[PLUG] Sync sucks, downgrading firefox, then alternatives
james at bertelson.me
james at bertelson.me
Sun Apr 25 17:07:36 UTC 2021
The day Firefox defaulted to sending all of my DNS queries to cloudflare
out of the box, I was out. Like you mention, I understood that I too can
look at the code and even turn the feature off, but I'm not a fan of the
mentality behind that kind of blatant breach of privacy as a default. I
ended up switching to Waterfox, and I'm quite happy with it. It's based
on Firefox 78 ESR with a bunch of changes focused on being libre,
backwards compatible, and fast. A few big ones:
- Pocket is removed
- Telemetry is removed
- Data collection is removed
- Startup profiling is removed
- All 64-bit NPAPI plugins are allowed
- Sponsored tiles on the new tab page are removed
I'd recommend giving it a spin! It does include support for Firefox Sync
but is not in any way required nor would I expect it to be.
--
James Bertelson
james at bertelson.me
:wq
On 2021-04-24 21:57, Keith Lofstrom wrote:
> Best Mozilla alternatives?
>
> In order to enable some misbehaving web videos, I made
> the foolish mistake of updating firefox on my desktop
> machine yesterday. Silly me, "update" in Firefox-eze
> means "submit to Mozilla arrogance, delete older data."
>
> In this case, it means that Firefox now requires "Sync"
> and "Lockwise". Passwords stored (allegedly encrypted)
> on Mozilla servers.
>
> With a password I don't have anyway.
>
> No f***ing way are my passwords leaving my machine. No
> f***ing way will Mozilla Galactica get any password or
> hash thereof. It's bad enough that I trust their
> allegedly-open-source browser to access my passwords (*)
>
> My systems are designed to keep running when the internet
> (or the cable modem, or the power grid) does not, with
> local html copies of all the important html content that
> I create. Different machines have different sets of
> passwords, and the portables do NOT have most passwords,
> Bank and health passwords are "stored" on paper and
> locked in a safe.
>
> No external password storage, except unique passwords for
> each web-service (stored here on a subset of secure
> internal machines, and on backups).
>
> Grr. I want to give the Mozilla designers wifi-enabled
> pacemakers, then switch off the wifi. Instead, I shall
> keep calm and find truly open source alternatives.
>
> I do have daily backups of the .mozilla files. Also,
> a few months ago, I printed out my Mozilla passwords
> (about 200 of them) and keep them "in a safe place".
>
> So for now, I will delete the newer firefox, then reinstall
> an older version without "Sync", and a backup version of
> .mozilla/firefox/ to verify those older passwords work.
>
> Then I will move on to Chromium ... presuming that does
> not use the same insane offsite password storage method.
>
> Any other suggestions?
>
> Keith L.
>
> (*) P.S. In theory, I can read Firefox source and prove
> that my passwords are properly encrypted and decrypted
> before they are sent to and from Mozilla. In actuality,
> by subtle misuse of API calls and function prototypes,
> encryption can be crippled. I am not nearly clever
> enough to find subtle exploits in Firefox code, and
> few of us bother to try. No verify, no trust.
More information about the PLUG
mailing list