Option to disable Phishing and Malware Protection
yoasif opened this issue ยท 14 comments
What is the user problem or growth opportunity you want to see solved?
No way to disable Phishing and Malware Protection for users who are suspicious of Google/Yandex and leaking browsing history to Google/Yandex.
How do you know that this problem exists today? Why is this important?
This came up in SUMO chat. An option exists in desktop. about:config could previously have been used in Fennec.
Who will benefit from it?
People suspicious of Google/Yandex.
โIssue is synchronized with this Jira Task
users who are suspicious of Google and leaking browsing history to Google
More important seems to be that these people read how SafeBrowsing in Firefox works. It does not work by sending Google the browsing history.
users who are suspicious of Google and leaking browsing history to Google
More important seems to be that these people read how SafeBrowsing in Firefox works. It does not work by sending Google the browsing history.
Even if it doesn't send full history it may send some info to Google and it is not desirable. It also requires bandwidth and many mobile users are on a tight plans, so why do you want to take bandwidth from them without their explicit consent? Why take away option to disable it from them?
See also https://www.washingtonpost.com/news/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking/?arc404=true for a story how NSA is able to use unique ids (like cookies, and so-called "safebrowsing" sends them) in internet traffic for their purposes.
Read also Mozilla Manifesto (I know that this document has purely propagandistic purposes and doesn't mean anything for management of Mozilla, but oh well...):
https://www.mozilla.org/en-US/about/manifesto/
"Principle 4 Individualsโ security and privacy on the internet are fundamental and must not be treated as optional."
users who are suspicious of Google and leaking browsing history to Google
More important seems to be that these people read how SafeBrowsing in Firefox works. It does not work by sending Google the browsing history.
I thought this article was interesting: https://blog.trailofbits.com/2019/10/30/how-safe-browsing-fails-to-protect-user-privacy/
Safe browsing (AKA. Malware and phishing protection) won't work the way you mentioned nor it downloads the whole blocklist.
It may probably use same amount of network bandwidth a normal blocklist that you use in ublock.
https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/
Safe browsing (AKA. Malware and phishing protection) won't work the way you mentioned nor it downloads the whole blocklist.
Could you be more specific re:"won't work the way you mentioned"?
Does it send Google's cookie? Yes, it does. From the page given by you:
"Cookies set by the Safe Browsing servers to protect the service from abuse are stored in a separate cookie jar so that they are not mixed with regular browsing/session cookies."
(author of these words conveniently omits the fact that "Safe Browsing servers" are in google.com domain and cookies are not only set, but also included with every request to so-called "safebrowsing" servers; also note that part of the sentence "cookies set ... to protect the service from abuse" indicates that cookies are actually required -- you cannot remove them, block them or do somethig similar, as this would compromise alleged "protecting service from abuse").
Does it have the potential of sending full URL-s to Google? Yes, it does. From the page given by you:
"Otherwise, send the binary file's metadata to the remote application reputation server (browser.safebrowsing.downloads.remote.url) and block the download if the server indicates that the file isn't safe."
with the link on "metadata" leading to parts of code where there is setting in request properties of origin URL. If I read code correctly - https://dxr.mozilla.org/mozilla-central/source/toolkit/components/reputationservice/ApplicationReputation.cpp#1306 - it is stripped from query params, but full hostname + path ARE included in this case.
It may probably use same amount of network bandwidth a normal blocklist that you use in ublock.
https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/
That article is from 2016. Why do you think nothing has changed since that time?
In any case, it doesn't matter that much. The point is that users should be in control what their User-Agent does and this so-called "safebrowsing" should be optional, not required.
Just because you see the word "cookie" doesn't mean it's a tracking thing. It just gives the browser a timestamp or version string- something to know what version of the db its on.
Just because you see the word "cookie" doesn't mean it's a tracking thing. It just gives the browser a timestamp or version string- something to know what version of the db its on.
No, I (and linked article about "safebrowsing") speak above about HTTP cookies, in particular set by google.com domain; you are wrong and you have no idea what you are talking about. Read eg. comments in https://bugzilla.mozilla.org/show_bug.cgi?id=368255 to learn more.
Regardless of the background behaviour of these default functions the users should be in control over what content they want to view or visit. This control is removed and thus now Firefox and Google are in control.
This is not safe by default. This is not freedom of access to information by default.
The safe browsing is not a magic bullet to protect users from harm or provide freedom of access to safe content. It is a best effort service and thus also has false positives and false negatives users should be able to ignore. Safe browsing is only an indication based on Google service. Users may or may not like to trust this per warning or completely. Why they like to ignore or trust Google or results of services is up to users
Users may deliberately want to view a resource regardless of the opinion of the safe browsing service and Google or any other future provider of this sort of services. Regardless the possible negative consequence of ignoring the advise. It can also have negative consequence by not allowing the user to visit a resouce. Currently these last mentioned consequences are primary projected at the user, not Firefox or Google. This does not seem fair without users being in control over the final decision to follow or ignore safe broesing service warnings.
Users should at least have the option to visit a marked as unsafe resource, like visiting possible insecure https sites can be accepted after a fair warning.
It would be more reasonable to also provide the option to disable these Google based features like is possible in other versions of Firefox for multiple reasons. Reasons like dependency on a specific company or unwanted service behaviour or results.
Also, the text of the warning reads " has been blocked based on your security preferences". User preferences indicate it should be configurable.
It is appreciated Firefox and Google like to protect users but this should not be enforced by the only choice of do or do not use Firefox if you want control over what you can view online and who you trust.
Regardless of the background behaviour of these default functions the users should be in control over what content they want to view or visit. This control is removed and thus now Firefox and Google are in control.
This is not safe by default. This is not freedom of access to information by default.
The safe browsing is not a magic bullet to protect users from harm or provide freedom of access to safe content. It is a best effort service and thus also has false positives and false negatives users should be able to ignore. Safe browsing is only an indication based on Google service. Users may or may not like to trust this per warning or completely. Why they like to ignore or trust Google or results of services is up to users
Users may deliberately want to view a resource regardless of the opinion of the safe browsing service and Google or any other future provider of this sort of services. Regardless the possible negative consequence of ignoring the advise. It can also have negative consequence by not allowing the user to visit a resouce. Currently these last mentioned consequences are primary projected at the user, not Firefox or Google. This does not seem fair without users being in control over the final decision to follow or ignore safe broesing service warnings.
Users should at least have the option to visit a marked as unsafe resource, like visiting possible insecure https sites can be accepted after a fair warning.
It would be more reasonable to also provide the option to disable these Google based features like is possible in other versions of Firefox for multiple reasons. Reasons like dependency on a specific company or unwanted service behaviour or results.
Also, the text of the warning reads " has been blocked based on your security preferences". User preferences indicate it should be configurable.
It is appreciated Firefox and Google like to protect users but this should not be enforced by the only choice of do or do not use Firefox if you want control over what you can view online and who you trust.
Agree
@yoasif what is the about:config setting?
@yoasif what is the about:config setting?
@andreicristianpetcu There are some entries for browser.safebrowsing. if you search. I haven't tried them myself.
Apparently, in Firefox Focus, when a bug was filed for Safe Browsing not being able to be disabled, it got fixed (mozilla-mobile/focus-android#4155) Why not do the same thing with Firefox for Android, not just because of privacy, but to be consistent?
Also, currently, there's no option to disable for a specific site once, like on the desktop, which means it becomes impossible to access a mistakenly blocked website until Google authorizes it.
Moved to bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1807455
Change performed by the Move to Bugzilla add-on.