Firefox-mienskipsfoarum

Firefox releases email addresses and our data to third parties!

I installed the Arc browser and Arc offered to load my bookmarks from mozilla. Out of curiosity, I let it, and it loaded my bookmarks and folders smoothly. Arc didn't navigate Firefox to the login page, so Firefox released my information without asking me.

What probably happened in the background was that the Arc browser told Firefox which email address it was requesting data from, and Firefox handed over the data to it "on notice". Firefox was not even convinced that the real owner of the email address asked the Arc browser to synchronize the folders.

Is it the famous Firefox reliability?

Hello guys, as in title - I use custom NextDNS set of rules on DNS-over-HTTPS. As of today, Firefox can't connect to the provider. AFAIK Troubleshoot Mode is also affected. The other devices using NextDNS on my network work just fine and when I set the DNS to work system-wide as a kind of workaround, I don't get an issue. Same when I use other DNS-over-HTTPS options in the Firefox Preferences. Yesterday the problem didn't occur and I haven't performed any updates since yesterday - both Firefox and NetworkManager seem to be up to date.

Additional info: OS: EndeavourOS (Arch Linux) Firefox version: 129.0.2

If any other info is needed, I'll be happy to provide it to you.

I'm trying to use a security key for my Vanguard site. I've tried with Firefox, Microsoft Edge, and Chrome. I can get to almost the end but get stopped-- I can't get no father to "connect and activate." I get a message saying--"Vanguard is requesting extended information about your security key which may affect your privacy. Firefox can anonymize this for you but the website might decline this key. If declined try again." I talked to Vanguard for help but they didn't know how to help. The key is uTrust FIDO2 NFC. USB-A NFC Certified Security Key. I believe the problem may be that this key will link all my accounts in Firefox ( and will also link if I use any other browser.)

I got the following from the internet: When it says authenticators it means Security Key.

Using an authenticator for one account is safe, but allowing a website to ask for extended information for multiple accounts using the same authenticator can permit that website to identify a link between those accounts. If you are concerned about having accounts linked together in this way, you should either deny extended information when prompted, or use different authenticators for the different accounts. This linkability is based on the authenticators, and not on your browser. If you use the same authenticator with different browsers, websites can still identify a link between multiple accounts. Can this be solved? Thanks joek90ros@aol.com

I use both Firefox and DuckDuckGo. I also have NordVPN. Recently, I have been getting warnings through NordVPN that both Firefox and DuckDuckGo represent vulnerability risks. I have been using all three programs for some time now. This warning from NordVPN is something new. Is there a vulnerability risk or is there some in compatibility between new versions of these software packages?

I am using Windows 11 on a Microsoft Surface Pro 9.

Thanks for your help.

Denis

Hi again,

so, in my other question I was reminded about Browserleaks and while I was there testing TLS I also tested Canvas and it said 100% unique which I was surprised because I have the Enhance Protection in FF in "Custom" with both fingerprinting options selected and in "in all windows", plus CanvasBlocker.

100% unique is not good, right? That's what I thought at first. But then I remembered, CanvasBlocker rotates settings all the time, so even if my fingerprint is 100% unique it's also changing all the time which means "they" can't identify me (supposedly). Then I also thought "actually it might be better than not 100% unique because in that case I might have more issues with websites thinking that it's someone else trying to access my account". But then I thought "although if it's 100% unique changing all the time it's also like if it was a different person".

I deactivated CanvasBlocker and tested again and it was also 100% unique. Then I reactivated CanvasBlocker and I deactivated FF's anti-fingerprint. Again 100% unique. In other words, I don't see a way to see what is the difference between using CanvasBlocker on top of the native FF anti-fingerprint. That's where you can help :)

So, questions.

1) can you tell me what exactly does FF block about fingerprinting? And, does it rotate settings like CanvasBlocker so that this "100% unique" is not actually a real issue because it's different every time? Or is it a bad kind of 100% unique in that case?

2) what would create less issues of websites thinking that I am not me? A rotating 100% unique, or a not 100% unique (in which case, how to I achieve that, considering that neither CanvasBlocker nor FF's anti-fingerprint nor both together can do that?).

Would you say that having a VPN with own DNS which block tracking on a domain level, plus AdGuard with all possible filters, plus FF's Enhanced Protection in "Custom" with all at max, plus CanvasBlocker, is a good combo? Or what could I improve to reach a good balance of not being tracked/fingerprinted, not being blocked "because I am not me", reasonably light resources usage, and reasonable browsing speeds?

I used uBlock Origin previously because it's lighter on resources and it triggers my laptop's fans much less than AdGuard but it doesn't block (not even with element picker) some annoying things of websites that I visit often. In case you wanted to recommend that :)

Thanks!

Hi!

First of all, mods, if I chose the wrong category and this had to go in "customize settings and preferences" feel free to move it :)

So, for several reasons I decided to completely disable SSL and the old TLS 1.0 and 1.1. I still didn't decide if TLS 1.2 is still important or it's enough with 1.3 so for now I am leaving them both. I did this system wide, with PowerShell, following the instructions in THIS THIS article.

But then there's Firefox. I don't know if Firefox can establish SSL (or old TLS) connections despite the system "ban". But I came across THIS THIS article about how to enable TLS 1.3 in Firefox and when I went in about:config and I typed "security" I saw that there are a lot of voices with SSL and a lot more about TLS than just the security.tls.version.max mentioned in that article, so I am here to ask you what to do to be 1000% sure that all SSL and older TLS are completely disabled in Firefox, and that only TLS 1.3 is enabled.

If you have reasons to believe that disabling TLS 1.2 is not a good idea, let me know, but in THIS THIS article I've read that 1.3 is much better and it's anyway backwards compatible with 1.2 in case some server only supports 1.2, so I decided to leave only 1.3.

Thanks!

This message is to inform you that my email is being leaked from my Firefox browser, in hopes that Mozilla will provide a fix ASAP (if it hasn’t already done so in the latest version?). This leak was made known to me after visiting several websites (sites I've visited previously and sites I’ve NEVER visited before!), where I will receive an email very shortly, if not immediately after visiting and closing the browser tab for the website. (These are legitimate sites that are selling a product and, typically, very politely asking if I need more information, etc. ).

After noticing this, I got in the habit of clearing Firefox memory frequently, if not after every site I visit; but especially when my email is required to login. However, today I just notice that my email address is “permanently” located within the Firefox browser; and have to wonder if this could be how websites are getting my email… The email is located in the Firefox addon Video DownloadHelper app. The Companion App within Video DownloadHelper requires a payment, license #, and email to install. And, when looking thru its new menu today, I noticed my email (the same one I get messages from after visiting sites) is right there within the Video DownloadHelper menu (click on VDH icon, click on gear icon, click on More settings…).

So, I don’t know for certain whether my email is being compromised after logging in to a website and not immediately clearing memory after leaving the website OR if the compromise is from the Companion App within the Firefox Video DownloadHelper app, OR possibly both(?). If it is being leaked from Video DownloadHelper, I would greatly appreciate it if Mozilla would implore upon the VDH crew to remove it from the app.

And, if you can, I would greatly appreciate an email letting me know if/when this has been fixed! Thanks! Regards, Dave

I cant get rid of this unsolicited "sign in with google" prompt which has cost me untold lost time having to type things over because it pops up when im looking at the keyboard while typing , getting noplace ! It is deliberate harassment !

I DO NOT HAVE ANY GOOGLE ACCOUNT AND WILL NEVER HAVE A GOOGLE ACCOUNT .

Therefore I can't sign in using any google account ! Why then do I get this trash ? All the recommended ways to shut it off don't work ! They all talk about going to google account settings ! As I've said , I do not have any google account ! Therefore I can't go to any settings ! I can't get rid of this unwanted harassment !

I want to get rid of this garbage and never want it to come back after any BS "updates"

Hi there for 3 weeks I have been attempting to change my password. First Issue I login go to setting, change password, add old one, create new one and save. Logout of browser and restart, attempt to login using new password but no success. Use old password successful.

Second Issue Firefox is preventing the login to some of my systems by showing and invalid capture response.

URGENT PLEASE ASSIST

I got 3 popups from Malwarebytes stating- Blocked Website, event details- riskware.

c:\program files\mozilla firefox\firefox.exe

Outbound connection With a IP and Domain

There was a 1-3 second power failure today that crashed my desktop computer but the UPS maintained power to the fiber modem and mesh router, so my internet connection to the house was maintained. I restarted the desktop and launched Firefox. It proceeded to open all the tabs which had been open which is good. BUT it was very troubling that my log-in to my Investment Brokerage account was maintained and it did not request a Log-in Account Name and Password. A 2nd web account also maintained its log-in; so this is not specific to my brokerage. I have Firefox set up to NEVER save passwords; I use a separate Password Manager set up NOT to autofill account names and passwords.

Was this because the the UPS maintained the internet connection (for the 1-2 minute restart) while Firefox crashed and did not EXIT? Is there any setting I can make to prevent this from happening?

I'm using Firefox 129.01 (64-bit), trying to log in to my Tufts Health Plan account, and get a security warning (screen shot attached). Customer Service at Tufts Health Plan tells me that I should use Chrome.

Should I ignore the Warning and proceed?

I keep getting a virus alert when in Firefox. I have scanned with every known scanner and Mcafee, with nothing found. BUT it keeps popping up as an alert. I get no alerts when in Microsoft explorer. HELP!!!