Does Mozilla's Firefox web browser repeatedly connect to Google's servers?

When viewing real-time logs in Sysinternal's Process Monitor, I was shocked to see that Firefox is now repeatedly attempting to connect to Google's google-analytics.com servers.

Firefox attempts to connect to Google servers when it starts. Firefox attempts to connect to Google servers when it is running. Firefox attempts to connect to Google servers when it closes.

I tested this in a fresh profile using Firefox version 48.0.2 (the current stable version as of this writing).

Within Firefox, I turned all features that could possibly warrant connecting to any external servers.

I also noticed that Firefox is connecting to Mozilla servers, and there appears to be no way to disable those connections either. That's not great, but it's tolerable, as it is a Mozilla product. But connecting to Google servers? That's unacceptable.

Can others confirm this issue?

 

It does this far less than Chrome does, and it can be disabled. There are guides online where you use about:config to disable all the phoning home crap. Ive done all of it and verified my results with Wireshark- it at least can be done. Not sure on Chromium- it is better than Chrome for sure, though theyve had troubling invasion of privacy tactics in the past as well (look up the Chromium microphone debacle).

 

Yes, just about all browsers phone home. You can try to block this by disabling certain features and by blocking certain connections via a firewall, but I'm not sure if all of this stuff can be disabled.

 

What firefox version?
What is your operating system?
Which extensions do you have installed?

Check my prior posts and you'll see that I distrust mozilla and have repeatedly criticized aspects of firefox's privacy unfriendly behavior. That said, I have to tell you I've never observed core firefox calling out to google-analytics.

Visit the "Firefox Lockdown" topic here on wilders and/or the relevant discussions at ghacks.net
you'll learn there are a BOATLOAD of default preference values you'll need to change in order to suppress callouts.
Ultimately, for ff v45 and later, I've needed to resort to domain (er, hostname) blocking b/c nothing settable via prefs has sufficed to suppress @startup calls to a handful of mozilla-owned servers. Aside from those callouts during startup, everything else is suppressable via prefs.

Frankly, I really don't care to read whichall extensions you have installed. My point is that "the something" contacting google-analytics is almost certainly an extension; you need to consider -- and test, by disabling one-at-a-time and noting whether the callouts to google-analytics cease while a given extension is disabled. Ironically (in the sense that mozilla harps about 'we respect your privacy') the mozilla for-developers blog contains article(s) extolling to extension authors the wonderful-ness of embedding analytics (performing callouts such as you're witnessing) into extensions.

 

Could you be more specific?

FWIW, I think I've seen googleanalytics and googletagmanager requests when first starting a stock Firefox portable. My guess was that these were due to Mozilla content pages that were automatically opened in tabs, but I don't recall if I verified that. Point is: watch out for Mozilla content too.

 

v45, winXP
looks like I did manage to prevent mothership contact by mangling prefkeys, but didn't find a way to prevent these 2 callout attempts from occurring during each startup:

location.services.mooofuzilla.com/v1/country?key={snip}
tiles.services.mooofuzilla.com/v3/links/fetch/{snip}

 

Hmmm. I'm not seeing such a problem with a more recent version, and I don't recall seeing it in an earlier version (but might have). Do these:

https://dxr.mozilla.org/mozilla-release/search?q=location.services.mozilla.com
https://dxr.mozilla.org/mozilla-release/search?q=tiles.services.mozilla.com

give you any ideas? Are you hammering geo and tiles as hard as you can? Changing the URL prefs too?

 

Some of this finally became confirmed in the press and on reddit.

See:
https://www.reddit.com/r/firefox/comments/6mt8i4/security_fuckup_aboutaddons_uses_google_analytics/
https://www.ghacks.net/2017/07/13/privacy-blunder-firefox-getaddons-page-google-analytics/
https://news.ycombinator.com/item?id=14753546

 

This is all, of course, very horrible

But still, I gotta say that relying on a browser for privacy is pretty thin.

 

This being just another example of the insidious campaign by the Tech Corporations to undermine the peoples efforts to maintain their privacy.
I hope the new EU data privacy laws make a difference.
I would like to see them go further and create a body whose purpose is to forensically examine hardware, operating systems and software for vulnerabilities and built in security weaknesses, hidden functionality etc.

 

What about Firefox Focus?

 

Trying for privacy on unrooted smartphones is even thinner.

 

I was trying to install software the other day and got a warning about my phone not being rooted. I then did some checking and what I gound is that most carriers won't honor the warranty if you root the phone. Since mine is still under warranty. For now can't install that program. Also found trying to root a phone can brick them in some cases.

 

When you're ready. XDA is the way for rooting education. And read, read, read. And read some more. Rooting most phones isn't that difficult with proper research & asking for help at XDA.

 

I wouldn't worry too much about the warranty. I doubt it would be cost effective for any carrier to examine all the returned phones in the hope of discovering a rooted one and even if they did, it must have been a hacker that did it

 

For privacy and (some) ads blocking I use Focus, and that´s all. Not interested at all in rooting a phone, too much complicated, too much wasted time. And a rooted phone is inherently less secure.

 

As always, that depends on who your adversaries are. Some would say that only rooted phones are secure. If you lack root privileges on a device, it's arguably not your device.

 

I might add for a certainty if the phone's OS is not the ~latest rooting is the best chance to secure a phone.

 

When a phone is rooted do all running processes also have root or do they still run as restricted users?

 

Unlike iOS, only apps you've allowed in SuperSU run as root.

 

Waterfox 54.0.1. solved the problem

https://www.waterfoxproject.org/blog/waterfox-54.0-release-download

 

In addition to the Google Analytics exposure via Get Addons and other Mozilla hosted pages... It appears that they also built GA reporting into at least one addon, which was delivered to a subset of users, and it didn't respect users' telemetry related settings:

https://www.reddit.com/r/firefox/comments/6nbr1w/clarifying_some_things_about_the_thread_removed/

Last year, the AMO Product Manager wrote a short article on Using Google Analytics in Extensions:

https://blog.mozilla.org/addons/2016/05/31/using-google-analytics-in-extensions/

Analytics systems may be built into other [non-Mozilla] addons too. Plus there are the various bits of info Firefox explicitly phones home via Telemetry/telemetry/pings:

https://gecko.readthedocs.io/en/latest/toolkit/components/telemetry/telemetry/

and other features. Given that only WebExtensions will be supported in the future (FF57) and the WebExtension APIs have significant limitations, addons will be less useful for dealing with such issues. A few ideas:

• about:config, focus on prefs with values that contain urls. Search: /;(?:file|https?|ftp|ws):\/\//
  
• Reference: https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
• Reference: https://github.com/ghacksuserjs/ghacks-user.js
• Reference: https://github.com/pyllyukko/user.js
  
• Watch out for any prefs that have to be set via lockPref (which can be done via "mozilla.cfg" aka "autoconfig" file)
• Other tools: DNS server/proxy rules, hosts file, gateway filtering, software firewall, etc
• Monitoring: Browser console with Net options enabled, sniffer, firewall, etc. DNS prefetching is enabled by default, so to a degree you can tell what hosts it will try to connect to even when non-DNS traffic is blocked. DNSQuerySniffer.exe is a related useful tool for Windows. Note: outside of testing, many will want prefetching off (and some addons will do that).

 

It looks like Mozilla has joined the enemy

 

They have been for a long time in my opinion. Most all of our web browsing problems stem from one thing. The browser allows webpages to tell it to open connections to other servers without the users knowledge or consent. This is the enemy feature implemented by Mozilla, Microsoft, Google etc.
When developers build new browsers they are nearly always on top of those same architectures. These large corporations hijacked the internet, subverted it and turned it into something it was never intended to be.
A web, powered by corporate search engines whose purpose is to respond to our enquiries by providing links to sites that act as bait by supposedly holding the answers to our enquiry while their real purpose is to blitz our computers with 20-30 unauthorized connections to who knows what.
Mozilla and co play this game where they supposedly try to help us fight this activity because they know most people are too stupid to realize, Mozilla are not only party to the said activity, they facilitate it by building it into their browser in the first place.

 

That is all so true.
All those corporations treat Internet as just one giant ad platform to mill money for them. And the poor users pay the price in wasted bandwith, wasted CPU cycles, potential of malware and, lose of privacy. And get nothing in compensation.

Things really started to get downhill after they invented the XMLHttpRequest (or AJAX for marketing folks) object for sending data in the background asynchronously between client and the server(s).

And it didn't stop there. Now we have: hyperlink-auditing (<a ping attribute>), canvas fingerprinting, HTML5 local storage, and tons of other web APIs that are supposed to make browser users life better but are really, only benefitting those that make money.

Gone are the carefree days of old Internet

Nowadays, you need some privacy enchanced browser (TorBrowser, CyberFox, etc...) with the addition of ad blocker and other stuff (Tor, VPN etc...) to have any chance of surfing the cesspool that Internet has turned into.