> Chromium has no good free software derivatives, firefox does.
I don't know why that makes Firefox better software (privacy or freedom
wise). It may actually have the implication that Firefox *needs*
modifications in order to be good for the user. In any case without having
expected each line of code of both browsers these are just general
considerations.
> Chromium collects information just like google chrome sending it back to
google. Firefox does do the same by default... but you can turn it off at
least.
You see, I have read thousands of such statements. For that reason I decided
to test for myself and my tests show exactly the opposite. Here is what each
browser sends in the background on startup with maximum privacy settings (as
explained in the bug reports):
Firefox (also the same with WaterFox):
https://bug1424781.bmoattachments.org/attachment.cgi?id=8937242
IceCat:
https://tracker.pureos.net/file/data/ezq7sfsa3em4iipqan2a/PHID-FILE-ms72jsoc2en6alzjr54z/icecat-privacy.txt
Additionally (found today):
https://lists.gnu.org/archive/html/bug-gnuzilla/2017-11/msg00012.html
Chromium:
https://bugs.chromium.org/p/chromium/issues/attachmentText?aid=316942
Do you see Chromium sending any packets to Google? Or to any other company at
all? - No. But both Firefox and IceCat do.
If you can show actual STR for a test scenario which proves that Chromium
sends data to Google without user consent, I am very intersted to look at it.
But as Chrmoium sends only DNS lookup requests to random names to test if the
proxy/gateway requires authentication (as explained in the Chromium bug
report) it is not really a privacy issue because:
1) if you connect to a public WiFi you have already trusted it, i.e. it is
not a question of browser
2) if you use your local DNS you are in control
3) you can create a default browser policy which would enforce those
settings, so even on first run there will be no communication to any company.
With Firefox (or IceCat, or WaterFox) you don't have that level of control
and Mozilla refuses to give it to you. Please test, see for yourself and
share if you find anything different.
> Purism is only honest if you don't read much about them except in favor of
what they say to you.
I don't want to go too off-topic as the thread is about browsers. I mentioned
Purism because I noticed the harsh critique in another thread. Personally I
don't have the expertise to evaluate the validity of what they say or of what
others say about them. The fact is that I shared my findings in their bug
tracker and they have structured it properly for further cleaning up of ther
PureBrowser - which unfortunately I am unable to test as I can't find a way
to install it on my openSUSE (maybe I will do it in a VM when I have time).
In any case the point for which I mentioned Purism is because we must be very
careful when we use or accept words about anything - browsers, OS, hardware,
companies etc. I agree that the overall linguistic outline on their website
is quite cleverly tailored and indeed creates the impression of a perfectly
pure system which is obviously not the case: disabling Intel ME does not
remove the secondary CPU built in the main one and so far it seems nobody has
reverse engineered completely the modules which me_cleaner must leave
untouched. But doesn't the same apply to the laptops listed as RYF by FSF?
Has Intel ME been completely removed or only disabled just the same way?
Along these lines:
"The distro must contain no DRM, no back doors, and no spyware."
https://www.gnu.org/distros/free-system-distribution-guidelines.html#no-malware
If this is actual criterion used in evaluation of FSF endorsed distros, then
the "no spyware" has not been checked. Browsers are perhaps the most used
programs and if any distro has Firefox (or IceCat, or WaterFox), considering
tcpdump's output the logical question is: How deeply has the distro been
tested actually? Are there any public records which show the exact procedure
and the result of it for every distro, so everyone can reproduce it? I really
don't know. But if the idea is openness and freely accessible info - it makes
sense to have such records. And if there is an entity which can decide which
is free and ethical, then such auditing must be done on a regular basis, not
just listed once and forever. Otherwise the endorsement really has no meaning
and can be easily exploited for marketing purposes.
So considering all that, without any condemnation or justification, it is
very difficult to say who is honest and at what depth. Without actual testing
it is all just words. Unfortunately technology is so complicated that it is
really impossible for one to learn and test everything. So we become slaves
to experts and as we see every day - being an expert does not always include
good morality.
> because you may be trolling us...
It has never been my intention. Forgive me if anything I said sounded like
that.
