[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: The Spirit of Free Software, or The Reality

On Jul 15 2015, Ian Jackson <ijackson@chiark.greenend.org.uk> wrote:
> Nikolaus Rath writes ("Re: The Spirit of Free Software, or The Reality"):
>> On Jul 15 2015, Ian Jackson <ijackson@chiark.greenend.org.uk> wrote:
>> > Nikolaus Rath writes ("Re: The Spirit of Free Software, or The Reality"):
>> >> 2. Would it be ok if Firefox did all this at the time you visited the
>> >>    first webpage, rather than at the time of startup?
>> >
>> > I think that depends on what the first webpage is.
>> >
>> > If the first webpage is (say)
>> >   https://en.wikipedia.org/wiki/Embarrassing_medical_problem
>> >   https://act.eff.org/login
>> >   https://search.debian.org/cgi-bin/omega?DB=en&P=vulnerability+scanner
>> >   https://fetlife.com/home/v4
>> > then I don't see any reason why Ebay or Amazon would have to know even
>> > that I am running Iceweasel.
> ...
>> > It is obviously not practical for us to do very much about that, other
>> > than by promoting (a) privacy-enhancing client-side tools
>> > (b) privacy-respecting websites, where relevant and (c) political
>> > change.
>> Yes. I guess what I'm trying to say is that calling Iceweasel isn't the
>> same as calling "ls" or make. Having the latter programs do the above
>> would be severe. But in order to protect your privacy when browsing with
>> Iceweasel, you have to run it through tor anyway (and probably add all
>> sorts of other measures to prevent fingerprinting). So why worry about a
>> few extra requests?
> I'm feeling a bit frustrated now because I feel you didn't really read
> the part of my mail a bit earlier (quoted again above).  Perhaps I
> wasn't clear enough, so I will try to explain it again:
> If I use Iceweasl to visit the EFF's web pages, over TLS, I see no
> reason why I should be exposed to any privacy violations (other than
> any implied by decisons taken by the EFF).

I agree with you. There is no reason, and it would be nice if Iceweasel
would not violate your privacy if you do so.

However, I am not at all surprised that Iceweasel is doing that. If I
want privacy, I don't run Iceweasel but something like w3m. That's a lot
more reliable than changing Iceweasel to not download some icons and
disable safe browsing.

> Also, privacy is not the only reason to avoid unnecessary transactions
> with third-party servers.  Such transactions:

I actually agree with you in all points. I think we just disagree about
the severity of the issue.


GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F

             »Time flies like an arrow, fruit flies like a Banana.«

Reply to: