为了广告，Firefox 现在默认收集用户数据

为了广告，Firefox 现在默认收集用户数据
For advertising, Firefox now collects user data by default

原始链接: https://www.heise.de/en/news/For-advertising-Firefox-now-collects-user-data-by-default-9801345.html

流行互联网浏览器的最新版本 Firefox 128 引发了有关用户数据收集的争议。默认情况下，更新后的浏览器包含一项名为隐私保护归因（PPA）的新技术，该技术会收集匿名广告数据。批评者认为，该浏览器的开发商 Mozilla 在没有适当通知或明确退出选项的情况下实施 PPA，故意误导用户。许多用户声称，直到安装升级后他们才完全意识到这一变化。博主声称 Mozilla 知道用户不会批准这样的功能，因此应该在激活之前提供更多的透明度。支持者认为，自动选择加入对于保护用户免受侵入性广告跟踪是必要的。尽管担心用户数据存储，但聚合数据仍然是匿名的，没有记录可识别的个人详细信息。问题围绕 Firefox 用户是否信任 Mozilla 在实施此类技术的过程中保护他们的私人信息。作为市场领导者 Google Chrome 的主要竞争对手，Firefox 在数据隐私承诺方面面临着越来越严格的审查。一些用户转向替代浏览器，而另一些用户则等待 Ladybug（一种新兴的独立浏览器选项）的开发。总的来说，这场争论引发了这样的问题：浏览器能否真正保护用户隐私，同时有效地提供有针对性的广告。

所提出的小型 Web 浏览器旨在为传统的基于 HTTP/HTML 的 Web 浏览提供替代方法。该浏览器支持各种协议，包括 HTTP(S)、Gopher、Gemini、Spartan、Scorpion 和本地文件，还可以选择支持 NNTP 以进行新闻组阅读。出于对隐私和复杂性的考虑，浏览器还排除了某些 HTTP/1.1 功能，如 cookie、用户代理、引用者、etag、跨源请求。该浏览器计划采用 HTTP/1.1 的子集，支持 GET/POST 请求，同时限制对 HTTP 标头的支持。此外，该浏览器将集成对 HTML5 的最低限度支持，从而实现基本的多媒体内容嵌入，尽管有选择地禁用嵌入媒体的显示。此外，拟议的浏览器将利用现代 CSS，优先考虑易用性和性能。它既不会合并也不依赖 JavaScript 来保持简单性和安全性。鼓励但不强制通过 TLS 进行安全连接，在适当的情况下允许不安全的连接。支持与 SOCKS5 代理（例如 Tor）集成，以增强在线匿名性，同时通过客户端证书提供无密码身份验证，以实现无缝的用户体验。该浏览器将包括本地存储的合规网站索引，以便于在不依赖外部搜索引擎的情况下进行发现。允许对索引进行第三方更新，类似于 APT 等包管理器。自定义提供商选项可实现去中心化网络操作，浏览器还可以尝试使用替代方法（例如 Twitter 或 Mastodon 的简化版本）访问不受支持的服务。网站仍然可以通过传统的网络浏览器访问，确保与现有基础设施的兼容性。此外，该浏览器还对旨在保护用户隐私并提高整体可用性的特定网络功能提供保证。最后，强调开源代码的可用性，促进透明度和社区协作。但是，我们接受 AGPLv3 之外的许可条款，以适应不同的开发实践。除了明确请求的功能（如音频输入）之外，硬件访问请求被最小化。利用“代理功能”的设计可以解决未来操作系统实现中的硬件访问问题。

原文

This article was originally published in German and has been automatically translated.

Firefox 128 is here - and is making headlines not with practical new features, but with a data protection controversy. Specifically, users are accusing the developer Mozilla of nothing less than deliberately deceiving its own users. This is because the new version of Firefox introduces a technology for anonymized measurement of advertising and its performance.

What may sound good on paper does not go down well with many users for several reasons: Firstly, Firefox automatically delivers the Privacy-Preserving Attribution (PPA) with the update to the new version, despite the "experimental" label. More serious, however, is the fact that Mozilla also activates the feature directly - users must therefore deactivate the PPA manually by opting out. Prerequisite: They are also aware of the PPA introduced behind the scenes.

This is precisely where blogger Jonah Aragon's criticism comes in: He believes that Mozilla knows full well that Firefox users would not want such a function. If the situation were different, the developers would have presented the PPA to the public beforehand and given the community time to test it beforehand. It is debatable to what extent this was done – at least Mozilla has had a support entry on what the PPA is for a month now.

Our users don't understand this

However, Bas Schouten, technical lead for Firefox performance, explains that it would have been difficult to explain a system like PPA. If users are not in a position to make an informed decision, an opt-in does not make sense. Users must therefore be protected from advertising tracking. In any case, new features would constantly be activated without being asked.

It is not surprising that such an attitude is not well received: Jonah Aragon accuses Mozilla of seeing itself as the shepherd of an uninformed mass. And according to the developers, they now have to be urged to make the right decision. Yet, Firefox users in particular are the kind of adult users who need to be listened to.

In fact, there is a strong suspicion that Mozilla wants to improve its own cash flow with the PPA. However, it is unclear how much money is involved. However, the developer behind the PPA is Anonymous, which Mozilla acquired a few weeks ago. Accordingly, the provider is the middleman between advertising and users.

Also technically questionable

But how does the PPA actually work? There is an aggregation server between the advertising provider and the users or their data, which anonymizes the information from the individual app browsers. Only then does it make the data available to the participating advertising customers.

This means that these providers can no longer draw conclusions about individual users. The process sounds simple and has an obvious weak point – which immediately draws criticism: Firstly, user data is now located on the aggregation server – which therefore leaves the user's own computer in any case.

For Mozilla, this server is not part of an advertising network – a view that many users are at least critical of. Aragon even goes so far as to accuse the Firefox developers of a trick: they have simply redefined the advertising network so that it does not belong to the advertising provider.

Data protection as an advertising label

There is also the question of how much Firefox users will actually trust a browser provider in future that advertises data protection but at the same time resorts to such measures. Because, as the critics are already realizing, only Mozilla's word protects the data collected - technically, according to Aragon, the system could easily be modified in future so that advertising providers would also have access to individual data.

And it was precisely these fears that critics expressed when Anonymous was purchased. However, observers could not imagine that Mozilla would now set up an (unnamed) advertising network through the back door. After all, the developer had recently suggested simply collecting less or no data to improve privacy. And now the opposite is happening.

To make matters worse, Firefox is the only major competitor to Google Chrome – other browsers are all based on Chromium. In any case, Mozilla's move does not make it any easier for users to make the right decisions for them and their data protection. Ladybird is currently gaining momentum as an independent hope, but is still a long way from being a reliable web browser.

(fo)