Page MenuHomeSolus

Add Firefox extensions to reasonably protect Solus users from malvertising
Closed, LockedPublic

Description

Malvertising or malicious advertising is a common problem in the internet and the default Firefox browser configuration does not sufficiently protect a Solus user from it. What can be done about it?

  • Include trustworthy Firefox extensions which support Firefox 57+ out of the box. I think this would be in line with privacy by design principles and providing sane defaults for increased usability and user protection. Desktop environments such as GNOME and MATE are also shipped with extensions to increase usability, for example.
  • If the inclusion of Firefox extensions is rejected on the grounds of hijacking a vanilla browser experience and potentially increasing the attack surface (in my opinion the advantages outweigh the disadvantages here), then I'd recommend to add a post-installation section to the software center where users can choose to fine-tune their system based on their individual preferences. Not opting for either of these two, in my view, leaves those most vulnerable who are not technically proficient enough to make a reasonable choice of what extensions to install or even know that such extensions exist. Such a curated list of recommended extensions could include the following two: Privacy Badger (by EFF Technologists: https://github.com/EFForg/privacybadger) and uBlock Origin (by Raymond Hill: https://github.com/gorhill/uBlock)

Event Timeline

Privacy is a major concern, however freedom is also about letting the user make his/her own choices.
Firefox offers plethora of extensions; many of them having the same purpose and they are very easy to install and don't require admin privileges.
Last but not least, if some privacy extensions are pre-installed you'll miss one of the most important objective: education (better to explain people why they should install such extensions); last but not least it could give some people the feeling their privacy won't be violated at any moment.

JoshStrobl claimed this task.

@kyrios123 I appreciate your reply even though I disagree with you. My initial impression is that you argue from a non-paternalistic position and value freedom of choice higher than I do. To me, freedom is more intricately connected to ethics. But just as differences in opinion may create friction, it is also the dialectical engine for progress. Thanks also to the Ikey and the Solus team for taking the time to actually reply to my suggestions. To make it short, I understand this is a bug tracker and not a discussion forum. Perhaps there is a chance to discuss this further on IRC or elsewhere.

Happy to have the IRC convos fwiw :)

You might want to reconsider my original request after reading this article and in light of the meltdown and spectre vulnerabilities: https://www.lawfareblog.com/spectre-advertising-meltdown-what-you-need-know

Firefox 57.0.4 is a patched version to mitigate these vulnerabilities. Check the release notes

DataDrake changed the task status from Wontfix to Locked.Sep 2 2018, 1:04 PM
DataDrake added a subscriber: DataDrake.

@baimafeima Enough. This isn't the place to debate philosophies.

This task has been locked.