Basically I am using mull on android and librewolf on linux.I want to use firefox sync or something line that for syncing.So how good Firefox sync is, in privacy point on view. I am not anonymity paranoid I just want privacy so basically what do they collect and for what?

  • 𝒍𝒆𝒎𝒂𝒏𝒏@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    13
    ·
    10 months ago

    Basically I am using mull on android and librewolf on linux

    You may prefer to skip Mozilla entirely and self host your own Firefox Sync: https://github.com/mozilla-services/syncstorage-rs

    Otherwise, i’ve been using Firefox Sync for years and haven’t had a single issue with it.

    Regarding data sharing, do note that your Firefox Account email address is shared with Troy Hunt (haveibeenpwned) via the Firefox Monitor service, so Firefox can warn you if you have suffered a data breach. Deleting your account is the only way to opt out of that. https://support.mozilla.org/en-US/kb/how-do-i-opt-out-firefox-monitor

    I personally have no issue with it as he’s a well known security consultant - BUT the caveat being that he’s a Microsoft regional director, you couldn’t know if that data is being shared any further.

    • MonkderZweite@feddit.ch
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      10 months ago

      As far as i know it’s barely possible to really host it yourself. I don’t know the details anymore but i looked into it half a year ago and quickly gave up. Think it was severely outdated and depedency issues, not sure anymore.

  • shortwavesurfer@lemmy.zip
    link
    fedilink
    arrow-up
    10
    ·
    10 months ago

    I use it for bookmarks, but that’s it. All my passwords and stuff are in my password manager, and I do not trust browsers with that data.

  • Zerush@lemmy.ml
    link
    fedilink
    arrow-up
    5
    ·
    10 months ago

    All companies that have to pay for infrastructure, servers, employees and invoices naturally need income, as is logical and legitimate. Some use contextual ads, that is, tool ads on a DIY page. This may be annoying, but it does not put privacy at risk, but if it does, when the ads are based on the user’s history and data (surveillance advertising), this is what is massively used by US companies.

    That there are other models to create income, for example what Proton does, with its Freemium services. The free Proton products (all of which are OpenSource, by the way), naturally have limited functions, but they do not require trafficking in user data, because they are financed through Premium services.

    Andisearch, the first search engine on the market that used AI with its own language model, is strictly anonymous, no tracking or logging with sandboxed results, it is 100% free and private, for the future they plan to create a premium model for companies with specific functions for collaboration and special business functionalities, to finance the free version.

    Vivaldi in new installations offers a selection of search engines (DDG, Ecosia, Startpage, etc.) and bookmarks, which pay a commission when the user uses them, if not, no, they are free to delete them, apart from a store with merch, upon insistence. from the users themselves sometime ago they also accept donations, probably also receive commissions from VAG, Mercedes, Polestar and Renault to include Vivaldi Automotive in their vehicles. All without trafficking in user data and without external investors so as not to lose independence, the mistake that Mozillla made when accepting Google as an investor. This is independent of having Google as the default search engine, since Google pays Mozilla and finances them, whether the user searches with Google or not.

    It’s the surveillance policy, selling user data, which is the risk and will destroy the free internet if we don’t avoid it The ethics of a company respect to the user is the most important feature today, something that the big US companies don’t have.

    • XTornado@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      10 months ago

      Man… Don’t reply if you don’t have an answer no need to put a dump of text.

  • Matt@lemdro.id
    link
    fedilink
    English
    arrow-up
    5
    ·
    10 months ago

    Firefox Sync is end-to-end encrypted and open source, so your data is secure.

    • Zerush@lemmy.ml
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      edit-2
      10 months ago

      Your syc data is secure, yes, but not so your account data, because is also known by Google, amon yor IP other. Enough to track you through every page with Google APIs (most) also your email, whichi is an unique identificator in the web. Don’t trust any web or service which share data to third parties, less in US webs or services. This is one of the reason because I always prefer EU soft, webs and services. They are also not perfect respect privacy, but lightyears better as those from US companies, where something like privacy laws, GDPR and user protection don’t exist or only in very deficient manner.

      • DigitalDilemma@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        10 months ago

        Technical point: US companies still need to abide by the GDPR when the user is in the EU or UK.

        (But yes, I accept your main point - that protection is not shared to US citizens of those same companies who operate two very different levels of distinction. European originating software/services usually operate at the higher level of protection across all users. )

  • azdle@news.idlestate.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    10 months ago

    As others have said, it’s quite good on privacy. For the truly paranoid, IIRC you can even self-host the sync server.

    From the security perspective of privacy, do make sure to use a good password for the Mozilla account, the account password is also the encryption key for the E2E encryption.

    • 乇ㄥ乇¢ㄒ尺ㄖ@infosec.pub
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      10 months ago

      They could have separated the two passwords or at least provide an option to do so

      If the user skips the encryption key set up page, then they can make the primary password to be the encryption key

  • Political Custard@lemmygrad.ml
    link
    fedilink
    arrow-up
    2
    ·
    10 months ago

    I started using Librewolf a few days ago and they recommend xBroswerSync in their very short list of recommended addons. This has been working fine for me although sometimes all my bookmarks disappear but that soon sorts itself out after a sync.

    Recommended addons page: https://librewolf.net/docs/addons/

  • Zerush@lemmy.ml
    link
    fedilink
    arrow-up
    3
    arrow-down
    6
    ·
    10 months ago

    As long as Mozilla has a contract with Google, it will continue to share data with Alphabet Inc. Firefox or forks are OK, but only if you use it without the sync function, or use another provider that doesn’t share the data with others. Although Mozilla encrypts the synced data, the necessary account data is shared and used by Google to track those.

    • utopiah@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      10 months ago

      Are you saying Firefox shares data to Alphabet beyond Google as the default search engine? If so and if it applies to Sync (as if the question from OP here) can you please share sources for that?

      • Zerush@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        10 months ago

        Firefox don’t share data, well, if you don’t use the default Google search, but Mozilla does, sharing your account data. I hope that they finish the contract with Google, as they said, this Year.

        Webkoll analytics

        Blacklight analytics

        • Ephera@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          10 months ago

          Mozilla pays for a premium subscription to Google Analytics, which allows them to opt out of data usage by Google. So, obviously Google still aggregates the data, but only for providing reports to Mozilla. Google may not use the data for their own user analysis/tracking, as they would do without the premium subscription. Otherwise, Google would be in breach of contract, which would be an easy lawsuit with high punishment for Google.

          https://bugzilla.mozilla.org/show_bug.cgi?id=697436#c14

        • rhymepurple@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          10 months ago

          I’m not disputing the results, but this appears to be checking calls made by Firefox’s website (https://www.mozilla.org/en-US/Firefox/) and not Firefox, the web browser application. Just because an application’s website uses Google Analytics does not mean that the application shares user data with Google.

          • Zerush@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            10 months ago

            What do you think what googleanalytics and googletagmanager do and who logs this datas? Only Mozilla? And yes, as said before, Firefox is OK, but not so with an Mozilla account, with which Google said “come to Daddy”. I hope that Mozilla, as promised, can end this year the contract with Google.

            • rhymepurple@lemmy.ml
              link
              fedilink
              English
              arrow-up
              1
              ·
              10 months ago

              I don’t understand what point you are trying to make. Mozilla has several privacy policies that cover its various products and services which all seem to follow Mozilla’s Privacy Principles and Mozilla’s overarching Privacy Policy. Mozilla also has documentation regarding data collection.

              The analytics trackers that you mentioned would fall under Mozilla’s Websites Privacy Policy, which does state that it uses Google Analytics and can be easily verified a number of ways such as the services you previously listed.

              However, Firefox sync uses https://accounts.firefox.com/ which has its own Privacy Policy. There is some confusion around “Firefox Accounts” as it was rebranded to “Mozilla Accounts”, which again has its own Privacy Policy. There is no indication that data covered by those policies are shared with Google. If Google Analytics trackers on Mozilla’s website are still a concern for these services, you can verify that the Firefox Accounts and Mozilla Accounts URLs do not contain any Google Analytics trackers.

              Firefox has a Privacy Policy as well. Firefox’s Privacy Policy has sections for both Mozilla Accounts and Sync. Neither of which indicate that data is shared with Google. Additionally, the data stored via the Sync service is encrypted. However, there is some telemetry data that Mozilla collects regarding Sync and more information about it can be found on Mozilla’s documentation about telemetry for Sync.

              The only thing that I could find about Firefox, Sync, or Firefox Accounts/Mozilla Accounts sharing data with Google was for location services within Firefox. While it would be nice for Firefox not to use Google’s geolocation services, it is a reasonable concession and can be disabled.

              Mozilla is most definitely not a perfect company, even when it comes to privacy. Even Firefox has been caught with some privacy issues relatively recently with the unique installation ID.

              Again, I’m not saying that Mozilla is doing nothing wrong. I am saying that your “evidence” that Mozilla is sharing Firefox, Sync, or Firefox Accounts/Mozilla Accounts data with Google because of Google Analytics trackers on some of Mozilla’s websites is coincidental at best. Without additional evidence, it is misleading or flat out wrong.

              • Zerush@lemmy.ml
                link
                fedilink
                arrow-up
                0
                ·
                10 months ago

                Don’t get me wrong, Mozilla does a lot for user privacy and is certainly one of the most reliable alternatives for a user among the existing browsers. I’m just seeing that Mozilla has unfortunately made a contract with the Devil that prevents it from having the full freedom of protection that it would like. Mozilla deserves the independence of this company, which, at the moment, it does not have, which is why I said that I wish it could end this contract.

                I use several browsers, but the list of existing ones with certain capabilities and functionalities is getting small.

                • Edge is technically a good browser, but certainly not recommended for those who appreciate privacy,
                • Chrome users could ask Google to write their resume directly,
                • Opera is perhaps the worst, using trackers that distribute your data to half the internet,
                • Safari It is not much better either and it is also becoming the new IE with its desire to stay with an engine that is becoming obsolete,
                • Brave is unreliable due to its business with shady crypto companies and the intentional redirections to them and excluding investors from the protections against trackers, Facebook among them,
                • Otter is an alternative, but fighting for its survival, which makes it not very reliable in the long term,
                • the same with some Gecko and Chromium marginal forks, which either lack sufficient equipment for sufficient maintenance, They are directly outdated or lack a consistent support community, - Mullvad browser is very private, yes, but it completely lacks the minimum functions for customization or modification, practically a Firefox left in its bones with 4 sections in the settings.
                • SSuite Netsurf, very fast and beautiful, but not very configurable, it does not even allow you to change the Groot search engine, which on the other hand is good and private, it also does not have extensions, only an Adblocker that it incorporates and it is also only for Windows, the only plus its extraordinary speed and that it works even on very old Windows (>XP) with few resources.

                Well, there’s not much left, Firefox, Vivaldi, maybe Otter (if you want speed) and Mullvad, to choose from. The big companies are really destroying a free internet in their greed to control everything and using the user as raw material and merchandise for this. Tough times if we don’t manage to stop them. More than 70 browsers have already fallen by the wayside, discontinued and abandoned in this “browser war”

                • rhymepurple@lemmy.ml
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  edit-2
                  10 months ago

                  I’m still not sure what point you are trying to make. Your initial claim was:

                  Although Mozilla encrypts the synced data, the necessary account data is shared and used by Google to track those.

                  @[email protected] asked:

                  Are you saying Firefox shares data to Alphabet beyond Google as the default search engine? If so and if it applies to Sync (as if the question from OP here) can you please share sources for that?

                  You stated:

                  Mozilla does, sharing your account data

                  You also provided evidence that Mozilla uses Google Analytics trackers on the Firefox’s product information website. I mentioned that it’s not sufficient evidence of your claim as the trackers are independent of Firefox the browser and Sync. Additionally, the use of trackers for websites is clearly identified on Mozilla’s Privacy Policies and there is not much else mentioned on the Privacy Policies outside of those trackers and Google’s geolocation services in Firefox.

                  You’ve also mentioned Google’s contract with Mozilla, which is controversial for many people, but isn’t evidence of Mozilla providing user data to Google even in conjunction with the previously mentioned trackers. You then discussed various other browsers, but I’m not sure how that is relevant to your initial claim.

                  While it seems we can both agree that Mozilla and it’s products are far from perfect, it is looking like your initial claim was baseless as you have yet to provide any evidence of your initial claim. Do you have any evidence through things like code reviews or packet inspections of Firefox or Sync that hints Mozilla is sharing additional information to Google? At this point, I would even accept a user(s) providing evidence of some weird behavior like the recent issue where google.com wouldn’t load in Firefox on Android if someone could find a way to connect the weird behavior to Mozilla sharing data with Google.