Am 17.11.2014 um 14:41 schrieb Bruno Wolff III:
Firefox is really not set up with privacy as a high priority. Some bad things it does from a privacy perspective are: If you type a name in the url bar and send, if the name dosn't match a domain google is contacted. (And it is google even if you have some other search engine set.) OSCP is used to check for certificate revocations. For some threat models this cure is worse than the disease. There should be an easy way to disable this.
not such problem if more sites would be configured properly http://en.wikipedia.org/wiki/OCSP_stapling
Javascript is not easy to disable without installing a third party plugin, and the way that plugin works still leaves some exposure to javascript related issues.
and everytime a newspaper recommends to disable it weeks later we got complaints that some forms don't work because tech to make it harder submit them automated until analyze what JS actions are expected
The referer header is sent by default. It isn't obvious how to disable that
please don't propose disable the Referer globallya samrt default would be https://addons.mozilla.org/DE/firefox/addon/smart-referer/ to send it only to the same domain
as example i require a referrer for captchas from the own domain to make it harder embed the captcha into some porn site and let users type it in
everytime when people come out with "how to disable referrer, javascript and the useragent" they have no clue what harm they are doing for sane websites wich try to protect themself and their owners from automated attacks / junk
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
