Unwanted connection, or not customizable

minbrowser / min

A fast, minimal browser that protects your privacy

https://minbrowser.org/

Apache License 2.0

7.95k stars 703 forks source link

Unwanted connection, or not customizable #1285

Open PEPERSO opened 4 years ago

PEPERSO commented 4 years ago

I have noted a connection everytime I start min, to minbrowser.org, even if I disabled autocheck for update. I would like to know why, and be able to stop this connection if I want to.

What solution would you like? A privacy policy explaining this connection and eventual data collection. Also, if possible, a check box in settings allowing to block data collection and calling home

Thanks for Min, it is incredibly user friendly :1st_place_medal: !

Syndamia commented 4 years ago

This should be because of the "Welcome to Min" page. It isn't built-in, it's this page: https://minbrowser.org/tour/.

PEPERSO commented 4 years ago

Alright, I get it, thanks !

Still, I think that a privacy policy could be a good thing, even a "No data collected at all. Period.", just to be clear

Syndamia commented 4 years ago

Yeah, that would probably be a good touch. In the meantime, @PalmerAL stated the privacy policy here: https://github.com/minbrowser/min/issues/440#issuecomment-344094295.

PalmerAL commented 4 years ago

There's three possible requests that can happen:

The first time you launch Min, it will open the welcome page that Syndamia mentions.
The first time you launch Min after upgrading to 1.15, it will make a request to find out whether to show a prompt to take a survey (source) - the reason for this is so that we can disable the survey prompts once we're done running the survey.
If you have update notifications enabled, Min will make a request every time it is launched to find out if there's an update.

No personal data is sent as part of these requests. (These services are all hosted on Github Pages, so they would be covered under their privacy policy, but once again, there's no data included about your usage of Min included in them).

I do agree that we should more clearly describe this; I'm planning to add a page to the website at some point that describes this, and what privacy features Min offers.

PEPERSO commented 4 years ago

Thanks for your explanation ! But then I think there is another case of connection, because:

It's not the first time I launch Min
I'm on 1.16
My update notifications are disabled

Maybe it's another DNS prefetch due to the fact that this page is proposed in the Menu, so Min requests for its IP address automatically ?

Thanks for the absence of collected data, that's great :)

PalmerAL commented 4 years ago

Hmm, I wouldn't expect it to prefetch anything. Can you get the exact URL that's being requested? The easiest way is probably to go to developer > inspect browser > network, enable "preserve log", then developer > reload browser and see what shows up.

PalmerAL commented 4 years ago

Never mind, I figured it out: there's a second survey for the searchbar, and so there's a similar request to see whether to show the survey prompt for that (source).

That survey ended a while ago; we should probably just get rid of the request for it.