I'm "off the grid", apparently, but that quiz list is incomplete. I use a credit card. I use a mobile phone. I used to connect to my car with bluetooth (now I use an aux cable, mainly to avoid having to shut off the car when my spouse's phone gets picked up first). I use Gmail (and ProtonMail, increasingly). I'm not paranoid, though; some information is a fair trade for functionality, and there's a lot of "functionality" I'm not particularly drawn to.
I appreciate that the user can skip to result's with giving Mozilla an email address. I generally like Firefox and Thunderbird, using those more than any other similar, but increasingly Moz://a feels a bit pushy-creepy. Less than many others, but still.
This is one of my grief towards Mozilla. They seem to ALWAYS try to trick me into signing for their newsletter. Actually it seems to be the main goal of this creep-o-meter, uncomplete and unreliable as it is.
Considering their recent vehicle data analysis was focused more on invoking an emotional response with reporting on a skimming of privacy policies instead of providing concrete evidence for data misuse, I don’t trust Mozilla as a reliable and trustworthy source for consumer data advocacy. This seems like they’re giving up trying to make a competitive browser and shifting focus to clickbait.
As a full time Firefox user, this continues to be incredibly disappointing.
So you want them to wait till certain companies and industries are able to sell and misuse users' data before they report egregious, very possibly illegal blanket mandatory consents for data that shouldn't be collected in the first place to perform any function of the car.
Yeah, no. Mozilla deserves A LOT of criticism but this definitely isn't one of them.
Mozilla isn't contributing anything impactful for the cause by reaching for low-effort headlines instead of putting in the work of a proper investigation.
Without installing some kind of custom rom? The last two phones I bought wouldn't let me proceed through the setup until I had registered a google account.
No idea how to disable activation lock without a reset either.
I have to agree that this entire thing was poorly researched and executed, but I do think that there is value in these types of guides, in particular when it comes to informing people of products and services that are terrible in terms of privacy. Most people are totally unaware of how much data is being collected and how it's being used against them.
The consumer outreach part of this was a good idea from mozilla (the quiz on the other hand was a terrible idea) but this really should have been handled with more care.
I think the problem with a privacy quiz is that as soon you answer that you own a cell phone your privacy is forfeit. We can't function into today's society without screwing ourselves over. Telling people that they can be "off the grid" while owning a android device is a massive lie, and telling people that their participation in society has made them extremely vulnerable may be accurate, but it's also going cause people to feel defeated. There's no winning.
It's best just to name and shame companies collecting far more data than they need (like cars with microphones that listen in on your conversations/lovemaking, or roku devices that upload multiple screenshots per second of whatever is being displayed), because that at least educates consumers of the risks. Consumers can't complain and demand changes if they don't even know about the abuses that are happening and nobody selling consumers these devices is going to say anything.
It should. I couldn't even see the quiz because I have JS disabled and the browser heavily locked down. That should count for a few points in my favor.
It's very disappointing to see Signal in the list of "Winners". I'd have expected Mozilla to do some real research before recommending something. It looks like they based their review off of Signal's privacy policy which hasn't been updated and has been outright lying about what they collect and how for years.
Signal started collecting names, phone numbers, photos, and most importantly contacts and is now keeping that data in the cloud, but they refuse to update their privacy policy to detail that. Mozilla thinks that Signal only collects your phone number, and optionally your name and photo but that simply isn't true. If you include your name and photo in your profile Signal collects that data without asking and there is no way to stop them from collecting your contacts.
Mozilla also claims that the data Signal collects can't be seen by anyone but that's a very open question considering how they're storing the data (SGX) and how it's protected (a simple PIN). See: https://community.signalusers.org/t/proper-secure-value-secu...
Most telling to me though is how Signal communicated the change to collecting this data (which was extremely evasive and resulted in a lot of confusion and misunderstandings) and their refusal to update their privacy policy - the very first line of which reads: "Signal is designed to never collect or store any sensitive information.", but if I were a whistleblower or a human right's activist I'd absolutely consider a list of everyone I was contacting using Signal to be "sensitive information" and Signal is designed to collect that data and keep it forever in the cloud.
Signal promotes their app to the types of people whose freedom and lives depend on their communications being secure so I think lying to those same people about Signal's data collection practices is sickening, but I suspect that doing it so obviously may also be the folks behind Signal doing everything they can to warn people away. That would also explain some of Signal's other recent questionable actions like adding weird crypto stuff and removing one of their most popular features: the ability to use the app for both secure communication and unsecured SMS/MMS.
I'm sure that Mozilla means well with this project, but I guess this is just a reminder to do your own homework and not take people's recommendations at face value, especially when you're dealing with highly sensitive data.
26 comments
[ 6.3 ms ] story [ 77.2 ms ] threadI appreciate that the user can skip to result's with giving Mozilla an email address. I generally like Firefox and Thunderbird, using those more than any other similar, but increasingly Moz://a feels a bit pushy-creepy. Less than many others, but still.
>Asks for email address to sign up for a mailing list
Ironic.
cyberpunk vibes
I have an android phone, google account and probably 300 other accounts in my password manager, all of which suck up my data.
According to this tool I'm living "off-the-grid". What a farce.
As a full time Firefox user, this continues to be incredibly disappointing.
Yeah, no. Mozilla deserves A LOT of criticism but this definitely isn't one of them.
Settings -> Google -> Manage your Google account-> Data and Privacy
Just disable anything you don't use.
You can also have an android phone without registering a Google account.
No idea how to disable activation lock without a reset either.
The consumer outreach part of this was a good idea from mozilla (the quiz on the other hand was a terrible idea) but this really should have been handled with more care.
* WeChat => You’re an open book.
* WeChat & Telegram => You’re off the grid.
A privacy quiz which gives nonsensical, misleading, and incomplete results is obviously not a good thing.
It's best just to name and shame companies collecting far more data than they need (like cars with microphones that listen in on your conversations/lovemaking, or roku devices that upload multiple screenshots per second of whatever is being displayed), because that at least educates consumers of the risks. Consumers can't complain and demand changes if they don't even know about the abuses that are happening and nobody selling consumers these devices is going to say anything.
Otherwise just pack, go join some NGO and help making the world a better place instead.
Signal started collecting names, phone numbers, photos, and most importantly contacts and is now keeping that data in the cloud, but they refuse to update their privacy policy to detail that. Mozilla thinks that Signal only collects your phone number, and optionally your name and photo but that simply isn't true. If you include your name and photo in your profile Signal collects that data without asking and there is no way to stop them from collecting your contacts.
Mozilla also claims that the data Signal collects can't be seen by anyone but that's a very open question considering how they're storing the data (SGX) and how it's protected (a simple PIN). See: https://community.signalusers.org/t/proper-secure-value-secu...
Most telling to me though is how Signal communicated the change to collecting this data (which was extremely evasive and resulted in a lot of confusion and misunderstandings) and their refusal to update their privacy policy - the very first line of which reads: "Signal is designed to never collect or store any sensitive information.", but if I were a whistleblower or a human right's activist I'd absolutely consider a list of everyone I was contacting using Signal to be "sensitive information" and Signal is designed to collect that data and keep it forever in the cloud.
Signal promotes their app to the types of people whose freedom and lives depend on their communications being secure so I think lying to those same people about Signal's data collection practices is sickening, but I suspect that doing it so obviously may also be the folks behind Signal doing everything they can to warn people away. That would also explain some of Signal's other recent questionable actions like adding weird crypto stuff and removing one of their most popular features: the ability to use the app for both secure communication and unsecured SMS/MMS.
I'm sure that Mozilla means well with this project, but I guess this is just a reminder to do your own homework and not take people's recommendations at face value, especially when you're dealing with highly sensitive data.