Does Mozilla's Firefox web browser repeatedly connect to Google's servers?

Discussion in 'privacy problems' started by zedi, Sep 5, 2016.

  1. zedi

    zedi Registered Member

    Joined:
    Sep 5, 2016
    Posts:
    6
    Location:
    None
    When viewing real-time logs in Sysinternal's Process Monitor, I was shocked to see that Firefox is now repeatedly attempting to connect to Google's google-analytics.com servers.

    Firefox attempts to connect to Google servers when it starts. Firefox attempts to connect to Google servers when it is running. Firefox attempts to connect to Google servers when it closes.

    I tested this in a fresh profile using Firefox version 48.0.2 (the current stable version as of this writing).

    Within Firefox, I turned all features that could possibly warrant connecting to any external servers.

    I also noticed that Firefox is connecting to Mozilla servers, and there appears to be no way to disable those connections either. That's not great, but it's tolerable, as it is a Mozilla product. But connecting to Google servers? That's unacceptable.

    Can others confirm this issue?
     
  2. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    221
    It does this far less than Chrome does, and it can be disabled. There are guides online where you use about:config to disable all the phoning home crap. Ive done all of it and verified my results with Wireshark- it at least can be done. Not sure on Chromium- it is better than Chrome for sure, though theyve had troubling invasion of privacy tactics in the past as well (look up the Chromium microphone debacle).
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,214
    Location:
    The Netherlands
    Yes, just about all browsers phone home. You can try to block this by disabling certain features and by blocking certain connections via a firewall, but I'm not sure if all of this stuff can be disabled.
     
  4. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    421
    What firefox version?
    What is your operating system?
    Which extensions do you have installed?

    Check my prior posts and you'll see that I distrust mozilla and have repeatedly criticized aspects of firefox's privacy unfriendly behavior. That said, I have to tell you I've never observed core firefox calling out to google-analytics.

    Visit the "Firefox Lockdown" topic here on wilders and/or the relevant discussions at ghacks.net
    you'll learn there are a BOATLOAD of default preference values you'll need to change in order to suppress callouts.
    Ultimately, for ff v45 and later, I've needed to resort to domain (er, hostname) blocking b/c nothing settable via prefs has sufficed to suppress @startup calls to a handful of mozilla-owned servers. Aside from those callouts during startup, everything else is suppressable via prefs.

    Frankly, I really don't care to read whichall extensions you have installed. My point is that "the something" contacting google-analytics is almost certainly an extension; you need to consider -- and test, by disabling one-at-a-time and noting whether the callouts to google-analytics cease while a given extension is disabled. Ironically (in the sense that mozilla harps about 'we respect your privacy') the mozilla for-developers blog contains article(s) extolling to extension authors the wonderful-ness of embedding analytics (performing callouts such as you're witnessing) into extensions.
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,140
    Could you be more specific?

    FWIW, I think I've seen googleanalytics and googletagmanager requests when first starting a stock Firefox portable. My guess was that these were due to Mozilla content pages that were automatically opened in tabs, but I don't recall if I verified that. Point is: watch out for Mozilla content too.
     
  6. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    421
    v45, winXP
    looks like I did manage to prevent mothership contact by mangling prefkeys, but didn't find a way to prevent these 2 callout attempts from occurring during each startup:

    location.services.mooofuzilla.com/v1/country?key={snip}
    tiles.services.mooofuzilla.com/v3/links/fetch/{snip}
     
  7. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,140
  8. zedi

    zedi Registered Member

    Joined:
    Sep 5, 2016
    Posts:
    6
    Location:
    None
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,547
    This is all, of course, very horrible :thumbd:

    But still, I gotta say that relying on a browser for privacy is pretty thin.
     
  10. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    471
    This being just another example of the insidious campaign by the Tech Corporations to undermine the peoples efforts to maintain their privacy.
    I hope the new EU data privacy laws make a difference.
    I would like to see them go further and create a body whose purpose is to forensically examine hardware, operating systems and software for vulnerabilities and built in security weaknesses, hidden functionality etc.
     
  11. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,416
    What about Firefox Focus?
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,547
    Trying for privacy on unrooted smartphones is even thinner.
     
  13. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,299
    I was trying to install software the other day and got a warning about my phone not being rooted. I then did some checking and what I gound is that most carriers won't honor the warranty if you root the phone. Since mine is still under warranty. For now can't install that program. Also found trying to root a phone can brick them in some cases.
     
  14. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,761
    Location:
    USA still the best. But getting worse!
    When you're ready. XDA is the way for rooting education. And read, read, read. And read some more. Rooting most phones isn't that difficult with proper research & asking for help at XDA.
     
  15. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    471
    I wouldn't worry too much about the warranty. I doubt it would be cost effective for any carrier to examine all the returned phones in the hope of discovering a rooted one and even if they did, it must have been a hacker that did it ;)
     
  16. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,416
    For privacy and (some) ads blocking I use Focus, and that´s all. Not interested at all in rooting a phone, too much complicated, too much wasted time. And a rooted phone is inherently less secure.
     
  17. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,547
    As always, that depends on who your adversaries are. Some would say that only rooted phones are secure. If you lack root privileges on a device, it's arguably not your device.
     
  18. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,761
    Location:
    USA still the best. But getting worse!
    I might add for a certainty if the phone's OS is not the ~latest rooting is the best chance to secure a phone.
     
  19. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    471
    When a phone is rooted do all running processes also have root or do they still run as restricted users?
     
  20. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,650
    Unlike iOS, only apps you've allowed in SuperSU run as root.
     
  21. NiteRanger

    NiteRanger Registered Member

    Joined:
    Nov 15, 2016
    Posts:
    169
    Location:
    Far East
  22. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,140
    In addition to the Google Analytics exposure via Get Addons and other Mozilla hosted pages... It appears that they also built GA reporting into at least one addon, which was delivered to a subset of users, and it didn't respect users' telemetry related settings:

    https://www.reddit.com/r/firefox/comments/6nbr1w/clarifying_some_things_about_the_thread_removed/

    Last year, the AMO Product Manager wrote a short article on Using Google Analytics in Extensions:

    https://blog.mozilla.org/addons/2016/05/31/using-google-analytics-in-extensions/

    Analytics systems may be built into other [non-Mozilla] addons too. Plus there are the various bits of info Firefox explicitly phones home via Telemetry/telemetry/pings:

    https://gecko.readthedocs.io/en/latest/toolkit/components/telemetry/telemetry/

    and other features. Given that only WebExtensions will be supported in the future (FF57) and the WebExtension APIs have significant limitations, addons will be less useful for dealing with such issues. A few ideas:
    • about:config, focus on prefs with values that contain urls. Search: /;(?:file|https?|ftp|ws):\/\//
    • Reference: https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
    • Reference: https://github.com/ghacksuserjs/ghacks-user.js
    • Reference: https://github.com/pyllyukko/user.js
    • Watch out for any prefs that have to be set via lockPref (which can be done via "mozilla.cfg" aka "autoconfig" file)
    • Other tools: DNS server/proxy rules, hosts file, gateway filtering, software firewall, etc
    • Monitoring: Browser console with Net options enabled, sniffer, firewall, etc. DNS prefetching is enabled by default, so to a degree you can tell what hosts it will try to connect to even when non-DNS traffic is blocked. DNSQuerySniffer.exe is a related useful tool for Windows. Note: outside of testing, many will want prefetching off (and some addons will do that).
     
  23. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,547
    It looks like Mozilla has joined the enemy :(
     
  24. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    471
    They have been for a long time in my opinion. Most all of our web browsing problems stem from one thing. The browser allows webpages to tell it to open connections to other servers without the users knowledge or consent. This is the enemy feature implemented by Mozilla, Microsoft, Google etc.
    When developers build new browsers they are nearly always on top of those same architectures. These large corporations hijacked the internet, subverted it and turned it into something it was never intended to be.
    A web, powered by corporate search engines whose purpose is to respond to our enquiries by providing links to sites that act as bait by supposedly holding the answers to our enquiry while their real purpose is to blitz our computers with 20-30 unauthorized connections to who knows what.
    Mozilla and co play this game where they supposedly try to help us fight this activity because they know most people are too stupid to realize, Mozilla are not only party to the said activity, they facilitate it by building it into their browser in the first place.
     
    Last edited: Jul 19, 2017 at 2:10 PM
  25. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    161
    That is all so true.
    All those corporations treat Internet as just one giant ad platform to mill money for them. And the poor users pay the price in wasted bandwith, wasted CPU cycles, potential of malware and, lose of privacy. And get nothing in compensation.

    Things really started to get downhill after they invented the XMLHttpRequest (or AJAX for marketing folks) object for sending data in the background asynchronously between client and the server(s).

    And it didn't stop there. Now we have: hyperlink-auditing (<a ping attribute>), canvas fingerprinting, HTML5 local storage, and tons of other web APIs that are supposed to make browser users life better but are really, only benefitting those that make money.

    Gone are the carefree days of old Internet :(

    Nowadays, you need some privacy enchanced browser (TorBrowser, CyberFox, etc...) with the addition of ad blocker and other stuff (Tor, VPN etc...) to have any chance of surfing the cesspool that Internet has turned into.
     
Loading...