Julien Voisin blogs:
Today, I updated my Firefox, and had a new icon on my toolbar: pocket. I took at quick look at the ToS and privacy policy; here is my tl;dr:
Read it Later, Inc. is collecting a lot of intimate information and is tracking you.
When you share something through Pocket with a friend, the emails contains spying material using malware-like techniques to track your friends.
They are sharing those information with trusted third parties (Could be anyone they are doing business with.).
The policy might change, and it's your responsibility to check Pocket's website to see if it has.
[...] The Pocket implementation is not an extension (while it was available as an extension), it's implemented in Firefox. You can not remove it, only disable it, by going in about:config, since this option is not available in the preferences menu.
What the hell is pocket? on Mozilla's site:
The Pocket for Firefox button lets you save web pages and videos to Pocket in just one click. Pocket strips away clutter and saves the page in a clean, distraction-free view and lets you access them on the go through the Pocket app. All you need is a free account, an Internet connection and the Pocket button.
(Score: 0) by Anonymous Coward on Tuesday July 14 2015, @01:38AM
FTP's insecure because it's unencrypted?
(Score: 2) by Reziac on Tuesday July 14 2015, @02:21AM
Who cares??! When I use FTP I am downloading some file, not exchanging information with my bank.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 0) by Anonymous Coward on Tuesday July 14 2015, @05:47AM
Even the most mundane communications should be encrypted, to provide cover for those who truly need it.
(Score: 1, Insightful) by Anonymous Coward on Tuesday July 14 2015, @07:12AM
So is HTTP.
Which is STILL regarded by Firefox as more secure than HTTPS with self-signed certificates (when they are closer to being equal).
(Score: 1) by mvdwege on Wednesday July 15 2015, @09:58AM
That's because an unverified cert is more insecure than a totally unauthenticated, unencrypted connection that announces to the user that it is in fact insecure. An unverified cert announces to the user that it is secure, while not being secure at all.