Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you can't back up your claims with evidence, and then are willing to argue about the validity of that evidence, don't rant about it. What's Germany got to do with it, anyway?
Like I said, no one pays attention or cares about these things. As long as they can say "well *fill in app or company name* is actually *fill in whatever*" they are happy. People don't want real privacy or freedom. They just want enough freedom to feel free and enough privacy to feel private. All the evidenace (which includes the german government losing it after Mozilla broke their laws and injected maleware (which was written in JS) into specific users computers to see if they could do it without anyone noticing, then injecting malware js into build of FF to campign for a TV show, them investing into malware and injecting ads and things to collect data on users, etc) is not gone. I know just as well as you do why it is gone, as I have no idea. But that is the state of it. You can do and say with that what you wish, but there is nothing I can give you because it is gone. Want more info? Duckduckgo.com is a great place to look, if you manage to find any of the blog posts and videos that were removed (by whoever or whomeever be it youtube, their creators, etc) then please review it as it is important. But blind ignorance is not good for security.
Cheers, sfF. Didn't know about that, and wouldn't be happy about it if I were one of the affected users in Germany. Opt-in: fine. Opt-out, no thanks. I'm not saying that we don't have to keep our ears and eyes open in order to keep the developers honest.
I was unaware of that one, but a nice one to add to the list of the reasons they are bad. What I am referring to (when it comes to Germany) was about two or three years ago (I believe it was two or three years ago) Mozilla injected JavaScript into specific users build of FireFox in order to see if they would notice and to see if they could do it to everyone using FireFox. I don't recall everything the JavaScript did, however I remember it having something to do with phoning home browser history, clicks on pages and some other data. I haven't been able to find any of the articles and videos on it. However if anyone is able I would try to find the Bryan Lunduke video from awhile back, he has (or had) links to all the articles, blog posts and other evidence he used in his research. Sadly it isn't (to my knowledge) available on YouTube anymore.
...Bryan Lunduke video from awhile back, he has (or had) links to all the articles, blog posts and other evidence he used in his research. Sadly it isn't (to my knowledge) available on YouTube anymore.
I actually watched that video when it first came out: "Mozilla is not trustworthy" and you're right it's gone. However I did find this video:
The guy in the video is right Mozilla can't be trusted, like he said if a person wants to give money give it to another browser.
Use Firefox they say Mozilla respects your privacy they say, don't use Opera they tell me the "Evil" Chinese will spy on you, lol Mozilla has been caught using spyware on users but as far as I know Opera has never done that.
Seriously, this is not how you discuss topics you feel strongly about.
uninformed emotional rant just gives those you are trying to convince a strong argument against you.
this is indeed damaging to the thing you're fighting for.
to use your own words:
"At this point this conversation, much all others that take place about bloat and spyware, has become petty crap that isn't worth my (and hopefully your) time."
Quote:
Originally Posted by FOSSilized_Daemon
Anyone who can honestly look at FireFox and Mozilla and say they are not as bad as Microsoft and Google is a fan boy. They have invested in maleware, injected maleware into users browsers many times and have done even worse things than google. I guess people have to justify the crappy situation we are in. Yes, browsers need to be bloated to run all the Javascript, PHP and other crap I and many others bloat and don't use. Browsers shouldn't be bloated peices of spyware just because some web devs think "OH we should make it easier for the users by adding a crap ton of animations and bs no one wants or needs. Just like in the 90s! Rememeber how we centralized the internet? How has that backfired?". At this point this conversation, much all others that take place about bloat and spyware, has become petty crap that isn't worth my (and hopefully your) time.
Quote:
Originally Posted by FOSSilized_Daemon
I know there is surf from suckless which is (I believe) pure C, however personally there are issues with it such. One thing I do love about FireFox is how addons (in some respects) are done. I like that they are downloaded and run off the system as aposed to being web extensions. I would love to see a minimal browser with at most js support that has that ability. To be 100% honest 99% precent of the bloat in browsers (and other software) is due to trying to make something main stream for everyone. This means the whole (easier for the user) screws the project in about all aspects.
Quote:
Originally Posted by FOSSilized_Daemon
I would, but for whatever reason:
A) people don't care or pay attention (MR. Robot, last week/month, last few years, germany etc)
B) All the blog posts and videos I had saved have been removed and idk why. I know Lunduke's got removed and then he moved it to patrion or whatever the site is called.
I have been ranting about this for sometime and with how little people seem to care it feels like telling a windows user about the keyloggers and spyware in it. I get no where and everyone gets mad. In short, not worth the effort to try to dig an archive of posts just have people wipe themselves with it tbh.
Alos, collecting ANY DATA AT ALL that I have not 100% consented to is a, well can't say it here.
Quote:
Originally Posted by FOSSilized_Daemon
Like I said, no one pays attention or cares about these things. As long as they can say "well *fill in app or company name* is actually *fill in whatever*" they are happy. People don't want real privacy or freedom. They just want enough freedom to feel free and enough privacy to feel private. All the evidenace (which includes the german government losing it after Mozilla broke their laws and injected maleware (which was written in JS) into specific users computers to see if they could do it without anyone noticing, then injecting malware js into build of FF to campign for a TV show, them investing into malware and injecting ads and things to collect data on users, etc) is not gone. I know just as well as you do why it is gone, as I have no idea. But that is the state of it. You can do and say with that what you wish, but there is nothing I can give you because it is gone. Want more info? Duckduckgo.com is a great place to look, if you manage to find any of the blog posts and videos that were removed (by whoever or whomeever be it youtube, their creators, etc) then please review it as it is important. But blind ignorance is not good for security.
Quote:
Originally Posted by FOSSilized_Daemon
I was unaware of that one, but a nice one to add to the list of the reasons they are bad. What I am referring to (when it comes to Germany) was about two or three years ago (I believe it was two or three years ago) Mozilla injected JavaScript into specific users build of FireFox in order to see if they would notice and to see if they could do it to everyone using FireFox. I don't recall everything the JavaScript did, however I remember it having something to do with phoning home browser history, clicks on pages and some other data. I haven't been able to find any of the articles and videos on it. However if anyone is able I would try to find the Bryan Lunduke video from awhile back, he has (or had) links to all the articles, blog posts and other evidence he used in his research. Sadly it isn't (to my knowledge) available on YouTube anymore.
Your link shows FF is working with the German company Cliqz to introduce a new addon.
The Cliqz addon will automatically retrieve relevant info from the net depending on the strings entered in the address bar.
Cliqz is paying Mozilla to test this addon.
Both Cliqz and Mozilla have security measures in place to protect users who try this addon.
During the short time this addon is being tested by a small group in Germany - the addon can be deactivated or disabled.
What is the problem here?
This is good news for Mozilla and FF users.
But I will go further and spell everything out for you:
your link to the ghacks page goes on to say:
Code:
'What's your take on this?'
'We need your help'
'we have to find other ways to continue operating this site'
Got it? The site is merely reporting on Mozilla's latest successful and profit-making activity.
This is important for FF users - because it ensures we continue to have the best product for free.
But ghacks needs to sensationalise and scaremonger in order to get more attention and more donations.
This is normal journalism.
Your link is not about web browser security - it's about interpreting info accurately.
What I am referring to (when it comes to Germany) was about two or three years ago (I believe it was two or three years ago)
Quote:
I don't recall everything
Quote:
I haven't been able to find any of the articles and videos on it
Do you see how your coming across? Your not sounding very credible are you?
Security on the internet is a serious issue and should be treated seriously. Your not doing that.
You need to start your own thread about your own fears and concerns rather than hijacking this one.
OP would like to know about web browser privacy in general and bookmarks in particular.
Your link shows FF is working with the German company Cliqz to introduce a new addon.
The Cliqz addon will automatically retrieve relevant info from the net depending on the strings entered in the address bar.
Cliqz is paying Mozilla to test this addon.
Both Cliqz and Mozilla have security measures in place to protect users who try this addon.
During the short time this addon is being tested by a small group in Germany - the addon can be deactivated or disabled.
What is the problem here?
This is good news for Mozilla and FF users.
But I will go further and spell everything out for you:
your link to the ghacks page goes on to say:
Code:
'What's your take on this?'
'We need your help'
'we have to find other ways to continue operating this site'
Got it? The site is merely reporting on Mozilla's latest successful and profit-making activity.
This is important for FF users - because it ensures we continue to have the best product for free.
But ghacks needs to sensationalise and scaremonger in order to get more attention and more donations.
This is normal journalism.
Your link is not about web browser security - it's about interpreting info accurately.
Yes I know that it's a legit addon which is fine, but as the author said Mozilla has changed their stance on privacy by collecting more data on users, I never would have known about that if it wasn't for Styxhexenhammer666 video on how Mozilla is combating "Fake News", I got curious if they done other questionable things. I believe that it only installed if you enabled the setting for them to run tests so if users didn't like them doing that its their own fault.
I personally don't trust Mozilla after the recent news of them Forgetting to update certificates and their fix was to enable the testing setting box, seems intentional to me. NSA spy plan?
Edit: forgot his video link https://youtu.be/PK4h-l1PLGM
Last edited by Slackware_fan_Fred; 05-25-2019 at 09:34 AM.
Just look at netsurf or dillo (i don't know if those are actually written in pure C but that's hardly the point). They can't even play youtube videos, and that's after decades of development.
I believe dillo was C/C++ (no releases in a few years) and netsurf is definitely C.
Quote:
NetSurf can be built for a number of modern computer platforms 'out of the box'. Written in C, with portability in mind...
Almost everything similar to the above, which isn't a mozilla fork or the various "frontends" for the chromium/blink/webkit base, is not really a contender.
The reality is that google and it's blink layout engine / chromium base dominates, to the extent that all other browsers are irrelevant or becoming so. With the re-basing of Opera (12) "Presto" on chromium and more recently Microsoft's edge browser following suit - and firefox's "market share" diminishing, we are back to the browser mono-culture and with Mozilla as the only real competing tech.
I am not a fan of mozilla, I don't think they have done themselves any favours in recent times, but much of the smear you see written about them and the firefox browser is tech press click bait crap which plays into google's hands. While mozilla aren't perfect, the scenario where they cease to exist or their product becomes yet another front end for chromium / blink is not a good outcome. I fail to understand why some are so hasty to dig their graves, when google are doing much worse and making trillions doing it.
I am not a fan of mozilla, I don't think they have done themselves any favours in recent times, but much of the smear you see written about them and the firefox browser is tech press click bait crap ...
totally agree, also with this:
Quote:
... which plays into google's hands.
I would add that most people don't do it on purpose; they might even think that they need to "shake up the community" and "bring mozilla back on track" - but more often I suspect that it's simply easier to attack Firefox, because the information is more readily available. Shooting the Open in OpenSource in the back.
I think many people, with opinions on this, don't really grasp that modern web browsers are several millions lines of code projects built specifically to deal with:
Quote:
Originally Posted by ondoho
...the internet that's a steaming pile of --- well, all sorts of sh!t.
Unfortunately, browsers need to deal with that.
Some of them being bloated beyond compare, or spying on you, is really just an afterthought in light of the real problem: to reliably display all the stuff that is the WWW. That's the real bloat, the real security hole.
This is why you have essentially blink/chromium/webkit - everything based on those and firefox and not much more. firefox just needs to die and the monoculture is complete.
While firefox was based on netscape code and modern webkit/blink on KHTML, things have moved on a lot since those days.
The WWW has become so utterly complex, that only a large organisation with a team of paid developers and corporate funding/sponsorship can afford to put together and maintain and develop a project like chromium. smaller entities, cannot hope to compete.
While firefox was based on the old netscape code (via the mozilla project) and blink/webkit has it's roots in KHTML things have moved on to the extent that "hobby projects", which might have been usable in the comparable sense, 10 years ago have now been left in the dust.
Compare the size of this early "firefird" source tarball with a modern release...
I am not a fan of mozilla, I don't think they have done themselves any favours in recent times, but much of the smear you see written about them and the firefox browser is tech press click bait crap which plays into google's hands. While mozilla aren't perfect, the scenario where they cease to exist or their product becomes yet another front end for chromium / blink is not a good outcome. I fail to understand why some are so hasty to dig their graves, when google are doing much worse and making trillions doing it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
