Julien Voisin blogs:
Today, I updated my Firefox, and had a new icon on my toolbar: pocket. I took at quick look at the ToS and privacy policy; here is my tl;dr:
Read it Later, Inc. is collecting a lot of intimate information and is tracking you.
When you share something through Pocket with a friend, the emails contains spying material using malware-like techniques to track your friends.
They are sharing those information with trusted third parties (Could be anyone they are doing business with.).
The policy might change, and it's your responsibility to check Pocket's website to see if it has.
[...] The Pocket implementation is not an extension (while it was available as an extension), it's implemented in Firefox. You can not remove it, only disable it, by going in about:config, since this option is not available in the preferences menu.
What the hell is pocket? on Mozilla's site:
The Pocket for Firefox button lets you save web pages and videos to Pocket in just one click. Pocket strips away clutter and saves the page in a clean, distraction-free view and lets you access them on the go through the Pocket app. All you need is a free account, an Internet connection and the Pocket button.
(Score: 4, Informative) by AndyTheAbsurd on Monday July 13 2015, @07:25PM
Pale Moon is the alternative - it was forked to avoid the pointless UI changes that started a couple of years ago; most extensions are still compatible, and the devs are pretty much committed to not making changes that are "crap" (like the recent directive from Mozilla management to remove FTP functionality from the Firefox "platform" [mozilla.org] (note that this may not remove FTP functionality from Firefox entirely - but it will end up being implemented as a JavaScript thing like PDF-inside-Firefox is today)).
Please note my username before responding. You may have been trolled.
(Score: 1) by TheMessageNotTheMessenger on Monday July 13 2015, @08:03PM
FTP is terribly insecure and you shouldn't be using it. I had no idea FF still supported it.
How up-to-date is Pale Moon? Since it's a fork and not just a custom build, how well does it get tested and what about security updates?
Hello! :D
(Score: 1, Informative) by Anonymous Coward on Monday July 13 2015, @08:29PM
This is what the main dev has to say:
https://forum.palemoon.org/viewtopic.php?f=24&t=5075 [palemoon.org]
Of course those are just words. What evidence are you looking for?
(Score: 4, Informative) by fnj on Monday July 13 2015, @09:01PM
Do you have any idea whatsoever what you're talking about? Using anonymous FTP to download files is "insecure" how? It's the de facto file transfer protocol of the internet. It is very efficient. Granted browser client implementations are pretty much all shitty. For anything serious, wget is much preferred, but for simple stuff it's been taken for granted forever that you can browse and casually download from FTP servers in a browser.
If you had said telnet was complete garbage for a long time now, that would be different. With telnet's clear text password transfer, it's not conceivable that there is any safe use for it. Anonymous FTP is not like that.
(Score: 0) by Anonymous Coward on Tuesday July 14 2015, @01:38AM
FTP's insecure because it's unencrypted?
(Score: 2) by Reziac on Tuesday July 14 2015, @02:21AM
Who cares??! When I use FTP I am downloading some file, not exchanging information with my bank.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 0) by Anonymous Coward on Tuesday July 14 2015, @05:47AM
Even the most mundane communications should be encrypted, to provide cover for those who truly need it.
(Score: 1, Insightful) by Anonymous Coward on Tuesday July 14 2015, @07:12AM
So is HTTP.
Which is STILL regarded by Firefox as more secure than HTTPS with self-signed certificates (when they are closer to being equal).
(Score: 1) by mvdwege on Wednesday July 15 2015, @09:58AM
That's because an unverified cert is more insecure than a totally unauthenticated, unencrypted connection that announces to the user that it is in fact insecure. An unverified cert announces to the user that it is secure, while not being secure at all.
(Score: 2) by Reziac on Tuesday July 14 2015, @02:27AM
Hey, browser devs, want a fast track to my bit bucket? Keep removing useful features and replacing them with useless eye candy.
Geez. I use FTP in the browser all the bloody time. Just today I used it to wander around some linux repository looking for the ISO that I wanted. And as I said to the other bloke, who cares if FTP is secure or not? We're using it to view and download random shit, not to communicate with our banks. FTP has about as much need to be secure as a textfile does.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2, Insightful) by Francis on Monday July 13 2015, @10:43PM
How is it any less secure than www? If you need security, there's sft, scp and various other methods.