WTF - you had only one job and you are failing in it. - AOS for Lemmy.World - A generic Lemmy server for everyone to use.

1218

WTF - you had only one job and you are failing in it.

1y 9mon ago by mastodon.radio/users/OH3CUF in librewolf@lemmy.ml from mastodon.radio

WTF @librewolf - you had only one job and you are failing in it.

"No telemetry" -> first thing Librewolf does is connect to Mozilla telemetry services.

Found out this by having littlesnitch@mastodon.obdev installed.

#librewolf #telemetry #cybersecurity

https://librewolf.net/docs/faq/#does-librewolf-make-any-outgoing-connections

That section covers your concern

What I don't get is why they don't allow users to decide if they want to connect to Mozilla or not with an option in the settings. Libre means being free (to choose in this case), not being forced.

~~They do. It’s called Deny and it’s right there in the screenshot.~~ never mind. I see it was me who misunderstood.

@dohpaz42 @corvus
You can also easily disable in about:config

Which setting disables it?

@smpl @corvus and if you want to be double plus sure, set pushServer to “none” instead of the default wss:// address

But they want to bitch and moan and wave their pitchforks around because their privacy is obviously being violated. 🙄

@TheWorldRolledMe "LibreWolf also maintains an open WebSocket towards Mozilla's push server to check wether you have received push notifications from websites you have subscribed to."

An app that is developed privacy in mind should never connect to anywhere without consent.

Also, I really don't need any freakin' push notifications from websites. I'm not "subscribing" to anything - or never will. What is that even - I didn't know I can subscribe through Mozilla to websites. Weird.

without consent…

~~Um… isn’t that what the screenshot is asking for? I’m missing the part where you’re being forced without consent?~~

Edit: I misunderstood the above screenshot. My apologies.

@dohpaz42 Nope, that is a screen capture from Little Snitch (Firewall) that noticed new outgoing connection.

I just realized that. My apologies.

@OH3CUF @librewolf I wonder how Mullvad Browser would fare in the same circumstance

@JP3REM @librewolf @JP3REM @librewolf Very badly. I killed the app after 9 requests by just opening the app (and nothing else) and it kept going on. Probably the connections to IP-addresses are Tor-nodes but who knows what they are? (can only attach 4 images in one toot).

Same thing here; telemetry for Mozilla and for many plugin developers (I couldn't attach here but at least three call-homes for the plugins based on the server name).

@mullvadnet

@OH3CUF @librewolf @mullvadnet Just to clarify, that's just opening the browser without any tabs or 'home page'?

@JP3REM @librewolf @mullvadnet Yes.

Homebrew enables Google Analytics by default. Sending telemetry without even warning users to opt out, was a bad look, even before Google was convicted as a monopoly.

That's not true anymore. All previously saved Google analytics have been deleted and when you install hombrew for the first time you get an info box about how to opt-out.

Source

It's still opt-in by default, but as I said:

They do not use google analytics anymore
You get a text saying how to opt-out when installing before anything is send to their analytic server

They are also very transparent on what is send. That's actually not that bad.

@wyat @librewolf MacOS Mail.app does this crap too. I have the option "do not load external content". What it does is loads content for emails when those arrive in my mailbox, in the background and which are classified as spam. Thanks to Little Snitch @littlesnitch I noticed that.

Yup, never ever trust anybody. This is absolutely bollocks :D