Since the integrity environment gunk, I’ve switched all boxes over to use Firefox as primary. This took a lot of configuring, as Firefox out of the box brings… a lot of stuff I don’t want.
One of those things is telemetry — whatever that means to Mozilla — that was tamed only with a combination of an enterprise profile (hi sudo!) and user.js hacks.
However, the policy and user.js changes don’t work on the Ubuntu box, where I’ve installed Firefox from the PPA to get it out from under Snap (and thereby usable with a password manager). The policy locks down and disables the right configs and the configs all have the right settings, but it keeps pinging incoming.telemetry.mozilla.org. Two Macs and a Pop!_OS box don’t ping Mozilla at all with these settings.
No harm no foul, I just blocked them in NextDNS and laugh in their general direction. I just wonder what else is different in the PPA.
Phoning home isn’t necessarily a bad thing (but I agree that it shouldn’t do it without express consent) because a lot of app development nowadays is supported by analytics. Crash reports, A/B testing, feature discoverability, etc.
If anything, I generally trust FOSS projects that ask for analytics more than I trust the typical data farm.
the unique id is probably also not meant to be sinister either but that’s definitely more of a red flag than phoning home in principle imo
Phoning home in snitching. It is unacceptable as you said unless authorized by the user and should never be configured by default. I really tell people to fire up Wireshark and see what Firefox does, and yes in includes analytics 3rd parties even after a TON of tweaks and stuff disabled.
How can this be even acceptable, whatever they say, they’re simply serializing every instance of the app it will eventually get into some crash report, log or 3rd party analytics company…