stop emphasizing on privacy.
@Appster:
Thanks for sharing this with us. The hubris of Mozilla is incredible. Not only have they made some about:config switches in the past unavailable after users/addons allegedly “abused” them. I also noticed that when I switch between versions they sometimes turn telemetry back on. How do they have such audacity!
(Besides a literal myriad of switches, more than seven as of v57, being there: http://www.ghacks.net/2015/11/09/how-to-disable-the-firefox-saved-telemetry-pings-and-archive-folder/ –Brinkmann et. al.)
*OFF* means *OFF*, Mozilla!
Gee, I miss the times when browsers would just serve content from the sites you actually connected to voluntarily.
One more thing: “Stats being kept private/anonymous”, like that means anything. One National Security Letter and Google/Mozilla have to hand them over to the fedgovs. What is a journalist/whistleblower even allowed to use as a browser anymore without being forced into the obscurity of TOR?
Any tracker, every packet of metadata is one too much. Idea: Optional monthly health-report dialogue, like the Steam hardware survey. Clear consent to share your anonymized stats or dismiss.
@Tom Hawack: Of course there are much more configs which need to be altered. ;-) Those were just some of the highlights. It is not within the scope of my post to mention all of them. Certainly pointing to the gHacks user.js is always a good idea for privacy-aware Firefox users. The point I wanted to make still holds: Mozilla does definitely not ship a privacy-protecting browser by default. If the user needs to become active in order to create such a state of things they shouldn’t advertise this supposed focus on privacy anymore.
Tom, you know that I agree with you in most cases, but I really have to dismiss your paragraph. Look, I’ve disabled all of these settings and have seen zero breakage even on major sites. They are most definitely not needed. Quite the contrary, they are deliberately hostile towards the user, spying him out and calling home. This Google Analytics embarrassment (And especially the part where they declared Google Analytics to be the superior product… Are they on Google’s payroll or something? Oh, I forgot, donations…) should tell you that Mozilla does not lay emphasis on privacy at all.
By the way, I don’t think you would be worse off with ungoogled Chromium or similar.