[HN Gopher] When it comes to privacy, default settings matter (2... ___________________________________________________________________ When it comes to privacy, default settings matter (2019) Author : ddtaylor Score : 47 points Date : 2022-06-03 19:00 UTC (4 hours ago) (HTM) web link (blog.mozilla.org) (TXT) w3m dump (blog.mozilla.org) | dang wrote: | Discussed at the time: | | _When it comes to privacy, default settings matter_ - | https://news.ycombinator.com/item?id=20095856 - June 2019 (127 | comments) | badrabbit wrote: | When it comes to privacy UX matters. Modern apps should ask new | users what type of experience they prefer before setting | defaults. | jjoonathan wrote: | Modern platforms should always keep a banhammer nearby to | quickly and severely punish malicious behavior from apps. | | I wish there was a platform that combined the app containment | prowess of Apple platforms with the spam containment prowess of | Google platforms. | grishka wrote: | I very much oppose there being "platforms" with gatekeepers | in the first place. The countermeasures to privacy-violating | apps should be technical, not organizational. Sandbox all | apps, don't give them anything that could be used to uniquely | identify the user across apps. Require user consent for | everything potentially sensitive, including internet access. | Give the user the ability to grant fake permissions to apps | -- for example, a fake location permission where the system | says "yes it's granted" but never returns any location data, | "searching" for GPS indefinitely. | Zak wrote: | Before Android had finer-grained permissions[0], I used | Xposed, a framework that allowed deep modifications to the | OS and apps, and a permissions management tool called | Xprivacy. It provided the kind of features you're | describing, including fake locations that apps could not | detect. Yes, Facebook, you can access my location. I'm in | Pyongyang, North Korea. | | Successors to Xposed and Xprivacy exist, but I have not | used them. It may be time to revisit that. | | [0] Many people, including me are still not satisfied with | Android's permissions. | grishka wrote: | Which is why third-party cookies are to this day enabled by | default in every single browser... | more_corn wrote: | And things like google drive don't work without them enabled. | grishka wrote: | Except these things don't have to rely on them. It's | absolutely possible to build a portal-style website, spanning | multiple different-level domains, without third-party | cookies. | | It really is unfortunate that the most popular browser is | made by the same company that controls the most popular | search engine, the most popular video sharing service, the | most popular email provider, and the most popular cloud | storage/collaboration service. This should not be legal. | hackernewds wrote: | I'd rather have Google do this than go to multiple | different disjoint sites. imagine without Google search, | you go to Pinterest for wedding ideas, stackoverflow for | questions, then target for a toaster oven, etc | selykg wrote: | Is that true for Safari? I think the "Prevent cross-site | tracking" option is enabled by default, which deletes cookies | unless they're from the site you're actually visiting. | jaharios wrote: | A bit ironic when your default search engine is Google, leading | users to the dragon mouth by default. | | Also when most if not all telemetry from mozilla firefox is opt | out. | | Including stuff like phoning home by default when you search, | bookmarking something, delete anything from your history[1] and | having a unique download token to track each install.[2] | | [1] https://spyware.neocities.org/articles/firefox.html [2] | https://www.ghacks.net/2022/03/17/each-firefox-download-has-... | Schinken_ wrote: | This, from what I gathered the Librewolf fork is way better at | this: https://librewolf.net/ | LeoPanthera wrote: | Interesting counter-example though. The aggressive default | settings of LibreWolf do break quite a few websites. | bloppe wrote: | Mozilla gets the majority of their revenue from Google paying | them to keep their search engine as the default. I'm OK with | this: the search engine is visible every time you use it, so | it's impossible to "forget" to change it if you care about | privacy, and the setting is relatively easy to find and change. | Also, without this funding, Firefox would likely not exist. | It's the price we pay for a good, free browser. | | Of course, many have postulated that Google's motivation to pay | Mozilla all that money is actually to ensure that Mozilla | remains in business, rather than to directly increase Google's | own revenue with the added search traffic. By keeping Mozilla | in business, Google can more convincingly argue that they do | not have a monopoly on browsers. It may be the case that | without this argument, Chrome could be subject to regulations | that could benefit consumer privacy, but after watching all the | recent congressional hearings involving big tech companies, I | have very little faith in that happening any time soon. It's | better to keep Mozilla around for now, and the only way to do | that without turning Mozilla into another Google is for Google | to essentially subsidize them. | Melatonic wrote: | I think it is pretty well accepted that they fund Firefox | just to avoid being a monopoly with Chrome. The other stuff | is just icing on the cake | [deleted] | throwaway0x7E6 wrote: | >https://www.ghacks.net/2022/03/17/each-firefox-download- | has-... | | that was the straw that broke the camel's back for me | | at this point, I'd prefer chromium singularity to this circus. | there's no difference. at least that would be one less browser | to support | hackernewds wrote: | Chromium is open source but also principally developed and | maintained by Google | Snuupy wrote: | What about the default setting to have Pocket forced down my | throat, an inability to install custom/self-made extensions | (permanently, not temporarily), and an inability to install any | extension outside of the default mozilla provided one on mobile | (besides fenix nightly)? | | Good thing librewolf/iceraven exist. | Zak wrote: | They really did ruin extensions on Android and have shown zero | interest in fixing it in the past couple years. | | Iceraven helps a bit, but there's virtually no incentive for | someone to develop an extension for Fenix now. The pool of | potential users would be small enough for Firefox itself, but | its vastly smaller for Iceraven. I've been using Kiwi most of | the time as it can use just about every extension available for | desktop Chromium. | entropicgravity wrote: | Yes for example Android setting Location to "on" and then hiding | the setting at the end of half a dozen drill downs. And then, | every now and then on a new update, suddenly and without | notification, Location has been reset to "on". | de6u99er wrote: | Android is applying tons of dark patterns. It's almost like the | OS was created by Facebook and not Google. | seabrookmx wrote: | Implying that they're that different? Imagine a world where | Google+ took off. ___________________________________________________________________ (page generated 2022-06-03 23:00 UTC)