"No shady privacy policies or back doors for advertisers" proclaims the Firefox homepage, but that's no longer true in Firefox 128.
Less than a month after acquiring the AdTech company Anonym, Mozilla has added special software co-authored by Meta and built for the advertising industry directly to the latest release
From my understanding of their implementation, you have to give a Mozilla server all of your traffic history, and then they feed a curated, sanitize topic list of that activity to the advertisers.
So now we’re trusting Mozilla with your full browsing history, that seems like a really bad idea. Even if I love and trust Mozilla, I don’t want to add yet another thing to the critical path
https://support.mozilla.org/en-US/kb/privacy-preserving-attribution
https://hackertalks.com/comment/4359282
How are they different from any other VPN service or even uBlock? They all have access to your browsing info and can potentially use it for profit.
https://www.privacyguides.org/en/basics/vpn-overview/
You think I don’t know how a VPN works?
I think you misunderstood what I meant.
Source.
https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
The explicitly say if the aggregator is controlled by hostile party, and in my scenario that would be Mozilla, they could have full access to the deanonymized data. It’s out of scope for their protocol.
And while the DAP draft is nice, it doesn’t change my threat model, it just introduces extra steps. As the absolute hunger of AI inputs for models have shown us, if a company has the capability to get data, they will. Mozilla has demonstrated they are hungry for data and money. I don’t want to give them the capability
If you have syncing on, you are already trusting Mozilla with your history.
Oh yeah, agreed, if your syncing then your security model doesn’t include worrying about tracking.
Isn’t Firefox sync E2E encrypted?
You are correct. My mistake.
https://www.mozilla.org/en-US/firefox/features/sync/