Mozilla will remove Leanplum tracking from Firefox for Android and iOS

Martin Brinkmann
Apr 18, 2021
Firefox
|
69

Mozilla will remove the Leanplum integration of its mobile web browser Firefox for Android and iOS soon. Two new entries on the official GitHub project page highlight that Leanplum integration will be removed because Mozilla won't renew the contract with the company.

Mozilla has decided to not renew our Leanplum contract for 2021-22. The current contract will expire on May 31, 2021. We need to turn off any Leanplum integrations in our products by that date.

Mozilla describes Leanplum as a mobile-marketing vendor on a support page, which it uses to "test different features and experiences, as well as provide customized messages and recommendations to improve" user experiences. About 10% of Firefox mobile users from the United States with English set as the default language have Leanplum enabled currently according to this doc.

The organization has been criticized by privacy advocates for integration of Leanplum in some of its products. Core points focus on the use of a third-party for data collection and the transfer and storage of the data in the USA.

Leanplum collects telemetry data. Mozilla reveals that it assigns a unique ID per app, but does not get access to the "DeviceID, AdvertisingID or Firefox client ID".  It tracks interaction data according to a support article:

Leanplum tracks events such as when a user loads bookmarks, opens a new tab, opens a Pocket trending story, clears data, saves a password and login, takes a screenshot, downloads media, interacts with a search URL or signs in to a Firefox Account.

Leanplum is also checking for the installation of Firefox Focus, Klar and Pocket, whether sync is enabled, whether Firefox is the default browser, and if Pocket recommendations for top sites is enabled. The full list of what is collected is accessible here.

The data is transferred to a Leanplum server in the United States.

firefox marketing data

Firefox users can disable the collection of marketing data, which means Leanplum, under Menu > Data collection > Marketing data.

Shares data about what features you use in Firefox with Leanplum, our mobile marketing vendor.

Mozilla plans to remove all Leanplum related code from Firefox before the end of May 2021, as the contract with the company ends on May 31, 2021.

The removal of Leanplum is a step in the right direction, as it is quite hard to argue that an organization that heralds privacy should make use of third-party platforms for telemetry.

Summary
Mozilla will remove Leanplum tracking from Firefox for Android and iOS
Article Name
Mozilla will remove Leanplum tracking from Firefox for Android and iOS
Description
Mozilla will remove the Leanplum integration of its mobile web browser Firefox for Android and iOS soon.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Rex said on April 21, 2021 at 2:02 pm
    Reply

    @Iron Heart –

    There’s masochists, there’s BDSM fans, there’s being a beggar for punishment and then there’s being a fan of Mozilla anytime since Firefox version 4.

  2. Anonymous said on April 20, 2021 at 7:59 pm
    Reply

    That’s worse than I thought. According to their *-in-chief censorship maniac and corporate disinformer, they may very well replace it with just another third-party:

    https://www.reddit.com/r/firefox/comments/mt0jxi/mozilla_is_planning_to_remove_leanplum_from/gux34g9/#c

    When even this one “predicts” something negative about Mozilla, you can expect it to happen. His tongue is so deep inside Mozilla’s rearhole that he censors listings of about:config prefs to fully disable telemetry as “security compromising”:

    https://www.reddit.com/r/firefox/comments/msscqv/the_messages_from_firefox_subsection_now_shows/gux5f5n/#c

    and he’s so fanatical that even r/firefox downvotes him sometimes.

    1. Anonymous said on April 20, 2021 at 8:42 pm
      Reply

      Below is the reddit message that the above mentioned star of MozCorp Security removed, because this ghacks article is about telemetry and it’s informative to know how to disable it.
      This is the add-on that I use to be able to read what MozCorp does not want me to read:

      https://github.com/pauldraper/unreddit

      *************************************************************************************************************
      *************************************************************************************************************
      Adding my comment back, because *not only does the checkbox not do all this*, but it also *does not break any rules*. Also reported the mod for abuse.

      extensions.pocket.enabled: false and browser.newtabpage.activity-stream.feeds.snippets: falseto get rid of Pocket spam. toolkit.telemetry.pioneer-new-studies-available: false to make sure you don’t get push ads for TV shows.

      Don’t forget app.normandy.enabled: false so they don’t get to screw with your prefs or do push surveys.

      And then there’s all of these to get rid of telemetry spying.

      devtools.onboarding.telemetry.logged = false

      toolkit.telemetry.updatePing.enabled = false

      browser.newtabpage.activity-stream.feeds.telemetry = false

      browser.newtabpage.activity-stream.telemetry = false

      browser.ping-centre.telemetry = false

      toolkit.telemetry.bhrPing.enabled = false

      toolkit.telemetry.enabled = false

      toolkit.telemetry.firstShutdownPing.enabled = false

      toolkit.telemetry.hybridContent.enabled = false

      toolkit.telemetry.newProfilePing.enabled = false

      toolkit.telemetry.reportingpolicy.firstRun = false

      toolkit.telemetry.shutdownPingSender.enabled = false

      toolkit.telemetry.unified = false

      toolkit.telemetry.updatePing.enabled = false

      toolkit.telemetry.reportingpolicy.firstRun = false

      toolkit.telemetry.unified = false

      toolkit.telemetry.archive.enabled = false

      devtools.onboarding.telemetry.logged = false

      toolkit.telemetry.bhrPing.enabled = false

      datareporting.healthreport.uploadEnabled = false

      datareporting.policy.dataSubmissionEnabled = false

      datareporting.sessions.current.clean = true

      datareporting.healthreport.uploadEnabled = false

      datareporting.policy.dataSubmissionEnabled = false

      datareporting.sessions.current.clean = true
      *************************************************************************************************************
      *************************************************************************************************************

      1. Iron Heart said on April 20, 2021 at 10:06 pm
        Reply

        @Anonymous

        In Brave, in order to 100% switch off telemetry, all I have to do is to toggle 2 (two) settings under brave://settings/privacy, plus I don’t need to constantly remain on top of the situation because Brave is not introducing new telemetry BS all the time.

        Why are you allowing this in a so called “privacy browser”, if I may ask? Do you enjoy Mozilla’s shenanigans?

      2. Anonymous said on April 21, 2021 at 7:07 pm
        Reply

        In Firefox, in order to disable 99.99999999999999999999% of all telemetry, I only need to change one setting

        The other 0.0000000000000000000000001% is not worth bothering about, but can also be disabled by changing one preference

        Firefox one setting vs Brave’s two settings. Firefox for the WIN!!!!!

      3. Iron Heart said on April 21, 2021 at 8:55 pm
        Reply

        @Anonymous

        Nope, you actually also have to go after the coverage ping and the scheduled telemetry task that operates outside Firefox. Plus, there is the FF Experiments / Normandy nonsense and Pocket and Snippets and sponsored websites on the New Tab Page and… I’ve been there, lol.

      4. Anonymous said on April 22, 2021 at 8:47 am
        Reply

        FACT: Firefox is twice as easy to disable telemetry than Brave (because Brave doesn’t actually care about their users, they just want to make money, being 100% funded by VCs)

        Despite already having this pointed out to him numerous times, Iron Heart continues to DELIBERATELY TELL LIES. He is untrustworthy as a source

        – Experiments are covered by the master telemetry UI checkbox
        – Scheduled telemetry task is covered by the master telemetry UI checkbox
        – Coverage ping is that 0.0000000000000000000000001% not worth bothering about
        – Pocket is not telemetry
        – Snippets are not telemetry

        The ultimate hypocrite (and tries to change the topic)
        – pocket service itself does nothing unless you sign up to it
        – pocket stories on new tabs can be disabled with a single UI option, is not privacy invasive as it is cured clientside
        – snippets is sent to everyone, nothing is sent to the mozilla – it has zero to do with telemetry or privacy

        Meanwhile, it’s OK for Brave to
        – stick adverts on your start page
        – inject their own JS code and adverts about BAT shits into web content
        – curate your browsing history locally into an ID
        – take twice as many settings to meaningfully disable telemetry than Firefox
        – make thousands of unwanted pings to BAT shit currency converters
        – hijack typed URLS – the first in the history of browsers to do so, deliberately done as well – practically malware
        – steal BAT shits from content creators
        – leak IPs in their shitty Tor mode
        – fail after a year (and more than a decade of research) to properly protect canvas from fingerprinting
        – be an actual advertising company that adds a few wonky patches to chromium (but Firefox’s commercial deal to sell any region to any highest bidder search engine apparently means Google tells Firefox what to do, which is just more Iron Heart BULLSHIT)

        STICK TO THE TOPIC. TELEMETRY.

        [1] https://blog.mozilla.org/data/2020/03/16/understanding-default-browser-trends/ – “respect user configured telemetry opt-out settings” .. READ THE DOCS
        > We’ll respect user configured telemetry opt-out settings by looking at the most recently used Firefox profile.

      5. Iron Heart said on April 22, 2021 at 7:50 pm
        Reply

        @”Anonymous”, aka * [Editor: removed]

        – You lie about Pocket Stories. The option in the settings menu merely hides the section but doesn’t disable the mechanism.
        – Snippets are getting misused for propaganda by Mozilla, if you don’t want propaganda, you have to disable snippets. This is clear user annoyance even though it’s unrelated to privacy – you are also citing Brave “issues” that are unrelated to privacy, so don’t complain when I do the same.
        – Firefox also has sponsored websites in the New Tab Page – those are ads as well. Unrelated to privacy.
        – The BAT buttons on GitHub or Twitter are unrelated to privacy and take one click to disable.
        – Twice as many settings for Brave is a lie, in Firefox you need to 1) disable telemetry via the general telemetry flip in the setting and 2) disable the coverage ping. Declaring the coverage ping irrelevant (Why?) to reduce Firefox to one step is hilarious on your part.
        – Firefox also curates the browsing history into an ID locally – that’s how Pocket Stories are being matched to you. Unrelated to privacy.
        – The pings you cite (which is always the same ping, multiple times per day) is indeed for the BAT – USD conversion rate for the widget on the New Tab Page. Unrelated to privacy.
        – The “hijacking” bullshit again – nothing got hijacked, Binance is an official Brave partner and referrals are a legitimate means of funding. FF does the same for every Google search, hypocrite. Unrelated to privacy.
        – Nothing got stolen from content creators, there was a bug that allowed donating to websites that were not verified content creators. The bug got resolved, all financial matters were cleared up. Unrelated to privacy, and just a pure lie all around to speak of “stolen” here. You should be ashamed.
        – They fixed the IP leak of Tor windows. Brave is not a Tor replacement (and never was) anyway and all browsers have leaks.
        – Brave leaks Canvas, FF leaks WebGL. Nobody is perfect.
        – Firefox enables Google’s spying by default. It’s not a conspiracy theory that their default config is shitty. Brave pioneers a new, privacy-respecting model of advertising using the same mechanism which Firefox also uses for Pocket Stories, hypocrite.

        Most of your claims re. Brave are unrelated to privacy, or are already resolved, or are things that other browsers also do. Very convincing.

      6. Anonymous said on April 23, 2021 at 7:36 am
        Reply

        > Firefox also curates
        > Unrelated to privacy
        > you are also citing Brave “issues” that are unrelated to privacy
        > Most of your claims re. Brave are unrelated to privacy, or are already resolved

        Exactly. Your HYPOCRISY is world leading. It’s OK for you to rant and spam about them when it’s Firefox, but not when it’s Brave

        > nothing got hijacked

        Yes it did. They altered typed urls. Other browsers, including Firefox, have NEVER done this.

        > The pings you cite

        Brave makes thousands of unsolicited connections to a third party and this is ok according to you.

      7. Iron Heart said on April 23, 2021 at 10:05 am
        Reply

        @Anonymous

        > Exactly. Your HYPOCRISY is world leading. It’s OK for you to rant and spam about them when it’s Firefox, but not when it’s Brave

        In your novel-sized comment, you mentioned 1 (one) actual privacy issue of Brave, which is the Canvas leak. I am confident that this one will be fixed as the fingerprinting defenses mature, and honestly, every single browser has leaks. Firefox leaks WebGL which is about as bad, but I do not see a reason to ride this to death considering that Mozilla too, will eventually fix their leak. I am just bringing it up in response to your BS, because you act like Brave is the only browser that has leaks.

        Firefox has other privacy issues which Brave does not have:

        > It shares your location and download hashes with Google. it uses Google Analytics internally. It has a weak tracking blocker (using the shitty Disconnect lists). It allows most forms of prefetching. Fingerprinting defenses are inactive by default. It installs system level telemetry that spies on your default browser even if it isn’t Firefox. It has a backdoor that allows for remote code execution (called “Firefox Experiments” / Normandy). Its Sync requires E-Mail addresses. Leaks unique extension IDs via simple fetch requests. Connects speculatively to websites as you type addresses in the address bar. Uses Cloudflare for DoH (I am sure the DNS entries are safe in their hands!) etc.

        Care to comment on those?

        > Yes it did. They altered typed urls. Other browsers, including Firefox, have NEVER done this.

        Binance was and is an official business partner of Brave Software, just as Google is an official business partner of Mozilla. Referrals are expected when entering those websites and to speak of “hijacking” there is simply bullshit.

        Also, there are no “typed URLs” as a separate class of URLs, despite you desperately trying to make an artificial distinction here. URLs are just URLs no matter how they are being generated.
        Let’s see: Some months ago, I type in binance.us in Brave, hit enter, and Brave adds its own referral for a partner website at the end of the URL. In Firefox, I type in a search term in Google, hit enter, and Firefox adds its own referral for the partner website (Google in this case) at the end of the search result page URL. There is no technical difference here, you are just a plain hypocrite trying to smear Brave, while being OK with the same thing in FF.

        Besides, in neither case is the referral a privacy issue, because it is the same static referral for all Brave or Firefox users. So since user privacy is not being violated here, what is the effect of the referral? You help those companies get funding from their partners based on a visit count!
        Oh no, that’s so horrible, companies trying to get funding without violating user privacy. /s

        > Brave makes thousands of unsolicited connections to a third party and this is ok according to you.

        Of course it’s OK. You know what happens when Brave fetches the current conversion rate? I’ll translate it into human language for you:

        Brave Browser: PING! Is there new data for BAT – USD conversion?
        Data base: Yep, here you are.
        Brave Browser: Downloads the new data from the data base and displays it in the widget.

        No user data is being uploaded here, Brave connects to the data base to in order to check for a more recent conversion rate each time, and if one is available, Brave fetches this data set.

        Care to elaborate in how far this is a privacy issue? You are just being sensationalist speaking of “thousands of unwanted pings” (when it’s in fact the same ping over and over again), failing to make it clear that this has absolute zilch to do with user privacy. You are being dishonest here and that’s all.

        I could now draw comparisons to Firefox connecting to Detectportal or their Shavar service from which new rules are being fetched, or its regular download of the extension blocklist, all of which are also unrelated to privacy, in order to demonstrate to you that not every ping is automatically a privacy violation, but I am simply too tired for that shit and it would be to no avail anyway.

      8. Anonymous said on April 23, 2021 at 10:32 am
        Reply

        Absolute failure to understand that the items listed were to show YOUR hypocrisy: **woosh**

        Are you going to continue to KNOWINGLY LIE? The readers want an answer, otherwise you can’t be trusted

        > Firefox leaks WebGL

        No it doesn’t. It can only “leak” if they are trying to mask it. This is nothing like the epic fail of Brave to secure canvas, after over a year, for something so basic: solutions and known methods have been around for a decade and they still can’t fucking get it right

        > there are no “typed URLs” as a separate class

        Yes there is. And it was done deliberately, separate from monetized search, because, it’s a completely different thing. That’s why everyone got upset, that’s why Eich had to backtrack from his comments and apologize, that’s why they reverted the code so it no longer happens by default

        Are you going to continue to LIE about this? OWN up to it man, like Eich. It was a Brave-only SHITY move.

        > It has a weak tracking blocker

        Actually, disconnect has been shown to block more than Brave, consistently and repeatedly. This is another of your made up BULLSHIT crap that you hope by repeating ad infinitum it becomes true.

        The same sort of BULLSHIT that Firefox doesn’t ship with sane defaults. An analysis of that showed about four minor things Brave did that Firefox didn’t. Oh, and don’t forget that Firefox can do many things Brave can’t, and some of them by default.

        Keep going down that rabbit hole, or seek some help: maybe a reading class

      9. Iron Heart said on April 23, 2021 at 5:42 pm
        Reply

        @Anonymous

        > Absolute failure to understand that the items listed were to show YOUR hypocrisy: **woosh**

        You wanted to demonstrate mine, but show off your own instead. :D

        > Are you going to continue to KNOWINGLY LIE? The readers want an answer, otherwise you can’t be trusted

        I have not knowingly lied here and you implying otherwise is more or less just your insolence. You lied repeatedly here, like “money stolen from content creators” etc., if I may remind you.

        > No it doesn’t. It can only “leak” if they are trying to mask it.

        So when all is said and done, it does reveal the real values, right?

        > Yes there is.

        No, there isn’t. URLs are URLs. Where do you think Firefox attaches its referral? That’s right, at the end of an URL.

        > And it was done deliberately

        And? Brave and Binance are officially partners, they were entitled to use a referral there just like FF is entitled to use one on Google. That’s not “hijacking”.

        > That’s why everyone got upset, that’s why Eich had to backtrack from his comments and apologize, that’s why they reverted the code so it no longer happens by default

        Weak action of Eich to bow down to faux outrage, coming mostly from Firefox users who wanted to damage the Brave project. It was a shit storm based on nothing, you don’t lose anything by using a referral. It was not a privacy issue.

        I really want to know what kind of damage you think was inflicted on users here, because all I see is a legitimate way of funding that everyone else also utilizes.

        > Are you going to continue to LIE about this? OWN up to it man, like Eich. It was a Brave-only SHITY move.

        What should I “own up to”? No damage occurred there. The Binance referral helped fund Brave just like Google searches help fund Firefox, it’s perfectly OK for them to use those on official partner websites.

        If you want me to give any credit to your trolling, then the answer is “No.”

        > Actually, disconnect has been shown to block more than Brave, consistently and repeatedly. This is another of your made up BULLSHIT crap that you hope by repeating ad infinitum it becomes true.

        Disconnect is shit, it is a weak list with comparatively few entries which Mozilla chose to present some form of “tracking protection” while actually not hurting advertisers too much. They also disable tracker blocking by default in non-private windows, which is laughable in its own right.

        How can Disconnect be better than Brave when Brave literally has the EasyList and EasyPrivacy list enabled by default, which have all entries of the Disconnect list on them + many many more? Care to explain? LOL, your smearing is getting ridiculously outlandish.

        > The same sort of BULLSHIT that Firefox doesn’t ship with sane defaults.

        Not bullshit I’m afraid, FIrefox’s defaults are pretty bad. Why do you think projects like e.g. LibreWolf exist? Because FF’s defaults are sane?

        > Oh, and don’t forget that Firefox can do many things Brave can’t, and some of them by default.

        Such as?

        > Keep going down that rabbit hole, or seek some help: maybe a reading class

        Stop smearing other projects with lies in defense of Deplatformingfox.

      10. Anonymous said on April 24, 2021 at 8:34 am
        Reply

        https://www.nytimes.com/

        Brave: aggressive 14 trackers blocked
        Brave: standard: 13 trackers blocked
        Firefox (Nightly): 37 trackers blocked

        Also Nightly isolates _EVERYTHING_ by eTLD+1

        The constant BULLSHIT and made up twisted narrative, and lack of evidence, makes Iron Heart UNTRUSTWORTHY.

      11. Anonymous said on April 27, 2021 at 7:20 pm
        Reply

        Iron Heart, why are you such a manipulative hack?

        https://edition.cnn.com/

        Brave: aggressive: 46 trackers blocked: lists multiple duplicate domains
        – 2 x static.chartbeat.com
        – 2 x prebid.adnxs.com (and 2 x other subdomains)
        – 2 x mms.cnn.com
        – 2 x ad.doubleclick.net (and 1 x other subdomain)
        – 4 x fastlane.rubiconproject.com (and 1 x other subdomain)

        Brave lists individual requests. Firefox does not list individual scripts, it lists unique domains only.

        * [Editor: removed]

      12. Iron Heart said on April 25, 2021 at 2:40 pm
        Reply

        @”Anonymous”

        Why are you such a manipulative hack? Brave’s adblocker lists blocked domains whereas FF’s tracking blocker lists blocked scripts! This is not the same. And anybody can verify this…

  3. Hank in Tennessee said on April 20, 2021 at 9:50 am
    Reply

    I’m glad they are Removing it!

    However, did anyone read the link Martin gave?

    I’ve wondered for years when people said (wrote) that Firefox for
    Android had these 3 Trackers…

    (“3 Trackers”: Regardless of the tech names or description. We are obviously concerned with the Tracking/Spying potential here.)

    And I did in fact see them on my Google Playstore alternative app.
    Presently “Aurora Store”. Since YALP was Abandoned.
    (And yes, I also use F-Droid. Oh boy do I use it! Over 200 apps! :o)

    However no one ever, here or elsewhere, seemed to give any Hard Evidence (or even links to such) as to whether they were as bad as seemed (even to me!) at first sight.

    Now, I heard that Mozilla went to Significant Extremes to Prevent Google from Spying on us thru the “Safe Browsing” in Firefox.
    (Tho I think some people claim it has faults?!)

    And I always wondered if perchance Mozilla might have done the same thing with the aforementioned 3 Trackers?!

    Well, Martin gave a link above to what Mozilla said:

    “The full list of what is collected is accessible .”

    https://firefox-source-docs.mozilla.org/mobile/android/mma.html

    And a few paragraphs down on that webpage we have:

    “The user is identified by Leanplum using a random UUID generated by Firefox for Android when Leanplum is initialized for the first time. This unique identifier is only used by Leanplum and can’t be tracked back to any Firefox users.”

    End of story for Leanplum in Firefox Android!

    Never was Spying on us!

    At least that’s my interpretation.

    Repeat: “… can’t be tracked back to any Firefox users.”!!!

    So… Onward:
    Can anyone tell us (or provide links) if the same type of thing is, or is not, true for the Google Analytics and Adjust (Alleged) Trackers in Firefox for Android?!…

    Either way, I kind of wish they’d just go ahead and remove those as well!

    Tho I suppose there is a strong case for the need of some (anonymous!) information on the users.

    And imo Mozilla really should have communicated the above info better, heck, at all, hell, I would have put it all over the place!
    And from the start!
    And made it Opt In!

    Hank, in Tennessee

  4. Anonymous said on April 19, 2021 at 8:54 pm
    Reply

    Don’t forget to check Program Files Mozilla Firefox folder for the defaultbrowseragent exe that keeps getting re-installed with each new version update. Deleted it awhile back and found it again in Firefox 87. At least the Task Scheduler entry did not return. Firefox Telemetry is annoying. Currently using Brave as default, with other browsers to experiment with.

    https://www.ghacks.net/2020/04/09/mozilla-installs-scheduled-telemetry-task-on-windows-with-firefox-75/

  5. ULBoom said on April 19, 2021 at 3:10 am
    Reply

    Browsers are free, pick one and live with, modify it, whatever, especially on a phone where browsing is miserable. We use focus with adguard system and see no graphic ads anywhere, not even in apps but searching is still list after list of irrelevant junk and links that go to ads which may not display.

    IOW, endless scrolling full of links to who-knows-what interspersed with blank space where graphic ads were. What you want is buried in there someplace.

    This is with DDG as the search engine; with Google it’s like the entire internet barfed on your phone, completely unusable.

    My kids’ take on browsers is “focus is fine, we just need it for emergencies, otherwise never use a browser. DO NOT EVER take AdGuard off! The phone sucks without it.”

    Probably why there are so many freaking apps for phones. The only way you’re sure of getting what you want on the first try.

    Hope springs eternal. Phones are ad servers, all browsers talk about privacy, none deliver OOB. What Mozilla did here exists in the vast majority of software of any kind I’ve used. So common, ire about the default setting shows naivete.

    Taken at face value, it’s benign but I trust almost nothing so called Tech does, or that it will work correctly, so we turn off the equivalent swiches in Focus, too. Hoping to not be surprised at the next iteration of The Data Game when switches aren’t examined at installation is, unfortunately, the user’s fault today.

    Shields Up!

  6. Yuliya said on April 19, 2021 at 12:28 am
    Reply

    Who needs Leanplum when you’re a dishonest organisation in of yourself, you’ve got stuff like “[email protected]” at your own disposal, and you even go out of your way and actually install programs which work completely independent of your browser, exfiltrating user data without any user knowledge, let alone consent, with zero control over it, maybe besides digging into Task Scheduler but even then I’d not trust you to not re-enable it with the very first opportunity/update.

    You deserve to rot in Hell, moz://a, and you will not even be missed!

    1. Julio_Iglesias said on April 21, 2021 at 6:05 pm
      Reply

      Welcome back Yulia. * [Editor: removed, please stay polite]

      Maybe you should LEARN how to uncheck a checkbox in preferences – the task scheduler sends nothing if you disable telemetry [make sure all your profiles have the master telemetry switch off – it looks at the most recently used profile to decide]

      https://blog.mozilla.org/data/2020/03/16/understanding-default-browser-trends/ – “respect user configured telemetry opt-out settings”

      https://support.mozilla.org/en-US/kb/telemetry-clientid – “Deselect the Allow Firefox to send technical and interaction data to Mozilla checkbox

      Looking forward to continued extended periods of your silence, including your anecdotal, totally unscientific, performance tests

      “You deserve to rot in Hell, and you will not even be missed!”

  7. pwned said on April 18, 2021 at 6:54 pm
    Reply

    Leanplum is not needed since Firefox has studies and built in telemetry, so Mozilla are saving money where it matters, considering it’s an unnecessary expense and also not privacy orientated.

    Since this is one of Firefox/Mozilla statements is to improve user privacy, this is right on track IMO.

    So a twofer, save money and ticks one more item off from the improve privacy todo list.

    Well done Mozilla, just spend some of the savings on better improving users privacy further.

  8. Alex said on April 18, 2021 at 6:16 pm
    Reply

    One word: IceRaven

  9. Anonymous said on April 18, 2021 at 3:14 pm
    Reply

    “The removal of Leanplum is a step in the right direction, as it is quite hard to argue that an organization that heralds privacy should make use of third-party platforms for telemetry.”

    Except that I doubt they stopped using it for privacy reasons. I doubt that they even said that it was for privacy reasons and even if they had said that, that would obviously be just one more lie from their long list. Why write it ambiguously like that and leave the door open to this wrong interpretation for the uninformed reader ? Almost every time they stopped a spyware experiment, and there were many, it was not for privacy reasons but for other reasons, like finding it was not profitable enough, or because they had already grabbed all the data they and their partners needed. A few days ago I was still reading their shills on r/firefox spit on Exodus Privacy for “calling everything a tracker” when “obviously Leanplum is not one”. Mozilla is a septic tank and whoever gives them any benefit of the doubt for anything today is a Google sell-out.

  10. Anonymous said on April 18, 2021 at 2:45 pm
    Reply

    Iron Heart often dishonestly said Leanplum couldn’t be disabled when it could by toggling a switch.
    So now they can say no more on this latest news.

    1. Iron Heart said on April 18, 2021 at 5:41 pm
      Reply

      @Anonymous

      > Iron Heart often dishonestly said Leanplum couldn’t be disabled when it could by toggling a switch.

      This is a lie. I claimed three things, actually:

      1) That Leanplum is enabled by default (true).
      2) That the Leanplum tracker is a hardcoded component of Firefox on Android and is not removable (true). Note that removing a component and disabling a component is not the same thing.
      3) That most users never change the default settings of their browser (true). Mozilla’s telemetry is evidence for this.

      That there is a toggle to disable Leanplum is largely inconsequential because a) most people will never toggle it, sticking with the default and b) because a component that is disabled, but not removed, is subject to being re-enabled when Mozilla chooses to.

      Pathetic smearing discarded.

      1. Emil Brausewetter said on April 19, 2021 at 12:34 pm
        Reply

        Iron Heart said on April 18, 2021 at 5:41 pm
        ” Note that removing a component and disabling a component is not the same thing. […] because a component that is disabled, but not removed, is subject to being re-enabled when Mozilla chooses to.”
        I see …
        https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)#what-chromium-features-are-removed-for-privacysecurity-reasons
        Compare how often it say’s “Remove” and “is disabled” … and might “subject to being re-enabled”???

        *To enable or not to enable!*

        Another classical Iron Heart Say’s So Astrologie (IHSSA)
        Iron Heartsaid on April 17, 2021 at 5:42 pm
        “Google doesn’t enable it *in Brave*, they introduce the code *in Chromium* and currently enable it *in Chrome* as a trial. Once the trial completes, it will get enabled by default in Chromium.”
        Source: https://www.ghacks.net/2021/04/15/google-chrome-90-has-been-released/#comment-4491784

        versus facts
        Quote: “Google doesn’t enable it *in Brave*”
        • Field trials are not active unless the version of chromium is built with fieldtrial_testing_like_official_build=is_chrome_branded
        and run with the flags --enable-blink-features=InterestCohortAPI
        --enable-features="FederatedLearningOfCohorts:update_interval/... etc. pp."
        I doubt that Google is doing the Builds for Brave … but who know’s?

        Quote: “Once the trial completes, it will get enabled by default in Chromium.”
        • The time-limited nature of an origin trial means that these features will self destruct after a few months whatever happens.

        Bonus Quote:
        “Brave already prevents that from happening by hard-disabling the code in Chromium (even though no trial currently occurs there).”
        Source: ibid, see URI above

        At the time of writing, it is not clear if this quickly invented
        hard-disabling
        prevents the self destructing of this origin trial – which is not enabled anyway – in a few months
        or
        is this part of the new “hardening” Brave “Privacy out of the box” future … hard-disabling components that that doesn’t exist yet and if that’s the case in future, you have to enable it first in your Build to hard-disabling it later.

        Questions about questions about questions and a simple answer:
        Use Firefox or Safari and you are on the bright side of Privacy and Security!

      2. Iron Heart said on April 19, 2021 at 2:49 pm
        Reply

        @Emil Brausewetter

        LOL @ your post, seriously. So much bullshit in one post is quite an achievement.

        > Compare how often it say’s “Remove” and “is disabled” … and might “subject to being re-enabled”???

        Hm, what could be the obvious difference here? Maybe that Brave and Google are different companies, that Brave has no interest to hand over any kind of data to Google? Whereas in Firefox, the trackers were inserted by Mozilla… Only a marginal difference to be sure, and certainly no influence on the likelihood of anything getting re-enabled.

        > I doubt that Google is doing the Builds for Brave … but who know’s?

        LOL. I am sure Google does all the Brave builds! Nothing more to say here.

        > Use Firefox or Safari and you are on the bright side of Privacy and Security!

        Ahahahahahaha, such meaningless buzzword BS you are claiming here, here is your reality pill:

        > It shares your location and download hashes with Google. it uses Google Analytics internally. It has a weak tracking blocker (using the shitty Disconnect lists). It allows most forms of prefetching. Fingerprinting defenses are inactive by default. It installs system level telemetry that spies on your default browser even if it isn’t Firefox. It has a backdoor that allows for remote code execution (called “Firefox Experiments” / Normandy). Its Sync requires E-Mail addresses. Leaks unique extension IDs via simple fetch requests. Connects speculatively to websites as you type addresses in the address bar. Uses Cloudflare for DoH (I am sure the DNS entries are safe in their hands!) etc.

        Firefox’s security exposed for what it is, 10/10 honesty and 10/10 realism: https://old.reddit.com/r/privacy/comments/ghz4mp/is_firefox_better_than_google/fqbtgow/

        This is the reality of Firefox. Brave has none of these issues by default.

        As for the rest of your incoherent ramblings: Literally anyone can check whether or not Brave has FLoC enabled at the following website: https://amifloced.org/

        Warning, huge spoiler ahead: Brave always comes back negative (FLoC disabled), because the component isn’t active, and will never be active, in Brave. Deal with it.

      3. Emil Brausewetter said on April 19, 2021 at 8:07 pm
        Reply

        » Si tacuisses, philosophus mansisses «

        Iron Heart said on April 19, 2021 at 2:49 pm

        ***LOL. I am sure Google does all the Brave builds! Nothing more to say here.***

        Lean back, relax and take deep breath …

        What Does Build Mean?
        “The term build may refer to the process by which source code is converted into a stand-alone form that can be run on a computer or to the form itself. One of the most important steps of a software build is the compilation process, where source code files are converted into executable code. The process of building software is usually managed by a build tool. Builds are created when a certain point in development has been reached or the code has been deemed ready for implementation, either for testing or outright release.
        — https://www.techopedia.com/definition/3759/build

        » Difficile est saturam non scribere «

        ***where source code files (chromium repository) are converted into executable code.*** Iron Heart: “I am sure Google does all the Brave builds!”
        Ahem …
        if that goes viral … Brave’s userbase will drop over night by 100% minus 1 user!

        Quote Iron Heart: “Google doesn’t enable it *in Brave*”
        How merciful!
        Just imagine for a second that Google could enable what ever *in Brave* … Brave’s userbase will drop over night by 200% minus 1 user!

        Oh boy, you are the nightmarishst NIGHTMARE for Brave’s marketing department.

        Bonus Quote I H:
        “Brave already prevents that from happening by hard-disabling the code in Chromium … *Brave* disabling Code in Chromium?
        … hard?! Hard to believe:
        https://chromium-review.googlesource.com/q/author:*.brave.com+AND+status:merged
        2 Brave Inc. devs made in 2019 4 commits and another dev 6 in january 2020 … does not smell so ferrous of hard-disabling.

        My sincere condolences and deepest sympathies go out to your family, friends and neighbors, to all the little pupies and kittens in your neighborhood and last but not least that little yellow bird in your head.

        Yours faithfully

      4. Iron Heart said on April 20, 2021 at 8:35 am
        Reply

        @Emil Brausewetter

        The only “argument” I was able to exfiltrate from your mumbo jumbo, was… Oh wait, there wasn’t one. But this was close, albeit very dumb:

        > 2 Brave Inc. devs made in 2019 4 commits and another dev 6 in january 2020 … does not smell so ferrous of hard-disabling.

        Dude, you are citing their commits to UPSTREAM (the vanilla Chromium repo), not the commits in their own repo which is a fork of upstream. It’s clear that Google would never accept Brave commits to upstream that disable Google’s experiments, Brave can only do it in their own build. Serious question: Are you stupid?

        > My sincere condolences and deepest sympathies go out to your family, friends and neighbors, to all the little pupies and kittens in your neighborhood and last but not least that little yellow bird in your head.

        I can only second @ShintoPlasm when he asks:

        > Everything okay, Emil?

      5. Emil Brausewetter said on April 20, 2021 at 11:26 am
        Reply

        Iron Heart said on April 20, 2021 at 8:35 am
        “[insult omitted], you are citing their commits to UPSTREAM (the vanilla Chromium repo), not the commits in their own repo which is a fork of upstream.”

        iHssA@IronHeart-BS DINGELBERRY ~/Repo/Fork-example (UPSTREAM)
        $ git status
        Oh all-powerful invisible Hand of MODERATIO,
        Great conscience,
        Image of perfection, The all-seeing eye,
        The answer to all our questions,
        Eternal source of all our troubles,
        Owner of absolute wisdom,
        Mighty Judge of the inevitable Last Judgment,
        Despite all our sins,
        Be a fair Guardian of our human souls!
        Release him from the Golgi Complex,
        - The Oedipus Complex, the B Complex,
        - The complex discussions about the meaning of Upstream & Downstream,
        - The last episode of who lost and who's going to win the Browser War,
        - The euphoria of the night before and
        - The hangover of the next morning.
        For a minimum of 7 day's,
        Protected this poor soul from his own stupidity
        ~~~AND~~~
        Bless the commits of this confused little *rschl$ch§s~iHssA@IronHeart
        With "The friend of silence" as Mother Theresa said!
        ...
        thanx :。✿*゚SCHMATZ‘゚・✿.。.:

        Dear Moderator
        Fellow readers will assure you, your fridge light truly never goes out and is always filled with pizza con carne and double cheeseburgers with extra bacon.

        Eternally grateful 😇

      6. Iron Heart said on April 20, 2021 at 8:34 pm
        Reply

        > Everything okay, Emil?

        I take your entire post for a “No.”…

        Also, “dude” is hardly an insult.

        @Martin Brinkmann, your comment rules are missing a rule for meaningless spam.

      7. Anon7 said on April 18, 2021 at 8:50 pm
        Reply

        @Anonymous

        Well said

        > That the Leanplum tracker is a hardcoded component of Firefox on Android and is not removable (true)

        Mozilla plans to remove all Leanplum related code from Firefox android before the end of May 2021, as the contract with the company ends on May 31, 2021.

        -1 For Irony Heart.

        This is what FF haters fail to understand, that mozilla can end contracts or choose not to renew them.

        Thats why Mozilla is very important to have as a browser option. Its a viable open source alternative to google monopoly.

        Anyone wanting to see its downfall always cares little for variety in browser choice.

      8. Iron Heart said on April 19, 2021 at 8:43 am
        Reply

        @Anon7

        > Mozilla plans to remove all Leanplum related code from Firefox android before the end of May 2021, as the contract with the company ends on May 31, 2021.

        Are you really this stupid, friend? Obviously I was talking about the user being unable to remove Leanplum here. They have to live with it so far. That the dev can remove Leanplum is self-explanatory.

        > This is what FF haters fail to understand, that mozilla can end contracts or choose not to renew them.

        ???

        I don’t think anyone here has claimed otherwise so far.

        > Thats why Mozilla is very important to have as a browser option.

        Yadda yadda ding dong, the scaremonger is back. Listen, show me the track record of Mozilla’s so called “opposition” to Google, show me all those Google proposals they’ve brought down so far at the W3C, and I’ll buy into this make believe nonsense. Not before.

      9. Anon7 said on April 19, 2021 at 8:29 pm
        Reply

        @Anonymous

        Irony Heart pretending that he does not hate FF is amusing.

        I bet FF removing leanplum was a real negative for him.

        Its as plain as day.

      10. Iron Heart said on April 20, 2021 at 8:25 am
        Reply

        @Anon7

        So when I am conceding that this is a step in the right direction (albeit a very minor one), I am still painted as the villain? OK, now it should be clear to anyone that you are in it for the trolling.

      11. Iron Heart said on April 19, 2021 at 6:16 pm
        Reply

        @Anonymous

        What do you mean? I think I made a mistake when I said that “you can’t disable”, this should really have been “you can’t remove” instead. Anyhow, why does this even matter, why does this need to be discussed in the first place? Because Mozilla somehow deems it a good idea to hardcode third party trackers into their applications despite claiming that they are “privacy-friendly”. This is the issue which is being discussed here and it is ridiculous in and of itself, whether it’s “disable” or “remove”, this stuff shouldn’t be allowed to exist to begin with!!! But you rather choose to attack the messenger based on one simple mistake made within a sea of posts (a mistake that I no longer make under this article, btw). What does that say about you, repulsive fanboy? You are enabling this.

      12. Anonymous said on April 20, 2021 at 6:46 am
        Reply

        I don’t make the browser nor condone what they do,I just cited that you lied. That’s all
        But anyway it’s good they’re removing this. If this is about privacy then Chrome + Edge are even worse but your ok with people using these.

      13. Iron Heart said on April 20, 2021 at 8:11 am
        Reply

        > I just cited that you lied

        Dude, “Anonymous”, I made 1 (one) mistake in a myriad of posts, a mistake I have not made before or after, which should make it clear to anyone that it was not deliberate. You are just insolent. Ironically enough, you are lying here:

        > If this is about privacy then Chrome + Edge are even worse but your ok with people using these.

        Proof that this is not the case right here: https://www.ghacks.net/2021/04/16/microsoft-edge-for-android-released-as-a-preview/#comment-4491651

      14. Anonymous said on April 21, 2021 at 9:03 am
        Reply

        > Dude, “Anonymous”, I made 1 (one) mistake in a myriad of posts

        More lies. You are constantly informed of the truth but consequently keep repeating the lies. You were corrected numerous times that two of the three trackers were flippable via the UI when Fenix stable was rolled out (and prior to that you kept screaming that the preview version couldn’t disable them at all .. because, guess what, it was a preview and a work-in-progress)

        You just can’t help but cry victim and that mistakes were made. The truth is that you DELIBERATELY lie. You are not trustworthy

      15. Iron Heart said on April 21, 2021 at 10:54 am
        Reply

        @Anonymous

        You are just insolent. You look out for mistakes, in the myriad of posts I have to write in refutation of people like you, you end up finding one, and then screech “Liar! Liar!” as if there was no tomorrow, with no proof of any kind of malevolence and despite the fact that I am not making that mistake anywhere else, before or after.

        You should be very glad that your posts even appear based on your strong incivility and the clear cut libel you indulge in here.

  11. ShintoPlasm said on April 18, 2021 at 11:09 am
    Reply

    Did Mitchell Baker get an accidental bump on the head?

    1. Sol Shine said on April 18, 2021 at 7:42 pm
      Reply

      I think they are not renewing the contract to reduce costs.
      They are having financial problems, due to loss of market share (caused by their brain-damaged managers).

    2. Anonymous said on April 18, 2021 at 12:23 pm
      Reply

      the niggling embarrassment was hurting marketshare enough to care, nothing more, just optics. They can continue to pretend simply by proxying the data or collecting it direct and saying “look, no toggles, we stopped, honest”.

      1. ShintoPlasm said on April 18, 2021 at 11:55 pm
        Reply

        “Cub’s honour”, as they say in the US of A :)

  12. Yash said on April 18, 2021 at 10:59 am
    Reply

    Yep, a step in the right direction. Not sure what 10% users in the US means as surely that option was available worldwide and used by many in language other than English.

  13. Anonymous said on April 18, 2021 at 9:21 am
    Reply

    Good. One less bullshit argument from Iron Heart to deal with.

    1. Anonymous said on April 18, 2021 at 12:06 pm
      Reply

      @9:21 bullshit argument but it gets your commendation; You seem very conflicted and angry.
      If you directed your anger at the problem we’d have more like this fixed or the problems wouldnt be there. Nothankyou for your non-efforts.

    2. Iron Heart said on April 18, 2021 at 11:54 am
      Reply

      @Anonymous

      Well, now they only have to remove Google Analytics and Adjust as well to completely invalidate my argument re. included, hardcoded 3rd party trackers. :D

      https://reports.exodus-privacy.eu.org/de/reports/org.mozilla.firefox/latest/

      You know that there is an issue but your FF diehardism prevents you from admitting it. :……D

      https://i.imgflip.com/39b4a2.jpg

      1. Emil Brausewetter said on April 18, 2021 at 10:34 pm
        Reply

        >>> but your FF diehardism prevents you from admitting it

        Dear fellow readers!

        Tired of this twistical Vice Admiral of the Narrow Seas? Let’s baptize him in Adam’s Ale:

        The Iron Circumbendibus

        A ½ baker’s dozen hints for your inner Captain Tom

        * Ok, pick up your barking irons and firstly shoot his farttower fundament -25 points but +10 seconds

        * Shoot his 3 fart catchers 6 times for the points and shoot the Dingleberries that come up

        * Shoot as many Dingleberries as possible!

        * If you shot a certain number of Dingleberries, you will get a Dingleberries Hero Achievement worth 100 points and a lot of noisy big Crinkum-Crankum will come up … ignore them.

        * Wait now for this scarecrow angling for farthings and shoot like this: left arm, right arm, left leg, right leg, then the hat (ignore the iron head, nothing inside!) but shoot the Twiddle-diddles until he drops his Bear-garden jaw.

        * If he does not shut his bone box, squeeze his left Twiddle-diddle until he begins to sing like Bethlehemites “Holy Shit!” and believes that he is Simon Pure.

        * Now that he is wrapt up in the tail of his mother’s smock … time to sluice your gob and enjoy your Dutch comfort.

        Done!

      2. ShintoPlasm said on April 18, 2021 at 11:56 pm
        Reply

        Everything okay, Emil?

      3. John said on April 18, 2021 at 9:51 pm
        Reply

        @Iron_Heart: Would you be willing to concede that this is at least a step in the right direction for mobile and that Firefox users will be better off the day after LeanPlum is removed than the day before it’s removed, if everything else remains equal?

        I’ll admit, I do get the impression that this may have been more a cost-cutting move on Mozilla’s part than a principled stand, and that LeanPlum may eventually be replaced by some other telemetry company that will provide Firefox it’s services more cheaply without necessarily being any less invasive. However, taking motivation and what the future may hold out of it, since we don’t know those things for sure and they are not things that make a tangible difference right this second, this does seem like a positive move for now, though obviously there is still plenty of telemetry gathering in that browser.

        Personally, on Android, I prefer the Iceraven browser, which is a close (but independent) fork of Firefox that attempts to enable more user options, work with more extensions, show the user more information, and disable or neuter proprietary telemetry as best it’s developer can (Not just LeanPlum, everything- with the caveat that sometimes stubs have to be left in that don’t phone home but still have the keywords associated with telemetry because so much other Fenix code refers to them that there needs to be something there with the right name unless a fork has enough resources and developers to massively rewrite and maintain a very different browser from upstream.).

        I’m kind of surprised that GHacks hasn’t done a story on Iceraven yet. It’s been around since the summer of 2020.

        It’s available to download directly, and to download updates for manually when users have time, on it’s Github page:

        https://github.com/fork-maintainers/iceraven-browser/releases

        Recently, it also became a supported browser on FFUpdater (Which also provides various official versions of Firefox and Brave as well, among other things.) for F-Droid. So, if anyone has that going already, or prefers it to the “do it yourself method”, they can get automated updates and such through that.

      4. akg said on April 19, 2021 at 9:31 am
        Reply

        Fennec f droid – about:config support,add on collection ,no trackers,no Google safebrowsing,
        Frequently updated .

      5. Yash said on April 19, 2021 at 10:47 pm
        Reply

        @akg
        Yep, Fennec is also very good, a little less customisable than Iceraven, but has no DRM thing, so no closed source code a necessity since its on F-Droid(good for extreme open source users, although not sure if its the advantage to the majority of users but it keeps some difference between Iceraven and Fennec along with safebrowsing api difference of course).

      6. Iron Heart said on April 19, 2021 at 9:03 am
        Reply

        @John

        > Would you be willing to concede that this is at least a step in the right direction for mobile and that Firefox users will be better off the day after LeanPlum is removed than the day before it’s removed, if everything else remains equal?

        Sure, why not? Less data gathering by third parties is always appreciated and is a positie move.

        What I have a problem with is the notion that it is “one less bullshit argument from Iron Heart to deal with.”. It would be one argument less if they removed ALL third party data gathering from Firefox, as it is, it only marginally weakens my argument because Google Analytics + Adjust are still alive and well. It’s also not “bullshit” to criticize the presence of hardcoded third party trackers in a self-declared privacy browser – most privacy browsers can do without this type of nonsense, why can’t Mozilla? When people detect these trackers, this is pretty damning (in terms of optics).

        > I’ll admit, I do get the impression that this may have been more a cost-cutting move on Mozilla’s part than a principled stand

        Likely true, but I do have to wonder why a $500 million p.a. operation is unable to collect telemetry without employing a third party. It’s either laziness (I don’t care mentality) or their funds are grossly mismanaged and the third party ended up cheaper than doing it themselves (which would have avoided the bad optics of third party involvement)

        > I’m kind of surprised that GHacks hasn’t done a story on Iceraven yet.

        Yes, I am surprised as well. Clearly, there are well-intended Firefox forks that try to do away with Mozilla’s shenanigans (like no about:config, limited number of add-ons, data collection etc.), and they should really be recommended to others and a report on gHacks would certainly also be warranted. Fennec F-Droid is such a browser as well next to Iceraven.

        Those browser forks are sadly hitting certain roadblocks recently which Mozilla introduces: https://github.com/fork-maintainers/iceraven-browser/issues/208
        They can’t disable SafeBrowsing so far, which Mozilla sets in stone in Firefox (hilariously enough, they do this even though it can be disabled even in Google Chrome).

      7. Yash said on April 19, 2021 at 7:18 am
        Reply

        @John
        Yeah Iceraven is also my favourite and Its pretty darn good which is surprising and commendable given its resources. I have to admit I didn’t knew about it until February when I saw Iceraven name in FFUpdater. It has DRM capabilities(personally I don’t like the concept of DRM) which is useful atleast to those who use it, and more features than any fork of Firefox. And after installing Iceraven and using it for a week, I bid farewell to the Firefox 68.11 version – the best Firefox version of all time. I still miss the old UI and it brings tears everytime I remember it but yeah Iceraven is the best fork of Firefox, and yes its time for gHacks.net to give it a mention.

  14. Anonymous said on April 18, 2021 at 9:16 am
    Reply

    “The removal of Leanplum is a step in the right direction, as it is quite hard to argue that an organization that heralds privacy should make use of third-party platforms for telemetry.”

    Mozilla loves trackers. And no, I’m not spreading misinformation, please check Firefox over here: https://reports.exodus-privacy.eu.org/en/

    A bit unrelated to your article, Martin, as it’s related to the desktop version of Firefox, but it’s not like Firefox doesn’t like third-parties: https://brave.com/popular-browsers-first-run/

    More third-party connections than Chrome and Edge.

    “It is quite hard to argue that an organization that heralds privacy should make use of third-party platforms for telemetry.”

    You couldn’t write it better, Martin!

    P.S: This is not an attempt to begin a war “My browser is better than yours”. It’s a comment that shows some harsh realities. Have a good day, folks!

    1. Anon7 said on April 18, 2021 at 8:29 pm
      Reply

      > A bit unrelated to your article, Martin, as it’s related to the desktop version of Firefox, but it’s not like Firefox doesn’t like third-parties: https://brave.com/popular-browsers-first-run/

      > More third-party connections than Chrome and Edge.

      Irrelevant test, is not dynamic and does not apply to real world scenarios around millions using FF.

      And you are suggesting to use closed source Chrome or Edge over open source FF to gain more privacy?

      Chuckle.

      >harsh realities.

      How about the harsh reality that the worlds worst data-gathering browsers are all using chromium and with google doing 90% of the commits followed by M$, Yandex, Opera doing the rest with the odd insignificant input from Brave. Nice company Brave is keeping there, in the dining room of closed source browsers.

      Oh and lets not forget that Brave took months to fix their tor windows without letting users know it was broken, they only started to take care of it properly when tech sites started reporting on it.

      So if something breaks in Brave, you would be luckly to know about it, going by the tor incident with them.

      Yeah, very trustworthy.

      1. Anonymous said on April 19, 2021 at 8:08 am
        Reply

        “Irrelevant test, is not dynamic and does not apply to real world scenarios around millions using FF.”

        The test is irrelevant because results don’t make you happy? Firefox having the possibility to be configured through the “about:config” page doesn’t make Firefox a lesser privacy-unfriendly browser out of the box. It’s ironic because Mozilla spreads privacy, or at least they claim to do so. It’s time to stop pretending you’re aware of the number of people who “harden” their Firefox. You’re not aware, false assumptions once again.

        “And you are suggesting to use closed source Chrome or Edge over open source FF to gain more privacy?”

        Maybe you should read my comment once again, I never recommended ANY browser. You are being salty over false assumptions, it’s not the first time.

        “>harsh realities.”

        Yeah, it’s a harsh reality Firefox is a privacy-unfriendly browser out of the box. In fact, we’re discussing Firefox’s removal of ONE of their trackers, which is nothing but ironic.

        Attacking other browsers changes absolutely nothing. You’re wasting your time if you think I’m going to respond. It’s proven unworthy trying to discuss anything with people who blindly hate Chromium-based browsers because “privacy” communities, mainly on Reddit, keep repeating the same stuff over and over again.

        Are Bromite and Ungoogled-Chromium also privacy nightmares because they’re Chromium-based browsers? The generalization in comments as yours is nothing but hating for the sake of hating.

        Lastly, please stop pretending Google is not the only reason Firefox is still alive. If you deny that Google is paying the biggest portion of Mozilla’s bills, it would be correct of editors to mark your comments as trolling.

        Don’t begin useless wars. Martin’s article explains Mozilla’s intentions to remove one of their trackers, although Mozilla pretends to spread privacy, which is a lie. Face the facts rather than blindly hating other browsers.

      2. Anon7 said on April 19, 2021 at 8:26 pm
        Reply

        > browser out of the box.

        I don’t care about out of box, i care how it can be configured.

        The Brave test failed to take into account users who harden FF. Therefore its nothing but a silly noob test.

        So no, i will not use Brave and silly tests won’t convince me otherwise.

        > It’s time to stop pretending you’re aware of the number of people who “harden” their Firefox.

        Millions harden FF and loads of tech sites give examples on how to do it.

        Loads of people who comment on here harden FF.

        > Ungoogled-Chromium also privacy nightmares because they’re Chromium-based browsers?

        Ungoogled chromium was downloading binary blogs for google voice recognition in 2015.

        So yes privacy invading. I would never trust it or any fork of it.

      3. Anonymous said on April 20, 2021 at 9:17 am
        Reply

        “I don’t care about out of box, i care how it can be configured.

        The Brave test failed to take into account users who harden FF. Therefore its nothing but a silly noob test.”

        It’s not a silly noob test. It literally shows the privacy-unfriendly nature of Mozilla Firefox, which proves Mozilla lies when they claim they spread privacy. It’s a pity, and at the same time understandable, you’re not addressing this fact.

        Seeing people ignoring the privacy-unfriendly nature of Mozilla Firefox is disappointing, and it shows ignorance towards all those people who don’t “harden” Firefox. And no, it’s not people’s fault they trusted Mozilla and installed Firefox. Privacy browsers (something Firefox is supposed to be) MUST be private out of the box. Mozilla Firefox is not.

        “So no, i will not use Brave and silly tests won’t convince me otherwise.”

        I’m happy for you, it’s a personal choice. No one told you to install Brave in the first place.

        “Millions harden FF”

        Every comment of yours comes with speculation. Provide sources for your claims if you want people to believe you, or at least to sound trustworthy. Mozilla Firefox’s shrinking market share proves that people are tired of Mozilla’s lies if anything.

        “Ungoogled chromium was downloading binary blogs for google voice recognition in 2015.”

        Sorry, I for one live in the present. Bringing up past controversies doesn’t reflect on browsers’ present (note: I mean all browsers).

        If I wanted to argue with you, I would bring up the Mr. Robot controversy of 2017. Installing addons on users’ behalf, without their consent and knowledge, is definitely not something a privacy browser should do. Is Mozilla’s Task Scheduler also something the privacy communities accept? I’m sure you’ll find a way to justify Mozilla’s actions so it’s quite pointless trying to discuss controversies with you.

        Address the facts, if Mozilla Firefox was a private browser, users wouldn’t have the need of “about:config” tweaks.Tweaks that make you stand out in the crowd, thus making you easier to fingerprint, madaidan, a contributor to Whonix and GrapheneOS, has written a good piece about it:

        https://madaidans-insecurities.github.io/browser-tracking.html#configuring-the-browser

        But yes, people who blindly defend Mozilla and hate Chromium-based browsers, like you, would rather trust random people on Reddit rather than people who know their stuff and contribute to respected privacy projects such as Whonix and GrapheneOS.

        I’ll end my comment with more facts: If Mozilla truly cared about those “millions who harden Firefox” (it’s your speculation until you provide sources for your claims), they wouldn’t remove the “about:config” page from their mobile version. If Mozilla truly cared about users’ privacy, they wouldn’t ship mobile Firefox with trackers.

      4. Anon7 said on April 21, 2021 at 12:07 am
        Reply

        @Irony Heart

        > You have just fingerprinted yourself.

        Yes you have Brave user.
        Brave has been known to leak canvas.

        *Quietly whispers* A more unique fingerprint shows that you are doing it right. It shows a non noob set-up.

        You have been clearly brainwashed around the necessity of fingerprinting. Far more important things to worry about as regards privacy and security.

        Its a trade off and enhanced security is more important.

        Give it a rest with the madaidan link dude. He clearly knows nothing about what he is talking about.

        whonix is a wannabe tails. Also very insecure because it relies on security nightmare virtual box.

        > Many people here are not very clever,

        Funny you mention it, because i think the majority are more clever than you are, ESPECIALLY FF users.

        You are an obsessed FUD spammer.

        > So you don’t trust a browser that disables this kind of shit by default (

        I don’t trust browsers who monetise ads through cryptocurrency or are reliant on google code.

        But you do you.

        @Anonymous

        >It’s not a silly noob test. It literally shows the privacy-unfriendly nature of Mozilla Firefox

        Actually it is. Funny you mention mozilla privacy, as a hardened FF can be made VERY private.

        Bye GOOGLE-chromium users

      5. Iron Heart said on April 21, 2021 at 9:18 am
        Reply

        @Anon7

        > Brave has been known to leak canvas.

        Firefox leaks ALL Canvas values by default and leaks unique extension IDs no matter what.

        The Brave bug (of fingerprinting defenses that are still in their infancy) will be fixed, not so sure about FF.

        > A more unique fingerprint shows that you are doing it right. It shows a non noob set-up.

        :D

        Uniqueness is only good when it’s random, not when it’s static uniqueness like in your case.

        > You have been clearly brainwashed around the necessity of fingerprinting.

        https://www.cleartechnews.com/post/25-of-the-alexa-top-10k-websites-are-using-browser-fingerprinting-scripts

        > Give it a rest with the madaidan link dude. He clearly knows nothing about what he is talking about.

        Seasoned developer developing an anonymity tool that dissidents daily rely on for their very lives doesn’t know what he is talking about, but clueless @Anon7 does? Hm, wonder who is more credible…

        > Funny you mention it, because i think the majority are more clever than you are, ESPECIALLY FF users.

        You must be new here. :D

        > I don’t trust browsers who monetise ads through cryptocurrency or are reliant on google code.

        Brave’s ads are opt-in, privacy-respecting, and allow the user to earn a share of the revenue. How is that negative? That’s a pro argument! Google code is unproblematic if properly ungoogled, what do you think e.g. Android Custom ROMs do? Would you also call /e/ problematic? :D

        Anyway, Mozilla is funded by Google, promotes the Google search engine as part of the deal, doesn’t block personalized ads on the results page etc. Their configuration choices enable every privacy intrusion imaginable and they leave it to the user to “fix” it, with users fingerprinting themselves in the process. They are supportive of censorship and discourage the use of decentralized tech to oppose big tech. Yuck. This is what you support, and you dare pit this against Brave which decidedly promotes decentralized structures and produces the most privacy-respecting browser (excepting special anonymity tools like Tor), and which aims to solve the privacy threat of advertising by introducing a new model that doesn’t violate user privacy.

        Perhaps you should reflect on yourself and what you are doing and supporting here, if you can.

        > as a hardened FF can be made VERY private.

        Very fingerprintable means that it is very much non-private. Tracking 2.0, friend.

      6. Emil Brausewetter said on April 21, 2021 at 10:22 pm
        Reply

        Iron Heart said on April 21, 2021 at 9:18 am
        “Brave which decidedly promotes decentralized structures and produces the most privacy-respecting browser”
        Ahem …
        “produces the most privacy-respecting browser” and the executable [.exe] compiled by Google Inc. according to your bold statement

        Iron Heart said on April 19, 2021 at 2:49 pm
        > > I doubt that Google is doing the Builds for Brave … but who know’s?
        Iron Heart:
        “LOL. I am sure Google does all the Brave builds! Nothing more to say here.”

        https://www.ghacks.net/2021/04/18/mozilla-will-remove-leanplum-tracking-from-firefox-for-android-and-ios/#comment-4491936

        How come? Fragen über Fragen über Fragen, aber die Antwort ist bereits bekannt …

      7. Anonymous said on April 21, 2021 at 6:44 am
        Reply

        “Actually it is. Funny you mention mozilla privacy, as a hardened FF can be made VERY private.

        Bye GOOGLE-chromium users”

        All right, if you say so. At least you made it clear you won’t reply with arguments but well-known phrases, phrases every Reddit “privacy expert” repeats over and over again.

        It was a complete waste of time trying to discuss anything with you, disappointing and yet understandable. I’ll make sure not to reply to your comments again.

        Take care, Google-sponsored Firefox user.

      8. Iron Heart said on April 21, 2021 at 9:20 am
        Reply

        @Anonymous

        Agreed. It’s pointless to “discuss” with him about virtually anything. He is all over the place with his claims, mixes up different topics that are clearly unrelated to each other, fails to provide sources for virtually anything, and is very fanatical in all of this. I replied to him for one last time in this thread and now I’ll let it be, following your example. Frustrating indeed.

      9. Iron Heart said on April 20, 2021 at 8:22 am
        Reply

        @Anon7

        > I don’t care about out of box, i care how it can be configured.

        *Quietly whispers:* You have just fingerprinted yourself.

        > The Brave test failed to take into account users who harden FF.

        Yeah they really should have discussed Millions harden FF

        sOUrCe?

        > Loads of people who comment on here harden FF.

        Loads of people here also use AdBlock Plus or install anti-fingerprinting extensions that further set them apart from other users of the same browser, but not in a good way. Many people here are not very clever, no offense meant. There are many great people around here.

        > Ungoogled chromium was downloading binary blogs for google voice recognition in 2015.

        Yeah they’ve missed 1 (one) URL from which Google fetched experiments at the time. They fixed this immediately upon users reporting it.

        Now, hypocrite, I show you once again that your beloved Firefox did the same exact thing, stealing the browsing history of users in the process:

        https://www.zdnet.com/article/firefox-tests-cliqz-engine-which-slurps-user-browsing-data/

        You mentioning the Chromium incident gives me an excellent opportunity to show others what kind of unapologetic hypocrite you really are deep down, and this has happened, like, for the sixth or seventh time already. You never learn, haha.

        > So yes privacy invading. I would never trust it or any fork of it.

        So you don’t trust a browser that disables this kind of shit by default (Ungoogled Chromium, Brave), but you trust a browser where you yourself have to explicitly seek out about:config settings to close the same backdoor? How does that even make sense? LOL, that’s called blind fanboyism.

      10. Iron Heart said on April 20, 2021 at 8:23 am
        Reply

        * Yeah they really should have discussed <1% of all Firefox users, all of whom configure their browser differently, haha.

    2. Anonymous said on April 18, 2021 at 12:18 pm
      Reply

      we need to oppose this kind of behavior wherever we see it across the board. There are worst offenders of course who we shouldn’t let our guard down for and this is just the tip. Never believe the lies of a known scammer ya know. It can likely be replaced 1:1 and hidden 1st party.

      Opposing it all transcends favouritism/fanboyism and trying to be right on the internet, please stop defending this bs wherever it may be. (not directed at anyone, but employees can gfy – just saying).

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.