[Mageia-dev] Talk of Browsers
Tux99
tux99-mga at uridium.org
Fri Oct 1 06:27:27 CEST 2010
On Fri, 1 Oct 2010, Ahmad Samir wrote:
> A bit off-topic, but first you should answer pterjan's question
> here[1]: Look at the code and show me a place where any URL is sent
> to Google.
>
> [1] http://lists.mandriva.com/cooker/2010-08/msg00461.php
Well, given the size of the source code of Firefox and the fact that I'm
not familiar with it, that would be like searching for a needle in a
haystack.
What I did though is read the specs of the protocol that implements this
'feature' and I must say that it's not entirely clear what information
Firefox passes on to Google when contacting the Google 'safe-browsing'
databse. The current version of the protocol seems very complicated to
me, I'd say unnecessarily complicated, which is not what you would want
from a potentially privacy-sensitive feature.
( http://code.google.com/p/google-safe-browsing/wiki/Protocolv2Spec )
The fact remains that when this feature is enabled, Firefox interacts
with a Google service, without the user being aware of it.
My main point is, any program (not just Firefox) that contacts a remote
service (where it's not obvious for the user) should notify the user
about this with a dialog box before doing so the first time, asking
for the informed consent of the user.
In fact this could be a strong unique selling point of Mageia, if we
make sure that all Mageia packages are configured by default to respect
the user's privacy and to always request consent from the user before
connecting to remote services.
A slogan could be:
"Mageia the Linux distro that takes your privacy seriously"
Drakrpm is a good example on how to do it correctly, since before
setting up the list of mirrors it asks the user for consent to contact
the Mandriva site to download the list of mirrors.
More information about the Mageia-dev
mailing list