Itâs all airlines. . . American also doesnât work in Firefox. Hawaiian air. . .
1 Like
Ohh this is getting interesting⌠Let me make a coffee 
2 Likes
I am denying connection (or what I think I am doing) to all these.
Yet, the field gets populated again 
The Fox means business !
Edit: If this tell you something?
$ ping aus5.mozilla.org -c 5
PING prod.balrog.prod.cloudops.mozgcp.net (35.244.181.201) 56(84) bytes of data.
64 bytes from 201.181.244.35.bc.googleusercontent.com (35.244.181.201): icmp_seq=1 ttl=57 time=12.0 ms
64 bytes from 201.181.244.35.bc.googleusercontent.com (35.244.181.201): icmp_seq=2 ttl=57 time=12.9 ms
64 bytes from 201.181.244.35.bc.googleusercontent.com (35.244.181.201): icmp_seq=3 ttl=57 time=13.5 ms
64 bytes from 201.181.244.35.bc.googleusercontent.com (35.244.181.201): icmp_seq=4 ttl=57 time=14.9 ms
64 bytes from 201.181.244.35.bc.googleusercontent.com (35.244.181.201): icmp_seq=5 ttl=57 time=12.9 ms
--- prod.balrog.prod.cloudops.mozgcp.net ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 12.024/13.233/14.852/0.938 ms
1 Like
I think it is hardcoded⌠Perhaps if you create an empty Firefox profile, disconnect from the Internet and then open the browser for the first time, we will be certain that it is the indeed the caseâŚ
It more and more look like so.
IBRB
1 Like
âFreshâ profiles for Nightly and Regular
- Disconnected for the Internet >>
extensions.quarantinedDomains.listempty in both.
- Connected to the Internet: extensions.quarantinedDomains.list populated for FF 115 (even without restart
) but not for FF 117 (Nightly)
This is intriguing 
1 Like
So the Fox is updating that list downloading it from the Internet and there is nothing we can do about it ?
This is not looking so good right nowâŚ
At this moment, I donât see a problem with the sites that they are including there, but where is this going ?
What are the mother Fox plans for us ?
1 Like
A bit of an update:
I made those deny rules for Nightlyâs firefox-bin to not connect to those destination posted before.
Not for FF 115.
Now after launching both, without internet connection, the list was empty for both.
As soon as the connection was established, the list got populated for FF 115 (without restart) and not for FF 117.
In 117, I went to: Help >> About Nightly >> Checking for updates >> Failed
The list being still unpopulated, I am seeing:
We got the âculpritâ ?
hmmm, it is using a Mozilla DNS server just for that ?
That is why my /etc/hosts entries didnât work.
That sounds to me an attempt to force the use of that list. Definitely not looking good for the FoxâŚ
1 Like
I guess we might have it!
Removed: content-signature-2.cdn.mozilla.net
Restarted the Fox!
Checking for updates >> failed!
extensions.quarantinedDomains.list >> populated !!
2 Likes
Good news⌠At least they are not using 8.8.8.8âŚ
This would be a problem because Android phones, Youtube apps and things like that use Googleâs DNS server and ignore what you give them through DHCP. So, block 8.8.8.8 would cause other problemsâŚ
So, as I see it, it is easy to blockâŚ
1 Like
To be fair, they could be using DNS to populate the list. Not an unreasonable strategy to populate it if that is true. I guess we would have to check the code to be sure.
I have mixed feelings on this at this point.
The good(relatively speaking):
- There is a clear way to disable it
- The end-user has controls to exclude addons on a per addon basis even if it is left disabled
- If properly implemented, it will provide protection for people who need it
The bad:
- The documentation and communications on this are terribly vague to the point it makes me uncomfortable
- Addons are disabled in a way that is not clearly visible to the user
- Addons are disabled without any prior notifications
- The mechanism for managing the list and the sites that belong it our totally unclear
- The list gets overwritten including user added sites(Is this a bug?)
I donât think this has anything to do with limit ad-blockers or tracker blocking. There are plenty of such extensions on the recommended list and those extensions are excluded from this.
Overall, I can live with it but I am not happy about it.
6 Likes
I agree with youâŚ
What is bothering me is that they update the list as they wish on the fly ? That doesnât sound a bug to me.
They prepared a DNS server for that, ignoring the one that you use, it really appears to be on purpose.
Once again, we will have to wait to see where this is goingâŚ
Donât forget the conspiracy angle, government forcing them to populate the list, media companies, anyone else with an axe to grind and a lawyer on retainer and a judge in their pocket. Better not to build this type of enabling technology in my mind. Mozilla may/probably have good intentions, but I donât think they have considered further than that.
Werenât we recently hearing France wanted something like this, but maybe more general blocking.
7 Likes
I donât think it is a bug that they are updating the list. I think could be a bug that they are overwriting user added domains.
I thought about this but I havenât yet found a good reason this would help a government. It disables certain extensions but you can easily choose to not have them disabled in each extensions settings. Further, if you look at an extension, this option is prominently displayed next to the option to run in private windows. They arenât trying to hide it.
I can think of a couple of use cases. If implemented properly, it could help people who would otherwise be exploited by malicious actors. It could be super useful in corporate environments.
It does bother me how deliberately obtuse they are being on this though.
3 Likes
I searched the firefox sqlite databases, found nothing.
Give an example that couldnât be solved previously via corporate firewall or other kind of network policies by blocking offending addresses completely through internal network?
This has nothing to do with blocking sites. It has to do with blocking specific addons.
One obvious examples is for older legacy applications that are fragile and using certain addons can break them. A better example is that I want to let people install addons but block potentially unsafe applications when access credit card portals.
1 Like
1 Like