Quote from: A on June 30, 2023, 20:26:36You don't need to audit the entire code to know if telemetry is being used. You can simply monitor outgoing web traffic, then check the part of the sourceAgain, demagoguery - you can't know what to track in advance, and a sleeping "dog" can sneak through the firewall unnoticed even with a DPI that doesn't know what to look for.
Quote from: A on June 30, 2023, 20:26:36In the first place, when any new code is merged it is reviewed, there are also 3rd party audit companies that review these patchesAgain, pure demagoguery - you, "A", personally checked from scratch 100% of the code of a certain version of Linux (and there are dozens of them with a bunch of repositories) and all updates to it.
Quote from: A on June 30, 2023, 20:26:36On top of that there are competitions to hack widely used software like Pwn2Own and FireFox has a bug bounty program.And how much have you personally earned so far? What do you think, if the person who finds the holes manages to sell exploits for them on the criminal market (or he himself manages to earn orders of magnitude more money thanks to them using criminal methods) for a larger amount of money than they are paid officially and legally, will he begin to report this to the code repository?
Quote from: A on June 30, 2023, 20:26:36Never had this problem, though it is possible it doesn't happen on linuxI don't use Linux, but under Windows, FF has the ability to spontaneously freeze sometimes under any OS from the W7-W10 I use (the latest versions are much more often) and after being forced to delete its processes from the task manager, the next time you open it, it can spontaneously once every few months the current session with tabs will be lost, and there may be a hundred or more of them. It's not about bookmarks - there are no problems with them. Moreover, the directory for the "backup" is completely erased, which is complete nonsense on the part of those who make FF.
Quote from: A on June 30, 2023, 20:26:36The reason why browsers can get memory hungry these days other than all these responsive websites with things like react and etc is isolation. Since the brother has to replicate resources per thread to isolate the processes. That said, not all memory is always used up as sometimes memory is set aside internallyI don't care what it looks like from a professional's point of view, what matters is how it looks from a layman's point of view - FF began to consume memory many times more than 30-40 versions ago. At the same time, there are no special visual or complex improvements in reality to read the same 1-3 kb of useful text in most cases.
Quote from: NikoB on June 29, 2023, 20:19:39And again, the stupidest answer of the Linux apologist (in which everything is also full of holes). )))
Is "A" himself capable of auditing tens of millions of lines of code from scratch? Or does he trust (believes without reason) to third parties that everything is in order there? =) Approximately how fools believed the authorities, people in white coats and some "experts" like Fauci. And now they are brazenly and cynically denied compensation for proven damage to the health of hundreds of thousands of people in the USA alone (not counting hundreds of thousands of deaths), because the criminal government illegally forbade filing lawsuits against pharmaceutical companies, although this is a direct violation of the US constitution, and lawsuits against it, to power simply ignores (again illegally).
So who on planet Earth is able to audit the code of "open" software from scratch with its current volumes? And support the audit later? 0.0001% of the population? =) And even this assessment looks optimistic? It turns out, as in other cases, "A" is a real demagogue and nothing more.
QuoteBy the way, in FF, after 100 versions, the long-standing problem of losing tabs opened in the session has not been solved - they are occasionally spontaneously lost, and the sessionstore-backups folder is stupidly reset to zero, and a person, if he does not take care of the periodic backup of this folder, risks being left without working set, if he does not use third-party plugins - which steal user information ..Never had this problem, though it is possible it doesn't happen on linux
QuoteThe latest versions of FF are memory hungry, just like chrome. At the same time, FF is still poorly compatible with some sites, especially when scaling pages with larger fonts. Formatting is always better in chrome because site builders test everything in chrome first and not in FF with a small market share.
Quote from: Joe on June 02, 2023, 15:03:37Just because something is open source doesn't make it safe or privacy respecting. Mozilla has 2.4K repositories on Github alone and over 20 million lines of code went into developing their browser, it wouldn't be easy to audit them and unless there is financial incentive to disclose vulnerabilities, the software may have hundreds of exploits that are undisclosed and actively exploited for
years.
Quote from: A on June 02, 2023, 19:40:16People audit the code as it is added. And they do have financial incentives to find bugs. Open source doesn't always mean private, but it makes it easy to tell if
Quote from: Joe on June 02, 2023, 15:03:37Makes sense, but then why remove settings from about:config? Leave it there for the more privacy conscious tinkerers to be happy.They are slowly switching to rust programming language. To keep an option requires the staff to reprogram everything, it isn't as simple as "keeping the option". It's like adding a new engine to a car and asking can you keep the old engine in there as well? If you don't know what Rust is, it is a memory safe programming language. (Most exploits are memory based)
QuoteJust because something is open source doesn't make it safe or privacy respecting. Mozilla has 2.4K repositories on Github alone and over 20 million lines of code went into developing their browser, it wouldn't be easy to audit them and unless there is financial incentive to disclose vulnerabilities, the software may have hundreds of exploits that are undisclosed and actively exploited for years. I agree that some browsers apply so much protection from fingerprinting that it ends up breaking websites, if you can install a forked Chromium/Firefox browser, you would have to tweak it to work well enough for you as well.People audit the code as it is added. And they do have financial incentives to find bugs. Open source doesn't always mean private, but it makes it easy to tell if it is or isn't. You don't need to audit the entire code to simply find out of data is being sent or not. I mean let us be honest, what do you think the forks do? Audit the code and add their changes.
QuoteTheir support of deplatforming after January 6, 2021 was a wake up call to me (Look up "we need more than deplatforming" as I can't share links). I don't think a browser should take any sides in politics. In addition to that, they are also welcoming Google's Manifest V3 with open arms which will bring more disadvantages to our browsing experience. The EFF did a short roundup of the problems this brings.Firefox has said they will still support manifest v2, they have to also support manifest v3 if you want chrome plugins to work on firefox. I don't see a problem with supporting v3 if you still support v2.
QuoteUnfortunately, when it comes to mobile, in particular Android (iOS has Safari) I have to say we have a very sad picture where the user is either using a Chromium based browser, a browser running on Webview sharing data with Google or Firefox. There is no real choice and any newcomer browser just ends up being another Blink based browser. Google really standardized web browsing over the last decade.ios is even worse cause safari is the only option, all browsers are just wrappers in safari. Choice of engines for android is same as desktop, I mean lets be honest either you are on webkit/blink or on gecko. There is no realistic other option even on desktop
Quote from: A on June 02, 2023, 10:15:22There is nothing wrong with putting settings into about:config, the easy user friendly settings are easily available for most users. And settings that are meant for advanced users are in about:configI agree with this, however, it is wrong to later remove editing the options even in about:config. A recent example is the puzzle icon that leads you to extensions, you can no longer remove it even in the about:config settings.
Quote from: A on June 02, 2023, 10:15:22Some settings were made permanent in the rewrite simply because they don't have the people to rewrite everything. So focusing on the settings most people use made the most senseMakes sense, but then why remove settings from about:config? Leave it there for the more privacy conscious tinkerers to be happy.
Quote from: A on June 02, 2023, 10:15:22FireFox respects user privacy just fine and that can be seen in the source code which is fully open with no proprietary components. While some browsers like Tor Browser and LibreWolf go a step further, most of the stuff is overkill for average users. Some of which may even make websites inaccessible without the user knowing what they are doingJust because something is open source doesn't make it safe or privacy respecting. Mozilla has 2.4K repositories on Github alone and over 20 million lines of code went into developing their browser, it wouldn't be easy to audit them and unless there is financial incentive to disclose vulnerabilities, the software may have hundreds of exploits that are undisclosed and actively exploited for years. I agree that some browsers apply so much protection from fingerprinting that it ends up breaking websites, if you can install a forked Chromium/Firefox browser, you would have to tweak it to work well enough for you as well.
Quote from: A on June 02, 2023, 10:15:22That said, I am not going to say I agree with all their policies. Especially for mobile. Prior we had access to all extensions with no problem including loading our own, now you need a Mozilla account to add custom extensions. That is annoying.Unfortunately, when it comes to mobile, in particular Android (iOS has Safari) I have to say we have a very sad picture where the user is either using a Chromium based browser, a browser running on Webview sharing data with Google or Firefox. There is no real choice and any newcomer browser just ends up being another Blink based browser. Google really standardized web browsing over the last decade.
Quote from: Joe on May 31, 2023, 21:07:45It's a bad business idea for Mozilla, as hopping into this time machine will allow people to see how with each new large update, Mozilla was taking control away from the user and first hiding settings to about:config and then making them permanent and unchangeable. Pale Moon started life pretty much as a fork of an older, more customizable version of Firefox and that it remained. And now to have a Privacy respecting Firefox you need to put a lot of bandages on it or get Tor Browser or Librewolf, which is to Firefox what Ungoogled Chromium is to Chrome.