Tor Browser Bundle 8.0 (TBB) sends OS+kernel+TOTAL_PING_COUNT in update queries to Mozilla
- Tails 3.9, which ships with TBB 8.0, is also affected.
User report:[1]
https://blog.torproject.org/comment/277375#comment-277375
Sanitize the add-on blocklist update URL
https://trac.torproject.org/projects/tor/ticket/16931
related, old, closed ticket (unresolved):
TBB-Firefox sends OS+kernel in update queries to Mozilla
https://trac.torproject.org/projects/tor/ticket/6734
[1]: "TBB-Firefox sends Linux kernel version in extensions blocklist update queries to Mozilla. 6 years old ticket closed https://trac.torproject.org/projects/tor/ticket/6734 without fix this privacy issue.
From Ubuntu 18.04.1 LiveCD
/v1/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/60.2.0/Firefox/20180204030101/Linux_x86_64-gcc3/en-US/release/Linux 4.15.0-29-generic (GTK 3.22.30 libpulse 11.1.0)/default/default/1/1/new/"
"about:config
extensions.blocklist.url"
"Also it send TOTAL_PING_COUNT to tell mozilla how many days you use TBB."
(Score: 1, Interesting) by Anonymous Coward on Wednesday September 26, @12:40AM (1 child)
If I wanted telemetry, I'd use Microsoft Edge.
(Score: 2) by Runaway1956 on Wednesday September 26, @12:43AM
Agreed. This makes me want to check up on all my Mozilla based applications. WTF? None of my activity is any of Mozilla's business.
(Score: 0) by Anonymous Coward on Wednesday September 26, @12:43AM (4 children)
Don't like your things phoning home all the time? Time travel back to 1990 you dinosaur. Go see Madonna in concert while you're back there. Oh right you can't go see Madonna because your Pope told you not to attend that concert tour. Too bad she touched herself onstage right?
(Score: 2) by Runaway1956 on Wednesday September 26, @12:45AM (3 children)
You must be Catholic. You should realize that 3/4 of the world doesn't give the smallest damn about any pope. I'm part of that 3/4, thank you very much. Normal people simply don't think about anything the pope says or does - it's beneath our notice.
(Score: 0) by Anonymous Coward on Wednesday September 26, @12:49AM
Who needs a pope? Allah is my co-pilot. *boots Tor*
(Score: 0) by Anonymous Coward on Wednesday September 26, @01:01AM (1 child)
Whoosh much?
Pope John Paul II told Catholics to boycott the Blonde Ambition World Tour in 1990 because Madonna simulated masturbation during her performance of Like A Virgin. That was back when we got our news from a TV screen instead of a computer screen. Did you not see the news or do you not remember?
Anyway the point is with ubiquitous connectivity that we have today the expectation is that everything will be always connected and everything tries to use the connection to update itself. If only there were some kind of setting to turn off autoupdate.
(Score: 0) by Anonymous Coward on Wednesday September 26, @01:08AM
well... no, that's a stupid expectation unless you mean: retarded people from marketing want their noses on people's shit all the time