Even other "features" like meta refresh, that could be used to hide an attack.
Attack that was actually exploited in the wide from Russian Government few months later.
@emanuele was looking for "something on #Firefox that is tracking on you with no choice" and in fact you do not even have a way to disable #JS and re-enable it with one click on a per #Web site base (like you have even on #GoogleChrome ! ! !).
Also Emanuele, you should consider that if people around you and people like you are tracked and profiled by #Google because of default firefox's settings (like default search engine), the end result is that you can still be manipulated and influenced through them.
That's why defaults should be #privacy friendly by default.
And you can disable JS in Firefox in the devtools e.g.:
Google Chrome is NOT a privacy/security friendly browser.
In no way.
Yet, I'm glad to inform you that if you look in your settings, you will find in
> Privacy and security
> Site Settings
Without Developer Tools! 😉
The answer is simple: they pretend to be privacy-friendly just to fool most people with their #Google-friendly defaults.
Indeed most people won't customize their browser (or at most will install sub-optimal extensions like NoScript).
In practice, #Mozilla became the geek-friendly PR-team of Google, Facebook and friends.
That's an individual solution trying to fix a systemic issue.
It's not going to work in the current environment.
It's like wearing a surgical mask in a crowd metro where everybody does not wear one: good luck! 🤣
That's why @aral mocks them.
As for me, when I wrote that bug report I thought that they were in good faith.
They were not.
chaos.social – a Fediverse instance for & by the Chaos community