Firefox 96.0.3 and Firefox 91.5.1 ESR fix search Telemetry data sending issue

Martin Brinkmann
Jan 27, 2022
Updated • Jan 27, 2022
Added information about the issue.
Firefox
|
77

Mozilla will release Firefox 96.0.3 Stable and Firefox 91.5.1 ESR, Extended Support Release, later today. The new versions of Firefox address a Telemetry data sending issue in the browser.

firefox 93.0.3 release

The rollout of the new versions of Firefox begins on January 27, 2022. Firefox installations with automatic updates enabled will receive the new version of the browser automatically. Rollouts of updates happen over time, and users may speed up the process by running manual checks for updates once Mozilla unlocks the release on the server side.

Selecting Menu > Help > About Firefox displays the installed version of Firefox and runs a check for updates. Firefox will download and install updates that it finds automatically by default.

ADVERTISEMENT

firefox 93.0.3

The official release notes are not published yet. They will contain one entry only (likely):

Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry.

The information that is provided does not provide details, but it looks as if data was submitted by Firefox that was not supposed to be submitted. The data was submitted as part of the browser's search Telemetry feature.

The linked bug listing on Mozilla's bug tracking site, bug 1751746, is unhelpful as the bug is not publicly visible.

The term "unexpected data" could refer to any kind of data that the search Telemetry module is not designed to collect.

Firefox users who have disabled Telemetry in the browser were not affected by the issue. Users can turn off Telemetry in the following way:

  1. Load about:preferences#privacy in the web browser's address bar.
  2. Scroll down to the Firefox Data Collection and Use section on the page that opens.
  3. Uncheck all options of the group, including:
    1. Allow Firefox to send technical and interaction data to Mozilla.
    2. Allow Firefox to make personalized extension recommendations.
    3. Allow Firefox to install and run studies.
    4. Allow Firefox to send backlogged crash reports on your behalf.

The new versions of Firefox address the issue. We will update the article if Mozilla reveals additional information about the data that was submitted erroneously.

Update: you can check out this bug listing for details. Mozilla's investigation found that the issue was very rare, a maximum of 0.0013% of recorded events on desktop and even less on mobile. Some instances involved the editing of search codes, which Firefox uses for attribution purposes. End

Summary
Firefox 96.0.3 and Firefox 91.5.1 ESR fix search Telemetry data sending issue
Article Name
Firefox 96.0.3 and Firefox 91.5.1 ESR fix search Telemetry data sending issue
Description
Mozilla will release Firefox 96.0.3 Stable and Firefox 91.5.1 ESR, Extended Support Release, later today. The new versions of Firefox address a Telemetry data sending issue in the browser.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Aegis said on January 27, 2022 at 1:38 pm
    Reply

    Unfortunately Firefox became a little pain in the a** over the last few month which made me dispose of Firefox and switch to Edge Chromium since a few weeks. Despite all complains you read about this Browser, it runs like a charm!

    Edge does all I need without any complains.

    1. Martin P. said on January 27, 2022 at 2:22 pm
      Reply

      If you value your privacy you should use an ungoogled version of Chrome instead of Edge. Nice builds are available at the following URL among others:

      https://chromium.woolyss.com/

    2. Tom Hawack said on January 27, 2022 at 3:35 pm
      Reply

      I’ve been using Firefox ever since versions 2.x and it’s never been a pain. Blame it on ignorance.
      Each time a Firefox fix is issued we have the now traditional lot of “I knew it”, “There they go again” and so on.
      Firefox bashing by users of this browsers may be understandable, but coming from users of Chrome or Edge is laughable.

      Concerning this Firefox 96.0.3, all telemetry is blocked, and previous 96.0.2 didn’t concern my environment, so happy to stay on 96.0.1 until 97.0 unless a surprise.

      1. Dumbledalf said on January 27, 2022 at 9:28 pm
        Reply

        @Tom Hawack,

        What if the people bashing Firefox are actually using Vivaldi, Brave or something else that’s not Chrome?

        I used Firefox when it was awesome and the best browser ever – before 2010. After that it has become garbage and the main goal of the developers are to see if they can outdo themselves and turn it into a bigger garbage.

      2. Tom Hawack said on January 27, 2022 at 11:52 pm
        Reply

        @Dumbledalf, I was referrinto to Aegis’s comment when I wrote “[….] bashing […] by users of this browser[s] may be understandable, but coming from users of Chrome or Edge is laughable.”

        All critics are acceptable of course but I do find laughable that users of Chrome or Edge bash Firefox. Not laughable when they come from users of other browsers, as those you mention. In my view browsers which must absolutely be avoided are those in any way related to GAFAM. After that, my choice is Firefox because Firefox is a browser I’m used to, heavily tweeked. If I had to switch it’d likely be for Brave… I mean anything but Google, Apple, Microsoft thought and manufactured for the users loss of privacy.

        Of course I disagree with a perhaps excessive qualification of ‘garbage” as you describe post-2010 Firefox versions. Personally I encounter no issue, have the feeling of having a material I can shape. I experience but satisfaction, increasing satisfaction in fact as Firefox versions advance.

        Of course everyone’s experience is respectable, but I think we’ll all agree that an experience led by an ignorant is less worthy than one toroughly carried out by a calm, intellectually honest user. I’m not saying this for you, your comment is coherent and calm (I think nevertheless someting went wrong in your testings), I’m saying this with the amount of sheep who regularly jump on the Fiarefox bashing fashion each time they get the opportunity. We see this everywhere, like those aliens who rate an extension 1 star just because they don’t know how to use it correctly, even worse: because the extension doesn’t “look nice”. Let’s face it : free speech doesn’t mean pertinent speech.

        C’est la vie.

      3. Carol Benton UK said on February 18, 2022 at 2:42 pm
        Reply

        Tom, honestly, you bring nothing to the discussion.Same ole same ole. Time to start your own website.

      4. Tom Hawack said on February 18, 2022 at 5:58 pm
        Reply

        Carol, seems we’re two then :=)
        At least. Welcome to the club. Do drop in more often! We need people like you, lol.

  2. ULBoom said on January 27, 2022 at 3:37 pm
    Reply

    Curated user experience enhancement.
    Amazing drop.

  3. common sense computing said on January 27, 2022 at 3:37 pm
    Reply

    LibreWolf comes with privacy features already enabled and resists fingerprinting.

    1. computer said no said on January 27, 2022 at 6:01 pm
      Reply

      Which comes courtesy of a pre compiled preferences file.I could simply use arkenfox user prefs in standard firefox and tout it as an “alternative”.

      1. beemeup5 said on January 28, 2022 at 2:34 am
        Reply

        @computer said no

        How many steps do you have to go through to get default Firefox to perform as well as LibreWolf does out-of-the-box privacy-wise?
        https://privacytests.org/

        LibreWolf also doesn’t come with Firefox Pocket and a bunch of other Mozilla “recommended” cruft that you’d need to go out of your way to disable anyway, so you end up with a leaner package. And when a new LibreWolf is released, just install it over your existing instance. With Firefox, after each release you may need to re-harden all over again, and constantly be on the lookout for any new Mozilla nonsense that might have snuck in.

      2. Klaas Vaak said on January 28, 2022 at 6:31 am
        Reply

        @beemeup5: good points. I recently started using LW too and find it to be a pleasant experience. Furthermore, there is a very helpful community to answer question/solve issues.

    2. ULBoom said on January 28, 2022 at 7:13 pm
      Reply

      As someone who has used what is now known as arkenfox since its inception (here, btw), LibreFox is a much, much easier way to get a decent private browser.

      The arkenfox tweaks can easily break your browser but that’s stated clearly throughout. Blindly implementing all arkenfox tweaks will definitely result in something that is unlikely to work the way anyone but the most privacy needful will accept or not at all.

      I still use the arkenfox lists because I know what the tweaks do. Going through the list is a good learning experience for anyone; additional tweaks you like can easily be added to Libre in about:config.

      Make a profile backup before experimenting.

      1. Iron Heart said on January 28, 2022 at 10:04 pm
        Reply

        > arkenfox hardening meme
        > LibreWolf meme

        You do realize that you are still running a highly unique setup, don’t you? You are just making your browsing experience miserable in exchange for no measurable privacy improvement.

      2. owl said on January 28, 2022 at 11:24 pm
        Reply

        I also want to make a strong advice to people recommending browsers to other people without investigation or knowledge. The privacy related channel on Reddit is filled with wrong recommendations regarding privacy-respecting browsers and many people are merely guessing or blindly trusting the information the browser producers are publishing. Neither Mozilla Firefox, Google Chrome or Chromium, Brave, Waterfox, or several of the other recommended browsers truly respect privacy. They all do some form of telemetry and/or privacy-compromising actions without the user consenting to it or even knowing about it.
        https://www.ghacks.net/2022/01/27/firefox-96-0-3-and-firefox-91-5-1-esr-fix-search-telemetry-data-sending-issue/#comment-4514175

      3. Loki57 said on January 29, 2022 at 8:07 pm
        Reply

        @owl said:

        >Neither Mozilla Firefox, Google Chrome or Chromium, Brave, Waterfox, or several of the other recommended browsers truly respect privacy. They all do some form of telemetry and/or privacy-compromising actions without the user consenting to it or even knowing about it.

        Making requests to fetch latest filter lists doesn’t compromise your privacy, no matter what your barely sourced blog post that you linked claims

      4. owl said on January 29, 2022 at 11:09 pm
        Reply

        @Loki57

        Huh?
        Did you really all read the URL I showed?

        I’m not going to bother explaining it again for you.
        Please read it again, properly!

      5. Loki57 said on January 29, 2022 at 11:25 pm
        Reply

        @owl

        >Did you really all read the URL I showed?

        I read the blog post, I saw how the author criticized LibreWolf for fetching the filter lists of ETP and uBO, none of these requests are privacy invasive. Do you have a more reliable source than a poorly written rant?

        https://librewolf.net/docs/faq/#does-librewolf-make-any-outgoing-connections

      6. owl said on January 30, 2022 at 11:56 pm
        Reply

        @Loki57,
        > I read the blog post, I saw how the author criticized LibreWolf for fetching the filter lists of ETP and uBO, none of these requests are privacy invasive.

        With your reply (specific description), I finally understand your complaint.
        And it turns out that you and I have a subtle “perception” discrepancy about the quoted article.

        The author points out that “there are many end users who simply assume or blindly trust the plethora of information available on the Internet, and as such, they spread prejudices and lies” and that “the default browser is not a true browser that respects your privacy.” It is a fact-based article that is verified and discussed.

        I don’t see anything in that article that “criticizes LibreWolf for getting filter lists for ETP and uBO”.
        Moreover, in the “Recommended extensions” section, the author praises uBlock Origin.

        You misunderstood (prematurely).
        Perhaps you didn’t even read the “full article” and only paid attention to the part about your concern, “LibreWolf”.
        By the way, Librewolf is one of my primary browsers. And I have made further “tweaks” according to my values and preferences.

      7. Loki57 said on January 31, 2022 at 1:17 am
        Reply

        @owl

        >The author points out that “there are many end users who simply assume or blindly trust the plethora of information available on the Internet, and as such, they spread prejudices and lies” and that “the default browser is not a true browser that respects your privacy.” It is a fact-based article that is verified and discussed.

        The vast majority of the claims in this “””article””” are baseless, nothing more than tinfoil hatting.

        >I don’t see anything in that article that “criticizes LibreWolf for getting filter lists for ETP and uBO”. Moreover, in the “Recommended extensions” section, the author praises uBlock Origin.

        Coming from the same person who told me to read the whole thing, LibreWolf is classified as a “privacy compromising” browser because of these requests. You never read their documentation, huh?

      8. owl said on January 31, 2022 at 4:19 am
        Reply

        @Loki57,
        > The vast majority of the claims in this “””article””” are baseless, nothing more than tinfoil hatting.
        > LibreWolf is classified as a “privacy compromising” browser because of these requests.

        There is no such thing as “LibreWolf is classified as a privacy-invasive browser because of these requirements” in that article. Where do I read that to make such an interpretation?
        I can’t get over how “bigoted” you are.

        In that article simply cautions using LibreWolf, which has been getting a lot of attention lately, “without doing any research and overconfident in its defaults” (warning against blind faith).

        Anyway, I don’t want to waste our time on the web, as I (and my whole family) have changed to a digital detox lifestyle a few years ago. Not for you, but I just wanted to be aware of the community (subscribers) of this site (Comments) and clear up the issues, so I’m done with any more sterile communication with you.

      9. owl said on January 31, 2022 at 5:10 am
        Reply

        @Loki57,

        Oh, yeah.
        The vast majority of the claims in this “””article”””, denied closed source products and all of Google products and services involving Google, and Chromium browsers.

      10. beemeup5 said on January 29, 2022 at 12:01 pm
        Reply

        @ULBoom

        I think LibreWolf is the successor to Librefox, because Librefox is no longer maintained:
        https://github.com/intika/Librefox/issues/141

  4. Alex said on January 27, 2022 at 4:01 pm
    Reply

    Why would anyone use this crap?

    1. Anonymous said on January 27, 2022 at 6:49 pm
      Reply

      @Alex
      I know some answers, some clowns will say “because Chromium monopoly” like if that would matter in the big picture when you want to render pages and have better features.

      Others will say because they used Firefox 20 years ago, so they think it is the same company like if nothing that happened in recent years mattered like their “free internet for all” meme phrase which it’s a bunch of BS based on their actions like spamming Android users because Facebook is not banning a portion of those “all” users.

      Others will say it is faster than Chromium and better on resources which is a lie but some people close their eyes to reality.

      And the only valid but still useless reason is about customization and how you can disable and enable more things with Firefox, which is fine, but I would rather better implementations and better resource management than a fancy skin I don’t care about and wish I wouldn’t even see at all.

      1. g-clown said on January 29, 2022 at 5:26 pm
        Reply

        Some clown say a full fledged web browser code older than webkit G-clone is no more “than a fancy skin”…

    2. aaa said on January 27, 2022 at 7:56 pm
      Reply

      Gecko is the only Blink’s rival.

      1. Iron Heart said on January 27, 2022 at 9:34 pm
        Reply

        @aaa

        No, WebKit exists.

      2. corroded_melted_iron_head said on January 28, 2022 at 1:05 pm
        Reply

        Double No! chromium is a fork of webkit! Only gecko is the alternative!

      3. Iron Heart said on January 28, 2022 at 9:52 pm
        Reply

        > Double No! chromium is a fork of webkit! Only gecko is the alternative!

        Blink was forked from WebKit in 2013, NINE YEARS AGO, and the two were patched apart from each other ever since. They were the same thing in 2013, they are not the same thing anymore in 2022. Every web dev knows it. One of us two is certainly corroded and melted in the head, but it is not me.

      4. Sycophant247 said on January 29, 2022 at 4:01 am
        Reply

        LMFAO – https://github.com/Nihal247/brave-privacy/issues/3 – is someone feeling left out?

    3. k said on January 28, 2022 at 6:19 pm
      Reply

      > Why would anyone use this crap?

      The marketing department and head of trust (ex cia) programmed them to

    4. A-crap said on January 29, 2022 at 5:21 pm
      Reply

      Why would anyone read this A-crap reply?

  5. Randy Bones said on January 27, 2022 at 4:45 pm
    Reply

    Are there just a bunch of you out there poised to just crap on Firefox when a change happens?

  6. Klaas Vaak said on January 27, 2022 at 5:23 pm
    Reply

    What Mozilla did is NOT “fix” an issue it put in there itself in the 1st place. Cute how they now label it as a “bug”.

    1. owl said on January 28, 2022 at 3:16 am
      Reply

      > Cute how they now label it as a “bug”.

      In engineering, a bug is a defect in the design, manufacture or operation of machinery, circuitry, electronics, hardware, or software that produces undesired results or impedes operation.
      Sometimes what might be seen as unintended or defective operation can be seen as a feature.
      Bug (engineering) – Wikipedia
      https://en.wikipedia.org/wiki/Bug_(engineering)

      The Vivaldi you use does not use a “Bug Tracker” system, but provides mutual support in the user community forum, while Mozilla consistently uses a managed centrally Bug Tracker system that works well enough.

      Even in the rare case in question, the time taken from the bug report to resolution was only three days.
      It’s a far cry from Vivaldi (where program flaws are left unresolved).

      1. Klaas Vaak said on January 28, 2022 at 6:34 am
        Reply

        @owl: I don’t buy the argument that telemetry is “a defect in the design”; telemetry is inserted intentionally.

        BTW, I do not use Vivaldi.

    2. lone_class said on January 29, 2022 at 5:30 pm
      Reply

      They “correct” their telemetry. Not trying shove more down on web browsing tech pit.

  7. waffles.fm said on January 27, 2022 at 5:54 pm
    Reply

    > The linked bug listing on Mozilla’s bug tracking site, bug 1751746, is unhelpful as the bug is not publicly visible.
    > The term “unexpected data” could refer to any kind of data that the search Telemetry module is not designed to collect.

    Here is a bug summary of exactly what it is all about: https://bugzilla.mozilla.org/show_bug.cgi?id=1752317

    Or just read the patch: https://hg.mozilla.org/releases/mozilla-release/rev/08a730393ae6e9e8f7096f1a040dc66948f245b1

    Any of those two links will tell you more than the bullshit waffling in this article

    1. owl said on January 28, 2022 at 1:47 am
      Reply

      Thanks!, @waffles.fm
      Your post gave me the full story and clarification.
      > Bug 1752317 – [meta] Unintentional collection of user-edited search engine values
      https://bugzilla.mozilla.org/show_bug.cgi?id=1752317
      > Bug 1751746 – Change search-telemetry to use strict partner code matching.
      https://bugzilla.mozilla.org/show_bug.cgi?id=1751746

      Based on those, I’ve written an article about it at forums.mozillazine.jp.
      https://forums.mozillazine.jp/viewtopic.php?f=23&p=71001#p71001

  8. John G. said on January 27, 2022 at 9:08 pm
    Reply

    Firefhrome is walking with steel steps along the magnificent road to nowhere. Please just fix the whole dark/light themes management to be used with no issues with dark/light W11 OS mode itself! Dark themes in Firefox while W11 light mode is on is a complete nightmare, everything is mixed! Or better, please, just stop screwing things that are not broken, damm it! :[

  9. Haakon said on January 27, 2022 at 9:08 pm
    Reply

    Which is why I true a “DisableTelemetry” (among others) stashed in the ol’ policies.json file.

  10. Iron Heart said on January 27, 2022 at 9:36 pm
    Reply

    The title of the article alone is hilarious already, LOL. Enjoy your browser-breaking telemetry, privacy fellas.

  11. Shmirefox said on January 27, 2022 at 10:40 pm
    Reply

    Downloaded Portable FF

    Ran it with outwards traffic disabled by Malwarebytes and did not attempt to connect to any website. Here’s a summary of what was available in the Malwarebytes log, repeats removed. A lot of repeats!

    28/01/2022 8:26 Pingsender 34.120.208.123
    28/01/2022 8:25 Firefox 52.39.178.28
    28/01/2022 8:25 Firefox 34.107.221.82
    28/01/2022 8:25 Firefox 52.11.62.36
    28/01/2022 8:24 Firefox 172.217.167.106
    28/01/2022 8:24 Firefox 52.36.14.43
    28/01/2022 8:24 Firefox 18.67.105.6
    28/01/2022 8:24 Firefox 18.67.105.8
    28/01/2022 8:24 Firefox 18.67.105.83
    28/01/2022 8:24 Firefox 18.67.105.97
    28/01/2022 8:24 Firefox 13.225.1.189
    28/01/2022 8:24 Firefox 18.67.93.118
    28/01/2022 8:24 Firefox 18.67.93.46
    28/01/2022 8:24 Firefox 18.67.93.53
    28/01/2022 8:24 Firefox 34.117.237.239
    28/01/2022 8:24 Firefox 34.208.239.95
    28/01/2022 8:24 Firefox 34.213.76.57
    28/01/2022 8:24 Firefox 34.215.15.15
    28/01/2022 8:24 Firefox 35.163.112.241
    28/01/2022 8:24 Firefox 35.163.137.0
    28/01/2022 8:24 Firefox 44.229.226.207
    28/01/2022 8:24 Firefox 52.35.174.64
    28/01/2022 8:24 Firefox 52.89.115.53
    28/01/2022 8:24 Firefox 54.186.128.121
    28/01/2022 8:24 Firefox 54.187.205.23
    28/01/2022 8:24 Firefox 54.190.2.244

    There is likely to be more. Malwarebytes only displays 100 most recent.

  12. Anonymous said on January 27, 2022 at 10:51 pm
    Reply

    Order IP Address Network Name Owner Name Resolved Name
    1 34.120.208.123 GOOGL-2 Google LLC 123.208.120.34.bc.googleusercontent.com
    2 52.39.178.28 AT-88-Z Amazon Technologies Inc. ec2-52-39-178-28.us-west-2.compute.amazonaws.com
    3 34.107.221.82 GOOGL-2 Google LLC 82.221.107.34.bc.googleusercontent.com
    4 52.11.62.36 AT-88-Z Amazon Technologies Inc. ec2-52-11-62-36.us-west-2.compute.amazonaws.com
    5 172.217.167.106 GOOGLE Google LLC syd09s17-in-f10.1e100.net
    6 52.36.14.43 AT-88-Z Amazon Technologies Inc. ec2-52-36-14-43.us-west-2.compute.amazonaws.com
    7 18.67.105.6 AMAZO-CF Amazon.com, Inc. server-18-67-105-6.syd62.r.cloudfront.net
    8 18.67.105.8 AMAZO-CF Amazon.com, Inc. server-18-67-105-8.syd62.r.cloudfront.net
    9 18.67.105.83 AMAZO-CF Amazon.com, Inc. server-18-67-105-83.syd62.r.cloudfront.net
    10 18.67.105.97 AMAZO-CF Amazon.com, Inc. server-18-67-105-97.syd62.r.cloudfront.net
    11 13.225.1.189 AMAZO-CF Amazon.com, Inc. server-13-225-1-189.sin52.r.cloudfront.net
    12 18.67.93.118 AMAZO-CF Amazon.com, Inc. server-18-67-93-118.syd62.r.cloudfront.net
    13 18.67.93.46 AMAZO-CF Amazon.com, Inc. server-18-67-93-46.syd62.r.cloudfront.net
    14 18.67.93.53 AMAZO-CF Amazon.com, Inc. server-18-67-93-53.syd62.r.cloudfront.net
    15 34.117.237.239 GOOGL-2 Google LLC 239.237.117.34.bc.googleusercontent.com
    16 34.208.239.95 AT-88-Z Amazon Technologies Inc. ec2-34-208-239-95.us-west-2.compute.amazonaws.com
    17 34.213.76.57 AT-88-Z Amazon Technologies Inc. ec2-34-213-76-57.us-west-2.compute.amazonaws.com
    18 34.215.15.15 AT-88-Z Amazon Technologies Inc. ec2-34-215-15-15.us-west-2.compute.amazonaws.com
    19 35.163.112.241 AMAZO-ZPDX9 Amazon.com, Inc. ec2-35-163-112-241.us-west-2.compute.amazonaws.com
    20 35.163.137.0 AMAZO-ZPDX9 Amazon.com, Inc. ec2-35-163-137-0.us-west-2.compute.amazonaws.com
    21 44.229.226.207 AMAZO-ZPDX Amazon.com, Inc. ec2-44-229-226-207.us-west-2.compute.amazonaws.com
    22 52.35.174.64 AT-88-Z Amazon Technologies Inc. ec2-52-35-174-64.us-west-2.compute.amazonaws.com

    1. John G. said on January 28, 2022 at 6:34 am
      Reply

      Just incredible! :o

  13. owl said on January 28, 2022 at 3:42 am
    Reply

    LibreWolf, which I have been using for the past six months, has also been released in a modified version.
    https://librewolf.net/installation/

    For your information
    Features – LibreWolf
    https://librewolf.net/docs/features/
    Frequently Asked Questions – LibreWolf
    https://librewolf.net/docs/faq/
    Settings and librewolf.overrides.cfg – LibreWolf
    https://librewolf.net/docs/settings/

  14. owl said on January 28, 2022 at 10:48 am
    Reply

    I checked the update status on my actual devices (LibreWolf, Firefox ESR, Firefox Developer Edition, Firefox Nightly, Tor Browser).

    As a result (see below), in my environment, the update is complete except for TorBrowser.
    Internationalization & Localization
    Application Settings
    Default Locale? “en-US”
    Operating System?Windows_NT 10.0 19042?
    System Locales ?”en-US”
    ? LibreWolf 96.0.3-1?Build ID 20220127211059?
    ? Firefox ESR 91.5.1esr?Build ID 20220126174332?
    ? Firefox Developer Edition 97.0b9?Build ID 20220127193706?
    ? Firefox Nightly 98.0a1?Build ID 20220127213627?
    ? TorBrowser 11.0.4 (based on Mozilla Firefox 91.5.0esr) Build ID 20220602050101

    Note: Firefox had applied automatic updates due to the “Use a background service to install updates” feature that is enabled, but LibreWolf requires manual updates by design intent.

    1. owl said on January 28, 2022 at 10:53 am
      Reply

      I checked the update status on my actual devices (LibreWolf, Firefox ESR, Firefox Developer Edition, Firefox Nightly, Tor Browser).

      As a result (see below), in my environment, the update is complete except for TorBrowser.
      Internationalization & Localization
      Application Settings
      Default Locale “en-US”
      Operating System (Windows_NT 10.0 19042)
      System Locales “en-US”
      LibreWolf 96.0.3-1 (Build ID 20220127211059)
      Firefox ESR 91.5.1esr (Build ID 20220126174332)
      Firefox Developer Edition 97.0b9 (Build ID 20220127193706)
      Firefox Nightly 98.0a1 (Build ID 20220127213627)
      TorBrowser 11.0.4 (based on Mozilla Firefox 91.5.0esr) Build ID 20220602050101

      Note: Firefox had applied automatic updates due to the “Use a background service to install updates” feature that is enabled, but LibreWolf requires manual updates by design intent.

      1. owl said on January 28, 2022 at 11:01 am
        Reply

        For your information:
        Firefox Fixed Version
        – 91.5.1esr
        – 96.0.3
        – 97.0b8
        – 98.0a1
        will begin rolling out on January 27, 2022 (US time).
        Firefox installations with automatic updates enabled will be able to automatically apply the new version of the browser.
        The update rollout may be delayed, but once Mozilla has unlocked (unblocked) the release on the server side, end users will be able to manually update their devices with the update.

      2. owl said on January 28, 2022 at 11:18 am
        Reply

        As a side note,
        Latest and Final Information on Basilisk Browser
        The following is a summary of the official declaration

        Important: Development on the Basilisk browser has been suspended as of December 2021. Any genuinely sincere, legitimate and reasonable developer may want to contact me if they are interested in taking over this project. I thank everyone for the support and usership of this development browser over the years. — Moonchild.
        https://www.basilisk-browser.org/

        v2022.01.27 Published 2022-01-27
        This is a security update.
        Important: This is the final public release of Basilisk from the original developer. As such, it comes without an internal updater and will not check for future updates to the application.
        To remain updated and secure, it is recommended at this point that you look for a different web browser like Pale Moon to continue browsing in a safe and secure manner.
        Be mindful of hacks: There are currently no people eligible to continue Basilisk as a product under the Basilisk name. If you see any future updates claiming/pretending to be official Basilisk or an official continuation, they are most likely scams and should not be trusted with your browsing.
        https://www.basilisk-browser.org/releasenotes.shtml

  15. TelV said on January 28, 2022 at 2:55 pm
    Reply
    1. owl said on January 28, 2022 at 11:16 pm
      Reply

      @TelV, thanks!
      I read the full article (Choose your browser carefully) you provided.
      I did not know that article existed, but based on my experience and knowledge I agree with it in its entirety.
      The article is very reasonable, with excellent material collection, verification and discussion. It is a very useful article and a good instructional guide.
      I found this article to be a must-read for end users who have no choice but to use services on the Internet.
      The ghacks.net community (the subscribers) is also a must-read.

      From that article, a part (the main part) is “quoted” below
      I also want to make a strong advice to people recommending browsers to other people without investigation or knowledge. The privacy related channel on Reddit is filled with wrong recommendations regarding privacy-respecting browsers and many people are merely guessing or blindly trusting the information the browser producers are publishing. Neither Mozilla Firefox, Google Chrome or Chromium, Brave, Waterfox, or several of the other recommended browsers truly respect privacy. They all do some form of telemetry and/or privacy-compromising actions without the user consenting to it or even knowing about it.

      Firefox is one of the most extensible and tweakable browsers in the world, which makes it possible to increase the privacy in Firefox considerably by using different configurations and tweaks without having to patch the source code. And this is one of the things that makes Firefox really great. Generally Firefox as a product is not the problem, the Mozilla Foundation is. When you tweak Firefox you not only run with the latest version of Firefox, but you also get a true privacy-respecting browser.
      Firefox is unique in this way as no other browser, as far as I know, allows for so much tweaking without patching. Tweaks are settings that control Firefox’s behavior. Some can be set from the options interface, which can be in about:config, but others are called “hidden preferences” which will only show when they are set by the user.
      Tweaking Firefox is not for everyone however. It requires you to spend time studying the different settings you can manipulate and understanding how they work. But your not alone, many people do this, and one of the best ways to do it is to use the Arkenfox user.js project as a template. One of the benefits of tweaking Firefox is that you get to better understand what exactly your browser is doing and how it works.
      The “Arkenfox user.js” project provides a comprehensive user.js template for configuration and hardening Firefox. It is very actively maintained by some very skillful people, including an active Mozilla developer and a developer from the Tor project.
      The Arkenfox user.js is very well documented, but if you feel the need for a guide I recommend you take a look at The Firefox Privacy Guide for Dummies!

      With all that said it is important to understand that the real problem lies with us – the Internet users. We seriously need to stop using the bad browsers and we need to either stop visiting all the bad websites or at least disable JavaScript on these websites! We need to educate ourselves and others better in the technology we’re using. This is much easier said than done, because website developers have gone crazy, but once you eliminate JavaScript from running in the browser you no longer need a complex browser like Firefox or Chromium and once you don’t need a complex browser you no longer have to worry as much about privacy issues – at least not from the browser point of view.

      1. Heydrich said on January 29, 2022 at 3:57 am
        Reply

        @owl:

        “Firefox is one of the most extensible and tweakable browsers in the world, which makes it possible to increase the privacy in Firefox considerably by using different configurations and tweaks without having to patch the source code.”

        – Owl, 28.01.2022

        In one sentence, ‘owl’ highlighted the real advantage of using Firefox, while honestly stipulating that it “is not for everyone however… [as] it requires you to spend time studying the different settings you can manipulate and understanding how they work”.

        The end user, in essence, has the freedom to decide what is the best configuration.

      2. Derek Clements said on January 29, 2022 at 7:58 am
        Reply

        @ Owl: Konnichiwa and Arigatou gozaimasu (please forgive my current total ignorance of the required Kanji and Kana)
        I concur with your summations.
        One example of a simple web browser that does not run JavaScript is “Lynx”. Very light weight and fast to scroll through once one becomes familiar with the key map, and is self documenting. Runs on the Unix like platforms and M$ Windows when I last looked.

      3. owl said on January 29, 2022 at 10:48 pm
        Reply

        @Derek Clements,
        Since you seem to be interested in “Japanese”, I have re-translated your post (in full) in Japanese (kanji, katakana and kana) for your reference. :)

        @????: ??????????????????????????????????????????????????
        ?????????????
        JavaScript ????????????????????????“Lynx” ??????????????????????????????????????????????????????Unix ????????????? M$ Windows ??????????

      4. owl said on January 29, 2022 at 10:53 pm
        Reply

        @Derek Clements,

        Unfortunately, the format of this site doesn’t seem to support the display of Japanese (2-byte characters), and everything was replaced with “?” characters.

      5. Derek Clements said on January 30, 2022 at 4:31 am
        Reply

        @ Owl San,
        Indeed I am interested in the Nihongo. Unfortunately, I would be well below an infant’s grasp of the language currently. Unlike myself, I suspect that the vast majority of the readership here have a grasp of more than one language. I tip my hat to you all :)

        Yes, a bit of a bummer that the site is unable to support the two byte characters. I was looking forward to viewing the translation. Anyhow, let me say ” watashi wa mottomo kansha shite imasu” that you gave it a try (I hope I got that right) :)

      6. owl said on January 30, 2022 at 11:02 pm
        Reply

        @Derek Clements,

        I respect your reply (comment and opinion).
        And your Japanese (kana) expression skills are amazing! :)
        Please continue to value your curiosity about the unknown and global.

      7. Derek Clements said on January 31, 2022 at 5:24 am
        Reply

        @Owl.
        Unfortunately, I am not yet worthy of any praise in the language skills department – I sought the assistance of an online translation tool for my previous post.
        That said, I can say that I do have the strong desire to learn other languages, however some serious plans to go overseas to learn by immersion among other techniques, have been thawted by the pandemic and a totalitarian regime tightening it’s grip on a particular locality. I had ambitions on at least three East Asian languages in that plan. German, French and Italian have also been on my mind too. Currently, I am deep in another very disruptive and protracted project that is consuming too much of my time, so until I can get on top of that, any serious attempts by me to get anywhere on learning another language will amount to nothing ( language-learn 2>&1 | /dev/null ) :(

        Anyhow, “D?mo arigat?gozaimashita” for your kind words and encouragement as I’ll remain forever curious.

      8. owl said on January 31, 2022 at 8:41 am
        Reply

        @Derek Clements,

        I am an old man, but I have met people like you through work, travel, etc., and have interacted with family members as well, and feel their problems close to me.

        In particular, it is sad to note that recently, due to the “COVID-19” waterfront measures, people who wish to study in Japan or re-enter the country are unable to do so. In some cases, they have to wait for as long as two years, which is a heavy burden (financially and emotionally) for young people.
        There are more than 140,000 people who wish to study in Japan. There is no doubt that interest in Japan and impressions of Japan will decline.

        The Japanese government is reluctant to relax its waterfront measures and is only interested in relieving the frustration of the Japanese people. Even during the “national isolation” of the Middle Ages, it did not close its doors to Korea (Tsushima), the Netherlands, or China (Nagasaki).
        Japan is a tiny island nation, but since ancient times it has nurtured its culture through the exchange of people and goods from overseas, and has been able to develop its own unique culture (by fusing with other cultures). Therefore, exchange with other cultures is “the foundation and lifeline of Japan”.

        There is a difference between a tourist trip and a long-term stay like studying abroad or foreign workers. It is really sad.
        At the very least, my family and I will be there for people like you in spirit.
        Good luck to you.

  16. Steve99 said on January 28, 2022 at 3:04 pm
    Reply

    Moz/FF are out of control. FF is still far better then chrome, but FF needs to be tamed. Part of that taming is…
    deleting 95% of the exe’s in the FF directory,
    deleting all files in the .\browser\features dir
    and using hosts file entries as below.. Using diff host addies allows for the monitoring of where FF is attempting to leak your private data. I

    127.0.25.1 accounts.firefox.com
    127.0.25.2 api.accounts.firefox.com
    127.0.25.3 aus3.mozilla.org
    127.0.25.4 aus4.mozilla.org
    127.0.25.5 aus5.mozilla.org
    127.0.25.6 blocked.cdn.mozilla.net
    127.0.25.7 channelserver.services.mozilla.com
    127.0.25.8 ciscobinary.openh264.org
    127.0.25.9 code.cdn.mozilla.net
    127.0.25.10 color.firefox.com
    127.0.25.11 content.cdn.mozilla.net
    127.0.25.12 coverage.mozilla.org
    127.0.25.13 crash-stats.mozilla.org
    127.0.25.14 detectportal.firefox.com
    127.0.25.15 developers.google.com
    127.0.25.16 discovery.addons.mozilla.org
    127.0.25.17 firefox.settings.services.mozilla.com
    127.0.25.18 fpn.firefox.com
    127.0.25.19 getpocket.cdn.mozilla.net
    127.0.25.20 getpocket.com
    127.0.25.21 incoming.telemetry.mozilla.org
    127.0.25.22 input.mozilla.org
    127.0.25.23 install.mozilla.org
    127.0.25.24 location.services.mozilla.com
    127.0.25.25 malware-error.mozilla.com
    127.0.25.26 mitmdetection.services.mozilla.com
    127.0.25.27 monitor.firefox.com
    127.0.25.28 normandy.cdn.mozilla.net
    127.0.25.29 oauth.accounts.firefox.com
    127.0.25.30 onecrl.content-signature.mozilla.org
    127.0.25.31 phish-error.mozilla.com
    127.0.25.32 pinning-preload.content-signature.mozilla.org
    127.0.25.33 profile.accounts.firefox.com
    127.0.25.34 profiler.firefox.com
    127.0.25.35 push.services.mozilla.com
    127.0.25.36 remote-settings.content-signature.mozilla.org
    127.0.25.37 search.services.mozilla.com
    127.0.25.38 shavar.services.mozilla.com
    127.0.25.39 snippets.mozilla.com
    127.0.25.40 spocs.getpocket.com
    127.0.25.41 install.mozilla.org
    127.0.25.42 sync.services.mozilla.com
    127.0.25.43 token.services.mozilla.com
    127.0.25.44 topsites.services.mozilla.com
    127.0.25.45 versioncheck-bg.addons.mozilla.org
    127.0.25.46 versioncheck.addons.mozilla.org
    127.0.25.47 vpn.mozilla.org
    127.0.25.48 webextensions.settings.services.mozilla.com
    127.0.25.50 ipv4only.arpa
    127.0.25.51 example.org
    127.0.25.52 accounts-static.cdn.mozilla.net

  17. Maysa said on January 29, 2022 at 12:09 am
    Reply

    Martin

    Why don’t you share an article about tor browser?

    1. TelV said on January 29, 2022 at 12:52 pm
      Reply
  18. Anonymous said on January 29, 2022 at 1:53 pm
    Reply
  19. all-time-lame-F-hacks said on January 29, 2022 at 3:57 pm
    Reply

    This is the only left web browser “fixing” their telemetry. The only other one-all-seeing-G keep trying throwing one more tracking code that will stick.

    PS: Why the all-mighty-F U keep blocking replies the all-time-lame-Fhacks??

    1. All-time-what? said on January 29, 2022 at 6:16 pm
      Reply

      Can you write in English?

      1. owl said on January 30, 2022 at 3:10 am
        Reply

        I’m not @all-time-lame-F-hacks, but perhaps he (all-time-lame-F-hacks) is shouting in a cryptic language with “certain letters” replaced.
        In short, his original sentence was “PS: Why the all-mighty-ghacks You keep blocking replies to the all-time-lame-ghacks?”.

        And he’s probably frustrated that the text of his post (comment) doesn’t appear immediately after you post it because he didn’t pay attention to the “Please note that your comment may not appear immediately after you post it.” that is clearly stated at the bottom of the Comment box.

        In other words,
        @all-time-lame-F-hacks = Childish!
        It is childish to use cryptic (encrypted) language to express. You should speak up fairly and honestly.

      2. censor_this_again said on February 3, 2022 at 12:45 pm
        Reply

        In short words: acting smart is not wisdom. Wink.

  20. Zeuda said on February 1, 2022 at 3:14 pm
    Reply

    Common users CANNOT disable the SPY connection “firefox.settings.services.mozilla.com” in the official Firefox release, because Mozilla developers have hardcoded this host in the source code, as you can see here:

    “Prevent Remote Settings server URL to be modified in release”:
    https://bugzilla.mozilla.org/show_bug.cgi?id=1598562

    Changing about:config and policies.json are not enough to stop it!
    Mozilla Firefox DOES NOT respect the privacy of its users.

    1. Tom Hawack said on February 1, 2022 at 5:08 pm
      Reply

      @Zeuda,

      ““Prevent Remote Settings server URL to be modified in release” : prevent them being modified, not blocked.

      Personally I use DNSCrypt-proxy with blocklists (but this is easily done with any system-wide url blocker) and I’ve added *services.mozilla* to my domain blocklist.
      Right after Firefox has started here’s the query (connections) log I get : https://img.justpaste.me/image/3360

      As you can see connection to [firefox.settings.services.mozilla.com] is rejected.
      Other connections concern installed extensions (Netcraft and Bitwarden).

      But I do agree that it’s not obvious, especially for a newbie, to control Firefox connections.
      Concerning services.mozilla and the Bugzilla ticket you mention, it ends with an explanation which is valid IMO :

      — “I suggest to add a setting ”services.settings.enabled” which disables the remote settings or to disable the remote settings if ”services.settings.poll_interval” is zero or negative.”

      — “Of course, that would make it very handy for users to disable it. But unfortunately it would also allow hijackers to tamper with the local DB of remote settings and disable its updates. And that’s exactly why we did this patch in the first place.”

      1. services.mozilla.com said on February 5, 2022 at 6:14 pm
        Reply

        @Tom Hawack

        What is services.mozilla.com? If I block it (firewall or hosts) is there any consequencies?

      2. Tom Hawack said on February 6, 2022 at 11:49 am
        Reply

        @services.mozilla.com, what exactly is ‘services.mozilla.com’ (the url, but that applies to pseudonyms as well, of course!) I couldn’t say, but what I can be affirmative about is that having it blocked has never, in my experience, led to any issue. I can also add that calls to this address occur not only at Firefox start but occasionally within sessions.

        Of course, one may wonder, me the first, “Is it safe, is it pertinent to block calls to a Mozilla address without knowing exactly what this address is all about?”. My answer is “Because there are so many components, because I don’t know each of their requirement, pertinence (good, bad, neutral), because I dislike what is not necessary (in computing, not in life) … my approach is pragmatic and experimental : backup-test-restore:yes|no” : I’ve never had to restore (stop blocking) ‘services.mozilla.com’ … and that applies to many other components, be they part of whatever application … and I did occasionally restore. Backup and experiment is, need to say, my computing credo.

        I admit that after reading your comment/question I’m bound to initiate a Web search for “services.mozilla.com” :=)

      3. services.mozilla.com said on February 7, 2022 at 2:18 pm
        Reply

        services.mozilla.com = Mozilla Services?

        – sync
        – pocket

        Access Mozilla Services with a Firefox Account
        https://support.mozilla.org/en-US/kb/access-mozilla-services-firefox-account

  21. services.mozilla.com said on February 6, 2022 at 8:10 pm
    Reply

    @Tom Hawack

    Thank you.

  22. Tom Hawack said on February 7, 2022 at 5:47 pm
    Reply

    @services.mozilla, I did write above that “what I can be affirmative about is that having it blocked [services.mozilla] has never, in my experience, led to any issue.”. In my experience, and my experience doesn’t include sync and pocket features.

    It’s good that you point out these two features, the former being a component of most browsers nowadays, the latter being, IMO, arguable in terms of pertinence and privacy.

    What I may add is that I have and access a Firefox account required to comment on AMO with connections blocked for *services.mozilla* … no idea about sync and pocket.

    1. services.mozilla.com said on February 7, 2022 at 6:04 pm
      Reply

      @Tom Hawack

      Thank you for answering. I do not neet sync or pocket so I blocked it system wide by firewall (if services.mozilla.com is relating). If I modify only about:config it will affect that certain profile not new profiles or installations.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.