Mozilla enabled ads in Firefox and they're active in Fedora
Reindl Harald
h.reindl at thelounge.net
Mon Nov 17 14:06:21 UTC 2014
Am 17.11.2014 um 14:41 schrieb Bruno Wolff III:
> Firefox is really not set up with privacy as a high priority. Some bad
> things it does from a privacy perspective are:
>
> If you type a name in the url bar and send, if the name dosn't match a
> domain google is contacted. (And it is google even if you have some
> other search engine set.)
>
> OSCP is used to check for certificate revocations. For some threat
> models this cure is worse than the disease. There should be an easy way
> to disable this.
not such problem if more sites would be configured properly
http://en.wikipedia.org/wiki/OCSP_stapling
> Javascript is not easy to disable without installing a third party
> plugin, and the way that plugin works still leaves some exposure to
> javascript related issues.
and everytime a newspaper recommends to disable it weeks later we got
complaints that some forms don't work because tech to make it harder
submit them automated until analyze what JS actions are expected
> The referer header is sent by default. It isn't obvious how to disable
> that
please don't propose disable the Referer globally
a samrt default would be
https://addons.mozilla.org/DE/firefox/addon/smart-referer/ to send it
only to the same domain
as example i require a referrer for captchas from the own domain to make
it harder embed the captcha into some porn site and let users type it in
everytime when people come out with "how to disable referrer, javascript
and the useragent" they have no clue what harm they are doing for sane
websites wich try to protect themself and their owners from automated
attacks / junk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141117/1f02a498/attachment.sig>
More information about the devel
mailing list