Shock News on Firefox 3

[Analada]

"THE FORTHCOMING version of the Firefox browser, Gran Paradiso, will ship with a function that will tell Google all about your browsing habits.

The feature is supposed to be designed to allow the browser to check the URL against a list of phishing sites which is stored at Google.

The downside is that while the punter gets some form of malware protection, Google is getting shedloads of information on the sorts of sites you are visiting."

Full story here:

http://www.prisonplanet.com/articles/septe...0907Firefox.htm

Caveat is that the 'feature' is meant to be disabled by default. So that's all right, then?

If anyone here is developing FF3 for win98SE, please let's not only disable this feature, but obliterate it!

[BenoitRen]

If it's disabled by default, what's the problem? It will be up to the user to decide if (s)he wants to enable it and thus let Google know what they visit.

[Fredledingue]

Who would bother to do that?

[oscardog]

"THE FORTHCOMING version of the Firefox browser, Gran Paradiso, will ship with a function that will tell Google all about your browsing habits.

The feature is supposed to be designed to allow the browser to check the URL against a list of phishing sites which is stored at Google.

The downside is that while the punter gets some form of malware protection, Google is getting shedloads of information on the sorts of sites you are visiting."

Full story here:

http://www.prisonplanet.com/articles/septe...0907Firefox.htm

Caveat is that the 'feature' is meant to be disabled by default. So that's all right, then?

If anyone here is developing FF3 for win98SE, please let's not only disable this feature, but obliterate it!

It does not surprise me in the least considering Google holds the purse strings for the Mozilla Foundation, (until googles browser emerges). Its a shame firefox went from a lean fast browser, to where it is today, bloated by all of this rubbish. No doubt it can quite easily be turned on and used by unscrupulous people and used for malicous intent

[Andrew T.]

This is hardly breaking news: Any tool that checks URLs for phishing pretenses needs to send them somewhere on the web...and a blacklist of sites is too large and too volatile in terms of data change to store locally. And the tool is already in Firefox 2.

At the same time, I shy away from anti-phishing tools for this very reason (not to mention the performance hit that results). You really only need two eyes and a brain to determine that a URL of something like "http://bank-of-ethel.suk0rz.tv/l0g0n" is something other than what it purports to be. I think it's good that the feature is disabled by default.

Is Firefox getting bloated? While it's a far cry from Netscape 3.04, it's arguably a featherweight and bastion of usability compared to IE 7, and the download size for Firefox 2 is smaller than it was for version 0.8.

[Analada]

This is hardly breaking news: Any tool that checks URLs for phishing pretenses needs to send them somewhere on the web...and a blacklist of sites is too large and too volatile in terms of data change to store locally. And the tool is already in Firefox 2.

<snip>

"The difference appears to be that while FF2 periodically downloads a list from google, FF3 uploads every URL you visit. The feature itself may not be new, but the implementation certainly seems to be."

Trying to get further clarification.

Long discussion here:

SEE: http://yro.slashdot.org/yro/07/09/25/1622229.shtml

Note:

(1) Anyone who uses the Google Toolbar extension for their web browser (available for Firefox) and enables the PageRank function will be querying Google for the PageRank of every webpage they visit.

(2) Use this freeware tool for more privacy on your google searches:

http://mrl.nyu.edu/~dhowe/TrackMeNot/

"TrackMeNot is a lightweight browser extension that helps protect web searchers from surveillance and data-profiling by search engines. It does so not by means of concealment or encryption (i.e. covering one's tracks), but instead, paradoxically, by the opposite strategy: noise and obfuscation. With TrackMeNot, actual web searches, lost in a cloud of false leads, are essentially hidden in plain view. User-installed TrackMeNot works with the Firefox Browser and popular search engines (AOL, Yahoo!, Google, and MSN) and requires no 3rd-party servers or services."

[Analada]

Ok, this is what I found out.

(1) The normal firefox gurus on firefox support group haven't been able to add much to what has already been said. It seems that there's a genuine element of doubt as to precisely what this 'feature' will entail (but see following).

(2) FF3 is certainly looking very interesting in its other features and I hope someone will be able to port it to win98SE. Good discussion of features here:

http://mozillalinks.org/wp/2007/09/firefox-3-alpha-8-review/

(3) The above link links to this stuff, quoted under fair use: [my comments in parenthesis]:

* Firefox 2’s anti-phishing is not Google exclusive. It has the necessary hooks for other providers to offer their lists and integrate with it. Unfortunately, no other provider like Netcraft or McAfee has done so. Which is sad as it not only would bring choice for users but would also be a business opportunity for them. Mozilla can’t do much about it other that [sic.] work with those interested.

* Firefox 3 will have an anti-malware protection [note: 'anti-malware' is the new game. It remains to be seen how commercialised and possibly regulated this area becomes] that will work exactly the same way as anti-phishing sites with Google as a provider. So you can be as concerned or unconcerned about it as you currently are. This is the no news part.

* Mozilla is in talks with stopbadware.org, an independent [??] malware fighting association that includes Google, Sun Microsystems, Lenovo, Oxford and Harvard universities and Consumer Reports WebWatch, to include it as another provider. Its Privacy Policy suggests submitted reports and queries stay at stopbadware.org. [O! That's all right then!] At least it doesn’t say something like “we can share it with partners and members…”.

[Analada]

Ok, here is some definitive stuff from a guy called Alan Baxter who evidently runs the current development version of Fx 3.0, Gecko/2007092705

Minefield/3.0a9pre.

QUOTE: "It implements the antiphishing feature in the same manner as Fx 2.0, i.e. it gives the user a choice between using a downloaded list of suspected sites or asking Google about each site you visit. The default is still using the downloaded list instead of asking Google each time. I don't know if there are any plans to change that before Fx 3.0 is released in a few months."

So I guess...we still don't know for sure as far as the final release is concerned.

[bledd]

who cares

[Camarade_Tux]

Is Firefox getting bloated? [...]and the download size for Firefox 2 is smaller than it was for version 0.8.

I guess they're using NSIS installer and NSIS installer moved to LZMA compression whichs means a smaller size.

Size once installed is what is relevant here.