Firefox enables user tracking
Firefox enables user tracking
Attached: 1 image Firefox is just another US-corporate product with an 'open source' sticker on it. Their version 128 update has auto checked a new little privacy breach setting. If you still use a corporate browser, at least do some safety version! We mainly use @librewolf@lemmy.ml based on fir...
... I mean, WTF. Mozilla, you had one job ...
Edit:
Just to add a few remarks from the discussions below:
- As long as Firefox is sponsored by 'we are not a monopoly' Google, they can provide good things for users. Once advertisement becomes a real revenue stream for Mozilla, the Enshittification will start.
- For me it is crossing the line when your browser is spying on you and if 'we' accept it, Mozilla will walk down this path.
- This will only be an additional data point for companies spying on you, it will replace none of the existing methodologies. Learn about fingerprinting for example
- Mozilla needs to make money/find a business model, agreed. Selling you out to advertisement companies cannot be it.
- This is a very transparent attempt of Mozilla to be the man in the middle selling ads, despite the story they tell. At that point I can just use Chrome, Edge or Safari, at least Google has expertise and the money to protect my data and sadly Chrome is the most compatible browser (no fault of Mozilla/Firefox of course).
- Mozilla massively acts against the interests of their little remaining user base, which is another dumb move made by a leadership team earning millions while kicking out developers and makes me wonder what will be next.
The way it works is supposed to anonymously allow the measuring of advertising performance. Which ads do well with which kinds of users. Instead of tracking each individual user this tracks context, meaning what site the ad was seen on etc. Thereby providing a way to know what kinds of ads work with what kinds of users without profiling every individual in the world.
That is what it's supposed to do. Data still goes to an allegedly "trusted third party" (let's encrypt, apparently) which then does this anonymization.
The idea is a lot less egregious, but it's still only a good idea assuming you agree ads would be a good and ethical way to make the internet go round, if only they weren't profiling everyone. I don't.
Yeah the title of the post makes it sound much worse than what it seems to be in practice? Maybe I'm just naive
I think this a problem with applications with a privacy focused user basis. It becomes very black and white where any type of information being sent somewhere is bad. I respect that some people have that opinion and more power to them, but being pragmatic about this is important. I personally disabled this flag, and I recognize how this is edging into a risky area, but I also recognize that the Mozilla CTO is somewhat correct and if we have the option between a browser that blocks everything and one that is privacy-preserving (where users can still opt for the former), businesses are more likely to adopt the privacy-preserving standards and that benefits the vast majority of users.
Privacy is a scale. I'm all onboard with Firefox, I block tons of trackers and ads, I'm even somebody who uses NoScript and suffers the ramifications to due to ideology reasons, but I also enable telemetry in Firefox because I trust that usage metrics will benefit the product.
This is after they bought an ad company last month, Mozilla is compromised now
Edit: Somebody pointed out the reason: Mozilla Foundation has no members. It's just the executives, no one in the actual community has any input in Mozilla's direction, and considering how wildly out of touch tech executives are this explains it all
A bunch of Firefox devs need to leave Mozilla, fork it and start up an actual non-profit not based around monetization. I would happily donate monthly if I knew it were going to Firefox development, instead of the dozen other things Mozilla spends its money on. I'm sure I'm not alone.
You’re definitely not alone. If this happens and it becomes some major news in the community with reasonable visibility, I’m sure many people would support this.
In the meantime you can give a look to the Servo project. If Servo is clean for you, you can support them.
I think it’s more because the Mozilla Corporation is a for-profit company and people barely understand the difference between the Corporation and Foundation or what the Foundation even does, or the rules that allow a non-profit to own a for-profit.
This is misinformation. The setting in question is not a "privacy breach setting," it's to use a new API which, for sites that use it, sends advertisers anonymized data about related ad clicks instead of the much more privacy-breaching tracking data that they normally collect. This is only a good thing for users, which is why the setting is automatically checked.
It's illegal in Europe to have an opt-out checked by default, must be an opt-in unchecked by default. This is one of the reason that Microsoft has always troubles in Europe about privacy and opt-out services.
That only applies to personally-identifiable information.
This does not prevent regular ad tracking, this provides additional data to advertisers. It also means Mozilla is now tracking me, and then Mozilla does this "anonymizing" on their servers. I do not trust Mozilla with this data, and I don't trust that no way can be found de-anonymize or combine this data with other data ad networks already collect.
This is not in my interest at all. This data should not be collected. The ad networks can suck it, why should I help them?
https://blog.privacyguides.org/2024/07/14/mozilla-disappoints-us-yet-again-2/
Advertisers can already easily get this data without this setting, and any measures you take to block ads also by definition affect this setting.
Meanwhile, if this works and becomes widely available, regulators will be able to take measures against user surveillance without having to succumb to the ad industry's argument that they won't know whether their ads work.
And yes, this provides data to advertisers, but it's data about their ads, not about users.
... No, it does not. The ads are currently already tracking clicks and conversions, on top of a whole boatload of other personal data. This API instead provides them with just the click and conversion data, divorced from the personal data and then aggregated with all the other site visitors.
Being against this proposal basically means you trust random websites and ad companies more with your data then you do Mozilla and LetsEncrypt.
... first of all, providing a new API to give out information about me is not a good thing in my mind.
Second, this would be the first time in human history, the advertisers would not simply add that APIs information to everything else they aggregate including fingerprinting of your browser.
So, serious question: How is this good for me?
Edit: typo
Are you trying to tell me that the host server is showing the ad, because last I checked, with my whitelist firewall, I never see ads because all ads are links to the ad server you are actually visiting. It is no different than opening up the webpage and connection to them. They get all the same fingerprinting info.
I'm not saying one way or another here, but there is no such thing as anonymous data collection. It only takes 2-3 unique identifiers to connect a person between a known and anonymous data set and there are almost always quite a few more unique identifiers than this in any given dataset. When I hear anyone say stalkerware is anonymous, I assume they are no longer just a privateer of a foreign drug cartel level state, instead they are full blown slave trader pirates fit for the gallows or worse.
... No, I'm saying that a given site hosts the specific instance of an ad. That site has control over what the ad can harvest, and if they're opting in to this PPA API, that information will be anonymized and much more limited than it currently is.
People should just use LibreWolf at this point
Be careful what you wish for. Firefox needs income and without audience for Firefox, Firefox is no more and then LibreWolf is no more.
But Firefox is open source, though. It's not going to disappear just like that.
I think Mozilla could find another way of getting profit without without tracking its users or depending on Google's funding.
I wish they had a mobile app!
I've enjoyed Mull as an Android alternative https://gitlab.com/divested-mobile/mull-fenix
The original mastodon post was with more details, and some drama, but the guy is trying to spam this link everywhere he can. so desperate for attention. lol
I think it’s a valid news to spread here.
Ok idealist.
What is your alternative funding stream for Mozilla?
It's bad.
Is it worse than the advertising owned browser that gives your information directly to said advertiser?
How does KDE do it with Konqueror?
They don't. They rely entirely on donations (and sponsorship donations). It also mean, they have less resources to maintain and develop their software, ESPECIALLY Conqueror since it's not as much well-maintained compared to other parts of the KDE software suite. Plus, Firefox do maintain their own web-engine, while KDE just use the WebKit one, so even more reasons that Firefox can't substain with the resources KDE currently has.
Fair question. First move for Mozilla: Fire the whole fucking leadership team and use the millions saved for some more developers working on Firefox. That should finance the next 2 years, afterwards we can think about next steps. :-P
I used to say the same, but now I wonder if they need as much as they have?
I am genuinely curious. There have been a lot of threads like this full of criticism for not spending enough on the browser.
It seems the browser is plenty funded, so maybe the org and co have too much and are in search of where to spend it?
Maybe it's just the company with too much and the org is still struggling?
I mean, that argument starts to wade in to the Mozilla foundation as a whole, and what their purpose is, and that's a giant kettle of fish.
Theoretical game. They lowball Google on how much Google pays them. How do people react? I don't see them doing that and say, "Man, I'm glad Firefox is reducing Google's influence over them". I see them making a thread about how Firefox is giving Google a discounted rate because they're all corrupt technofacists.
The core problem there still exists IMO. Funding.
What we really need is a reasonable way for open source, free, software, that exists for the good of the whole, to get money. But that has it's own kettle of fish, where does it come from, how big is big enough to get some, what if they charge for support, how open is open enough.
Something something, seize the means of production, communism, etc.
So you didn't care reading up what PPA is, eh?
But yeah I agree with the toot, we need more browsers heck even more browser engines to not end with just one engine controlled by fucking Google.
Safari too: https://clearcode.cc/blog/privacy-preserving-ad-click-attribution-explained/
This was a webkit proposal from 2019: https://webkit.org/blog/8943/privacy-preserving-ad-click-attribution-for-the-web/
And it has been a W3C draft since 2021: https://privacycg.github.io/private-click-measurement/
Bye, bye Firefox!
anyone who cares about privacy is running ublock and/or umatrix anyway so it's negated.
This helps you not seeing ads, it does not help you being tracked.
What?
uBO absolutely helps against tracking. It is at least half of its reason for existing.
The two primary lists are an (1) an ad block list (2) an anti-tracking list.
And used in medium or hard mode uBO categorically blocks many methods of tracking.
But also, if you use Firefox, this is layered on top of Enhanced tracking protection, blocking of 3p tracking cookies, and total cookie protection (dfpi)
waterfox rocks btw
waterfox Thanks, never heard of it! will try it.
Librerfox is even better!