Mozilla enabled ads in Firefox and they're active in Fedora

Reindl Harald h.reindl at
Mon Nov 17 14:06:21 UTC 2014

Am 17.11.2014 um 14:41 schrieb Bruno Wolff III:
> Firefox is really not set up with privacy as a high priority. Some bad
> things it does from a privacy perspective are:
> If you type a name in the url bar and send, if the name dosn't match a
> domain google is contacted. (And it is google even if you have some
> other search engine set.)
> OSCP is used to check for certificate revocations. For some threat
> models this cure is worse than the disease. There should be an easy way
> to disable this.

not such problem if more sites would be configured properly

> Javascript is not easy to disable without installing a third party
> plugin, and the way that plugin works still leaves some exposure to
> javascript related issues.

and everytime a newspaper recommends to disable it weeks later we got 
complaints that some forms don't work because tech to make it harder 
submit them automated until analyze what JS actions are expected

> The referer header is sent by default. It isn't obvious how to disable
> that

please don't propose disable the Referer globally
a samrt default would be to send it 
only to the same domain

as example i require a referrer for captchas from the own domain to make 
it harder embed the captcha into some porn site and let users type it in

everytime when people come out with "how to disable referrer, javascript 
and the useragent" they have no clue what harm they are doing for sane 
websites wich try to protect themself and their owners from automated 
attacks / junk

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the devel mailing list