LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-24-2019, 03:47 PM   #16
Slackware_fan_Fred
Member
 
Registered: Oct 2018
Distribution: Slackware64-14.2 Multilib
Posts: 70

Rep: Reputation: 26

Quote:
Originally Posted by hydrurga View Post
If you can't back up your claims with evidence, and then are willing to argue about the validity of that evidence, don't rant about it. What's Germany got to do with it, anyway?
I think he meant Germany as in Cliqz
https://www.ghacks.net/2017/10/06/mo...ta-collecting/
 
1 members found this post helpful.
Old 05-24-2019, 03:47 PM   #17
FOSSilized_Daemon
Member
 
Registered: Mar 2019
Distribution: OpenBSD/Alpine Linux
Posts: 151

Rep: Reputation: Disabled
Like I said, no one pays attention or cares about these things. As long as they can say "well *fill in app or company name* is actually *fill in whatever*" they are happy. People don't want real privacy or freedom. They just want enough freedom to feel free and enough privacy to feel private. All the evidenace (which includes the german government losing it after Mozilla broke their laws and injected maleware (which was written in JS) into specific users computers to see if they could do it without anyone noticing, then injecting malware js into build of FF to campign for a TV show, them investing into malware and injecting ads and things to collect data on users, etc) is not gone. I know just as well as you do why it is gone, as I have no idea. But that is the state of it. You can do and say with that what you wish, but there is nothing I can give you because it is gone. Want more info? Duckduckgo.com is a great place to look, if you manage to find any of the blog posts and videos that were removed (by whoever or whomeever be it youtube, their creators, etc) then please review it as it is important. But blind ignorance is not good for security.
 
1 members found this post helpful.
Old 05-24-2019, 03:57 PM   #18
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 19.1 MATE
Posts: 8,008
Blog Entries: 5

Rep: Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855Reputation: 2855
Quote:
Originally Posted by Slackware_fan_Fred View Post
I think he meant Germany as in Cliqz
https://www.ghacks.net/2017/10/06/mo...ta-collecting/
Cheers, sfF. Didn't know about that, and wouldn't be happy about it if I were one of the affected users in Germany. Opt-in: fine. Opt-out, no thanks. I'm not saying that we don't have to keep our ears and eyes open in order to keep the developers honest.
 
2 members found this post helpful.
Old 05-24-2019, 04:53 PM   #19
FOSSilized_Daemon
Member
 
Registered: Mar 2019
Distribution: OpenBSD/Alpine Linux
Posts: 151

Rep: Reputation: Disabled
Quote:
Originally Posted by Slackware_fan_Fred View Post
I think he meant Germany as in Cliqz
https://www.ghacks.net/2017/10/06/mo...ta-collecting/
I was unaware of that one, but a nice one to add to the list of the reasons they are bad. What I am referring to (when it comes to Germany) was about two or three years ago (I believe it was two or three years ago) Mozilla injected JavaScript into specific users build of FireFox in order to see if they would notice and to see if they could do it to everyone using FireFox. I don't recall everything the JavaScript did, however I remember it having something to do with phoning home browser history, clicks on pages and some other data. I haven't been able to find any of the articles and videos on it. However if anyone is able I would try to find the Bryan Lunduke video from awhile back, he has (or had) links to all the articles, blog posts and other evidence he used in his research. Sadly it isn't (to my knowledge) available on YouTube anymore.
 
1 members found this post helpful.
Old 05-24-2019, 05:46 PM   #20
Mechanikx
Member
 
Registered: Jul 2018
Location: Canada
Distribution: Slackware
Posts: 147

Rep: Reputation: 111Reputation: 111
Quote:
Originally Posted by FOSSilized_Daemon View Post
...Bryan Lunduke video from awhile back, he has (or had) links to all the articles, blog posts and other evidence he used in his research. Sadly it isn't (to my knowledge) available on YouTube anymore.
I actually watched that video when it first came out: "Mozilla is not trustworthy" and you're right it's gone. However I did find this video:

https://www.youtube.com/watch?v=-nyQIUcCJfo

I can't watch it though, as I'm at work.

Last edited by Mechanikx; 05-24-2019 at 05:47 PM.
 
1 members found this post helpful.
Old 05-24-2019, 06:03 PM   #21
Slackware_fan_Fred
Member
 
Registered: Oct 2018
Distribution: Slackware64-14.2 Multilib
Posts: 70

Rep: Reputation: 26
Quote:
Originally Posted by Mechanikx View Post
I actually watched that video when it first came out: "Mozilla is not trustworthy" and you're right it's gone. However I did find this video:

https://www.youtube.com/watch?v=-nyQIUcCJfo

I can't watch it though, as I'm at work.
The guy in the video is right Mozilla can't be trusted, like he said if a person wants to give money give it to another browser.
Use Firefox they say Mozilla respects your privacy they say, don't use Opera they tell me the "Evil" Chinese will spy on you, lol Mozilla has been caught using spyware on users but as far as I know Opera has never done that.
 
Old 05-25-2019, 02:34 AM   #22
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 11,719
Blog Entries: 9

Rep: Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117
Seriously, this is not how you discuss topics you feel strongly about.
uninformed emotional rant just gives those you are trying to convince a strong argument against you.
this is indeed damaging to the thing you're fighting for.

to use your own words:
"At this point this conversation, much all others that take place about bloat and spyware, has become petty crap that isn't worth my (and hopefully your) time."

Quote:
Originally Posted by FOSSilized_Daemon View Post
Anyone who can honestly look at FireFox and Mozilla and say they are not as bad as Microsoft and Google is a fan boy. They have invested in maleware, injected maleware into users browsers many times and have done even worse things than google. I guess people have to justify the crappy situation we are in. Yes, browsers need to be bloated to run all the Javascript, PHP and other crap I and many others bloat and don't use. Browsers shouldn't be bloated peices of spyware just because some web devs think "OH we should make it easier for the users by adding a crap ton of animations and bs no one wants or needs. Just like in the 90s! Rememeber how we centralized the internet? How has that backfired?". At this point this conversation, much all others that take place about bloat and spyware, has become petty crap that isn't worth my (and hopefully your) time.
Quote:
Originally Posted by FOSSilized_Daemon View Post
I know there is surf from suckless which is (I believe) pure C, however personally there are issues with it such. One thing I do love about FireFox is how addons (in some respects) are done. I like that they are downloaded and run off the system as aposed to being web extensions. I would love to see a minimal browser with at most js support that has that ability. To be 100% honest 99% precent of the bloat in browsers (and other software) is due to trying to make something main stream for everyone. This means the whole (easier for the user) screws the project in about all aspects.
Quote:
Originally Posted by FOSSilized_Daemon View Post
I would, but for whatever reason:
A) people don't care or pay attention (MR. Robot, last week/month, last few years, germany etc)
B) All the blog posts and videos I had saved have been removed and idk why. I know Lunduke's got removed and then he moved it to patrion or whatever the site is called.
I have been ranting about this for sometime and with how little people seem to care it feels like telling a windows user about the keyloggers and spyware in it. I get no where and everyone gets mad. In short, not worth the effort to try to dig an archive of posts just have people wipe themselves with it tbh.
Alos, collecting ANY DATA AT ALL that I have not 100% consented to is a, well can't say it here.
Quote:
Originally Posted by FOSSilized_Daemon View Post
Like I said, no one pays attention or cares about these things. As long as they can say "well *fill in app or company name* is actually *fill in whatever*" they are happy. People don't want real privacy or freedom. They just want enough freedom to feel free and enough privacy to feel private. All the evidenace (which includes the german government losing it after Mozilla broke their laws and injected maleware (which was written in JS) into specific users computers to see if they could do it without anyone noticing, then injecting malware js into build of FF to campign for a TV show, them investing into malware and injecting ads and things to collect data on users, etc) is not gone. I know just as well as you do why it is gone, as I have no idea. But that is the state of it. You can do and say with that what you wish, but there is nothing I can give you because it is gone. Want more info? Duckduckgo.com is a great place to look, if you manage to find any of the blog posts and videos that were removed (by whoever or whomeever be it youtube, their creators, etc) then please review it as it is important. But blind ignorance is not good for security.
Quote:
Originally Posted by FOSSilized_Daemon View Post
I was unaware of that one, but a nice one to add to the list of the reasons they are bad. What I am referring to (when it comes to Germany) was about two or three years ago (I believe it was two or three years ago) Mozilla injected JavaScript into specific users build of FireFox in order to see if they would notice and to see if they could do it to everyone using FireFox. I don't recall everything the JavaScript did, however I remember it having something to do with phoning home browser history, clicks on pages and some other data. I haven't been able to find any of the articles and videos on it. However if anyone is able I would try to find the Bryan Lunduke video from awhile back, he has (or had) links to all the articles, blog posts and other evidence he used in his research. Sadly it isn't (to my knowledge) available on YouTube anymore.
bla.
 
Old 05-25-2019, 04:17 AM   #23
individual
Member
 
Registered: Jul 2018
Posts: 171

Rep: Reputation: 137Reputation: 137
Quote:
Originally Posted by FOSSilized_Daemon View Post
...then injecting malware js into build of FF to campign for a TV show...
I do remember this incident, but it was a plugin, not JavaScript. The show was Mr. Robot.
Here are some articles and a statement from Mozilla.
 
Old 05-25-2019, 04:47 AM   #24
carlito386
Member
 
Registered: May 2019
Distribution: Debian
Posts: 75

Rep: Reputation: Disabled
Quote:
Originally Posted by Slackware_fan_Fred View Post
I think he meant Germany as in Cliqz
https://www.ghacks.net/2017/10/06/mo...ta-collecting/
Your link shows FF is working with the German company Cliqz to introduce a new addon.
The Cliqz addon will automatically retrieve relevant info from the net depending on the strings entered in the address bar.

Cliqz is paying Mozilla to test this addon.
Both Cliqz and Mozilla have security measures in place to protect users who try this addon.
During the short time this addon is being tested by a small group in Germany - the addon can be deactivated or disabled.

What is the problem here?
This is good news for Mozilla and FF users.
But I will go further and spell everything out for you:

your link to the ghacks page goes on to say:
Code:
'What's your take on this?'
'We need your help'
'we have to find other ways to continue operating this site'
Got it? The site is merely reporting on Mozilla's latest successful and profit-making activity.
This is important for FF users - because it ensures we continue to have the best product for free.
But ghacks needs to sensationalise and scaremonger in order to get more attention and more donations.
This is normal journalism.

Your link is not about web browser security - it's about interpreting info accurately.
 
Old 05-25-2019, 05:00 AM   #25
carlito386
Member
 
Registered: May 2019
Distribution: Debian
Posts: 75

Rep: Reputation: Disabled
Quote:
Originally Posted by FOSSilized_Daemon View Post
I was unaware of that one
Quote:
What I am referring to (when it comes to Germany) was about two or three years ago (I believe it was two or three years ago)
Quote:
I don't recall everything
Quote:
I haven't been able to find any of the articles and videos on it
Do you see how your coming across? Your not sounding very credible are you?

Security on the internet is a serious issue and should be treated seriously. Your not doing that.
You need to start your own thread about your own fears and concerns rather than hijacking this one.

OP would like to know about web browser privacy in general and bookmarks in particular.
 
1 members found this post helpful.
Old 05-25-2019, 09:33 AM   #26
Slackware_fan_Fred
Member
 
Registered: Oct 2018
Distribution: Slackware64-14.2 Multilib
Posts: 70

Rep: Reputation: 26
Quote:
Originally Posted by carlito386 View Post
Your link shows FF is working with the German company Cliqz to introduce a new addon.
The Cliqz addon will automatically retrieve relevant info from the net depending on the strings entered in the address bar.

Cliqz is paying Mozilla to test this addon.
Both Cliqz and Mozilla have security measures in place to protect users who try this addon.
During the short time this addon is being tested by a small group in Germany - the addon can be deactivated or disabled.

What is the problem here?
This is good news for Mozilla and FF users.
But I will go further and spell everything out for you:

your link to the ghacks page goes on to say:
Code:
'What's your take on this?'
'We need your help'
'we have to find other ways to continue operating this site'
Got it? The site is merely reporting on Mozilla's latest successful and profit-making activity.
This is important for FF users - because it ensures we continue to have the best product for free.
But ghacks needs to sensationalise and scaremonger in order to get more attention and more donations.
This is normal journalism.

Your link is not about web browser security - it's about interpreting info accurately.
Yes I know that it's a legit addon which is fine, but as the author said Mozilla has changed their stance on privacy by collecting more data on users, I never would have known about that if it wasn't for Styxhexenhammer666 video on how Mozilla is combating "Fake News", I got curious if they done other questionable things. I believe that it only installed if you enabled the setting for them to run tests so if users didn't like them doing that its their own fault.
I personally don't trust Mozilla after the recent news of them Forgetting to update certificates and their fix was to enable the testing setting box, seems intentional to me. NSA spy plan?
Edit: forgot his video link https://youtu.be/PK4h-l1PLGM

Last edited by Slackware_fan_Fred; 05-25-2019 at 09:34 AM.
 
Old 05-29-2019, 06:21 AM   #27
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 2,268
Blog Entries: 5

Rep: Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470
Quote:
Originally Posted by ondoho View Post
Just look at netsurf or dillo (i don't know if those are actually written in pure C but that's hardly the point). They can't even play youtube videos, and that's after decades of development.
I believe dillo was C/C++ (no releases in a few years) and netsurf is definitely C.
Quote:
NetSurf can be built for a number of modern computer platforms 'out of the box'. Written in C, with portability in mind...
http://www.netsurf-browser.org/

Almost everything similar to the above, which isn't a mozilla fork or the various "frontends" for the chromium/blink/webkit base, is not really a contender.

The reality is that google and it's blink layout engine / chromium base dominates, to the extent that all other browsers are irrelevant or becoming so. With the re-basing of Opera (12) "Presto" on chromium and more recently Microsoft's edge browser following suit - and firefox's "market share" diminishing, we are back to the browser mono-culture and with Mozilla as the only real competing tech.

I am not a fan of mozilla, I don't think they have done themselves any favours in recent times, but much of the smear you see written about them and the firefox browser is tech press click bait crap which plays into google's hands. While mozilla aren't perfect, the scenario where they cease to exist or their product becomes yet another front end for chromium / blink is not a good outcome. I fail to understand why some are so hasty to dig their graves, when google are doing much worse and making trillions doing it.

Last edited by cynwulf; 05-29-2019 at 06:22 AM.
 
1 members found this post helpful.
Old 05-29-2019, 11:56 PM   #28
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 11,719
Blog Entries: 9

Rep: Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117Reputation: 3117
Quote:
Originally Posted by cynwulf View Post
I am not a fan of mozilla, I don't think they have done themselves any favours in recent times, but much of the smear you see written about them and the firefox browser is tech press click bait crap ...
totally agree, also with this:
Quote:
... which plays into google's hands.
I would add that most people don't do it on purpose; they might even think that they need to "shake up the community" and "bring mozilla back on track" - but more often I suspect that it's simply easier to attack Firefox, because the information is more readily available. Shooting the Open in OpenSource in the back.
 
1 members found this post helpful.
Old 05-30-2019, 06:42 AM   #29
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 2,268
Blog Entries: 5

Rep: Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470Reputation: 1470
I think many people, with opinions on this, don't really grasp that modern web browsers are several millions lines of code projects built specifically to deal with:
Quote:
Originally Posted by ondoho
...the internet that's a steaming pile of --- well, all sorts of sh!t.
Unfortunately, browsers need to deal with that.
Some of them being bloated beyond compare, or spying on you, is really just an afterthought in light of the real problem: to reliably display all the stuff that is the WWW. That's the real bloat, the real security hole.
This is why you have essentially blink/chromium/webkit - everything based on those and firefox and not much more. firefox just needs to die and the monoculture is complete.

While firefox was based on netscape code and modern webkit/blink on KHTML, things have moved on a lot since those days.

The WWW has become so utterly complex, that only a large organisation with a team of paid developers and corporate funding/sponsorship can afford to put together and maintain and develop a project like chromium. smaller entities, cannot hope to compete.

While firefox was based on the old netscape code (via the mozilla project) and blink/webkit has it's roots in KHTML things have moved on to the extent that "hobby projects", which might have been usable in the comparable sense, 10 years ago have now been left in the dust.

Compare the size of this early "firefird" source tarball with a modern release...

MozillaFirebird-source-0.6.1.tar.bz2 28M
firefox-67.0.source.tar.xz 269M

https://ftp.mozilla.org/pub/firebird/releases/0.6.1/
https://ftp.mozilla.org/pub/firefox/...s/67.0/source/

Rather than simply nothing but "bloat", it's the difference between browsing the web in 2003 compared to today.

Last edited by cynwulf; 05-30-2019 at 06:49 AM.
 
1 members found this post helpful.
Old 05-30-2019, 06:45 AM   #30
carlito386
Member
 
Registered: May 2019
Distribution: Debian
Posts: 75

Rep: Reputation: Disabled
Quote:
Originally Posted by cynwulf View Post
I am not a fan of mozilla, I don't think they have done themselves any favours in recent times, but much of the smear you see written about them and the firefox browser is tech press click bait crap which plays into google's hands. While mozilla aren't perfect, the scenario where they cease to exist or their product becomes yet another front end for chromium / blink is not a good outcome. I fail to understand why some are so hasty to dig their graves, when google are doing much worse and making trillions doing it.
Which web browser do you use?
 
  


Reply

Tags
brower, internet, privacy, web


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Iridium Browser: A Browser for the Privacy Conscious LXer Syndicated Linux News 0 02-23-2018 08:44 AM
LXer: Data Privacy Day 2017: Solutions for everyday privacy LXer Syndicated Linux News 0 01-29-2017 10:12 AM
LXer: Are you Privacy Aware? Data Privacy Day, and Every Day LXer Syndicated Linux News 0 01-27-2017 05:33 AM
LXer: FCC Online Privacy Ruling Helps, not Hurts, Privacy-Minded Users LXer Syndicated Linux News 0 11-11-2015 03:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration