Bug #8461
Extension infiltration
Status: | New | Start date: | 09/15/2017 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Anonymous | % Done: | 0% | |
Category: | - | Spent time: | - | |
Target version: | - | |||
Component: |
Description
Someone put Mozilla up to secretly tracking-fingerprinting Orfox through add-ons and the URI leak. It looks like theres a Mozilla override to the user override for extension signing, meaning you can only install extensions Mozilla allows. Lets look at the two anti-tracking privacy extensions, Ghostery leaks data, is owned by a private company, and you cant disable data collection. The other anti-tracking privacy extension Privacy Badger is the worst-performing anti-tracking extension and made by the EFF. Disconnect is GNU licensed and open source and you can't install it! Disconnect in WebExtension breakage isnt the first. Some devs report that about:addons is bypassing any extension blockages built with the new WebExtensions, such as uBlock Origin and Ghostery, and communicating with Google Analytics when the user is on that page. In addition, Google funds the EFF, and in the interests of National Security, the NSA is in Google they can't say no, and perhaps the EFF and Mozilla too, theres no reason not to, the spy agencies arent idealists engaged in a fair fight with anyone who uses Tor, they want the user data and they want it now so it takes time and multi-tiered approaches to get into Tor Browser and Orfox. Cisco has already been caught with backdoors in its router software, and their WebRTC H.264 video plugin is in EVERY Firefox installation including the Tor browsers. The EFF gets major funding from Google, and they have a huge extension that should be simple thats included in every Tor browser install. Who makes the browser and tracks the add-ons that every Tor user needs to maintain anonymity? Mozilla. What can they do when the the NSA appears with badges and engineers to skim data to help them identify Tor users, whats Mozilla gonna do, call the cops?? Think about it this way, if you can't get your spy code into the open-source browser, ya get it into the Pink Fluffy extension and control the doors. Thatll get it right under Tor users noses, because the Guardian Project doesnt host the extension site, they dont control the code, the flow or analytics of the extensions.