[Mageia-dev] Talk of Browsers

Fri Oct 1 06:27:27 CEST 2010

On Fri, 1 Oct 2010, Ahmad Samir wrote:
+
+> A bit off-topic, but first you should answer pterjan's question
+> here[1]: “Look at the code and show me a place where any URL is sent
+> to Google.”
+> 
+> [1] http://lists.mandriva.com/cooker/2010-08/msg00461.php
+
+Well, given the size of the source code of Firefox and the fact that I'm 
+not familiar with it, that would be like searching for a needle in a 
+haystack.
+
+What I did though is read the specs of the protocol that implements this 
+'feature' and I must say that it's not entirely clear what information 
+Firefox passes on to Google when contacting the Google 'safe-browsing' 
+databse. The current version of the protocol seems very complicated to 
+me, I'd say unnecessarily complicated, which is not what you would want 
+from a potentially privacy-sensitive feature.
+
+( http://code.google.com/p/google-safe-browsing/wiki/Protocolv2Spec )
+
+The fact remains that when this feature is enabled, Firefox interacts 
+with a Google service, without the user being aware of it.
+
+My main point is, any program (not just Firefox) that contacts a remote 
+service (where it's not obvious for the user) should notify the user 
+about this with a dialog box before doing so the first time, asking 
+for the informed consent of the user.
+
+In fact this could be a strong unique selling point of Mageia, if we 
+make sure that all Mageia packages are configured by default to respect 
+the user's privacy and to always request consent from the user before 
+connecting to remote services.
+
+A slogan could be: 
+"Mageia the Linux distro that takes your privacy seriously"
+
+Drakrpm is a good example on how to do it correctly, since before 
+setting up the list of mirrors it asks the user for consent to contact 
+the Mandriva site to download the list of mirrors.
+
+