search

mullvad / mullvad-browser

Privacy-focused browser for Linux, macOS and Windows. Made in collaboration between @torproject and @mullvad
https://mullvad.net/browser
1.31k stars 25 forks source link

Problem safebrowsing and Google #257

Open freeburn12 opened 5 months ago

freeburn12 commented 5 months ago

Hi very good job for your fork for free all privacy

Why you haven't deleted all Google and safebrowsing lines: 

browser.safebrowsing.provider.google.advisoryURL
browser.safebrowsing.provider.google.lists
browser.safebrowsing.provider.google.reportURL
browser.safebrowsing.provider.google4.advisoryURL
browser.safebrowsing.provider.google4.dataSharingURL
browser.safebrowsing.provider.google4.lists
browser.safebrowsing.provider.google4.reportURL
browser.safebrowsing.provider.google.reportMalwareMistakeURL
browser.safebrowsing.provider.google.reportPhishMistakeURL

And you have forgot Mozilla safebrowsing line:

browser.safebrowsing.provider.mozilla.lists
browser.safebrowsing.reportPhishURL

-And yet you have good erase this line

browser.safebrowsing.provider.google.gethashURL
browser.safebrowsing.provider.google4.dataSharingURL
browser.safebrowsing.provider.google4.gethashURL
browser.safebrowsing.provider.mozilla.gethashURL
browser.safebrowsing.provider.mozilla.updateURL

And other For Better confidentiality gogol mull

Please fix for the next update Thanks

Thorin-Oakenpants commented 5 months ago

tor browser and mullvad browser do not utilize google safebrowsing - the prefs are meaningless

@ruihildt +1 close unless you want to add something to the faq

freeburn12 commented 5 months ago

Thanks for your response.

So you could remove these lines to avoid confusion.

Thanks

freeburn12 commented 5 months ago

So How do you change the internal prefs and settings for an enterprise deployment, without using a .cfg file or policies.json ?

Thorin-Oakenpants commented 5 months ago

So you could remove these lines to avoid confusion

why are you in about:config (rhetorical question)? And no, because it adds complexity and code and rebasing and etc etc where it is not needed

cc: @PieroV who can maybe explain more

PieroV commented 5 months ago

Why you haven't deleted all Google and safebrowsing lines:

Because they aren't active. They're behind browser.safebrowsing.*.enabled, which are set to false. Also, even if we wanted to use them, we'd have to have an API key which we don't.

I'd be okay with accepting a MR to set them to empty strings, but realistically once the .enabled are false it's enough for us.

freeburn12 commented 5 months ago

You could remove these lines to avoid confusion for new users who want to trust you as you say, not like firefox who says that "his priority is our privacy outside GAFAM", while they let the google safebrowsing activate, telemetry ...

Even if me I know that they are disabled in your fork. A little effort on this would be a must for many people. Please understand it. It's your goal and job. Thanks

PieroV commented 5 months ago

Fair. I created an upstream issue.

freeburn12 commented 5 months ago

I understand technically, but it is necessary, to be in line with your principles and the trust we have in you. Thank you for your attention