bug#52236: PRIVACY: Integrate arkenfox for icecat configuration

[Mark H Weaver]

Hi Jacob,

Jacob Hrbek <kreyren@rixotstudio.cz> writes:
> Arkenfox <https://github.com/arkenfox/user.js> is a community
> maintained user.js file used for browser hardening.

In the past, I've investigated and integrated some ideas from similar
"user.js"-style projects into IceCat.  I'm open to integrating more, but
I'd prefer to see proposals in manageable chunks on the gnuzilla mailing
lists.

> Proposing to implement it's configuration in GNU Guix's IceCat mainly:
>
> - geo.provider.network.uri (it's pinging google servers currently)

Geolocation is disabled by default in IceCat.  When you say that "it's
pinging google servers currently", have you observed this in its default
configuration, or did you enable Geolocation?

FWIW, I've test-run IceCat on my own system and monitored the network
traffic on a number of occasions, including after the update to 91, and
I've not seen evidence of the pinging you describe.  Can you please
elaborate?

> - Actual disabling of WebRTC

Your use of the word "Actual" above seems to suggest that the IceCat
project aims to disable WebRTC.  I'm not aware of any such decision by
the IceCat project.  IceCat *does* set both
"media.peerconnection.ice.no_host" and
"media.peerconnection.ice.default_address_only" to true by default,
however.

Anyway, I'm open to discussing proposed changes to IceCat's default
settings, preferably on the gnuzilla mailing lists.

> - Clearing on re-start (privacy.clearOnShutdown.*)

I'm open to discussing proposed changes to IceCat's default settings,
but I don't think this is what most of our users want by default.

There's at least one setting in <about:preferences#privacy> about this
("Delete cookies and site data when IceCat is closed"), and I'm open to
adding more settings to that page.

> - toolkit.telemetry.enable = false instead of forced true

I consider it a high priority to disable *all* telemetry in IceCat, and
I've made an effort to do so.  I've looked for evidence of telemetry by
monitoring network activity when using IceCat, and I haven't found any.
If you have evidence that any telemetry is actually enabled in IceCat,
*please* show us the evidence.

It is indeed interesting that in <about:config>,
"toolkit.telemetry.enable" is presented as being forced set to true.
I hadn't previously noticed that.

I should say that in addition to (attempting to) set
"toolkit.telemetry.enable" to "false", just as Arkenfox does, we also
set "toolkit.telemetry.server" to "".

  
https://git.sv.gnu.org/cgit/gnuzilla.git/tree/data/settings.js?id=32631cac00953abbac61dc7ab1a0eafbdd59b53a#n131

Moreover, we apply some patches to IceCat to fix issues that I
discovered while monitoring IceCat's network activity:

  
https://git.sv.gnu.org/cgit/gnuzilla.git/tree/data/patches/moz-configure-changes.patch?id=32631cac00953abbac61dc7ab1a0eafbdd59b53a
  
https://git.sv.gnu.org/cgit/gnuzilla.git/tree/data/patches/fix-data-reporting-check.patch?id=32631cac00953abbac61dc7ab1a0eafbdd59b53a
  
https://git.sv.gnu.org/cgit/gnuzilla.git/tree/data/patches/disable-settings-services.patch?id=32631cac00953abbac61dc7ab1a0eafbdd59b53a

> Additional configuration should be defined in guix-home with sane
> default so that the browser can be a sufficient replacement for Tor
> Browser Bundle.

Please see Maxime's comments on this, which I agree with.  I'm sorry to
say that I don't see a way for IceCat users to hide that they are
probably using IceCat.  If you require strong anonymity, your best bet
is to use Tor Browser Bundle.

     Regards,
       Mark

-- 
Disinformation flourishes because many people care deeply about injustice
but very few check the facts.  Ask me about <https://stallmansupport.org>.