Mozilla study analyzed privacy improving features
"Can we improve privacy without breaking the Web", that was the question that Mozilla tried to find answers for in a recent study. The organization ran an opt-in study to learn how privacy protections "affect users on websites".
Mozilla wanted to know whether the enabling of Tracking Protection breaks websites, if some privacy protections caused lower breakage than others, and if broken websites made users leave Firefox.
Mozilla Privacy Study
More than 19000 Firefox users joined the study and Mozilla assigned each user to a specific branch. Eight branches changed certain privacy-related settings in the Firefox browser and the ninth was the control group.
The following privacy settings were assigned to branches:
- Session only Third-Party Cookies -- Third-party cookies are deleted when Firefox closes.
- No Third-Party Cookies -- Firefox blocks sites from setting third-party cookies.
- Third-Party Cookies limited to visited -- Only sites that the user visited in the past are allowed to set third-party cookies.
- Tracking Protection enabled.
- Origin Only Referer to Third-Parties -- Trims referer values to origins when sent to third-parties.
- Resist Fingerprinting -- Enables fingerprinting protection.
- First Party Isolation -- Enables First-Party Isolation.
- First Party Isolation Opener Access -- Enables First-Party Isolation and allows pages to access openers.
The study added a new button to Firefox's toolbar that users could interact with to report issues.
One rather interesting outcome of the study was that users of the Tracking Protection branch reported fewer issues than the control group. The control group reported an average of 0.24 problems per user while Tracking protection group users 0.23 problems. All other branches had a higher ratio of reported issues per user. Third-Party Cookies limited to visited came in last with 0.28 average issues per user of the group followed by users of the first-party Isolation group with 0.27 average issues.
Mozilla concluded that Tracking Protection's benefit, that is the blocking of some third-party connections and thus scripts on sites, outweighs the breakage that the enabling of the feature may cause.
Tracking Protection may actually fix websites by blocking tracking elements that break/slow them down!
The most promising preferences that improve privacy based on the composite breakage score of the study are Tracking Protection, Origin Only Referer to Third-Parties and session-only Third-Party Cookies.
Origin Only Referer to Third-Parties:
- Reduces detail sent to trackers
- Very few login failures
- Very little mail breakage
- Does not block ads
- Referers are used to guarantee ad policies
Tracking Protection
- Blocks known trackers completely
- Speed boost
- Very little mail breakage
- Triggers adblocker-blocker walls
- Blocks ads
Session-only Third-Party Cookies
- Limits duration of tracking
- Very little mail breakage
- Some login and "unexpected signout" failures
- Does not block ads
Mozilla launched Tracking Protection for regular browsing sessions for all users in Firefox 57. The organization plans to trim Referer values to origins in private browsing in Firefox 59.
Closing Words
Third-party scripts are a main source for issues that users experience on the Internet. The study showed that users report fewer problems when a chunk of these are blocked by the browser. A comparison to full content blocking in Firefox would have been useful as well.
Now You: Do you use privacy protections in your browser of choice? What do you do if you encounter issues?
Related articles
- A comprehensive list of Firefox privacy and security settings
- Firefox 57: full Tracking Protection functionality included
- Firefox 58: Mozilla will collect only base Telemetry data (release channel)
- How to deal with Firefox extensions that require cookies
“Do you use privacy protections in your browser of choice? What do you do if you encounter issues?”
I use NoScript and keep websites pretty tightly locked down. I don’t allow third party cookies at all, but I do allow the site to set cookies for itself.
If I encounter issues and the site isn’t terribly important to me, then I just move on to a different site and make a mental note not to bother with the problematic one in the future. If the site is important to me, then I spend a little time figuring out the bare minimum of leeway the site needs to operate well enough for my needs.
If the site doesn’t look or behave as the author intended, but I can use it for what I need, I leave it locked down. 90% of the time, this sort of “breakage” actually improves the usability of the site anyway by getting rid of aesthetic garbage (carousels, etc.)
I take Avant Browser with the FF engine and you have a lot of options here. You setup your basic browsing with the ghacks prefs and the good addons like NoScript, ABP, auto cookie delete and so on. +- 10 addons I have here for privacy and security and tested it all with the sites that are there for it. Here on Ghacks is a site where they all are to see if everything is fine and then when there is a problem with a site you can click on the bar for NoScript to set it off for that site (temp allow) and if this does not work than I click on RefControl and in some cases I need to see in UAControl (user agent) and if this not work than I have deleted some unsafe prefs like unsafe SLL ciphers or certificates and so on but with Avant browser you can start up really fast a new incognito browser and that has all the standard settings of FF and that is works always and if you trust that site everything is oke and even everyone that wants a work around for the options to delete everything when a tab closes you can do something like this with AB. You just start up a new session and so you can have 10 AB browsers (10 different sessions) running. Is not the same practical like an option to delete everything when a tab closes but it works. I do not use it because auto cookie delete deletes every time the cookies when a tab is closed and that is for me enough and when the browers shuts down everything is cleaned and there is nothing that stays except the things I want that stays like some site prefs.
We use Webroot SecureAnywhere and had to disable identity protection (the part of the software that prevents our personal information from being accessed without our knowledge) for FF58 or it would freeze with a blank page on launch.
I have one simple rule for using the Web: If a site doesn’t work with my settings then I don’t use that site. There aren’t many sites that are essential.
“Mozilla study analyzed privacy improving features…”
Good joke ! %-)
And good try, but …. NO, thx !
PS all about telemetry, footprints etc
Fingerprint, not footprint, and yeah, Firefox is the only browser who cares to unify fingerprint so that users are harder to track, Tor Browser excepted.
And there’s me thinking Pants was a “she”………………
to have Pants or no pants……….that’s really the question!!!
“There are numerous guides for this out there, his one included” -Appster
You’ve been listening to Appster. I am woman, here me ROAR! Or maybe I’m not. Who knows :)
Be noted that we live in a culture where an unidentified person is unconsciously considered male. Besides Sophie and other typically female names I believe we all assume that all others are males. Maybe did Appster follow that automatism when he wrote “his one included”.
Sometimes I realize this and tell myself : “Hey, old chap, imagine all those here and elsewhere on the Web whom you assume to be males unless clearly specified by the name, imagine they’re all ladies, girls, females … grrr!”
LOL!
Many girls also pick male or neutral names because as soon as there’s a girl somewhere, you get odd comments about how they’re a girl. Sometimes flirting, and sometimes annoying or vulgar. Girls who do that usually want to be treated according to what they say and not what’s in their pants.
Also some people have gender identity concerns that have no bearing with the current internet activity, and they don’t wish people to engage them on the topic every time they open the mouth.
I have security pretty well tied up, so sometimes yes….websites don’t behave quite right. If so, that’s about the only time I fire up Edge, which is bare-bones, nothing added to it, apart from the rejection of third-party cookies…. then I visit that site again that had not worked, but visit it in Edge. So Edge is kind of a fall-back for when mitigations are too heavy for a certain site.
Yeah, I use privacy protection in FF and Woolyss Chromium. It’s unfortunate one has to be an about:config expert to use FF with good privacy but that’s how it is. Even with the Chromium I use, which has been heavily modified, there’s not a lot that can be done inside to take it to FF levels, so when it becomes obnoxious, I shut it down, go to CCleaner, delete all the hidden persistent cookies for both browsers and restart with FF.
The really dumb thing about all this ad spying is it shows how dreadful tech ad companies are at understanding their customers; the model is badger and attack customers relentlessly to get information. How sophisticated! As long as they are going to operate like geeks hiding behind software proxies, they’ll get as much pushback as possible, because I can.
I have for years thought that Firefox has missed a huge opportunity by not including more of what’s available in about:config in the Options menu making it easily accessible to users that don’t want to be bothered with the hassle of getting a degree in Advanced Browser Configuration. And a lot of what’s available should really be the default.
And you’re right about ads. When you block tracking and the result of doing that is eliminating 99.99% of ads that shows how messed up the ad eco-system is now.
Do you use privacy protections in your browser of choice? What do you do if you encounter issues?
—
I do use a number of addons in Pale Moon to limit data suckage and malware exposure with the understanding that only so much can be done with addons. Primarily I surf with Java Script disabled except when needed. I also scrub cookies between sites and use CCleaner frequently to remove persistant cookies Pale Moon does not remove. The idea is to break the cookie chain into little pieces. When a site is broken, enabling Java Script usually makes it usable. If that does not fix it, I look for another source. The addons plus disabling Java Script also minimizes data usage on my measly 5 Gig/month satellite connection.
All this stuff can be quite complicated for the newbie.
If I switch off 3rd party cookies. Some live video streams fail to play
since their request for segments needs to be authenticated
by a 3rd party cookie.
You need to be a bit of a geek to startup Inspect Element
in order to discover that network requests are silently being forbidden by
an external domain that supplies video segments.
A privacy cherishing newbie would probably just think the server was down
and give up.
In my case I got 2 or 3 streams on raiplay.it working again by adding
exceptions to Firefox’s Cookie Settings to ALLOW http://akamaihd.net and https://akamaihd.net to receive 3rd party cookies – while leaving the setting to block any other 3rd party cookies.
Phew.
I didn’t know that about 3rd-party cookies even though I’ve always had them set to never. But then I rarely do any streaming video it’s mostly embedded that I watch.
I do know that akamaihd is responsible for a crapton of auto-playing videos on sports, news, and tech sites. I wasn’t aware that they also had their fingers in streaming video. Good to know for when I’m asked to configure someone’s browser. Thanks for the info.
Wow! I apologize for writing a book.
I’ve always limited referer info and seldom experience any issues. If I get too aggressive and use something like “network.http.referer.trimmingPolicy=2” it will break the occasional website and prevent me from logging into my router. I’ve never used any addons to control referer info, only what’s available in about:config.
I also never allow 3rd-party cookies. 1st-party cookies and indexedDB are both set to session only and I don’t use an addon to control cookies.
Tracking Protection I’ve been using for a few months now with it set to always on. I’ve never seen it cause an adblock blocker, I imagine it’s possible, instead I’ve used it as an easy work-around for when I do see an adblock blocker, last few months it seems like I’ve seen one every week, android central, apkmiror, weather[.]com and I think forbes this last week. I have so far always been able to temporarily whitelist a website in uBlock Origin and go about my business with Tracking Protection enabled. It doesn’t happen often but I’ve also used it when an adblock filter breaks something in a website. For years, when having to whitelist a website I relied on my hosts file, still do and always will. Lately however, over the last few months, I’ve been using Tracking Protection as my first fall-back when disabling uBO. What I have seen is that compared to a hosts file, Tracking Protection will Always have fewer network requests and Always have faster page load times. With uBO enabled Tracking Protection is only active 10 maybe 15% of the time. When it is active network requests are lower, data downloaded is less and page load times are slightly faster. I’ve tired adding like 4 extra filter lists to uBO but Tracking Protection will still get used. I figured out why but can anyone tell me? ;)
I’m not implying that Tracking Protection should be used instead of a content blocker but as a fail safe. The resource usage is negligible and too hard for me to quantify with multiple tabs open. And I can’t think of a single advantage that a hosts file has over Tracking Protection. Open up the Dev Tools and see for yourself, maybe I missed something. ;)
I have over the years tried many browsers and have yet to find one I think is perfect. Which probably explains why there are so many third-party chromium browsers and FF based forks. Every single one has it’s own idiosyncrasies, which is a nice way of saying flaws.
As much as I like Waterfox, it is itself an incomplete and flawed replacement for Firefox. Longer startup times, will only use the older Options layout, and Tracking Protection hasn’t worked since Waterfox v55. Tracking Protection doesn’t work in Private Browsing, the supposed default, and it doesn’t work when set to Always on. Which many will consider inconsequential but then my question is why are the settings for Tracking Protection still visible in the Options? Isn’t that just a little misleading?
With Pale Moon I see micro-stutter, jank, whatever you want to call it, when scrolling feedly and flickr and media playback isn’t as good as it is in other browsers. Scrolling performance and 1080p 60fps media playback in FF is just about as close to perfect as I can expect.
Chromium browsers have thinner and lighter appearing fonts, laughable smooth scrolling and 1080p 60fps media playback has fallen behind FF. Point is, there is no perfect browser.
You should report the tracking protection bug to Alex about Waterfox support on Reddit.
Almost 3 weeks ago I asked if tracking protection was working. I never saw a response from Alex.
You might get a better response by filing a bug report than by asking if a feature is working or not. If it’s not working for you, after all, then it’s a bug.
Makes perfect sense to file a bug report but I have no desire to sign up for a github account when I will rarely if ever have anything to say. I surprised myself last year by signing up on reddit when Alex was looking for feedback, I think when v56 was released. I admit that asking a rhetorical question was not a great choice. ;)
“https://www.reddit.com/r/waterfox/comments/7p1n0r/tracking_protection_not_working/”
P.P.S.: Anyway,
all Providers know exactly where u been and Google Search counts ur IP to locate Position, no matter what u do to protect.
Someone said to me, swimming with the fishes is more hiding than try to hide.
Makes Sense, oh, i recognize who said that, wasn’t it Sir Arthur Conan Doyle?
His wellknown Figure Sherlock Holmes said once, that the best way to hide a Secret is to make it seen to anyone, funny Coincidence.
Greets, InGSoC.
And that was said in the 19th Century ! :)
I can’t treat them serious anymore, neither I believe in their “studies” after what they did with Australis feedback survey. Regarding the article, I see this more as an attempt to check scenarios where users are most failing with protecting their privacy – not trying to improve protection from outside threats.
I had a lot of extensions working on protecting my privacy in Firefox accompanied by customized user.js – first created with ffprofile.com then with ConfigFox along with additional stuff mentioned by people in ghacks comments. But that’s the past for me already – I had enough of this cat and mouse play each time they released major build or changed something with random update in about:config.
I wanted to browse the web, not making myself busy with “how Mozilla is going to screw us this time”.
@insanelyapple, “I wanted to browse the web, not making myself busy with “how Mozilla is going to screw us this timeâ€.
So what did that lead you to? Another browser far more privacy intrusive but relaxing because far less settings to enhance privacy? One can the same way — and some do — denounce democracy because of its imperfections and abandon themselves in a world where everything is decided for them. IMO better struggle to improve then an hammock in hell.
I just gave up on Firefox and since I was already playing around Vivaldi, I switch to it biting my lips over all extensions I had to leave behind and about:config registry customization (customization as in setting everything as I want, not UI customization). I am aware that this may be a bad move for my privacy but I tried to get safe as much as its possible on webkit/Blink. Besides, Vivaldi seems to be more trustworthy than Brave – of course that’s still debatable
Both Waterfox and Pale Moon despite of their goals won’t survive as Firefox alternative – they don’t have same spine as Mozilla had when they rolled MAS and later Phoenix. Maybe if they managed to talk to each other and come with unified solution for Mozilla’s sabotage on user’s trust – no way to tell as that didn’t worked.
Regarding Vivaldi’s trustworthiness, check this out
@Tom WawacK: Come one, you know that there are better options around. Waterfox, Pale Moon, Iridium… Just to name a few.
Nope, they are not better. You stick out like a sore thumb on the web with them. Waterfox is the only one of the niche browsers that can hope to claim good privacy IF it is tweaked convincingly enough to spoof Firefox. The unfortunate truth of privacy on the web is that it doesn’t just require protections, it requires market share. Only Firefox has both, and Tor Browser as well because the Tor network pools absolutely all Tor Browser users together, that compensates for the small market share.
@Zuck:
> Nope, they are not better.
Their preconfiguration says otherwise.
> You stick out like a sore thumb on the web with them. Waterfox is the only one of the niche browsers that can hope to claim good privacy IF it is tweaked convincingly enough to spoof Firefox.
There is an abundance of add-ons changing the user agent, which will be enough since they already are in Firefox compat. Changing the user agent is not that hard, especially compared to the amount of tweaking it would take to make Firefox privacy-sensitive.
> The unfortunate truth of privacy on the web is that it doesn’t just require protections, it requires market share.
Yeah, can‘t argue with that one. Although, as alredy stated, e.g. Waterfox and Cyberfox just require a change of the user agent.
> Only Firefox has both, and Tor Browser as well because the Tor network pools absolutely all Tor Browser users together, that compensates for the small market share.
Wasn‘t it Tor that has leaked the add-on lists of users until very recently? Wasn‘t it Tor people who didn‘t even notice a Google Analytics tracker doing its thing on their internal about:addons page? Tor is a good project, but it‘s not the holy grail, pale. Leaks in abundance.
Regardless of their defaults, their fingerprint is unfortunately unique.
I would think Waterfox is at the moment close enough to hope spoofing Firefox ESR, but not Pale Moon. Browsers have quirks of their own so the spoofing browser needs to be a really close fork of the latest Firefox version or latest ESR. Even with such a close fork I wouldn’t rely on spoofing only the useragent, not unless I first spend precious time testing fingerprints in a real world scenario.
But it’s still a problem when spoofing is successful because the browser is not advertising itself on the web, but another one instead. The browser that spoofs is also forced to stay as close as possible to the spoofed browser over time.
All users have the same list of add-ons, with eventually an ad blocker on top. There’s no leak since everyone looks the same. No issue with Google Analytics either.
Smokescreen. It’s a hundred times more advanced than anything else, as for leaks, what you mentioned aren’t.
@Zuck:
> Regardless of their defaults, their fingerprint is unfortunately unique.
There is more to it than just “fingerprint”. Firefox e.g. allows service workers by default, which are scripts running in the background. Those scripts are inserted by websites, so that the user may use “features of the website” while not having the website open. Needless to say, they get abused for tracking purposes. They can even interact with other tabs that are unrelated to the initiating website. That alone makes Firefox worse than those alternatives, by default. And again, footprint can already be reduced via UA.
> All users have the same list of add-ons, with eventually an ad blocker on top. There’s no leak since everyone looks the same.
1) Not everybody does look the same in the leaks. Many extensions at least increases the risk. And I quote:
> You should have it installed if you use many extensions, because having many extensions means having many tracking and fingerprinting vectors. Also, Web sites can generally probe Firefox for installed extensions in many cases without this. The extension makes that privacy threat less effective.
source: https://addons.mozilla.org/firefox/addon/no-resource-uri-leak/
2) A leak in general would be bad.
Tor did leak the add-ons just as Firefox 52 ESR (on which Tor is based) did. It was only fixed later on. Tor did even leak your original IP address.
source: https://lifehacker.com/get-tor-s-browser-update-to-stop-leaking-your-real-ip-a-1820190316
This basically negates the usefulness of Tor. That did happen just two months ago.
> No issue with Google Analytics either.
Tor has fixed that one, yeah. However, it’s a proven fact that a Google Analytics tracker operated even in Tor’s internal about:addons page for quite some time. And I quote:
> The Tor browser developers, a browser that is a modified version of Firefox for added security and privacy, have voiced concerns as well.
“Disallow ‘about:addons’ unless the extensions directory is volatile, because regardless of what Mozilla PR says about respecting privacy, loading Google Analytics in a page that gets loaded as an IFRAME as part of an ‘about:’ internal page, is anything but.”
source: https://www.ghacks.net/2017/07/13/privacy-blunder-firefox-getaddons-page-google-analytics/
And those were only the “Tor 2017 privacy blunders”. So Tor did leak a whole lot of stuff, all the while a tracking script was loaded in an IFRAME. Yep, Tor must be the holy grail.
> Smokescreen. It’s a hundred times more advanced than anything else, as for leaks, what you mentioned aren’t.
Fixed that one for you. Have even mentioned an IP address leak, only for you, Zuck. The “hundred times more advanced” Tor was affected by the same blunders as Firefox. I think that speaks for itself. By the way, a leak of the add-on list is indeed a leak.
By the way, have you noticed how nicely I have sourced anything I have said? Normally I would put trust in the intelligence of people to do their own research, but in your case I make an exception, since you have already accused me of not sourcing things properly.
Also, have you noticed how many factually wrong statements you just made? Even the Tor people themselves prove you wrong with their statements. And still you accuse me of not being trustworthy. Laughable.
Service workers are a web standard. IMO they should be behind a permission, maybe the Notification permission, but the spec doesn’t include a permission, while they do for, say, the Push API. Web browsers have to respect web standards in their default configuration as much as possible. Some of them suck, and we could say things about the power balance in there. (Fortunately, Mozilla is not weak)
That said, we are talking about default configuration here: Service workers are a drop in the ocean. On default config you have JavaScript, referrers, no content blocker, a dozen independent ways to track users across websites. Not only is your fingerprint unique regardless of browser (Tor Browser excepted), but hundreds of tracking companies follow you around. The big guys like Facebook, i.e. those who have a pretext to create a service worker, already are present as third parties in almost all websites with either images, fonts or normal javascript. Service workers do not compromise a default profile any more than it already is, because it has zero privacy. Can’t have less than that.
No, because you are unique in all cases and tracked by everyone in all cases. You can’t be more unique than unique, and you can’t be tracked by more agents than there are agents.
Then we’re not on default config any more, in which case we will install the same add-ons and set the same preferences on all Firefox-based browsers. The difference lies in that you have less preferences to flip on a pre-configured build like Waterfox, so it’s more accessible. On the other hand you have to study how to spoof Firefox, which is less accessible. Waterfox may (or may not) get away with just useragent switching, but for Pale Moon I am very skeptical.
All in all as a user for whom privacy is the top concern in browser choice, I’d rather use the main Firefox and have no uncertainty about quality of spoof. I’d be uneasy about Waterfox but I can hear someone wanting to use it.
1/ So the list of add-ons is not an issue, we agree. What used to leak until it was fixed was whether users are on Windows, Linux or Mac. Even if there was more left undocumented, JavaScript is required to leverage it.
2/ According to the researcher’s website, the vulnerability was not disclosed until it was fixed as part of the “Responsible Disclosure principles” we’re used to.
The immense majority of potential vulnerabilities can’t be leveraged in high security mode where JavaScript is disabled by default. I doubt anyone whose life is on the balance is going to pick anything else than high security mode, fortunately.
Clearly Tor Browser is more useful than anything else, since even the NSA is having hair pulling fights with it. This is what I meant, that all security software have vulnerabilities is a smokescreen.
You didn’t read me. Even if affected, it doesn’t matter. Google Analytics can run all over Tor Browser and it still doesn’t matter because you’re not you, you are the faceless mass of all Tor users in the world. In truth I would not allow GA from websites (using high security mode, you don’t), but from the add-ons catalogue page, it is absolutely consequence-less.
The Ghacks article you quote speaks about Firefox privacy blunder, not Tor. The Tor developer you quote voiced concern for Firefox, not Tor Browser. This add-on catalogue page is an about: page that loads AMO through an iframe; and AMO uses Google Analytics unless you enable Do Not Track in Firefox preferences. Again, this is all consequence-less for privacy and anonymity within Tor Browser.
An IP leak affecting 5% of users, fixed before the vulnerability details were disclosed, a Google Analytics script on the AMO page as loaded from the add-on catalogue which nobody uses in Tor Browser but they could and it wouldn’t cause any issue, an OS brand leak (not version) that required JavaScript and is now fixed, and a load of whataboutism about how all security programs are useless because they all have vulnerabilities. Yes, I think that speaks for itself.
Yes, congrats! I’m glad you listened to my complaint. I hope it continues in the future. It’s okay when you can’t be bothered, but certainty speech requires sourcing so in those cases a proper netiquette could be to introduce uncertainty language such as “I think”, “probably”, or disclaimers such as “IIRC”. Here I myself could have added a few links, but I’ve spent way more time than I should on Ghacks for today, yet as I am already engaged in a discussion I can’t just ignore you. Do ask if there are bits you think I should source.
As far as I know I made no incorrect statement using certainty speech about a matter that is meant to be either a fact or a verifiable information, let alone “many” incorrect statements. When I do I mentally slap myself in the face, this is a really bad trap to fall into. Some people use it merrily though. Some people, when they are unfamiliar with a topic, have an habit of looking up a link to read in ten minutes and coming back to argue using certainty language as if they were experts in the field.
… Actually, once again I am reminded that you cannot be trusted.
I installed Waterfox and checked the preferences of a default profile: Service workers are enabled. These kind of completely made up arguments are so frequent with you, people are drowned in walls of text filled with them and it’s so easy for their falsehood to go unnoticed that even I, warned as I am, was caught in it. I wasted time producing a valid rebuttal to what you brought up, when all I had to do was look up what you failed to source: That the browsers we are talking about, just like Firefox, enable Service workers by default, rendering your statement “That alone makes Firefox worse than those alternatives, by default” factually wrong. (Simply inapplicable, off the mark, moot)
If you were not so omnipresent on Ghacks it wouldn’t be such a problem. All your mistakes, genuine or not, are impossible to debunk with the tidal wave amount of comments that you produce.
Chhht! I just wanted to know insanelyapple’s alternative :=) Don’t influence his answer!
Mozilla or Wladimir Palant, what’s the difference. Studying, analysing ads, then on a one side claiming they are the best concerning privacy, on the other side enjoying their money. Strange cases of Doctors Jekyll and MM Hyde.
Looks like the study concerns dedicated Firefox privacy tools in the scope of Websites. These tools exist as mentioned in the article/study but remain far less powerful than what fine about:config tuning + extensions such as uBlock origin can accomplish. But they do exist and are valuable for beginners.
The other scope is what of the user’s relation with Firefox itself is concerned. Tracking, experiences, “system extensions”, health reports …
Many here and elsewhere do a good job when it comes to scanning each and every privacy issue even if one may disagree with overall hard conclusions alike condemnations. Others such as Pants (see gHacks-user.js) focus more on offering solutions than on condemning with no hope.
The point as I see it is in trying to make things better, they’ll never be perfect.
Anyway, the study initiated by Mozilla, reported by this article, is unimaginable when it comes to Google’s chrome : there definitely are different policies.
@Pants, I’m afraid I’ve been the cause of Appster’s comments on your work whan I first mentioned (above), “Others such as Pants (see gHacks-user.js) focus more on offering solutions than on condemning with no hope.”. I maintain this but I couldn’t have imagined it would trigger the Appster machine-gun :=)
Your work is of course appreciated by many of us, maybe much more than you can imagine.
My only regret is to not read you more often here on Ghacks.
Appster is neither a bad guy nor a stupid one. But he appears sometimes as obsessed by a “mission” to the point of over-reacting, IMO. I noticed also words such as “warned”, “complaint”, ‘punishment’ … and now “I’ve been too nice…” : maybe a feeling of persecution, I don’t know.
@Appster : your investigations are worthy, you know I appreciate your commitment to privacy, but could you please be just a little more cool in your answers to those who disagree with you; in particular, do avoid imagining what is not clearly, explicitly mentioned :=)
Do stay online, Pants! And many thanks again for your Ghacks-userjs work. I can tell you that I rely on it, heavily.
@Tom Hawack:
> Many here and elsewhere do a good job when it comes to scanning each and every privacy issue even if one may disagree with overall hard conclusions alike condemnations.
Very well, what is the ordinary user supposed to do other than condemn their practice? Quietly accept it? Applaud? This needs to be criticized over and over again, especially since Mozilla is a self-proclaimed privacy-respecting foundation.
> Others such as Pants (see gHacks-user.js) focus more on offering solutions than on condemning with no hope.
With all due respect for Pants… He is just creating a list of privacy-evading about:config settings and how to correct them. There are numerous guides for this out there, his one included. Compared to the things Moonchild did (and frequent readers of this blog might agree that I am not friends with him) his efforts are dwarf-size. They are good and well, and I support them for what they are, but shouldn’t be overrated, either. Every remotely advanced user could write a privacy guide, were it only necessary (numerous out there already).
> The point as I see it is in trying to make things better, they’ll never be perfect.
Yes, this message needs to reach Mozilla urgently, so that simple users can also profit from these developments. Otherwise only our little club will profit, and I doubt that Mozilla has received many data sets from us to begin with.
> Anyway, the study initiated by Mozilla, reported by this article, is unimaginable when it comes to Google’s chrome : there definitely are different policies.
Uhm, Tom… At least Google is open about it. Yes, their data collection is extremely bad, but they at least do not pretend to be the savior of the web. Mozilla is being financed by Google. They are the source of their donations. Do you really believe that they would donate a single penny to Mozilla, if Mozilla went out of its way to stop their data collection across the web? Really?
That being on top of the fact that Mozilla itself is owning a company with a closed-source product (Ghostery) that sells data to advertisers.
The ignorance of people when it comes to Mozilla is baffling and makes me wish that they would include a non-blockable data collection feature into Firefox. Some people will have learned their lesson after the fact, I guess. Or not. Who knows.
@Appster – Thanks for that :)
> With all due respect for Pants… He is just creating a list of privacy-evading about:config settings and how to correct them.
It’s not just “privacy stuff” from the app itself (and as long as I can kill that shit, then I’m happy), its also website tracking, security, anti-fingerprinting etc. It’s also explaining them, testing them, and providing links for further info. It’s also weighting up the conflicts between between “privacy” vs “security” etc where they may clash or be perceived to clash. There are also other aspects such as the wiki, extra scripts such as a prefscleaner, a scratchpad troubleshooter script, user-scripts/filters/rules for extensions, vetting and testing extensions and providing solutions (eg IDB issues with Web Ext) and even things such as porting a user.js into FF on Android with no root access using a script).
> There are numerous guides for this out there, his one included
Many are flawed or wrong about various prefs – even dangerously wrong, most are way out of date, most are incomplete, many are riddled with stuff like scrolling and mouse settings, etc (yup I have a personal section, my bad, and I want to remove it but am meeting resistance). Seriously.. finding anything remotely like the properly vetted and comprehensive references such as pyllyukko’s or 12bytes or ghacks’ is almost impossible. NOTHING comes close to these two resources (12bytes now uses the ghacks one, but his own original compilation was extensive as well). Even Mozilla have nothing like it.
> Every remotely advanced user could write a privacy guide
Sure. But please don’t belittle (not your intention) or under-estimate just how much time and effort and testing goes into this project. It’s been my personal little project for over 3 years (and before that with pyllyukko on github) and not a day has gone by where I did not check something out – and learning as I go, which can be very time-consuming. And since landing on github a year ago, its been three or four times the work thanks to endless discussions and improvements and extra features etc.
If anyone were to start from scratch, be prepared to spend months (even years) on it, full time. So much reading, so much code to look at, so many changes all the time, so many bugzillas to crawl though .. so much everything. It literally sucks the life out of me, that at times I almost feel like giving up – not really, but walking away and taking a break is good. So much so, that I can’t be arsed doing the latest release for 58.
I think, from memory, that FF has around 3000+ prefs, the user.js has around 466 prefs (applicable to stable and ESR, excluding personal section and the internal parrot) – 107 are inactive (but relevant) and some active prefs are overkill (eg removing an URL when just the switch may do) and some are enforcing a default (to give a complete picture and/or future-proof). Still, that’s a LOT of prefs to document and investigate and get right (so much of the information out there is incorrect, and some can take a long time to track down – some lack any documentation at all). And they would still need to investigate the prefs they decide not to put in. So sure, ANYONE can do, but NO ONE else bloody did (pyllyukko and atomGit from 12bytes excepted) that I am aware of. And no one is as comprehensive or keeps it right up to date. Not even Mozilla. If it was that easy, there would be hundreds of these (full, documented, researched), but there aren’t.
Peace out :) xxx :kissy-kissy: (not here to pick fights, don’t start bitchin’ at me :heart-emoji-thing: )
tl;dr: Please do not compare the ghacks user.js to incomparable things
PS: Its not all me, god no, without the workload and heavy lifting by others such as earthlng, I couldn’t keep up. I seriously doubt one person could.
@Pants
Don’t bother, Appster is almost always off the mark anyway. Your work is the single most useful resource on Firefox preferences and has recently become more than that, it’s a repository of past and ongoing Firefox development related to privacy and security.
It’s invaluable, saves me a lot of time digging for it myself, letting me stay up to date with minimal efforts. With up to date knowledge and source access, I don’t need to trust either Mozilla or pitchfork people, I simply know how my browser works. I don’t trust Mozilla, I trust my knowledge and control over the software I installed on my computer.
This is possible because of you, I would sometimes lack time otherwise. Best thing is you source everything, so I don’t even need to trust YOU.
@Pants:
Of course I know that there is more to it than just creating a list of about:config switches and how to set them. However, this is what it boils down to for your users in the end. And to be honest with you, it takes less than four hours to disable the worst stuff in Firefox, if you know where to look for it.
I agree that it takes more time to consider the breakage that some settings would cause, especially when talking about the settings of medium or lower importance. I think we both agree that some of the worst settings can be switched without breaking things, as they have nothing to do with website content, but with Mozilla sucking up data.
And regarding your privacy guide… Yes, it is probably the most complete one. I am reading it, as well. But it’s not the ONLY one. Others are sufficient when it comes to turning off the most intrusive stuff. Some of the guides out there are (dangerously) wrong, no question.
Again, I do respect your efforts, but it should also be clear that they are somewhat less demanding and also less effective when compared to Pale Moon, for example. This browser actually comes preconfigured and does change a lot of stuff via actual code. True change has to happen at the code level. Turning off a setting is well-meant, but not comparable, really.
And a personal comment on my part: Your efforts remind of some guy trying to siphon off water intruding into an already sinking Titanic. Mozilla is NOT on your side, and is making your work harder. It won’t get any better. If they remove about:config some day, you are basically screwed. You get what I mean to say, right? Might be that your efforts are in vain at some point.
Out of personal interest: Why don’t you help projects like Pale Moon or Waterfox by proposing better defaults to them? Wouldn’t this help a great many people?
@Appster
I was just correcting your statement that “all I did was list some about:config prefs” and making it sound oh so easy and trivial. If all you meant was some of the basic application prefs re telemetry etc, then yes, that is minor and easy, but the ghacks user.js is not just that. Hence the correction. Also miffed that you think its so easy – if you only had any idea of the time I have put into it. Kinda pisses me off :)
As for all the rest, you/we need to differentiate between application vs web content. And your definition of “worst stuff” is ambiguous. 4 hours? Doing it manually is 10 minutes. Using a simple list of prefs eg in a js, takes seconds (and a FF restart). Some manual effort such as the features folder for system xpi’s maybe. I can lock up a new FF in about 2 minutes. And those sorts are lists are more common. If your worst stuff is all the app stuff and a handful of others like beacons and pings and snippets, then its trivial and easy.
As for the ghacks js not being the only one (in the context of being more complete, up-to-date, documented, tested etc), don’t forget you’re talking to someone who has spent 4+ years scouring the internet. You’re still downplaying the amount the work that went into it, and how much it takes to maintain it.
Why should I spent any of my time on Palemoon or Waterfox? What if the WF guy dies? What if PM decides to remove about:config? What if PM decides to harvest your start menu and partner up with Yahoo or something? What if? The arguments go both ways. I am not interested in obsolete/behind-the-times/non-functional-with-new-standards/insecure forks and ancient software – don’t take that personally, I prefer to stick with software with a 1000+ engineers (and lots of outsiders’ eyes including the Tor people) testing and inspecting it, and one that keeps up with tech changes. That’s not a dig at the forks, it’s just my perspective – i.e I am not interested in them, but if others are, then that’s up to them. I have no opinion on that aspect.
Also, if the PM or WF or whatever people forking FF want some ideas – it’s already listed in the user.js – all deprecated prefs are still in there. They can help themselves
chill out :)
@pants
your work is great also for a palemoon & waterfox refugee like me. I pick what seems useful for my needs.It requires trust to rely on guidance with about:config settings.thats what you deliver. I hope for more comments ( like @Tom Hawack ) in the future. that beeing said, I too wondered recently why you did not move on to palemoon with all the privacy stuff going on at FF. I get and understand the reason now.
@b:
> that beeing said, I too wondered recently why you did not move on to palemoon with all the privacy stuff going on at FF. I get and understand the reason now.
Wait, what was his reason exactly? The “points” Pants mentioned were/are not even true. E.g. Waterfox is just a rebuild of Firefox, and does not substantially differ from it. It just vows to protect privacy by delivering a preconfigured Firefox. Not even his “these builds do not get reviewed as much” argument is valid, since they build on Firefox code… The Firefox code has been reviewed, so what’s his point? Pants just loves to fix broken things, i.e. Firefox. Mozilla constantly makes things worse, so instead of helping those who take it upon them to create better builds, he creates a random list of about:config entries somewhere. That’s how I see it.
@scorpiogreen:
> What will you do then? Go to Chrome? Or Edge?
Oh, there is still ungoogled Chromium, Iridium etc. If you consider non-mainstream browsers, alternatives are plentiful.
@Appster
For the record, I also contribute to TBB and Mozilla (and elsewhere) outside the ghacks user.js. But what does that have to do with anything? You’re the one who brought my name up and effectively said what I had done was trivial, easy, could be done in short order etc. All I wanted to do was clarify that.
But then you twist my words, and cherry pick from my broad statements (I shouldn’t have to explain in detail every single point) – as Tom said, you should “avoid imagining what is not clearly, explicitly mentioned”
I have said nothing against any fork developers and I have not compared what I have done to them in any way. They are welcome to do what they do, and I wish them well, always have. I do not belittle their work or product – WHAT I actually said, was MY OPINION on the STATE of forks in GENERAL and that I am not interested in them – I said this because you asked.
It was a general statement. I shouldn’t need to break it all down, otherwise we’ll end up with walls of text (bit late now). So you then proceed to state things (eg Waterfox is based on very recent FF code etc) and claim I said things I didn’t. The fact of the matter is that I am not interested in any non-major browsers. And the reasons I gave are totally valid. That’s not to denigrate any forks, that’s my stance on not using “obscure” (for lack of a better word) software for something as important as a browser. Again, in general, security patches can be slow, less scrutiny/eyeballs on code changes and potential for security flaws, legacy code, slow to add new features/tech and so on – there’s lots more I could list. Each fork needs to be evaluated on its own merits, but by their very nature, they will always be behind and lack resources. I’m not willing to gamble on that.
Because my time is precious (to me), then I only want to invest in one product, and I choose FF. As long as I can keep turning off all the things that your fork guys do by default, then I’m happy – plus I get the product from the source so to speak. Also, turning off all the things in prefs that some of the forks do, or achieving the same result if they remove the code, – i.e any phoning home, new tab page rubbish, etc – is pretty much 100% all easily done in FF. So there is no incentive in that regard.
Until I can’t control FF, then I will use FF. Trying to guess the future is a bit of a waste of time IMO – and that’s what I was trying to say when I posted back these silly Q’s at you – you weren’t meant to take them literally. What if an asteroid landed on your house? What if?
If you want something different, then that’s up to you.
However, if anyone says a single thing you don’t agree with (and you misinterpret a lot), then you get super argumentative and start putting people down IMO. I get it, you’re passionate, but dude, you’re too hard to have conversations with (not that I am all that great at writing my ideas)
That’s it. Said all I need to say. No need to reply, as I can’t be bothered each other’s time again. I’m not going to tip toe around you when trying to have a discussion, so I won’t bother (which is shame, because you do contribute meaningfully some/most of the time).
@b (“Let it be, let it be” my tribute to the Beatles!) your comment reminds me a point I wished and had forgotten to mention in previous posts: Waterfox itself, dedicated to enhanced privacy and accordingly available with several eradicated/modified settings from Firefox, nevertheless still has some about:config values which could be optimized and are when filtering them with those proposed by Pants’ Ghacks-user.js — No idea about ‘Pale Moon’.
So, yes, Pants’ work is helpful, pertinent also with Waterfox.
@Pants: “What if the WF guy dies? What if PM decides to remove about:config? What if PM decides to harvest your start menu and partner up with Yahoo or something?”
That’s easy — if the browser I’m using no longer meets my needs, regardless of the reason, then I stop using it and switch to one that meets my needs better. This was precisely why I stopped using FF 57 and switched to Waterfox — 57 stopped meeting my needs.
Changing browsers is a relatively painless thing to do.
>”That’s easy — if the browser I’m using no longer meets my needs, regardless of the reason, then I stop using it and switch to one that meets my needs better. This was precisely why I stopped using FF 57 and switched to Waterfox — 57 stopped meeting my needs. ”
@John Fenderson, what if you run out of browsers to switch to? What then?
There are only so many alternatives out there. Waterfox looks like it’s run primarily by one guy. That’s a lot to lay in one basket. And Pale Moon is junk that seems to break websites all the time. I don’t even like the way it looks. It’s about as ugly as Sea Monkey. Blah.
What will you do then? Go to Chrome? Or Edge?
“what if you run out of browsers to switch to?”
Hard to see that as a reasonable possibility, given that there are dozens to hundred of options. However, just because a browser goes unsupported for whatever reason doesn’t mean it stops working. I’d probably keep using it anyway.
“I don’t even like the way it looks. ”
And I don’t like the way Quantum looks, and I find it difficult to use. Different strokes and all that. However, unlike with Quantum, it’s possible (using extensions) to significantly alter the looks of any pre-Quantum fork, so you can make it look as you prefer.
“What will you do then? Go to Chrome? Or Edge?”
No, both of those browsers are, in my opinion, simply awful and not even in the running.
@Pants: Gosh, I feel that I have been way, way too nice to you. That was a mistake.
> I was just correcting your statement that “all I did was list some about:config prefs†and making it sound oh so easy and trivial.
But this is what you do, in the end. And yes, this is trivial. It costs you some time to do it, but it’s not very difficult.
> If all you meant was some of the basic application prefs re telemetry etc, then yes, that is minor and easy, but the ghacks user.js is not just that.
The other stuff could potentially break websites. No amount of research you could possibly undertake covers all possibilities and configurations. Thus, it’s not recommendable to most people to change those prefs anyway.
> Also miffed that you think its so easy – if you only had any idea of the time I have put into it. Kinda pisses me off :)
Seriously, it’s time-consuming, but not too hard. After all, you are not making any changes on the actual code level.
> 4 hours? Doing it manually is 10 minutes. Using a simple list of prefs eg in a js, takes seconds (and a FF restart). Some manual effort such as the features folder for system xpi’s maybe. I can lock up a new FF in about 2 minutes.
The whole paragraph basically screams TRIVIAL.
> If your worst stuff is all the app stuff and a handful of others like beacons and pings and snippets, then its trivial and easy.
Indeed. The rest is pretty much peanuts, and has negligible effects when switched off.
> As for the ghacks js not being the only one (in the context of being more complete, up-to-date, documented, tested etc), don’t forget you’re talking to someone who has spent 4+ years scouring the internet.
Yeah, and? The Pale Moon dev has actually spent 9 years developing stuff. And yes, developing stuff is harder than just researching stuff others have already put on the web.
> You’re still downplaying the amount the work that went into it, and how much it takes to maintain it.
No, I don’t. I am just saying that others have done more than you did, which is factually true. Your efforts can’t be compared to the efforts it takes to develop an actual fork of Firefox.
> Why should I spent any of my time on Palemoon or Waterfox?
Because they are, contrary to Mozilla, actually interested in protecting the privacy of their users. And because an actual browser is far more useful than a random list of about:config settings on the web. Sorry to say.
> What if the WF guy dies?
Are you serious about that one?
> What if PM decides to remove about:config?
If you think that this is a real possibility, then you know absolutely nothing about Pale Moon. Mozilla is far more likely to remove about:config at this point.
> What if PM decides to harvest your start menu and partner up with Yahoo or something?
This again shows that you know nothing about Pale Moon.
> What if? The arguments go both ways.
No, the argument only goes in one way. As far as I know, Mozilla has already violated the privacy of their users. This can’t be said about WF and PM yet.
> I am not interested in obsolete…
How can a maintained browser be “obsolete”? Obsolete is only true for abandoned software.
> behind-the-times
While this may be true for PM, this can’t be true for WF. WF is currently based on FF56 and plans to rebase on FF60 soon. It’s on the same level as Firefox. If WF is behind the times, then this must also be true for Firefox. Everything else would make no sense.
> non-functional-with-new-standards
Again, maybe true for PM, but not for Waterfox. Waterfox is a Firefox rebuild.
> insecure
This is not true. Security patches of Firefox get applied to both products. Are you this uninformed, or are you just lying?
> I prefer to stick with software with a 1000+ engineers
LOL, Mozilla never even had 1000+ engineers. Not even close. You don’t even reach that number if you count all the voluntary (hobby) contributors in. Not even Google has 1000 engineers in its Chrome division.
> and lots of outsiders’ eyes including the Tor people
The TOR people obviously cannot prevent things like Cliqz or Mr Robot stuff from happening. They are not Mozilla employees, and thus can’t influence Mozilla. The TOR people are just keeping their own rebuild/fork clean. This particular part makes zero sense, Pants.
> and one that keeps up with tech changes.
Again, it makes zero sense on your part to talk about a fork that is 99% Firefox code (Waterfox) in that manner. This would be the same as bashing Firefox. There is no difference between the two, apart from Waterfox removing intrusive stuff. This sentiment is only true for Pale Moon, although I must say that the Pale Moon guys are also frequently rebasing their product. Pants, sorry to say, but you obviously have zero knowledge about these forks.
> Also, if the PM or WF or whatever people forking FF want some ideas – it’s already listed in the user.js – all deprecated prefs are still in there.
Indicating that the forks are somehow outdated, which they are not.
I don’t want to proceed any further, here. You can try fixing a sinking ship (Mozilla) any day you like. You don’t need to help people who actually protect user privacy. You can make people pay homage to a mere about:config list. Their problem, not mine.
Whoa, what with the “been too nice” bit? We’re hardly every conversed before (except that one time at bandcamp). I actually steer away from you and refrain from posting here a lot now. IO guess I’ll just stay away. Did you not see the smilies and chill out message. I’m not trying to be confrontational. Its an adult conversation.
> No, I don’t. I am just saying that others have done more than you did, which is factually true. Your efforts can’t be compared to the efforts it takes to develop an actual fork of Firefox.
I’m comparing apples with apples (I am not saying anything about the amount of work that others have done in other various fields). I am talking about the user.js. And I never said I di the most work. Sheesh :( Where are all these other ones. Yes its easy but its IS time consuming but once done easier to maintain – but where are they all? I mentioned two others done independently from each other and mine. Where are they?
I’m not interested in the politics of the sinking ship vs not sinking or whatever. You have your opinion, that’s fine. I have mine. Nothing is certain. My questions to your questions were to show you that.
The Tor people can only inspect the code and make changes to their product, but they do bring up things that have been missed etc. No one is saying they actually change FF code (but they do, you know, tor uplift and all, albeit sanctioned by Mozilla). And sure, they have no control over the FF brand or experiments etc – no one said they do. The Tor people are just the sort of people you want to find holes. Hence why they’re mentioned, because overall, they bring things to Mozilla’s attention that get fixed. Same with volunteers etc. More eyes on the product was the intent of bringing them up.
1000 engineers – whatever the figure is. Maybe the 1000 is total employees. Soz, got that wrong. Anyway, it’s more than the forks get is my point.
I do not care about these forks. That’s my right :) Obsolete, insecure, missing-tech etc was an all encompassing phrase for all the forks – some bits apply to some forks.
> all deprecated prefs are still in there.
Because a lot of prefs that apply to some of the forks are deprecated in FF57+. You’re reading too much into every single sentence I type.
Anyway, you see to take umbrage and pick fights with anyone who says anything ever so slightly against your point of view, so I’ll never bother again.
@Pants:
> Whoa, what with the “been too nice†bit?
That means: I deliberately overrated you and your work in order to not offend you. Then you started to demean those who have actually put hard work into making changes on the code level, instead of just disabling stuff. You need a reality check, dear Pants. On a scale from 1 to 10, my respect for the fork developers ranges between 6 and 9, because they are offering an actual alternative to Firefox, instead of publishing a list somewhere on how to fix it. Thus, my respect for your work is between 2 and 4. Not too bad, still, since my respect for completely uninformed people is at 1. This is not a personal “best friend” rating, but a rating of knowledge of the product. Still, you needed the reality check.
> I actually steer away from you and refrain from posting here a lot now. IO guess I’ll just stay away.
The choices you make. Should I be concerned, now?
> Did you not see the smilies and chill out message.
I saw them, but found that they did not fit the content of the text.
> I’m not trying to be confrontational. Its an adult conversation.
Neither am I. Stating that others have done more work than you did is factually true and hardly qualifies for the term “confrontational”. Again, I did even overrate you a bit in order to be nice to you, but this was my mistake. The content you did just deliver does not justify any special treatment. It was a mixture of half-truths about others and you paying homage to your own work.
> I’m comparing apples with apples (I am not saying anything about the amount of work that others have done in other various fields).
See, I am trying to act now just like you did before: “But what if Pants just dies? What if he isn’t capable to keep up with all those about:config changes? I don’t see the point in supporting an about:config list that could become unmaintained at any time. I prefer the Mozilla wiki, as 1000+ experts are reviewing it.” That’s a bad attitude, don’t you agree? And it becomes even worse when we talk about people who actually change code. It’s your inherent disrespect that baffles me. And yeah, you did indeed say something about the work that others have done in other fields, so I found it appropriate to compare that with your efforts.
> I am talking about the user.js. And I never said I di the most work. Sheesh :(
Hm, but you did rate the work of fork developers to some degree, so why shouldn’t I be entitled to compare your work to theirs? Of course this comparison doesn’t turn out in your favor, but you already knew that, don’t you?
> I’m not interested in the politics of the sinking ship vs not sinking or whatever.
Good luck maintaining your about:config entry list once Mozilla removes about:config. That is, the moment the “dumbing down” continues. I would pay good money to see your reaction, then. (And even if they keep about:config in, the privacy defaults will get worse, and worse, and worse…)
> You have your opinion, that’s fine. I have mine. Nothing is certain.
Nah, I think that I can safely state that the forks will always be more private than Firefox. Otherwise they wouldn’t have a reason to exist anymore.
> The Tor people can only inspect the code and make changes to their product, but they do bring up things that have been missed etc. No one is saying they actually change FF code (but they do, you know, tor uplift and all, albeit sanctioned by Mozilla).
But you do know that Mozilla listening to Tor people and admitting substantial patches from them is a very, very rare occasion, right?
> And sure, they have no control over the FF brand or experiments etc – no one said they do.
Then why do they matter for 99% of the user base out there? Mozilla is the one having the pants on (pun intended) in the end.
> The Tor people are just the sort of people you want to find holes. Hence why they’re mentioned, because overall, they bring things to Mozilla’s attention that get fixed. Same with volunteers etc. More eyes on the product was the intent of bringing them up.
So, let’s assume that the rare occasion on which Mozilla listens to the Tor people comes to pass… Wouldn’t those patches also land in Waterfox a few days later? How does that make Firefox any better than the forks (your original point)? Sorry, I don’t see that.
> 1000 engineers – whatever the figure is.
It is much, much lower. Have a look at “contributors” on GitHub, and try to sort out the guys who are regularly contributing…
> Maybe the 1000 is total employees.
That’s closer to the truth.
> Soz, got that wrong. Anyway, it’s more than the forks get is my point.
Yeah, but the forks (especially rebuilds like Waterfox and Cyberfox) are based on the code these people are developing. They are based on the exact same code that got reviewed by many people, and are adding privacy enhancements on top of that. So, your point is…?
> I do not care about these forks. That’s my right
And I don’t care about Mozilla, too much. They could go down, if you ask me. They have failed their own principles. Why care about them? Oh, I forgot: You need to fix the sinking privacy ship. Keep going, you are on the right track. Why help people who actually care when trying to fix Mozilla is so much more fun?
> Obsolete, insecure, missing-tech etc was an all encompassing phrase for all the forks – some bits apply to some forks.
A correction badly needed.
> You’re reading too much into every single sentence I type.
Maybe. Maybe not. That stuff happens. I do, however, know from whole paragraphs of yours the derision with which you talk about actual developers. That alone would justify the (rather factual, still) tone.
> Anyway, you see to take umbrage and pick fights with anyone who says anything ever so slightly against your point of view, so I’ll never bother again.
I am not “picking fights”. It’s just that, in my humble opinion, a whole lot of nonsense is written in the comments of people here. I could ignore that nonsense and call it a day, giving them the impression that they are right. But in many cases they just aren’t. They are wrong, as in “factually wrong”. And when it comes to you, I must say that I value your privacy-related comments. I never commented under them, because they were good content. Here I just happened to point out that other people are underrated while your about:config changes are (while very useful, still) overrated. So we were not talking about facts here, but more or less about the personal worth of your work in general. And that depends on the point of view everyone of us here has. It’s not an agreement – disagreement discussion. I only “disagreed” with your statements about forks, because they are just not true. All in all, if you keep crying me a river just because I don’t overrate your work, then you won’t be missed by me.
@Tom Hawack:
> Appster is neither a bad guy nor a stupid one.
Thanks, Tom.
> But he appears sometimes as obsessed by a “mission†to the point of over-reacting, IMO.
I don’t have any particular “mission”. The only thing I try to do is to make people aware of the current (bad, customization- and privacy-wise) state of Firefox. You can compare that to rating a bad hotel where you have spent your holidays. It’s just that privacy is a more serious matter, and that the breaches of privacy are more frequent, thus requiring us to talk about them on a more frequent basis.
> I noticed also words such as “warnedâ€, “complaintâ€, ‘punishment’ … and now “I’ve been too nice…†: maybe a feeling of persecution, I don’t know.
First off, I have no obligation to justify my choice of words before anyone. I think “warned” ad “complaint” are totally normal terms when a product happens to be of bad quality in some aspect(s). “Punishment” is a term I used in conjunction with people leaving a product behind, thus draining money from a company which happens to be shady. That’s a form of “monetary punishment”. I did never talk about psychological or physical punishment. You should fix that one, Tom. And the “I’ve been way too nice…” term… Yeah, I actually pondered between different terms. I could have said that I did “Overrate you, but will now correct that sentiment”, but this sounds far more aggressive, IMHO, albeit it’s the truth. I already chose the more diplomatic term, although it could be misunderstood.
> maybe a feeling of persecution, I don’t know.
No, not really. I don’t have a reason to feel persecuted, as I have already locked up Firefox. Other people should feel “spied on” at least, and I am here to warn them. Nothing more, nothing less. It’s not a “mission”, I am just recommending things and use words which I find appropriate for the serious matter that is privacy.
> your investigations are worthy, you know I appreciate your commitment to privacy, but could you please be just a little more cool in your answers to those who disagree with you;
I will try. Maybe I need to learn how to sugar-coat my words a bit more, so that (easily offended) people don’t get that wrong. Maybe I just need to overlook factually wrong statements and call it a day. Would certainly make my life a bit more relaxed. I agree that something can always be done to let texts appear more friendly, but most often I just do not have the time nor intention to do so. I just try not to insult people, and I think that I succeed with that, unless people have chosen an insulting tone beforehand, in which case I see no particular obligation to show them respect.
> in particular, do avoid imagining what is not clearly, explicitly mentioned :=)
Will try, yes. Although I must say that I do not feel to have gotten a wrong vibe from Pants’ text, as it stands. Just saying.
It’s the opposite, to the point that Mozilla is now working with the Tor project to bring Tor into Firefox. Tor developers have made countless patches over the years in their fork, and for more than a year now they have been actively backported into Firefox itself, which amounts to a quantity of patches almost on par with the huge project that is WebRender. (About 1500 IIRC, verifiable on Bugzilla. For reference the biggest project in Firefox history, Quantum MVP, which touches 75% of Firefox’s code base, has about 20 000)
You cannot be trusted. You never source anything and make far too frequent use of certainty speech while being factually wrong.
@Zuck:
In the past year, Mozilla has not only ported some Tor patches over, but has also introduced both Cliqz and Looking Glass without user consent. Cliqz qualifies as spyware and malware that came via drive-by attack. You can‘t deny that. Also, how long have the Tor patches been around already? Mozilla now introducing some of them is long overdue.
> You cannot be trusted. You never source anything and make far too frequent use of certainty speech while being factually wrong.
Oh, really? I have already posted multiple sources for my argument under my initial reply, above this little conversation here. They prove that Ghostery is involved with advertisers, and that Mozilla is involved with Cliqz, the company which owns Ghostery. Read those sources, then you will know that I am not „factually wrong“. I‘d say YOU cannot be trusted. I have posted my sources already, while you still state the opposite. That you can‘t be bothered to read them is not my problem.
You should just admit that you said, with your usual high degree of certainty, something that is factually wrong and not just wrong, but the polar opposite of truth. I quote again:
“You never source anything” was indeed too simple a statement, you never source anything when it comes to what I consider really relevant, such as how the software works and development related discussions. I’m on Ghacks for technical information. Looking Glass (which didn’t collect any data and was inactive until IIRC the user actively activated it as prompted by a Mr. Robot episode, and wasn’t even downloaded for people who opted out of telemetry; it was mostly a scare and time waster for some people), Looking Glass is side dish for me.
When it comes to what I consider main dish, you’re very often off mark or flat out wrong, and you don’t source, and you use certainty language. It’s like news websites, when you catch one saying the opposite of what is right once or twice, you keep it in mind but you can think it was a genuine (but uncorrected…) mistake. When it happens too often trust becomes impossible and it’s best to move away from the place completely, since worldview is shaped by news.
@Zuck:
> You should just admit that you said, with your usual high degree of certainty, something that is factually wrong and not just wrong, but the polar opposite of truth. I quote again:
Sorry, you are way, way overrating Tor’s importance for Mozilla. Mozilla introduces a big one time patch once in a decade, and fools like you are losing their shit over it. I am sorry that I do not share your enthusiasm. A big patch once in a decade hardly qualifies for the word “importance”. Hence my claim that Mozilla doesn’t listen to the Tor project too often, is correct, especially from a historical perspective. If Mozilla listened to Tor most of the time, there would be no point in Tor being its own browser, right? Does that make sense to you?
> “You never source anything†was indeed too simple a statement, you never source anything
Are you nuts, Zuck? Of course I have provided sources the Mozilla-Cliqz-Ghostery triangle above. You just don’t bother to read them and then claim that I didn’t source anything. You are lying, plain and simple. But everyone who is not illiterate sees through your lies.
> Looking Glass (which didn’t collect any data and was inactive until IIRC the user actively activated it as prompted by a Mr. Robot episode
Looking Glass… Looking Glass… Looking Glass… What about Cliqz? Mozilla apologists never discuss the Cliqz spyware that came via drive by download. By the way, shipping an add-on without any user consent is still a practive I disagree with, even if the add-on itself is not outwardly malicious.
> and wasn’t even downloaded for people who opted out of telemetry
So… 1% of the user base were not affected? Stupendous!
> Looking Glass is side dish for me.
Mozilla installing add-ons without user consent and any description is “side dish”. Okay.
> When it comes to what I consider main dish, you’re very often off mark or flat out wrong
Where was I wrong, exactly? My main point has always been the Mozilla-Cliqz-Ghostery triangle. And yes, I have posted my sources regarding this one. Are you afraid to talk about this connection to the ad industry?
> and you don’t source, and you use certainty language.
I use whatever language I see fit. As if you could influence that or force me to explain myself. Borderline ridiculous.
> It’s like news websites, when you catch one saying the opposite of what is right once or twice
Show me how my statements regarding the Mozilla-Cliqz-Ghostery triangle are factually wrong, then we’ll talk. Oops, I just noticed that they don’t fit into your apologism very well, right? So you choose not to discuss them. That didn’t go unnoticed.
> When it happens too often trust becomes impossible and it’s best to move away from the place completely, since worldview is shaped by news.
So I am basically distributing “fake news”, right? I tell you what, you little twit: I have already referenced my sources above, no need to do it again, just because some random illiterate can’t be bothered to read them. Maybe Mozilla’s “Mozilla Information Trust Initiative”, a little Mozilla project that aims to censor people who speak their minds on the web, is going to stop me. LOL.
Seriously. You accuse me of being “factually wrong” all the while you avoid the nasty stuff completely. On top of that, you have been “factually wrong” yourself, as you claimed that Cliqz could have been disabled via about:config. That’s wrong. Cliqz came BUNDLED with 1% of all Firefox downloads in German-speaking areas. Care to explain how users were supposed to disable Cliqz in about:config before they could even download Firefox? It was impossible, right? There you have it, factually wrong statement on your part. Talk about yourself, Zucky Boy.
What’s up with that misquote on purpose. What’s up with repeatedly pushing into the discussion a topic that was never included in the context of my comment in the first place. You never source anything *regarding the kind of topics my reply addresses*. I know full well that you spend unreasonable amounts of time digging Mozilla controversies and writing repetitive proselyte rants all over the place, I’ll meet you on that plane eventually since you keep insisting, but right now, we have a dish that I find way more interesting and way more telling regarding the present and future of the Firefox software. The Cliqz experiment is what is called a Funnelcake release, it’s not the regular Firefox Release branch. The actual topic at hand is already large enough so let’s save Cliqz for another day, and don’t go ahead and assume my stance on it.
Just a parenthesis on this:
I didn’t say that because, again, I never talked about Firefox Funnelcake in my previous comments. But *you* said it, since according to yourself in one of your proselyte contributions, Cliqz can be disabled:
Note that you can tweak prefs without starting Firefox even once if you like. So where are you factually wrong, here where you say disabling Cliqz is impossible, or there where you show how it’s done ?
Now changing tone because childish bickering is not appropriate for productive discussions.
Quoting it again just so it is readily available to us, your claim was, “you do know that Mozilla listening to Tor people and admitting substantial patches from them is a very, very rare occasion, right?”.
Let’s take a step back to evaluate links between Tor and Firefox teams.
Tor Browser is a Firefox ESR fork, meaning it’s currently based on Firefox 52 and soon Firefox 60. Over approximately a decade the Tor project has created and maintained many many patches in order to implement key product requirements related to privacy, anonymity and security. This code is battle tested and Edward Snowden’s NSA leaks confirmed us that even the NSA is breaking its teeth on Tor Browser. (Tell me if you want a source, for now I will assume you saw the NSA slides I’m talking about)
I argue that Mozilla is not merely “admitting patches”, but that they made this project a part of their actual product strategy. They want to take the decade of work that went into Tor Browser and implement it into Firefox. To quote them, the initial goal of Tor Uplift was to “land all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork”. This quote replies to your final questions quoted above.
Once Firefox is done absorbing all Tor Browser patches, it can offer Tor Browser grade protection on its own through some kind of unified advanced mode. A year old DuckDuckGo study shows page 13 that two persons out of three overestimate the private browsing mode offered by browsers, with recurrent beliefs that it protects privacy against online adversaries. (It actually protects the user’s privacy against people having physical access to their device.) Mozilla is aware that this erroneous belief is very common.
1/ Meeting the user expectation that Private Browsing mode should protect against online adversaries is worth it. It’s also a competitive advantage in that other browser don’t meet this expectation. (I’d argue that they actually can’t.)
2/ As showed earlier, there is no technology in the world that better protects a user’s privacy and anonymity against online adversaries than Tor Browser.
3/ Firefox is absorbing all Tor Browser patches
4/ Mozilla is doing studies regarding the impact of privacy features on user comfort, site breakage, users switching to another browser, …
5/ The recent project Fusion aims to allow Firefox Private Browsing mode to benefit by default from Tor Browser protections, up to using the Tor network itself. Shipping Tor in the Firefox installer is being considered.
With all of that, are we still looking at a mere occasional admitting of patches ? Or does it looks like a full blown product strategy. But if it’s a product strategy, it ought to be a big project. How long has it taken ? Almost two years so far. The first big part should ship with Firefox 60 I believe (May 8th), while the second one (Fusion) is big and it’s too early to evaluate time required. We’re probably looking at what is overall a 3 to 4 years project, meaning it’s among the few longest projects that Firefox has ever seen.
If it’s a product strategy, it ought to be a big project, said I. Time is one thing but what about work. How many Bugzilla tickets so far ? We can only talk about the first big part, which takes about 1,400 tickets. To give an idea the Quantum MVP which is the biggest project in Firefox history is about 20,000 tickets and according to Mozilla touches some 75% of Firefox’s code base. WebRender, a very significant part of Firefox’s pipeline and a main brick of Quantum, is about 2,000 tickets. By comparison I would guess that the overall project around Tor would take between 2,000 and 3,000 tickets, since we’re already at 1,400.
If it’s a product strategy involving two parties (Tor and Firefox teams), it ought to mean close cooperation. With so many tickets and so much development time, and considering it’s about implementing work that the Tor team designed and authored, it would be foolish not to work very closely. And indeed at the end of the first six months or so, the Tor Project blog said that there had been weekly calls between the two teams, and that with this project they “started to take [collaboration] to the next level”.
I’ve seen this meeting call pattern occur in one-party projects (i.e. a single company project with people scattered geographically), it helps people get on the same line with what was done last week and what to work on this week, among other things. The WebExtension project had this too, and still has I assume. Considering the steep deadline they had to deal with, a lot of coordination was required, which illustrates what kind of cooperation weekly calls enable.
Additionally, the second big part of the project, Fusion, will involve modifying both Firefox and Tor, and scaling up the Tor network so it is large and efficient enough to handle an influx of Firefox Private Browsing users. These are things pondered by both Mozilla and Tor Project as part of the design phase. (Source is a mailing list with the talks, I’ll bother looking it up if it’s important) This cooperation pattern occurred between Firefox and Servo developers which could only get WebRender, Stylo and Quantum DOM into Firefox by modifying both products so they could fit together.
So that’s the state of the cooperation between Tor project and Mozilla developers, and that’s where the future of Firefox lies regarding privacy.
Ah, you referred to a reply that I made to someone else than you (“You’re focused on Cliqz which affects no privacy-concerned person because these dudes opt-out, and you’re disregarding (…)”) as a way to put that topic aside in just a few words without breaking the flow of the points I was bringing to his attention.
First you’ll note that indeed, I didn’t mention anything about opt-out occurring (or not) “before they could even download” as opposed to say post-install, or about how opt-out had to be (or not) done through about:config or a.
To make a thoroughly accurate statement on Cliqz, we’ll need to discuss the topic separately when time allows. In the meantime I gave you your own guide to disabling Cliqz.
Fixing cut out sentence:
*through about:config or another means such as, say, user.js.
Ghacks prefs for FF is a godsend. I’m a tweaker also and test alot (You need to be if you are on Xp these days :) ) and I have manual get to every one Ghacks pref and I can tell you when you have done this you cannot say it’s about some config-settings. You know your browser than inside and out and what is does under the hood and the basic FF screams like hell on the internet and with this prefs you can silence your browser what is good for privacy and security and I have made an personal word file with all the prefs in it that I have changes and I have setup other FF browsers with it in around 1-1.5 hours but I do it in steps and so it is not much work. And I can tell you that this setup browser is neat and very fast without all that basic garbage running and screaming in the background and everywhere I go and with all the settings and add-ons on the net sees me as Chrome on Linux and that’s how I like it… and I update it (but on Xp there is not much updating anymore) every 6 months or so and check it all again to be sure so I know the new settings. You do not need to update every time when a new version comes out.
Kz from Belgium
“takes less than 4 hours to… disable the worst stuff… if you know where to look for it”
Seriously? You’re willing to settle for only correcting the “worst stuff”? (whatever that entails)
Knowing where to look is just tip-of-the-iceberg. For example, with each ff release, behavior may change ~~ the result you previously achieved by blanking a any given prefkey may no longer succeed. The new version of ff may be “smarter” (more devious, or self-healing, or self-protecting) in the sense that it now (re)populates, or ignores, a blank user-set value for that prefkey. Similarly, with each release, we’re resigned to consider (and hunt down) newly-introduced prefkeys which now obviate (take precedence over) each prefkey we had previously “learned”.
Reiterating what pants mentioned, ongoing time-intensive research (reading code, reading diffs, changing prefkey values and re-testing the result) is necessary toward achieving success.
To condemn a practice is one thing, and we all agree to condemn privacy intrusions, but condemning a browser on that basis is another, IMO. Nothing as no one is totally good or bad and I believe that focusing on the best — without forgetting and fighting the worst — is constructive rather than destructive.
@Tom Hawack:
Nobody here condemns Firefox in its entirety, I think. One positive thing about it is that it is hampering the rising Blink monopoly to some degree. However, it is the product alone that carries Mozilla’s ideas (formerly: ideals). The two (the product and the idea behind it) can’t be separate from each other. Thus, I can’t recommend Firefox anymore if the user doesn’t know how to handle about:config, plain and simple. Neither can I recommend Chrome. I am not dealing with things using “totally good/bad” categories, either, but I do at least acknowledge when things are worsening and going downhill. Many of us are still in denial, I fear.
Hello, very nice to see, we can use about:config still.
Changing those subjects to privacy manually gets me rid of using addons, which, for my Concern want to much Overrights to see urTabs, History etc.
I used ECleaner Addon for a while overcross to other Browsers, but i recognized, it slows down Overall Performance, not only in FF, as in Opera and Vivaldi, so deleted that and what do i see, Performanceboost all over.
So u just set thee Telemetryentrances to false and delete the URL for that in a:c and all is fine.
On FF Beta 59.04 already, seems to be a good Way Mozilla is turning.
We’ll see, where the Road goes,
Greets, InGSoC.
P.S.: Anyone concerned about other Privacy Content, use uBlock Origin and set the right Filters on, works great.
Nope, not gonna comment on it this time. Only so much: Mozilla claiming to protect user privacy is like a white shark claiming to be vegetarian.
Or at least point out to where you’ve already made your point? I’m actually very curious about why is Mozilla not trust worthy regarding privacy, and to what extent.
@thebrowser:
No problem.
Mozilla, together with Hubert Burda Media KG, owns the closed-source browser add-on Ghostery. Ghostery vows to protect your privacy by blocking tracking scripts. However, Ghostery also collects data and sells them to advertisers, in order for them to improve their tracking methods. So, they are in fact helping the guys who spy on web users day in, day out. That Mozilla is involved in such business is concerning me deeply, to say the least. Ghostery is closed-source, so we don’t have any idea of what is going on under the hood. We just know that it establishes numerous outgoing connections to remote servers, thanks to third-party software.
Later on, and even more importantly so, Mozilla conducted an experiment named “Cliqz”. Cliqz was an add-on that was bundled with 1% of all new Firefox downloads in German-speaking areas. Meaning that when a German/Austrian/Swiss user downloaded Firefox from the website, there was a 1% chance that the Firefox installer came with Cliqz. The people downloading it did not receive any notification about that beforehand. Cliqz collected things like exact location, browsing history, and search queries – sending all those things to Mozilla. Yes, it was in German-speaking areas only, and yes, 1% of all downloads doesn’t seem much, but the fact that Mozilla went this far is pretty telling.
Furthermore, as you might know, Mozilla receives its income primarily from donations of Google, their competitor on the browser market. Google is maintaining a huge tracking and advertising network. I suspect (can’t prove it, it’s just an educated guess) that the rather bad Firefox configuration defaults are stemming from this very fact. Ask yourself this question:
Would Google donate a single dime to Mozilla if Mozilla was dead-set to put a dent into their tracking machine?
The browser market is essentially a cartel of Google, Microsoft, Mozilla, and Apple. None of them, Mozilla included (as they are financed by Google + the whole Ghostery thing), have any particular, substantial interest in the protection of our privacy. Knowing that all alternatives are equally bad, if not worse, they do not need to be a role model and can freely destroy our privacy as they see fit. The Firefox default configuration is an expression of that attitude.
My critics are arguing (rightfully so, to a degree) that Firefox is the only browser where you can actually turn off privacy-evading settings via about:config. However, this line of argumentation is missing the point entirely. Since Mozilla is claiming to be a privacy-protecting institution, we could and should expect them to improve Firefox’s privacy level BY DEFAULT. It will never be perfect, to be sure, but could be improved at this point. But as I said, no actual interest on their part, in my humble opinion. I am just not seeing it. Wouldn’t be surprised if they entirely remove about:config at some point, which is something that my critics think will never happen. I think they will.
@Appster
Thanks a lot for that, is really something to think about and keep in mind and a good example of “too good to be true” scenario. I have one question though: my understanding was that Mozilla had a deal to make Google the default search engine in FF, but you are saying that there’s more than this deal?
I still believe that with the right settings in about:config (a point discussed many times before in this site) we have a chance, but of course it is very likely that most users won’t even bother with this, and hence the problem with privacy all over again. And hopefully we will have some other alternatives.
@thebrowser
Make it so you don’t have to trust software makers. It’s easy with Firefox, just a couple opt-out and you’re out of telemetry, and you can disable further in about:config to cover your back in case of bugs that don’t respect the main telemetry switches at about:preferences#privacy-reports. If you read these two guides provided by Mozilla you can disable all automatic connections made by Firefox. You may not want to disable things like Safebrowsing and OCSP though.
The adversary that is troublesome to shield against is not Mozilla, because it’s trivial to ensure Firefox is completely silent. If a software is completely silent, it does not matter what steps the software maker makes to safeguard privacy.
The troublesome adversary is websites and trackers, and Cloudflare. For that there is no better tool than Firefox. (Nothing comes even close, as I said, except for Tor Browser)
“just a couple opt-out and you’re out of telemetry, and you can disable further in about:config to cover your back”
Sigh. Yes, it’s good that FF at least allows you to do that — you’ll get no argument from me on that count. However, do you not see that having to opt-out rather than opt-in is a weaker privacy stance? Even worse is having to set privacy-related things in about:config. Yes, technically savvy users won’t struggle with this, but it’s not exactly being protective of others.
Practically, what it means is that FF can’t be trusted “out of the box” and has to be tweaked and modified to be privacy-protective. In that sense, it’s not really much different than many alternatives (ignoring actively hostile browsers like Chrome, etc.)
Firefox was that way for years, you have to opt out. Vivaldi by the way doesn’t even allow you to opt out from geolocating you with IP + unique user ID.
You don’t need to be tech savvy to opt-out on Firefox though, when creating a new profile you get a button thrown at you in the form of either a toolbar on the bottom of the window or a tab containing the button with explanations. Again, remember that our privacy can’t be protected in the first place if our browser doesn’t have market share, and that competitors that make use of the kind of data we’re talking about are vastly advantaged when it comes to key selling points like speed and smoothness and even new features. Firefox must stay competitive or it cannot protect privacy. If Firefox ceased to be competitive and had meaningless market share and as such became a browser for tech savvy users, then your point which is based on the common user’s interests wouldn’t stand either because those dudes can click a button and opt out. And then the common user would be moving to Chrome, taking a big hit to their privacy.
There’s not much choice here: We have to attract common users both for our own interests (our privacy needs them) and also for theirs (they’ll get privacy without losing whatever criteria it is they favor)
Repeating from another comment: Non tech savvy users will also get fingerprinting resistance, first party isolation, tracking protection and maybe even Tor waved right into Private Browsing mode. The threat that most affects them is websites, these are huge features for the common user, they won’t get it elsewhere.
*those dudes = tech savvy users
>”I still believe that with the right settings in about:config (a point discussed many times before in this site) we have a chance, but of course it is very likely that most users won’t even bother with this, and hence the problem with privacy all over again.”
That’s true. You can turn this off in about:config and move on. Until Mozilla blocks that option, I’ll continue to use Firefox.
@scorpiogreen:
> That’s true. You can turn this off in about:config and move on. Until Mozilla blocks that option, I’ll continue to use Firefox.
That is missing the point entirely, though. Please come up with a good reason why Mozilla doesn’t preconfigure its builds any better. Is it because of Google’s money? Are they just incompetent? Whatever the reason, it shouldn’t be upon us to make Firefox privacy-sensitive. Your argument is pretty egoistic, too, since many people out there don’t know how to handle about:config. Mozilla leaves those in the dust, all the while claiming to “protect privacy”. That’s borderline ridiculous, don’t you think?
Mr. Appster, I’m not responsible for how others configure their browser. I’ve been going into about:config since I was first exposed to Firefox 7 or 8 years ago, so making modifications to it is not that big a deal to me. I’m just careful to test it out before I settle into leaving that modified setting as I left it. I had to learn as I went along, so I have no reason to give it up unless this option is blocked.
I really don’t appreciate your combative tone. Are you always this way? Reading your other statements here, it seems you’re shoving your opinion/agenda down other people’s throats in a very rude and condescending manner.
I don’t owe you anything. If I decide to use something else, that will be my decision, not yours.
@scorpiogreen:
> Mr. Appster, I’m not responsible for how others configure their browser.
That’s another way of saying that you are not interested in Mozilla improving the settings for the grand majority of users, I guess. Sorry, but that is clearly egoistic. And in your entire reply I was not able to find the good reason why Mozilla doesn’t remedy the current defaults. I guess there isn’t any.
> I’ve been going into about:config since I was first exposed to Firefox 7 or 8 years ago, so making modifications to it is not that big a deal to me.
I know. That’s probably no big deal for any gHacks reader.
> I really don’t appreciate your combative tone. Are you always this way?
No. It’s just that I don’t think that you changing your about:config settings has anything to do with the core problem. Mozilla needs to remedy the default state. It’s somewhat cumbersome to discuss with any and all users who have changed their settings. That being a possibility is obviously not the point I wanted to make, as you hopefully know. I am talking about the defaults, not your modifications, as the defaults are the state the majority of users (let’s call them simple users) have to live with. Still, Mozilla claims to protect the privacy of those users. That is not true in the default state, hence an abuse of trust, whatever excuse you or I could make up for it.
> Reading your other statements here, it seems you’re shoving your opinion/agenda down other people’s throats in a very rude and condescending manner.
I am sorry if I came across as rude or condescending. This was not my intention. However, it makes me (understandably, I guess) angry when people resort to ad hominem stuff, stating that I was “not trustworthy”, in spite of the fact that I have already cited my sources. This is not very nice, either. It doesn’t help the discussion. So, I am sorry if I came across as being a rude guy, but those people are killing off my goodwill to some degree.
> I don’t owe you anything. If I decide to use something else, that will be my decision, not yours.
Use whatever fits your needs. I just stated that you changing your settings has zero impact on other users, which is objectively true.
All in all, I don’t know what the problem is. I am arguing in favor of the user, not in favor of big corporations. I want the default state of things to be improved upon. That’s an inherently good thing, even if it is a mute point for those who have changed the settings (which they shouldn’t be forced to do). What’s wrong with that?
Mr. Appster, calling me “egotistical” is pretty rude. Did I attack you personally? You seemed to come from out of nowhere and do that to me. I don’t even know you.
We’re all supposed to be adults here and frankly I’m not on an agenda to change everybody’s browsers around here like you are. If how I do it has “zero impact” on other users, then so what. I’m not responsible for them or their actions. Why you feel it’s necessary to go on some silly crusade and pull everybody else in with you is beyond me.
In spite of what you say, I still have no reason to change it. As long as I can modify about:config, then I’ll continue to use it. When it gets as locked down as Chrome is, then I’ll be saying bye-bye to Firefox. It’s as simple as that.
Mozilla is the shark?! then what that makes Google Chrome??? come on, Mozilla can’t be THAT bad…
It’s not that Mozilla is “that bad”, it’s that Mozilla has taken to telling everyone that Firefox is a “privacy first” browser while at the same time, bit by bit, making it a “privacy second” browser.
@John
It’s the opposite: You’re focused on Cliqz which affects no privacy-concerned person because these dudes opt-out, and you’re disregarding the work on Tor uplift, fingerprinting resistance, consolidation of privacy preferences for easier opt-out, research such as what is outlined in the present article, the project that studies a future integration of actual full fledged Tor into Firefox Private browsing mode, etc.
The privacy concern is weaved into the design process of any feature even when not related to privacy at first glance.
The Tor uplift project alone is nearly as big as WebRender in terms of amount of Bugzilla tickets. Privacy in Firefox has increased all through last year and the ramping up is not done. There is also no other browser on the market that provides even a tenth of Firefox’s protection, aside from Tor Browser. Big browsers don’t even try to compete, and small browsers couldn’t compete even if they wanted to because protection is unfortunately dependent on market share.
@Zuck
“You’re focused on Cliqz”
I am?
“you’re disregarding the work on Tor uplift, fingerprinting resistance, consolidation of privacy preferences for easier opt-out”
I am not. By the way, why go the trouble of making things easier to opt-out, when they could have kept thing opt-in as they should be.
All I’m pointing out is that Mozilla has been increasingly doing things that go against their “privacy first” stance. Changing telemetry to opt-out rather than opt-in, for instance. Including features in the browser that increase the attack surface in terms of privacy, etc. I’m talking about Firefox specifically here, not Mozilla as a larger organization. I’m not saying FF is privacy-hostile, I’m saying that there has been a clear trend to weakening the privacy-first stance that it has traditionally taken in the past.
I don’t agree, I argued that there has been a clear trend to increasing Firefox privacy way beyond what the browser previously had. I’m not talking about Mozilla as a larger organization either, my points above refer to Firefox.
Telemetry opt-out rather than opt-in already existed before, and was and is compensated by the fact that the opt-out button is hard to miss considering all new profiles get to see this page. Not everyone may think shoving the opt-out button into people’s faces is good enough, but telemetry opt-out has been there for years.
In fact, default-on telemetry is now smaller than it used to be on the release channel, and they recently added techniques like Differential privacy to further protect people who don’t opt out.
Meanwhile, we have fingerprinting resistance, first party isolation, the Fusion project, etc.
“Telemetry opt-out rather than opt-in already existed before”
Not true. Firefox changed this last year. Prior to that, participating in telemetry was opt-in.
Please understand that I’m not saying FF hasn’t added pro-privacy features. They have. But at the same time, they’ve weakened (certainly not eliminated) other privacy features. It’s that latter part that concerns me. Yes, those have been relatively small cracks, but they seem to signal a change in Mozilla’s attitude, and that worries me.
I retract the point about release channel collecting less than before, it’s more complex than that because there has been a lot of rearranging going on, so we would need to check out the entire array of data collection in Firefox 50- and 56+. I’d rather withdraw that point than spend so much effort right now.
However for some reason, even on Firefox 57+ I still get the better version of the button shoved into my face upon creating a new profile on Release channel AND the new system with the tab. I thought it was supposed to be gone. If it’s true for all new users then there’s no change in terms of ease of opting out.
Feel free to install say Firefox 45 and check for yourself. A new profile will be opted into telemetry unless they disable it. To this effect a button is shoved in the user’s face that redirects them to the disable checkboxes.
Starting from Firefox 55 or 56 or something, the button is merely shoved in the user’s face in a different way, through this tab that is opened on all new profiles. I consider the button is easier to miss, which is bad, but on the other hand the accompanying text is more explicit than before and the prefs have been consolidated to affect more data collection than before. At the same time, the release channel has had less data taken in for people who don’t opt-out, and increased guarantees such as Differential privacy where applicable. While studies have been added, they obey the main telemetry switches.
[Some source links are missing to make the point better, maybe I’ll dig some up if the discussion goes on]
I understand what you’re saying, I just mean to argue that your concern is opposite to what really happened.
I think that Mozilla’s attitude towards privacy is actually strengthening, they finally act on it whereas they used to be mostly passive. They do want better data collection because it’s the only way to compete: It won’t matter that Firefox is privacy-centred if it is made obsolete over time by competing browsers that are faster-smoother-whatever, because and this is key, privacy requires market share. (Sadly.)
Given this constraint that can’t be worked around from a privacy-first point of view (fuck aggressive bold, I just want italics ;_;), Mozilla reworked its data collection system the way I described above. I argue that it is not worse than it used to be because the release channel users are less affected than before and because the opt-out preferences are more all-encompassing than before. You could argue that the opt-out button shoved into new users’ face is less visible, and there must be a couple other points. I agree, but in weight of everything else plus the bold stance of bringing many huge privacy features by default to Private browsing mode, I don’t think it’s justified to say privacy stance isn’t strengthening. Also no competitor is even trying on privacy….
“Feel free to install say Firefox 45 and check for yourself. A new profile will be opted into telemetry unless they disable it.”
Ack, you’re 100% right. I’d just disabled so long ago that I forgot that I needed to. :)
“They do want better data collection because it’s the only way to compete”
Yes, I completely understand the motivation here. I just find it distressing because (particularly with the release of Quantum), FF is focusing on an audience that doesn’t include me. It’s a personal, emotional thing. I’ve been using FF since the very beginning, and have a strong emotional connection to it, so I find it sad and difficult that it is no longer meeting my needs (generally, not in terms of privacy specifically).
But I fully recognize that I am not representative of the general public, and I understand if Mozilla needs to leave me behind in order to chase a bigger market.
It just feels like losing an old friend.
The “miss” link should be: about:preferences#privacy-reports, I forgot that about: links can’t be made for security reasons.
I agree, John. No browser is entitled to be worshiped and at the end maybe is the only true point worth being focused is a browser’s policy to have its settings modified, mainly with opt-outs and mainly privacy related (the same most of the time).
What I notice when reading users commenting their browser (as well as concurrent ones) is the amount of passion some, many include, as if not only they worshiped a sect but moreover aimed to devalue others.
As always lucidity must prevail, neither paranoid nor credulous, and it’s up to each of us to tweak and comment about our browser(s) accordingly. But, out of the box, there may be as far as I know only one browser which will offer a maximum of a privacy context. That’s why some use it; remains the purely technical rendering and that’s why I don’t use it.
@someone:
Fair point. Google could be a megalodon, if you ask me. That would be the fitting size, I guess. Theoretically, Mozilla is supposed to be the sweet little seal trying to escape from megalodon, but in truth they are megalodon’s best pal, profiting from its hunting success (donations).
Flowery, fancy, cutesy analogies confuse and distract. We’re further ahead when comments convey factual information.
Please remain on-topic :=)
Basically you’re right, gh, but but but .. any negotiator will tell you that we must be able to remain concentrated whatever the distractions!
My point of view is that factual information isn’t incompatible with recreations here and there, I even believe that play-grounds are excellent, putting a smile here and there and avoiding excessively serious minds to transform that factual information search into an obsessional quest. Flexibility! I know blogs, forums where the slightest off-topic comment is condemned as if it were an insult to truth … and those places don’t advance quicker, don’t display more pluralism than cooler places like here.
It isn’t, some folks just love to rile others up with questionable information.
@Jessica:
Yeah, I think I need to go through the whole story all over again:
Ghostery sells data to advertisers. They are open about that practice, and do not even attempt to deny it. Ghostery is owned by Cliqz, which is in turn owned by Hubert Burda Media KG and… Mozilla.
source: http://www.businessinsider.com/evidon-sells-ghostery-data-to-advertisers-2013-6?IR=T and https://www.ghostery.com/faqs/who-is-cliqz/
Cliqz was an experiment that Mozilla conducted in October 2017. Among other data, it collected the following things:
– exact location
– browsing history
– search queries
– time spent on each website
– mouse movements on the site
source: https://www.mozilla.org/en-US/privacy/firefox-cliqz/ (Under “Use Cliqz results”)
*sarcasm on* Yeah, I guess that Mozilla is focused on protecting your privacy 100%. *sarcasm off*
Once again, misleading information. The text on the privacy policy relevant to Cliqz does not match your claims. You don’t like some of the good technological changes Mozilla has done and like to stick with forks no one cares about, that’s OK and it’s your choice, but it does not give you any legitimacy to spread untruths.
@Jessica:
> Evidon helps companies that want to improve their use of tracking code by selling them data collected from the 8 million Ghostery users who have enabled the tool’s data sharing feature.
Yeah, they DO sell the data sets, and they are also admitting it:
> Evidon straddles both sides of that debate. “This is not a scheme,” says Scott Meyer, Evidon’s cofounder and CEO (who formerly served as a leader in the New York Times Company’s online operations). He says there is no conflict in offering a tool that helps users hide from the ad industry while also helping that same industry. (…) “Anything that gives people more transparency and control is good for the industry,” says Meyer, who says it’s fine with him that most Ghostery users opt not to share data with Evidon. Meyer points out that those who want to block online advertising are unlikely to respond to it, making Ghostery use good for both sides.
source: https://mashable.com/2013/06/17/ad-blocker-helps-ad-industry/
–> Make of that what you will.
Their own CEO says that they are selling data. Nice try, anyway. By the way: If Ghostery has nothing to hide, then why don’t they open source their add-on?
And this…
> You don’t like some of the good technological changes Mozilla has done and like to stick with forks no one cares about, that’s OK and it’s your choice
…is ridiculous. I don’t have any interest to promote any given browser. I am using a whole bunch of them, myself. However, those “forks” you talk about with derision, are in fact way better configure than Firefox. Their configuration is actually in favor of the user. This is pretty much undeniable.
By the way, I only complained about Mozilla taking away control from the user, which is a thing WebExtension definitely do. This is also undeniable. I never talked about the browser being slow, or it rendering websites in a wrong away. It’s about giving control to the user – now, and always – and Mozilla fails miserably when it comes to that as of late.
I’d love to hear your comments on it again though, Appster :)
Never stop spreading the truth.
The state of Mozilla in 2018, when they need a “study” to see what happens when users don’t clear cookies on browser exit.
I almost one upped Chrysippus of Soli when I nearly died of laughter reading that article.
Can’t wait for them to remove feature to “protect their users from breaking the web”.
I wish Brendan Eich would return and put an end to all of this. Pure Insanity!
I would hope for Mozilla to integrate a function, that deletes all related website data after closing the Tab. There is no proper extension for that. They all have flaws. Why should we even need an extension for that? Thats a job the browser itself should be able to handle.
As dark said, an extension could do it. The problem is for the last 4 or 5 releases, and ongoing, there are issues with storage (see all the bugs re OWD both clearing and quotas and permission prompts, IndexedDB too many to explain/list here, extension storage, FPI blocks on sanitizing, quota mishandling, missed persistent storage not covered, forget-this-site issues, time-to-clear manual clearing bugs, and about 30 other issues – not going to list them). Some have been fixed, some are still a mess.
Until all that is sorted out, probably mostly covered under the Storage Manager v2 ticket ( https://bugzilla.mozilla.org/show_bug.cgi?id=1421690 ), then it’s all a bit of a lottery. Sanitize is a mess and in at least three modules – but its slowly getting better.
Just with Avant browser start a new session. Is not the same as closing a tab but it works…
If tab becomes a sandbox container, it is possible.