If its done directly by Mozilla. I say that because i’ve seen exotic distro that mess with the default config (and others things) and its a big no no for me.
2 Likes
For Fedora, is that for new installation of 41 or also for older systems that was upgraded?
1 Like
For the purposes of this discussion, we are talking about the distro being privacy respecting so I don’t think it needs to be done by Mozilla.
Of course, it is up to you if you trust that or not but that is a different issue.
Honestly, I think a substantial number of distros ship a custom firefox config.
The more intrusive telemetry is only in new installations after they put the telemetry in place. It is in enabled by the installer itself.
Fedora does have some basic install counting telemetry that is enabled by default for all versions/spins though. Depending on how strict you are about telemetry this may or may not be an issue for you.
2 Likes
lol A massive, gigantic and warm Hello @dalto.
Yeah I’ve been watching the madness hahaha Lunduke and all that. I just was checking on any Arch news updates before doing an update and saw this thread. @dalto as always I loved all your answers and totally agreed with your points here.
Really hope all is good with you!
2 Likes
Do We? I assume this is no since I can’t recall ever reading anything about it. Nor do I ever recall ever reading we were a Privacy respecting distro. As far as I know we are a base system with a few small perks.
1 Like
Vanillah arch, (which I use) is, lol if you want it to be. I can’t speak for EnOS as I don’t know.
lol sorry, i’ll get back to my updating now.
1 Like
The question comes about those Distro’s that Advertise Privacy as a selling point but put in non privacy respecting apps as defaults (example Firefox)
Arch / Gentoo and other Build It Yourself distro’s that come with core packages are obviously not including defaults. Those are up to the USER.
1 Like
No, we don’t.
2 Likes
Thanks OP for opening this discussion. I started to look at distros which won’t ship any non-free and closed source software. I found some recommended here.
As example: https://www.hyperbola.info/
This is some parts of their “Social Contracts”: https://wiki.hyperbola.info/doku.php?id=en:project:social_contract
Hyperbola and privacy: Hyperbola’s objective is to support privacy of its community. It means Hyperbola strives distribute all software to be secure from global data surveillance revealed in the publication of Snowden’s NSA documents. Hyperbola offers additional hardened packages which remove lower level protocols that may cause privacy leaks, metadata/fingerprinting, and vulnerabilities.
Hyperbola and simplicity: Hyperbola’s main goal is a minimalist system. The more abstraction-layers a software depends on and need the more complex the resulting system will be. Therefore Hyperbola rejects projects with adding more abstraction layers needed. According to this Hyperbola will not add complex frameworks or software without compatibility and porting-efforts.
Hyperbola and deblobbed kernels: Hyperbola includes “-libre” suffix for all variants of GNU system with any kind of deblobbed kernel that is going used and future ones in Hyperbola or any distro mentioned in Hyperbola projects.
Now this all is new to me but it seems to a be an interesting effort and perhaps a privacy respecting distro. I am going to look more at it, I just started reading about this.
3 Likes
@thefrog dang this was a good discussion.
nothing to add, but if we are being technical every rolling release has to have a probe in your system come update time. sometmes telemetry, sometimes not.
I went over firewalld’s head and made a simple accept incoming connections/reject all outgoing connections.
I’ve gotten bashed here before for saying Firefox is way too porous OOTB, thanks @dalto for confirming it ships with no security profile whatsoever.
Every music player/video player (almost) will go online to violate you and find metadata for your illcit, or not, collection. VLC used to ask permission. I give it a blanket no.
I can’t add to these brilliant responses by everyone – this was a very app-driven thread for the ‘for examples.’
My reply is user-driven.
@thefrog the best part of this thread is your original question kept morphing with the replies and invited more great dialogue.
Again, all I have to add that no one’s gonna give you a clean distro–90% maybe but the user has to bridge the gap and cement the rest i.e., user-driven, user-proactivity,
I don’t think any distro that offers an internet connection can soberly offer a privacy-respecting distro.
KDE’s is a good example. It’s opt in, multi-level so you can choose what to share, and anonymous.
4 Likes
How far can a distro be accountable for the programs they install?
I mean the distro does not make those programs so in my view the distro can’t be hold accountable for that.
The program developer is accountable for what is in the source code
Any thoughts?
You mean privacy profile? Otherwise I missed where he said that.
Not for the program itself but I believe the Distro is very much accountable for USING that program as a DEFAULT if they are advertising “Privacy-Respecting” but then using programs as defaults that are not. That isn’t being privacy-respecting that is just gaslighting.
As far as they advertise. I mean if you advertise “Secure and Private” but offer DEFAULT apps that Don’t follow that model then your just lying to people.
2 Likes
The distro chooses which programs to install in their default install. They have the choice to select privacy respecting applications or not.
Keep in mind, we are not talking about all distros. Only those which prominently advertise themselves as being focused on privacy.
Also, I am not suggesting that all the applications in the repos need to be privacy respecting, only those installed by default.
1 Like
Interesting discussion. Thanks for bringing it up!
Personally, I’ll agree with others that said that anything that is in any manner collecting data by default (default as in “as installed and intended to be used”), is NOT privacy respecting.
My personal view on the original question is:
If they advertise privacy, then they should be bound by that claim to the best of their ability!
Anything shipped that can be configured for privacy, should be pre-configured for privacy.
That said, I saw some effort to “define” privacy, but I think it would help navigate the discussion if we referenced specific examples and criticism about distributions that seem to fall under such fallacy. Are there any such distros that we feel are being disingenuous?
Now as an aside, the thing that infuriates me about the case of Firefox after the recent changes, is not Mozilla itself but rather the hard-core userbase that has been shitting on anyone and everyone for their differing choices in the past coming to its defense, like: “Yeah but you have to understand, in order for Mozilla/Firefox to survive, they have to sell data/ads”. If that isn’t hypocrisy, I don’t know what is! Like, my dudes… pick a side!!! 
1 Like
great question. for this particular thread I did not. As pointed out this Question came from the “Which Privacy Browser” thread.
1 Like