this post was submitted on 10 Sep 2023
185 points (83.2% liked)
Privacy
32465 readers
494 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Firefox's answer, at the bottom of the article, smells like pure BS to me. Disabling an extension with something like a full browser-modal pop-up to warn users of the possibility of an untrustworthy Extension? Sure, fine, whatever, and maybe make that warning capable to be disabled by default, but why make the decision for us - silently - that Extensions are not to be trusted? Do we trust the website that asks if we pwetty please should allow the showing of ads, or maybe the malware provider that please should just disable all security Extensions and allow their malicious code to run, if you would be so kind?
I can think of one use for this: to disable malware to substitute clicking on a link to install your Extension of choice with one of their choice instead - although isn't the Extensions store already treated specially by default anyway?
Otherwise, I don't favor taking control away from the users. Especially if users cannot disable this new "feature". There is far too much potential for misuse of this.
Which will fragment the Chrome & Chromium-alternative market further, if people cannot trust Firefox anymore.
Which will slow development of alternatives to Chrome.
Which only benefits Google.
You can absolutely disable this feature, Mozilla provides instructions for how in their article https://support.mozilla.org/en-US/kb/quarantined-domains
Sadly my experience is that when it comes to security measures, user control often runs contrary to security. While we definitely should have the choice, you have to make it a bit difficult and non-obvious to disable security features, or people will unwittingly disable them for all sorts of bad reasons.
Thank you for the link. I understand somewhat what you mean about security, but also I get the other side too - security for who, and for what purpose? Google seems to have decided that it wants security to deliver ads to your browser, and also to track you everywhere you go (while offering no paid options to surf the internet without ads or tracking afaik?). This may fall under the umbrella of "security", but not for the sake of the users, whose traffic is being monetized, and the only option is to go over to some other browser like Firefox, which now, conveniently for Google, seems to be doing the same? Or at least could, if anyone could spoof the service and pretending to be Firefox, ask for security adons to be disabled? Maybe I'm simply too jaded to easily trust anymore:-P.
Security for the user is obviously what we are talking about. Regular people do not have the knowledge or patience to make informed decisions regarding their technical security; any model that relies on that is going to fail because people will click whatever they need to make stuff work. Even people who do understand the technology do stuff like disabling SSL verification, rather than going through the effort of adding the new CA to their cert list.
Firefox is not doing the same as Chrome. Firefox is adding a feature to disable unverified add-ons on particular domains to stop attacks from malicious add-ons. Chrome is adding a feature that tracks the sites you visit and shares them with other sites to improve ad tracking.
How are these features comparable at all?
It's almost like firefox get almost all their funding from google.
It's not like Google would ever take over anything - like let's say oh I dunno, Android - and kill it from the inside. Remember how it said that its motto is don't be evil? Oh wait...