Privacy @lemmy.ml Flare9 @lemmy.myserv.one 1d ago

How to block Mozilla telemetry/spying using pihole?

What are the domains, and how do you find them? Can I use a wildcard like *.mozilla.net and still firefox/thunderbird works?

Thanks!

16 comments

Most of the telemetry can be disabled in the Firefox settings. Some of the web services depend on some Mozilla domains so blocking all Mozilla domains will probably break a few things here and there?

Other than that, with the current situation, I would already think to switch to a Firefox fork or other alternative.

Firefox is walking a very dark path right now and you can see/feel how they are slowly rolling the enshitification path :/
- Firefox automatically updates to install new privacy-abusing features like this one: https://news.ycombinator.com/item?id=40974112. So getting all the settings right once isn’t enough—you need to be constantly vigilant.
  
  Like you said, a fork is a much better option, since they take care of stripping out the user-hostile nonsense for you. I like Librewolf.
Hmm, this telemetry can just be disabled, can’t it?
- The question is, can you trust Mozilla to respect those settings, to not change them, and to not remove them? Judging by the events of the last week, I certainly wouldn't. I would prefer a solution that is entirely out of Mozilla's control.
  
  What? What?
  
  Their track record has no instance of them not respecting settings! A track record of multiple decades! The code is fully auditable, so any of those shenanigans would be caught immediately!
  
  I feel like I'm taking crazy pills lately.
  
  We need to be on guard and verify they don't do this shit, but outright expecting it? When Firefox also has a history of absolutely abysmal PR on shit like this, without the follow up of abysmal practices?
  
  It feels like accelerationism. Like people want Firefox to fail, rather than just wanting to be prepared if it does.
- Edit: As rtxn and n0x0n point out, we can adjust settings in Firefox itself and expect them to stay applied, but any settings done within the websites for Mozilla's services could be changed on the Mozilla end at any time. Probably best to have an extra layer to this just in case.
  
  Yes. Yes it can, and you bet your bibby people will be watching to see if Mozilla bypassed those settings, not that they ever have in their multiple decades of existence.
  
  You'll also have to opt out of using Mozilla services like browsing and bookmark sync.
I think you mostly just need to block incoming.telemetry.mozilla.org
- Well, thats today that is. What about tomorrow?
  
  You're asking if someone can give you the names of any telemetry endpoints that may exist in the future?
  
  If you're that worried about it and suspect Mozilla will act maliciously then you should probably use a different browser/fork. Since pihole blocking depends on the browser respecting your system DNS.
  
  If they were trying to be malicious they could resolve DNS through a custom module over an encrypted connection. Pihole doesn't block DNS, it simply filters the DNS queries issued by your system. Malicious apps can still resolve DNS queries without using your system's DNS which will completely bypass pihole.
Fire up the browser and watch the DNS logs, you'll need to still allow update checks most likely.
- Unless the updates are done from your distro's repos
  
  Windows users are still living in the wild west where every application can just download and install files arbitrarily.

16 comments