I really wonder why Mozilla employees think it is acceptable to do that without informed consent for users running Windows. No one would tolerate Mozilla installing a binary in ~/bin/ and configuring it to be run via user crontab on Linux.
Oh well - time to go clean up my Windows installs. sigh
They install "allow any connections to anywhere" firewall rules on Windows too. Fortunately, it's "just" for the Firefox process but still...
---
I used to keep one last Windows 7 box around. It had the default firewall policies set to block everything by default and I had even went so far as to disable all the default rules that Windows creates and added explicit rules to only allow the specific traffic to the specific internal services I actually needed.
Then, I installed Firefox one day so I could use it to access a few internal web sites. Shortly afterwards, I went to add new firewall rules to allow connections to these internal web sites and discovered that the installer had automatically added new firewall rules for Firefox allowing it to connect to anything anywhere! Fortunately, this host was on a subnet which was blocked in the "real" firewall anyways, so -- in this case -- no actual harm done (it couldn't get out to the Internet anyways) but I was still a bit surprised to discover that.
Can you imagine the fallout and calls for beheading that would occur if Firefox for Linux added new rules to your Linux hosts' iptables firewalls!?
Not only do they collect telemtery by default -- and even send them telemtry data when you disable telemetry! -- they can also remotely change your Firefox settings and/or install "experiments", at any time, without any notice to you!
Hell, if you have a "clean" host/VM, I encourage you to install Firefox, start a packet capture, launch Firefox for the first time, then just sit and wait for 30 seconds or so -- not doing anything or interacting with it in any way -- before closing Firefox. Then, go take a look at your packet capture. I think you'll be quite surprised at all of the connections it makes...
This is really not the Mozilla Firefox I envisioned or expected way back when I first started supporting and advocating for it (when it was first announced!).
Are you telling me Firefox is not better than using edge/chrome in terms of data collection?
Are they using to improve their service or serve ads?
Still with Mozilla because I'm trying to back this against the Goliath Google.
> Are you telling me Firefox is not better than using edge/chrome in terms of data collection?
Did I mention Chrome, Edge, or any other browser? No, I said nothing of the sort.
Is t as bad as Chrome or Edge? Absolutely not. It's starting to look like Mozilla is actively working towards that goal, however.
I still prefer and use Firefox over any of the others but it's to the point where I'm using it not because it is the "best" browser but because it "sucks less" than any of the others.
>and even send them telemetry data when you disable telemetry! -- they can also remotely change your Firefox settings and/or install "experiments", at any time, without any notice to you!
Please don't spread fud and lies.
While Firefox makes some connections on start-up, it will not send any telemetry data or install studies once you've disabled them.
You can check about:telemetry and about:studies
Mozilla is quite transparent about what is being collected.
Having said this, I fully agree with you. A browser (or any other piece of software) should not make any connections anywhere unless instructed by the user.
> Mozilla is quite transparent about what is being collected.
You're right. In fact, according to Mozilla themselves [0]:
> Finally, we need better insight into our opt-out rates for telemetry. We use telemetry to ensure new features improve your user experience and to guide Mozilla’s business decisions. However, an unknown portion of our users do not report telemetry for a variety of reasons.
> ...
> To address this, we will measure Telemetry Coverage, which is the percentage of all Firefox users who report telemetry.
Fortunately, this totally-not-telemetry telemetry can be disabled too [1]:
> ... this extension has a special boolean opt-out pref: "toolkit.telemetry.coverage.opt-out".
Pretty much every time I've installed a fresh Firefox, all the telemetry is enabled by default. Opt out instead of opt in. Surprising considering what they sell themselves as.
Instead of copying and pasting the registry entry into a text file, merging ("running") it, then deleting the text file, the following (PowerShell) command should do the same thing:
might be neccesary first, if Firefox didn't already create it. Or it could be because I originally used forward slashes instead of back slashes (now fixed!).
Oh well - time to go clean up my Windows installs. sigh