[HN Gopher] Mozilla: *Privacy Not Included
___________________________________________________________________
Mozilla: *Privacy Not Included
Author : Engineering-MD
Score : 99 points
Date : 2021-08-06 14:21 UTC (8 hours ago)
(HTM) web link (foundation.mozilla.org)
(TXT) w3m dump (foundation.mozilla.org)
| banana_giraffe wrote:
| The first thing I looked at, the Google Nest Protect says:
| Microphone: Device: Yes Tracks Location: Device: Yes
| Biometric: Voice recordings
|
| Huh? There's no GPS, no mic (at least, there are no voice based
| features, and teardowns I've seen haven't spotted a mic).
|
| There might be reasons to not want one, for sure, but inventing
| reasons isn't a good sign.
|
| Edit: I was wrong, ignore me.
| chewmieser wrote:
| It does definitely have a mic but it's supposedly only used for
| sound checks (and audio never leaves the device):
|
| https://support.google.com/googlenest/answer/9250972?hl=en
| banana_giraffe wrote:
| Fair enough, that's still a long ways from recording my voice
| all the time.
|
| Now I need to revisit the teardowns I've seen to see how they
| missed this.
| vetinari wrote:
| Technically, you don't need GPS for location tracking. All you
| need is to scan for BSSIDs around you and then check in a
| database, where in the world they are. Conveniently, Google has
| one such database ;).
|
| (That's also the reason why Android gates wifi network scanning
| behind location permission).
| auslegung wrote:
| It might track location via Wi-Fi.
| jamesgeck0 wrote:
| The Nest device doesn't use GPS, but it does use a variety of
| sensors (sound, IR, etc) to try to determine if you're home or
| not, thus technically establishing your location.
| Wowfunhappy wrote:
| I really don't like this website. The criteria appears to be
| "things Mozilla thinks technology companies should be doing", and
| not necessarily related to privacy.
|
| For example--sites get downgraded if they don't require strong
| passwords. Now, maybe websites _should_ require strong passwords,
| that 's a completely reasonable position to take. But if _you_ ,
| the user, are using a strong password, whether or not _others_
| are _required_ to use strong passwords has no impact on _your_
| privacy. Especially because privacy [?] security.
| Grieving wrote:
| > sites get downgraded if they don't require strong passwords
|
| Assuming "strong", as usual, means uses upper+lower letters,
| numbers, symbols, etc., this directly contradicts NIST's
| current password recommendations. They recommend enforcing a
| minimum length instead, and recommend a "minimum minimum" of 8.
| They also recommend checking passwords against a set of the
| most common ones from leaks. The NCSC's top 100k list is good
| (pre-filtering those under your minimum helps too--only 47k
| remain after removing pws under 8 chars):
| https://github.com/danielmiessler/SecLists/blob/master/Passw...
| France_is_bacon wrote:
| From my understanding, the only real way to create a password
| is to make it really, really long. Like, "Sometimes 10 people
| will get together on Friday night. Wow!" Or whatever you
| want. Makes it easy to remember. Personally I just usually
| string a bunch of random numbers and upper/lower/special
| characters - 40 of them. Just like this:
| https://www.youtube.com/watch?v=rERApU26PcA
| bingidingi wrote:
| i use song lyrics; nggyunglydngtaahy
| slapfrog wrote:
| I tried long memorable passphrases for a time, but a few of
| my passphrases were not as memorable as I expected and I
| ended up having to reset several of them. Eventually I got
| fed up with it and switched to an offline FOSS password
| manager and use generated passwords from that. To unlock
| the password manager, I use a single long passphrase that I
| am confident I can remember. Now I worry that I'm putting
| all my eggs in one basket, but at least my passwords won't
| be guessed or forgotten.
| France_is_bacon wrote:
| Right. I always make sure to write them all down, as I
| won't remember either.
|
| But they are to make sure that random hackers don't gain
| access. Nobody is really going to break into my office
| and steal my passwords, as I am not an international spy.
| Engineering-MD wrote:
| All good points, thanks for your input. I liked it as I haven't
| seen a similar ones from a reptile company but agree it could
| be better.
| grey_earthling wrote:
| > I haven't seen a similar ones from a reptile company
|
| I know this is a typo, but it's also an excellent pun.
| yakubin wrote:
| What is it a typo of?
| nightcracker wrote:
| Presumably reputable.
| [deleted]
| RepZilla wrote:
| Red Firefox Cult - Repzilla!
|
| Blue Oyster Cult - Godzilla.
| Stampo00 wrote:
| I agree. This site seems unnecessarily inflammatory and
| confrontational. Purely elitist PR publicity nonsense instead
| of educational. It's a bad look on Mozilla and it turns me off.
|
| Talk up your own features instead of smearing other people's
| products. Products that aren't even your competition, I might
| add!
|
| It's flame bait for its own sake, trying to take advantage of
| outrage culture in an attention economy.
|
| Be better, Mozilla.
| dane-pgp wrote:
| > whether or not others are required to use strong passwords
| has no impact on your privacy.
|
| It's worth considering, though, that attackers may target sites
| that don't mandate strong passwords, because the password
| hashes in the site's database are likely to be easier to crack
| (and users with simple passwords are likely to reuse those
| passwords).
|
| Once an attacker has chosen to target that site, that increases
| the chances that they find themselves able to read your data
| regardless of the password you used, because they'll have
| access to the whole database.
|
| In fact, a site which hasn't put the engineering effort into
| enforcing strong passwords (not even a simple regex, let alone
| more complex approaches like checking for compromised passwords
| against the haveibeenpwned database) is also likely to have
| undervalued security in other areas, again making them a
| target.
| Wowfunhappy wrote:
| It also works the other way though. If attackers target the
| site, they'll know some users have weak passwords, so if you
| have a strong password, they'll move on quickly to easier
| targets.
|
| I'd say on the whole it evens out.
| thephyber wrote:
| I don't see this as even remotely "evening out" the parent
| comment.
|
| If a site mandates strong passwords, it is more likely to
| follow other best practices like throttling login attempts
| and locking accounts after too many failed attempts (either
| per account or per IP).
|
| If attackers target the site, they should only have a
| limited number of attempts before they start getting
| thwarted.
|
| It would take a lot of attempts (exact numbers will vary)
| just to determine if a given user's credentials are strong
| or not, so the adversary has already wasted significant
| effort on the accounts they will eventually "move on" from.
| If the site has throttling and/ or account lockout, the
| adversary should not be able to determine who has weak
| versus strong passwords.
| h_anna_h wrote:
| > and locking accounts after too many failed attempts
| (either per account
|
| This is not a best practice, this is a DoS.
| CodesInChaos wrote:
| > if you, the user, are using a strong password, whether or not
| others are required to use strong passwords has no impact on
| your privacy
|
| That only applies if the site only gives you access to your own
| data. If your friends grant you access to some of their data,
| your poor security compromises their privacy.
| tuukkah wrote:
| The site has a section that explains the criteria including
| that Mozilla didn't decide on them alone but with other non-
| profits.
|
| Regarding passwords: _" If the product uses passwords for
| remote authentication, it must require that strong passwords
| are used, including having password strength requirements. Any
| non-unique default passwords must also be reset as part of the
| device's initial setup. This helps protect the device from
| vulnerability to guessable password attacks, which could result
| in a compromised device."_
|
| https://foundation.mozilla.org/en/privacynotincluded/about/m...
| fragileone wrote:
| I wish there was a RSS feed of some kind available. Whether it be
| for a changelog, a Twitter feed or blog posts.
| tuukkah wrote:
| I really don't like the comments here. Why do people assume that
| the Mozilla foundation is a clueless scammer? Before questioning
| their methods and motives, how about reading what the site says:
|
| _" Welcome to Mozilla's Privacy Not Included buyer's guide. Our
| goal is to help you shop smart--and safe--for products that
| connect to the internet._
|
| _In 2017, when we first started Privacy Not Included, we didn't
| know if people would be interested in a guide about the privacy
| and security of connected toys, gadgets, and smart home products.
| Turns out, they were. [--] "_
| https://foundation.mozilla.org/en/privacynotincluded/about/w...
| slapfrog wrote:
| > _Why do people assume that the Mozilla foundation is a
| clueless scammer?_
|
| It's not an assumption, it's an evaluation they are continuing
| to earn by quacking like a duck.
| tuukkah wrote:
| Can you point to something concrete that makes Privacy Not
| Included clueless or scammy? EDIT: Or if it's that the
| foundation did some clueless and scammy things earlier that
| cost them all their reputation, what were they?
| trvz wrote:
| This is utterly phony, coming from the company that updated their
| browser some time back to send its users' DNS data to fucking
| Cloudflare unless they opted out.
| chris_engel wrote:
| They say sonos does a good job on privacy. Did I miss something?
| Did they finally drop their approach of GPS-locating each
| speaker, phoning home what you listen to every couple of minutes
| and bricking the speakers to avoid re-sales?
| ursugardaddy wrote:
| Mozilla needs to drop the whole 'we need the web equivalent of a
| slave uprising'/'more than deplatforming' thing
| havelhovel wrote:
| I use a VPN and Firefox with NoScript installed. You might think
| I would be on board with Mozilla's privacy zealotry, but this
| page rubs me the wrong way. Dunking on IoT and wearables as
| "Super Creepy!" just seems out of touch with consumer
| preferences. My Amazon Halo is the first piece of technology I've
| been excited to use in a long time. I guess Mozilla thinks I'm
| creepy by association.
| ub99 wrote:
| A bit off-topic: is there a law requiring that sex toys must be
| blurred out? Even the ones that just look like a bent piece of
| silicon (not dildo-like)...
| hutzlibu wrote:
| How about extending that list to software and add something like
| "Firefox mobile" to that list, that comes advertised as privacy
| focused, fighting all those evil ad tracking technologies - but
| comes bundled with their own ad-tracking enabled by default!? And
| telemetry. And "participating in studies".
|
| So yes, if you are a little bit tech-savy, it is easy and the
| first thing to disable. But it is still a very "creepy" to me,
| that those things are enabled by default, which means it stays
| enabled for the majority of users.
| antisthenes wrote:
| So this was the end-game for Mozilla?
|
| An Aliexpress like shop that tries to capitalize on whatever
| brand value they think they have left? Does the internet really
| need another janky affiliate page full of IoT crap?
|
| I've said it before and I'll say it again: guys, focus on making
| a good browser.
| alphabet9000 wrote:
| site needs a copy editor, or something.. "Scroll to see how
| creepy people find these products!" reads like they are talking
| about "creepy people"
| DonHopkins wrote:
| That man's nuts! Grab 'em!
| that_guy_iain wrote:
| One was on there because last year they didn't meet their
| "security standards" whatever those are but this year they do. So
| they improve in your eyes but you're still going to bash on them.
| Another one was that in the past there was a security hole. Those
| were the first two items I clicked.
|
| Honestly, I think this is the worst Mozilla thing I've seen. It's
| all preachy on things from the past.
| agilob wrote:
| This page promotes companies that make it impossible or very hard
| to delete accounts or data
|
| https://backgroundchecks.org/justdeleteme/
| teddyh wrote:
| For an even more strict selection, I suggest H-Node:
| https://h-node.org/hardware/catalogue/en
| pseudo0 wrote:
| So glad Mozilla laid off all their Servo devs to focus on what's
| really important: IoT sex doll privacy evaluations.
| lapetitejort wrote:
| Snark aside, were I in the market for such a device, I would
| absolutely want to know how privacy focused it was. I
| appreciate that Mozilla includes the category in the list. They
| exist, people will buy them. There's no sense in acting like
| CES and plugging their ears whenever they're brought up.
| chomp wrote:
| This is Mozilla Foundation, not Mozilla Corp.
| nerdponx wrote:
| Even better: this is where your donation money goes.
| pseudo0 wrote:
| The corporation is a wholly owned subsidiary of the
| foundation. It's effectively one organization structured to
| minimize taxes. What exactly is your point anyways?
| chomp wrote:
| My point is that I find it difficult to understand your
| comment because the Foundation does 2 things - advocacy,
| and holds the trademarks. The Corp is the one who built out
| Servo, and due to a lack of foresight on management's part,
| amongst other things, had to cut costs due to a dwindling
| browser share.
|
| You sound like the non-profit should start funneling its
| money into the corporation to secure its finances. Why?
| pseudo0 wrote:
| The corporation subsidizes the foundation, not the other
| way around. It's just a question of how much. Here's a
| toy example that illustrates Mozilla's situation. Let's
| say you have XYZ Corp and XYZ Foundation (501c3).
|
| XYZ Corp revenue (search engine deal): $90
|
| XYZ Foundation revenue (donations): $10
|
| Total revenue: $100
|
| XYZ Corp costs (browser dev): $50
|
| XYZ Foundation costs (advocacy, etc): $50
|
| Total costs: $100
|
| You have to spend the 501c3 income on appropriate costs
| first, so the $10 from the foundation revenue gets put
| towards the foundation's advocacy costs. The remainder
| ($40) gets covered by revenue from the corporation.
|
| Now let's say you cut $10 in advocacy costs from the
| foundation, realizing that it's more important to have a
| viable browser competitor to Chrome than sex doll privacy
| evaluations. Now the corporation reduces its transfer to
| $30, and has $10 left over to, say, avoid laying off devs
| when the search engine deal revenue drops. Fundamentally
| most of the money is fungible, and wasting money on
| unproductive initiatives takes money away from making
| Firefox a viable Chrome competitor.
| pseudalopex wrote:
| A non profit organization can't just use a for profit
| subsidiary like a bank account. Mozilla Corporation
| licenses trademarks from Mozilla Foundation for 2% of net
| revenue.
| tylersmith wrote:
| Not even a real or useful measure of privacy implications. Just
| the completely subjective feeling of being "creepy" expressed
| as a percentage as if it were a precise and objective
| measurement.
| schroeding wrote:
| The votes seem... pretty useless for most products? :-D
|
| For example, by the votes the Sony WF-1000XM3s[1] are 31% "half-
| creepy", 12% find them even "super creepy".
|
| Why? Hot take, but IMO these headphones are as "not creepy" as it
| gets. You don't have to use the app, they work fine as is. The
| app doesn't need any permissions. Still, the majority find them
| at least "half-creepy".
|
| Or this Canon Printer [2] here. It's... a printer? Which allows
| to print stuff from the cloud via your own device. (Discontinued)
| Google Cloud Print could be creepy for some, but the printer
| works fine without it, locally. The majority thinks "Yep, that's
| pretty creepy"? Or are they just voting with the default setting
| "half-creepy", without moving the slider? :-P
|
| 10%~30% "not creepy", 30% "half-creepy", 10% "very creepy" seems
| to be the default distribution of votes for all more or less
| harmless products. Maybe the default value of a vote should be
| "not creepy", not "half-creepy" :-D
|
| [1] https://foundation.mozilla.org/en/privacynotincluded/sony-
| wf... [2]
| https://foundation.mozilla.org/en/privacynotincluded/canon-p...
| GekkePrutser wrote:
| Most modern printers are creepy AF. They constantly phone home
| their ink status etc. A lot of them apart set up helpful WiFi
| access points where anyone can connect and see what you've left
| on the scanner plate. HP I'm looking at you.
| kbenson wrote:
| To to mention the watermarking and money detection stuff
| printers do in their drivers which users have no control
| over.
| DavideNL wrote:
| > Why? Hot take, but IMO these headphones are as "not creepy"
| as it gets.
|
| It says so in the _"Can it snoop on me?"_ section... for
| example the app tracks your location...
| marcinzm wrote:
| If you allow it to so that it can do location based profiles.
| You can not allow that feature and during the onboarding
| screens it asks if you want that feature.
| schroeding wrote:
| Right, that explains why some users would vote for "creepy".
| But the information in this section is not really true. The
| user is not forced (or nudged / dark-patterned / etc) in any
| way to give those permissions.
|
| Location: Yes, it _can_ ask for the Location permission, but
| it does that only if the user explicitly wants it to do so,
| doesn 't it? You have to activate "Adaptive Sound Control",
| and also explicitly activate location based ANC control. And
| then you still have to give it the permission in the
| operating system dialog.
|
| Camera: You can make pictures of your ears to use some kind
| of strange "sound optimization", which only works with a few
| apps. Only then does it ask for the Camera permission, and it
| never uses / asks for it again afterwards.
|
| So the information Mozilla provides is not really accurate,
| and that could skew the votes. I don't know if that's any
| better. :-D
| agentdrtran wrote:
| Which it has to do if you use the auto-switch modes or
| location modes function.
| gundmc wrote:
| A ton of the products have a plurality of "Half Creepy" votes.
| I suspect it's because people wanted to see the results and you
| have to vote to see them. Half-creepy is populated by default.
|
| Fun idea, but I don't think there is much valuable information
| to glean from the ratings.
| slapfrog wrote:
| Just my two cents, a product having an optional app at all
| makes me disinclined to buy it. It's not a strict
| disqualification, but it's definitely a negative to me. I
| really dislike when companies even suggest I install their
| apps, and prefer to do business with companies that don't do
| that. The best sort of company is one that doesn't even know
| what an app is.
| perryizgr8 wrote:
| > Google seems to do a better job than some of the other Big Tech
| companies when it comes to privacy.
|
| Huh??!
| rasz wrote:
| dont bite the hand that feeds you
| slivanes wrote:
| Google sells access to users, but doesn't share/sell user
| information.
| jesboat wrote:
| Same with Facebook.
| wmf wrote:
| _Technically_ real-time bidding doesn 't sell your
| information... it gives your information away for free.
| slapfrog wrote:
| Mozilla knows what side their bread is buttered on.
| paulcarroty wrote:
| Cool to know Bose got lawsuit for stealing users data:
| https://www.businessinsider.com/bose-lawsuit-alleged-spy-hea...
| klyrs wrote:
| Okay, now do Firefox's telemetry...
___________________________________________________________________
(page generated 2021-08-06 23:02 UTC)