Firefox built-in spyware that cannot be disabled
Looking at about:networking I can see connections to pocket (despite me disabling pocket in about:config) as well as connections to "firefox.settings.services.mozilla.com".
And after research, it appears some of these are hard-coded into the source code on purpose for "security reasons" which is ridiculous.
Mind you, my browser is hardened to it's best.. just felt like sharing this for anyone unaware that even if you harden Firefox, even if you go the extra 10 miles and edit about:config, it will still spy on you!
47 comments
[ 3.7 ms ] story [ 128 ms ] threadWhy? DoH is good for privacy.
I do not agree that it is good for privacy. Maybe one day if ESNI is implemented everywhere then there may be some truth in the idea, but that also assumes that we are not just moving the resolver from the local ISP to the big centralized platforms like Cloudflare or Google. Cloudflare and Google are by far the biggest and juiciest targets for state sponsored monitoring, much more than each individual ISP's DNS. As I have no control over their data retention and usage policies I just run my own DNS that talks directly to the root DNS servers and pre-resolves/caches all the domains name-servers that I talk to regularly. At best my tiny ISP would see my batch queries that run on a schedule. If some day my tiny ISP became nefarious I would put them out of business and hope that whomever acquires their infrastructure may be better behaived.
As a side note, I think PiHole should consider adding a feature for Squid MiTM proxy mode so that more people can do this, with options like peeling off specific LAN clients to use the proxy or force everything through it.
I don't think pihole will be able to MITM though at decent speeds, if it's actually running on a raspberry pi.
The only option is to do a man in the middle like some business firewalls (eg zscaler) do.
I don't like DoH much either because apps can use it to bypass my local pihole. But blocking it is hard when an app hardcodes its own DoH server.
DoH is really a solution for a US problem that we in Europe don't have. Here it's illegal for ISPs to use deep packet inspection to datamine their customers.
I covered that in the comment next to this one.
That depends on what sort of privacy concerns you. I think DoH is awful because it allows DNS lookups that I cannot observe/filter/respond to without going to great lengths.
The patches do not remove any telemetry. [1]
OP's argument still stands, as LibreWolf's telemetry and normandy integrations are identical to upstream Firefox.
[1] https://codeberg.org/librewolf/source/src/branch/main/patche...
Literally on the front page: https://librewolf.net
You're here to astroturf for Mozilla or Google, aren't you?
You can verify that easily by grepping the codebase.
As LibreWolf doesn't patch these hardcoded URLs out, their marketing is wrong and a fraudulous statement. They don't remove these features and they are also not stubbing out the APIs (e.g. like TOR's patchset does).
I'm not here to astroturf anything, maybe just get your shit together and stop accusing people randomly?
https://codeberg.org/librewolf/source/src/branch/main/patche...
it is still my primary browser because it is now the only alternative to google's monopoly(even though mozilla is de facto living off of google's money).
I love a lot of their stuff like the containers and local translation but pocket is just spam.
On uselessness - it’s my primary offline reader - have it installed on an eink boox device and send 20-30 articles per week from the browser to the boox.
But bundling it with the browser makes no sense.
Browsers should only do what their users tell them to do. In fact: that goes for computers as a whole.
https://librewolf.net/
Keeps version parity but removes all the nastiness with a lot of other beneficial config changes...and the ability to further customize in persistent js files.
Cachy Browser in CachyOS/Archlinux is more or less Librewolf with some other tweaks to make it faster.
You click "@ohfp" and it leads you to an incredibly empty github-ish thing with 7 total followers? That is not a good sign at all.
"About us" is completely missing, and that is extremely important to me.
I would need a bit more trust, maybe even something like EFFs blessing, to use this.
If you were being skeptical, would you trust them? Why?
https://mullvad.net/en/browser
The only potential issue with it is that it might be TOO good at anonymizing you, to the point that you set off security measures, ala Cloudflare, simply by NOT leaking any juicy data to identify you.
https://support.mozilla.org/en-US/kb/how-stop-firefox-making...