On Sun, Aug 05, 2018 at 11:22:07AM -0500, Ax0n wrote: > It looks like Mozilla is enabling these features by default for Firefox 62 > after a controversial Shield Study earlier this year. These override one's > system DNS preferences by default, relying on 3rd parties (currently > CloudFlare) for DNS. These features seem like they could do more harm than > good for all but the most casual of browser users. > * Adds complexity to troubleshooting browser issues > * Creates a single point of failure > * Sends private data from browsing to a third party without consent
If you don't back your claims by actual trusted links about the matter (and not 'someone told it to me on IRC), this is pure FUD. The 'Shield Study earlier this year' is https://bugzilla.mozilla.org/show_bug.cgi?id=1446404, which is over, and there will be a new Shield Study for another TRR mode, but that only targets nightly users: https://bugzilla.mozilla.org/show_bug.cgi?id=1475321 And by the way, Shield Studies are disabled for new profiles on OpenBSD since last december (unless the pref has changed in the meantime..),cf https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www/mozilla-firefox/files/all-openbsd.js?rev=1.4&content-type=text/x-cvsweb-markup To make sure, check that app.normandy.enabled is false in your profile. The TRR code *will* be complete on 62 for users to test it, but i'm not aware of any intention to turn it on by default, and i have my close-to-mozilla sources. More links on the matter: https://wiki.mozilla.org/Trusted_Recursive_Resolver https://blog.nightly.mozilla.org/2018/06/01/improving-dns-privacy-in-firefox/ https://www.ghacks.net/2018/03/20/firefox-dns-over-https-and-a-worrying-shield-study/ Right now, in beta (which will become 62) afaict TRR defaults to false: https://dxr.mozilla.org/mozilla-beta/source/modules/libpref/init/all.js#5260 > The "casual browser user" demographic likely has a very narrow if > nonexistent overlap with OpenBSD desktop/laptop users. Are there plans to > have these configuration settings disabled for the packaged versions of > Firefox in ports? If not, I would suggest at least adding a blurb about > these features to the install-message. The 'OpenBSD power user' knows there are plenty of knobs to frob. There's no point in adding a blurb to the README (that actually *noone* reads) for each and every setting in the world...
