WTF MOZ SRSLY?

@Mozilla keeps attacking more and more the interest of its users... since they accepted DRM in HTML5? or even earlier since signing that deal with Google? What was in the deal by the way? Now we're in such deep shit...

@jz @Mozilla Most of these can be disabled (most importantly "safe" browsing), but not the automatic updates. copies Chromium too much.

@jz @Mozilla that #DRM thing is really unfortunate. But it was a w3c decision, so this bad thing had been standardised. And of Mozilla would not have implemented it, they would now have probably -20% market share/users, because everyone who wants to use #netflix would immediately switch to another browser.

@rugk @jz @Mozilla That is wrong. W3C, but in fact more probably WHATWG at first, has made a standard how to operate DRM. You can implement this code with no DRM problem. To finally read DRM content, you need a bit more, and that is the DRM code, that must be proprietary to be "efficient". Firefox uses Adobe stuff and Google Widevine, without this the web standard is not enough to read real DRM content foundable on the Web.

@nspanti @jz @Mozilla oh you can implement it, but not read DRM content lol… then that's surely no problem 😜

The reality is just people want to "read" DRM and w3c or okay whatwg paved the way. EFF e.g. criticized it and left the w3c or whatwg (don't remember which):

And Firefox also uses Googles #Widevine FYI.

@jz @Mozilla Do you have any idea what are these hosts are? Most of them are legitimate like openh264 and push.services, services.addons, etc.

@jz
What alternative do we have then ... What do you use on your side ?
@Mozilla

@hyde_stevenson @jz @Mozilla If you want alternative browsers, I'm working on a couple ("Odysseus" and "Rhapsode") and I'm also aware of:
* Epiphany/GNOME Web (WebKitGTK)
* Midori (WebKitGTK)
* Dillo (custom FLTK engine)
* NetSurf (custom engine)

And I must say for captive portals and software updates at least, I prefer leaving that to the OS rather than applications.

@jz @gael @Mozilla well, first of all most seem to be Mozilla domains, so seems to be fine, e.g. for update checks.

Google safe browsing is also in there, so you can explain that too.

So all things can be explained in the privacy policy. That a domain is purely contacted does not matter that much, but what is sent etc.
Telemetry etc. can e.g. also be disabled in the settings.

@rugk @jz @gael @Mozilla Also it's worth mentioning that, that while you might not expect this from Google, the privacy protection on their Safe Browsing looks awefully strong. I wouldn't worry about it.

They don't receive your browser history via that service.

@jz That video is super easy and simple to follow, even if it does look difficult at parts.
It's also the video that introduced me to privacytools.io/
I highly recommend watching it.

@jz @Mozilla I think it is really unfair. There are things like captive portal detection, the H264 plugin updating itself or Safebrowsing. Most users probably want those features. They don't seem to be used for tracking.

Please understand that many programs need to connect to many different hosts to work correctly and that isn't used for tracking purposes nor for delivering backdoors, etc.

@mimi89999

Please understand that not everybody is happy with the browser connecting willy-nilly to random stuff without the user's consent or knowledge.

Where to connect and when should be part of the onboarding process on installation or first launch.

We're not doing users any favours by conditioning their behaviour in negative ways.

@jz @Mozilla

@jz
I know what most of those are, but still not happy about shit connecting to stuff I didn't ask it to connect to.

Privacy and bandwidth come into the equation (I often work behind terminals, or even or ).

Which is why on every new installation I open about: config and clear every entry that has or (plus a few others) in it.

Yes, I disable "safe browsing" *and* update checks.

@Mozilla

@jz @Mozilla
Set all those domains to 127.0.0.1 in your /etc/hosts file!

@jz @Mozilla Sadly this kind of thing is not new: framasphere.org/posts/f977a980 (french) I guess GNU IceCat and the fork by Trisquel GNU/Linux are less worse. There is of course also the Tor Browser that I hope they removed nasty things. There is also the solution to use simple text browser, it limits websites, but it is efficient and consume far less resources. There are also some web browsers that use other engines, but not sure for security as "modern" web engines are so enormous and often fixed.

Sign in to participate in the conversation
La Quadrature du Net - Mastodon - Media Fédéré

Bienvenue dans le media fédéré de la Quadrature du Net association de défense des libertés. Les inscriptions sont ouvertes et libres.
Tout compte créé ici pourra a priori discuter avec l'ensemble des autres instances de Mastodon de la fédération, et sera visible sur les autres instances.
Nous maintiendrons cette instance sur le long terme.