Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#53571 - Disable the recently enabled mozilla surveillance in Arch builds of Firefox

Attached to Project: Arch Linux
Opened by Imnotreal (oma) - Wednesday, 05 April 2017, 12:44 GMT
Task Type Feature Request
Category Packages: Extra
Status Assigned
Assigned To Jan Alexander Steffens (heftig)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 4
Private No

Details

Description:

Latest build of firefox package enables mozilla surveillance through telemetry. Third party remote monitoring tool ought to be opt-in not opt-out. Mozilla itself only enables telemetry in nightlies, aurora and beta but not in release builds.

Please revert this change and go back to how things used to be provide arch users with minimal privacy protection by default.

This task depends upon

Comment by Jan Alexander Steffens (heftig) - Wednesday, 05 April 2017, 22:40 GMT
It's configured exactly how Mozilla requested it. Firefox Health Report is opt-out and extended telemetry is opt-in.
Comment by Imnotreal (oma) - Thursday, 06 April 2017, 07:40 GMT
Sorry for the confusion, Mozilla PR had me thinking that Firefox health report was something different from Firefox telemetry. From the google groups discussion it was said that arch had enabled telemetry[1].

Now I understand that "health report" is telemetry and "telemetry" is extended telemetry. So please ignore the part where I mention telemetry only being enabled out of release channel and consider reverting the change by disabling whole third party remote collection of data through the web browser. At the very least make it all opt-in but it seemds from the Firefox privacy patches[2] that Firefox may collect and send data even when it is disabled from the about:config settings.

[1]: https://groups.google.com/forum/#!topic/mozilla.dev.platform/jRAqSTri66I
[2]: https://bbs.archlinux.org/viewtopic.php?id=202766
Comment by Stefan Majewsky (majewsky) - Friday, 15 December 2017, 14:59 GMT
Today, Firefox has installed an addon in my Firefox (and those of many other users, see e.g. https://news.ycombinator.com/item?id=15931730). It turns out that there is a new setting in "Preferences > Privacy & Security > Firefox Data Collection and Use" to "Allow Firefox to install and run studies", which is (of course) opt-out.

To double-check that this was not enabled because of some specific preferences that I set myself, I created a fresh user account with useradd, logged in and started Firefox. The "Allow Firefox to install and run studies" checkmark was set (see attached screenshot). I don't allow anyone to run random code on my machine, so please make this opt-in.
Comment by Imnotreal (oma) - Friday, 15 December 2017, 22:11 GMT
@Stefan> My fix for this and every mozilla antifeatures: I switched from firefox to waterfox[1].
It's basically firefox without the mozilla crap (no spying telemetry, no pocket, no data collection, no startup profiling, no DRM, support of unsigned extensions, support of legacy extensions, ...)


[1]: https://aur.archlinux.org/packages/waterfox-bin/
[1]: https://www.waterfoxproject.org/
Comment by Stefan Majewsky (majewsky) - Saturday, 16 December 2017, 13:22 GMT
@Imnotreal That's too much. No spying, no pocket, no profiling, no DRM would be nice. Support of legacy extensions, HELL NO. The last point means they're maintaining a fork that goes farther and farther away from mainline every day. I agree with the changes they're doing to the architecture, I just don't agree to the spying layer on top of it.

Loading...