I have been looking at both Firefox and Chromium (supposedly respecting user privacy and freedom, not like Google Chrome).
Firefox settings:
https://ultraimg.com/images/2017/12/12/nKx1.png
https://ultraimg.com/images/2017/12/12/nKxV.png
https://ultraimg.com/images/2017/12/12/nKxr.png
Chromium settings:
https://ultraimg.com/images/2017/12/12/nKxB.png
I am pasting the last screenshot as link because the forum doesn’t allow more than 4 images:
https://ultraimg.com/images/2017/12/12/nKxh.png
Additionally in both browsers I have installed extensions uMatrix, uBlock Origin and HTTPS everywhere. I don’t have any chat program installed (pidgin, kopete etc). I have NTP service enabled.
My findings:
-
Firefox disrespects settings for “Data Collection and Use”. I have provided more info in this bug report. In FF 57 things seem even worse: There are even more telemetry flags enabled and enforced by default and not accessible via Preferences, i.e. only through about:config.
-
watching uMatrix logger upon startup (without any other tabs open): both Firefox and Chromium communicate with hosts owned by Google and Mozilla. In other words - Google and Mozilla know the exact time when the user starts his browser (and perhaps other things too). Firefox communicates with google and other hosts too (even after disabling OCSP query and “Block dangerous and deceptive content”)
-
after closing the browser (say Chromium) as well as all other desktop apps I wait about 5 minutes after the browser process has died and I look at tcpdump output:
14:32:29.015682 IP pc.47222 > router.domain: 7090+ A? lh3.googleusercontent.com. (43)
14:32:29.018269 IP router.domain > pc.47222: 7090 2/0/0 CNAME googlehosted.l.googleusercontent.com., A 216.58.207.33 (88)
14:32:29.018425 IP pc.43317 > router.domain: 38316+ A? accounts.google.com. (37)
14:32:29.020262 IP router.domain > pc.43317: 38316 1/0/0 A 216.58.207.45 (53)
14:32:29.020416 IP pc.38513 > router.domain: 51010+ A? clients2.googleusercontent.com. (48)
14:32:29.021398 IP router.domain > pc.38513: 51010 2/0/0 CNAME googlehosted.l.googleusercontent.com., A 216.58.207.33 (93)
If I read that correctly: somehow there is still communication between the local machine (pc) and the router on our network related to Google. Similar thing is observed with Firefox. There are also packets which contain ‘amazon’ substring.
**More testing:
**IceCat behaves similar to Firefox.
Tor browser doesn’t seem to do what Firefox and Chromium do.
Questions:
- Considering a FOSS ethical perspective (everything you would hear from FSF) - Are these valid concerns?
- Is there something technically wrong or missing in this simple test?
- Is there anything to report (bugs)?
- Or should I visit the mental hospital?