- This topic has 38 replies, 11 voices, and was last updated Jan 13-11:46 am by ModdIt.
-
Posts
-
ModdIt
anticapitalista,
Thanks for the really fast response,
Later, when home from work, see how my daughter and separately her boyfriend manage to follow a fix cheat sheet.Is MX also affected ?. I am unable to access the only laptop with an install as owner not at home.
And pls do not blame yourself, the situation was probably quietly designed by the mozilla man with E Mail adress at top of config file.
in expectation that a changed file as unknown as the distribution ini would remain undetected. unfortunately the retard was right.
I was really annoyed to miss a central user privacy problem.Once fixed will file a complaint to both German and EU data protection agencys as Firefox is generally distributed with opt
out telemetry settings only accesible after starting firefox, EU Law requires active opt in.
Would love to see Bakker in front of an EU court. Google and facebook were a start even if the fines were laughable.
Xecure
Moddit, I think the users that are reporting you and antiX are missing common sense (edit:censored down)
1/ IN EU ILLEGAL, in Germany angry parent is reporting both me and antiX setting situation to Data Protection agency.
I am now forced to do same while protesting my being unaware of the setting.Due this HIDDEN FROM USER setting Mozilla can with use of glean and the older anti privacy data reporting plus standard activated settings in about config get.
This is what I have on antiX 21-full runit 64 bits, from live USB without anything else changed, after updating to recent firefox-esr 91:
The data collection IS DISABLED BY DEFAULTIf these three options are disabled, the other options don’t matter (they are to micromanage data collection reports).
The reported options mentioned in the first post
toolkit.telemetry.enabled=true browser.crashReports.unsubmittedCheck.autoSubmit=true datareporting.policy.dataSubmissionPolicyBypassNotification=trueare NOT being used at all, as we can see in the first screenshot listed, so they are a benign misconfiguration with no negative effects towards the EU law (Edit: censored for misconduct)
Please, tell the angry parents to check if their suspicions are founded at all before reporting anyone to the German Data Protection Agency, and avoid making a fool of themselves. If they can prove otherwise, I will publicly apologize to them and to Moddit (and leave this forum to no longer trigger misconduct and propagate misinformation), but I suspect they are just in an altered state of mind and aren’t able to appreciate the work and effort people here are doing for FREE, as in volunteering, and that they treat like shit. (edit: censored for flaming)
I advice to no longer give any support to those parents or their children, as they seem to be easily influenced by FUD, and will only aggravate all our health. They can buy their own computers and support, and then denounce them for doing things againts what they paid for. antiX is a free product that requires an enourmous amount of unpaid work, which they seem to consider not worth it and even a hazard.
EDIT: I have replaced all offending wording, and will be restraining myself from posting on any topic I consider “triggering” or that was already answered previously in the forum.
- This reply was modified 1 year, 4 months ago by Xecure.
- This reply was modified 1 year, 4 months ago by Xecure. Reason: Censoring my words
antiX Live system enthusiast.
General Live Boot Parameters for antiX.
anticapitalista
anticapitalista,
Thanks for the really fast response,
Later, when home from work, see how my daughter and separately her boyfriend manage to follow a fix cheat sheet.Is MX also affected ?. I am unable to access the only laptop with an install as owner not at home.
I just checked MX-21 live (firefox) and it seems MX is not affected.
I do blame myself for foolishly just copy/pasting bits of the distribution.ini file from Mozilla without checking it in detail.
Thank you for reporting the balls-up and helping to find a solution.
Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - leaner and meaner.
Moddit, I think you and the parents you talk about are spreading bullshit about antiX.
Thank you for your considered comments, Please calm down and stop flaming, it does not help.
Nobody claimed anticapitalista is responsible for the situation, you could clearly
find that if you read my posts.This is about fixing issues including changes to a distribution config which were not authorized,
according to anticapitalista and clearly intended to set telemetry as a standard which is illegal
within EU.Anonymous
@Xecure, please come back down from your “circular argument”.
You also need to read what is written above about the telemetry part# Telemetry: report everything, no prompting. ...I think @Moddit is not wrong.
Here I have three antiX installations. This affects the ISO’s where firefox-esr was shipped with, in my opinion. Like this one with the file in question:dahlie@antix19:~ $ apt policy firefox-esr firefox-esr: Installiert: 78.15.0esr-1~deb10u1 Installationskandidat: 78.15.0esr-1~deb10u1 Versionstabelle: *** 78.15.0esr-1~deb10u1 500 500 http://security.debian.org buster/updates/main amd64 Packages 100 /var/lib/dpkg/status 78.14.0esr-1~deb10u1 500 500 http://ftp.de.debian.org/debian buster/main amd64 Packagesdahlie@antix19:~ $ inxi -S System: Host: antix19 Kernel: 4.9.235-antix.1-amd64-smp x86_64 bits: 64 Desktop: Fluxbox 1.3.7 Distro: antiX-19.3_x64-full Manolis Glezos 15 October 2020dahlie@antix19:~ $ ls -ld /lost+found drwx------ 2 root root 16384 Dez 26 2020 /lost+foundThe question is, how could something like this happen? @anticapitalista has taken responsibility for the mess. I hope it’s a emptiness, according to the MX principle, “everywhere” to spin an extra sausage with the antiX packages, because eventually the hard impact will come.
Thanks male,
this kind of problem probably happened because anticapitalista is stretched beyond limits at times,
plus who of us expects to find the kind of settings made in a for the average user unknown and hidden file.
Which was likely the logic of putting them there.PPC
Man… I stay away from the forum for the Christmas season and when I come back, all hell has broken loose!
Now something really productive:
– I’m glad anticapitalista fixed what needed to be fixed.
– I don’t know anything about German law but I want to say this: if someone filed a complaint about antiX with a german entity probably antiX is in no danger- antiX is not a company based/with dependencies in German, so any public german entitny or courts probably won’t be able to do anything about antiX
– Just to be on the safe side it may be better to have a warning on the homepage, and ideally on the default firefox esr homepage that antiX is not to blame for any undesired comunications done by that browser- if any exists, they are all the resposibily of Mozilla, any complaint should be address to that entity.@Xecure – My take on Moddit’s posts here in the forum is that Moddit is only trying to help out with any negative press antiX may get from undisered “phoning home” by the default browser. If someone filled a complaint against Moddit, in fact the best defense is probably stating that the default browser settings come, out of the box with the distro, and even more, they come (came) out of the box with the default package of the browser, done by mozilla, without any knowlege by the distro’s Dev team.
It does not matter if now (or even then, when the complaint was filled) there were attempts to perform undesired communications by Firefox, just that there’s a complaint that Firefox did that.
As far as I can see from the previous posts, there was a problem and anticapitalista fixed it…@anticapitalista- to avoid any similar future problems with other browsers or any kind of software that phones home, my legal advice would be to have a pop up that came up at the first time Package installer is run, with a legal disclaimer- that the antiX team is not to blame for any undesired communications that any software that is installed using the Package Installer perform – if you want I can try to write one such statement in english “legalise” and also pt… That may be over kill, but it’s the safest course of action. Like I said before, at least one such statement used as default homepage would be great…
P.
stevesr0
UPDATE:
I just installed the upgraded version of Firefox (95.0.2). I found that by default, it DOES allow sending data AND there is a distribution.ini file. It wasn’t in /usr/share/firefox/distribution but in /opt/firefox/distribution and has a (creation?) date of 20 Dec. This is presumably the original not the fixed version. So, I guess it would be HARMLESS to replace it with the new one anticapitalista produced, even though I have opted out of data collection and transmission according to Mozilla.# Partner Distribution Configuration File # Author: Dan Mills <thunder@mozilla.com> # id: short string unique to this distribution # about: a short descriptive (ui-visible) string for this # distribution # version: version of the extra distribution pieces (not the version # of Firefox) # bookmarks.initialized.pref: (optional) name of a boolean pref used to determine if bookmarks should be created on startup. This option should not be used except to upgrade from previous customized distributions that did not use the distribution.ini method [Global] id=MX-Linux version=1.0 about=Updates will come through your package manager about.en-US=Updates will come through your package manager # This section contains the global js prefs. You do should not list # the localized preferences here (see below) # Boolean preferences should be 'true' or 'false', w/o quotes. e.g.: # my.bool.preference=true # # Integer preferences should be unquoted numbers. e.g.: # my.int.preference=123 # # String preferences should be in quotes. e.g.: # my.string.preference="foo" [Preferences] mozilla.partner.id="mx-linux" app.distributor="mx-linux" app.distributor.channel= browser.search.distributionID="mxlinux.org" browser.search.searchEnginesURL= browser.search.defaultenginename= app.update.enabled=false extensions.update.enabled=true intl.locale.matchOS=true browser.shell.checkDefaultBrowser=false browser.newtabpage.enhanced=false # This section is used as a template for locale-specific properties # files. They work similarly to the GlobalPrefs section, except that # the %LOCALE% string gets substituted with the language string. # # This section should only be used for localized string preferences. # Other preference types will not work. [LocalizablePreferences] browser.startup.homepage="https://mxlinux.org/mx-linux-blog/" # This section is an example of an override for a particular locale. # The override sections do not interpolate %LOCALE% into strings. # Preferences set in override sections are *merged* with the # localizable defaults. That is, if you want a pref in # [LocalizablePreferences] to not be set in a particular locale, # you'll need to unset it explicitly ("pref.name=" on a line of its # own). [LocalizablePreferences-en-US] browser.foo="mx-linux" # Search Plugins # Search plugins do no need to be listed in this ini file. Instead, # create a directory structure like the following, and they will be # automatically loaded: # * distribution/ # * searchplugins/ # * common/ # * <plugin.xml> # * <plugin.xml> # * ... # * locale/ # * <locale>/ # * <plugin.xml> # * <plugin.xml> # * ... # * <locale>/ # * <plugin.xml> # * <plugin.xml> # * ... # If a directory for the locale the browser is running in doesn't # exist, Firefox will automatically try the 'default' locale, as defined # by the distribution.searchplugins.defaultLocale preference. # Bookmarks # There are two "toplevel" sections, BookmarksToolbar and BookmarksMenu. # These can reference other sections via the "folder" type item. These # folder sections must be named "BookmarksFolder-<id>". # Each section contains a list of numbered item settings, where each # item represents a bookmark, livemark, separator, folder, or the default # bookmarks in that container (if any). The default type is bookmark. # # Since Firefox 45, it's possible to set an optional keyword or favicon # for a bookmark. [BookmarksToolbar] item.1.title=MX Blog item.1.link=https://mxlinux.org/mx-linux-blog/ item.1.description=MX Linux Blog item.2.title=MX Forum item.2.link=https://forum.mxlinux.org/ item.2.description=MX Linux Forum item.3.title=antiX item.3.link=https://antixlinux.com/ item.3.description=antiX Homepage item.4.title=antiX Forum item.4.link=https://www.antixforum.com/ item.4.description=antiX forum [BookmarksMenu] item.1.type=folder item.1.title=MX Linux item.1.folderId=1 item.2.type=folder item.2.title=antiX item.2.folderId=2 [BookmarksFolder-1] item.1.title=MX Blog item.1.link=https://mxlinux.org/mx-linux-blog/ item.1.description=MX Linux Blog item.2.title=MX Forum item.2.link=https://forum.mxlinux.org/ item.2.description=MX Linux Forum item.3.title=MX User Manual item.3.link=https://mxlinux.org/manuals/ item.3.description=MX Linux Users Manuals item.4.title=MX Videos item.4.link=https://mxlinux.org/videos/ item.4.description=MX Linux Videos item.5.title=MX Wiki item.5.link=https://mxlinux.org/wiki/ item.5.description=MX Linux Wiki [BookmarksFolder-2] item.1.title=antiX item.1.link=https://antixlinux.com/ item.1.description=antiX Homepage item.2.title=antiX Forum item.2.link=https://www.antixforum.com/ item.2.description=antiX forumI am running Antix-19 Sid.
Aptitude shows Firefox 95.0.1-1 as currently installed with 95.0.2~mozillabinaries available as an upgrade.
I don’t have Firefox-ESR installed, but the version available in unstable is 91.4.1esr-1~deb11u1.
I don’t have a distribution.ini file. I wonder if the data collection issue is strictly for Firefox-ESR and those who are using the “leading edge” Firefox haven’t got that problem (yet). Or if it is also a problem with the latest Firefox (nonESR) version?
(N.B. I haven’t installed the upgraded version of Firefox because of a question/concern about my having too many repositories that is the subject of another thread (“Difference between Testing and Sid”). I will install the upgrade and report back about the generation of a distribution.ini file and what it contains.)
In my privacy and security settings, nothing is enabled in Firefox Data Collection and Use. According to Mozilla, this means I have opted out of data collection.
OBVIOUSLY, if Mozilla is lying about this, I want to be enlightened!
In any event, I think anticapitalista, Moddit and Xecure are too valuable in their contributions to other users to lose from this forum because of a disagreement about the implications of the distribution.ini file.
Thanks to all of you.
Happy New Year to come.
stevesr0
- This reply was modified 1 year, 4 months ago by stevesr0.
anticapitalista
The distribution.ini file has been used on antiX for many years.
It is included on the iso and is put there at build time.
At some point with antiX-19 series, I updated this file to add more bookmarks.
I used a mozilla template file and missed the 3 settings that moddit posted about.
Latest antiX-libs (now in repos) will overwrite the faulty file.antiX-21 net, core and base iso files do not have this file.
Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - leaner and meaner.
I submitted a post about my experience with NON ESR Firefox – but it hasn’t shown up (yet).
Summary – running “latest” Firefox versions just upgraded to ?20 Dec version 95.0.2. It produced a distribution.ini file in /opt/firefox/distribution/ that doesn’t have a telemetry line. I am not certain if this is the anticapitalista version or the nonESR ini files don’t have telemetry lines. It does enable extension updates if that is a negative. By default, the privacy and security preferences enable transmission of info to mozilla, I unchecked them which according to Mozilla should opt me out and result in any collected data being destroyed within 30 days.
I figure I can opt in if I want to send data to Mozilla – say to get help with a problem with the browser.
The original post was longer and included the whole ini file text. Maybe that’s why it hasn’t loaded (yet?).
P.S. I included a hope that neither Moddit nor Xecure nor anticapitalista would get so annoyed that they would leave the forum or give up using antiX.
Hope all have a happy new year.
stevesr0
anticapitalista
antiX only ships a distribution.ini file for firefox-esr.
Firefox is packaged by MX.Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - leaner and meaner.
ahoppin
Thanks for this thread – it’s very informative.
I’m relatively new here, so I apologize if my question and comment display ignorance or offend someone.
With Firefox’s declining privacy reputation and increasing apparent disrespect for its users, I was somewhat surprised to discover that Firefox was the default browser in Antix.
I assumed that there had to be good reasons. Nevertheless I didn’t want to use it, so I installed Seamonkey from apt.
(For some reason when I tried to use the package installer, Seamonkey didn’t install).
This is in antiX-19.3_x64-full.iso, downloaded on 2021/05/21, and installed.
The command:
sudo find /usr/lib/seamonkey -iname distribution.ini
doesn’t return any hits.
In /usr/lib/seamonkey/2.53.9, the command:
sudo grep -i telemetry\.enabled *
returns (among complaints about directories):
Binary file libxul.so matches
Binary file omni.ja matchesI’ve disabled crash reporter in the preferences dialog.
In about:config:
tooklit.telemetry.enabled is set to false
toolkit.telemetry.server is set to https://incoming.telemetry.mozilla.org
browser.crashReports.unsubmittedCheck.autoSubmit doesn’t seem to exist
datareporting.policy.dataSubmissionPolicyBypassNotification is set to false
datareporting.policy.dataSubmissionEnabled is set to true
datareporting.policy.firstRunURL is set to https://www.mozilla.org/privacy/firefoxIs there any reason NOT to set datareporting.policy.dataSubmissionEnabled to false?
Is there any reason NOT to set toolkit.telemetry.server to ”?
Is there anything else I should do to improve Seamonkey privacy?
Thanks!
schproodle
withdrawn
- This reply was modified 1 year, 4 months ago by schproodle.
EeePC, ASUSTek 1000HE - Atom N280, 1667 MHz, 32 bit - RAM 992.2 MiB
Kernel: 4.9.0-279-antix.1-486-smp i686 bits: 32 compiler: gcc v: 10.2.1
Desktop: IceWM 2.9.3 & zzzfm
Distro: antiX-21_386-full Grup Yorum 31 October 2021Is there any reason NOT to set toolkit.telemetry.server to ”?
You can / shoud test to confirm, but I suspect that if this pref value is edited to be blank (or is edited such that it contains a malformed scheme prefix (e.g. something other than http or https)… at next shutdown, firefox will “repair” the pref value, silently reverting it to the preconfigured default value prior to autosaving the user.js (and/or firefox.js) file.
This “self-repair” behavior is evident in response to editing a variety of “defended” preference values, especially values which contain URLs (i.e. server URLs and blacklist URLs). My workaround, which has NOT been universally effective, has been to alter every occurrence of blahblah.mozilla.com/blahblah ~~ replaced by blahblah.mozzzzzzzzzilla.com/blahblah (or somesuch unresolvable domain string). I suspect this tactic has not been universally successful because — for certain prefs — the browser’s “self-repair” inspection consults an internal lookup list containing one/several “blessed” predefined URL strings. For this particular URL string, the self-repair lookup may for instance (I have not tested) match against a more stringent pattern, e.g. http[s]?:\/\/.*\.telemetry\.mozilla\.org
- You must be logged in to reply to this topic.
