Geolocation in Firefox, Privacy & Security Concerns

[malliz]

It's easy to throw the Troll word around as if it's some sort of telling blow in an argument. If you were really serious then you would refrain from the insults and just leave your arguments speak for themselves.

[a;skdjfajf;ak]

Thanks for the information about the hidden preference geo.enabled. I've revealed this now and toggled to false.

Well, I'm not convinced this pref actually works, as I too added it, and going to the link that WildcatRay provided in the 1st post, still pops / drops the "Infobar" asking for opt-in. To me, if the pref works, and it is added in about:config, then we should not even see the "infobar" asking for opt-in/out .

Further, since DougT never confirmed that the 'pref' was indeed 'hidden'. casting doubt that is the correct pref.

[sysKin]

Give it a rest syskin your turning into a professional apologist for Mozilla.

It's easy to throw the Troll word around as if it's some sort of telling blow in an argument. If you were really serious then you would refrain from the insults and just leave your arguments speak for themselves.

...just add that I should carefully quote the other side of the discussion in order to precisely address every single one of their concerns and irony is complete.

Could mods close this thread? It is now full-time FUD factory with very little relevant information. I'd like to apologise for my part in making it so, but I really felt the need to oppose initial FUD comments. Spreading misinformation is not the way I'd like to oppose this silly feature. I didn't realise that anyone would just follow up with new irrelevant speculation in every single response.

[toods]

Further, since DougT never confirmed that the 'pref' was indeed 'hidden'. casting doubt that is the correct pref.

I can confirm that the 'pref' is correct. I've just checked and it's present in the source files.

Bill.

[greenhatch]

After toggling the geo.enabled preference to false I did test it on the link http://blog.mozilla.com/webdev/2009/05/ ... e-browser/ (after restarting the browser) and the info bar did not appear. I am presuming therefore the geolocation feature is properly disabled in my Firefox. However I should like the preference to not be hidden in the final 3.5 so at least those users familiar with about:config can readily see the entry.

[toods]

---- However I should like the preference to not be hidden in the final 3.5 so at least those users familiar with about:config can readily see the entry.

I agree. I would also like to see a 'mozconfig' option so that the Geolocation Component could be disabled and therefore excluded when Firefox is compiled from source.

Bill.

[Soothsayer]

Fortunately, this functionality does not seem to work for me - I have a fairly aggressive block list on my router and firewall which I presume helps (I have added "www.google.com/loc/json" to my block list to prevent at least the wi-fi part from functioning).

However, I thought I would have a quick dig through the NetworkGeolocationProvider.js file to see if anything useful to restrict / disable this functionality could be found. So far, I have noted the following:

• pref "geo.wifi.access_token.recycle_interval" holds the validity time in seconds of the token and defaults to 2 weeks - You can simply create this pref and set it to '0' to have all tokens expire immediately.
• It looks like the tokens for sites you visit will be stored in "geo.wifi.access_token." + URL. Therefore deleting these will remove the token for that particular site.
• As mentioned elsewhere in this thread, "geo.wifi.uri" holds the wifi service lookup URL ("https://www.google.com/loc/json"). Setting this to an empty string will therefore disable this functionality.

I will have a quick look through the source code if I get a chance later to see if I can see anything else.

[jazzor]

I completely agree with WildCatRay here. I'm interested in what response will DougT give when a headline along the lines of "a new malware has emerged that uses an exploit in firefox and its built-in geolocation code to target users in certain places..." appears. The problem with having geolocation code IN the browser is not so much whether its enabled or not by an option or whether the user needs to agree to some prompt. The very fact that its THERE is what makes it the issue. Having a preference does not solve this issue at all.

There are security holes in firefox. Full stop. That is true with any browser. It's just a matter of WHEN it is discovered. By virtue of that fact, any code that exists in the browser can be used maliciously, and having geolocation there just makes firefox a more attractive target. Therefore, make it a build time configuration option, and do not enable it by default. Easy?

[Frank Lion]

...'Whoa, dude, wouldn't it be a really neat idea if.....I could find a pizza just by... etc?' type stuff...

... but we seem to be a little short on details of actual usefulness.

Please therefore, will you give 10 actual examples of how you see that geolocation will benefit users, be they Firefox or Fennec users?

@loadnoise for any traveler, it can be pretty useful.

Doug, when I wrote the above post, you were online. Are you telling me that after almost 7 hours later that is the best you can come up with?

This is a real public forum and a real opportunity for you to explain the practical usefulness to real users of the feature that you claim to be excited about. Perhaps you would like now to grasp that opportunity and explain in a meaningful way, as other people everywhere will be asking exactly the same questions as I have. What is it used for?

From the dev's mouth. Thats where I got the word prompt. Try to keep up.

You're just trolling aren't you. But you had to be careful not to quote anything from my post, which makes it a fail troll.

Err, sysKin, from your first post in this thread -

The good news is that you can just ignore the prompt and nothing will be sent to anyone.

[toods]

What I fail to understand is why there isn't any opportunity to configure (eg enable/disable/set URL) in the Firefox Preferences Panels.

The user is given opportunity to configure lots of components such as 'anti-phishing' and cookie behaviour, but not Geolocation which to my mind is much less fundamental to Firefox functionality.

Bill.

[WildcatRay]

After toggling the geo.enabled preference to false I did test it on the link http://blog.mozilla.com/webdev/2009/05/ ... e-browser/ (after restarting the browser) and the info bar did not appear. I am presuming therefore the geolocation feature is properly disabled in my Firefox. However I should like the preference to not be hidden in the final 3.5 so at least those users familiar with about:config can readily see the entry.

If we cannot have geolocation removed from the browser as, IMO, it should be--it should never have been anything other than an extension, also IMO--I suggest one of the following two:

1. (Preferred) The ability to not have geolocation installed when installing the browser.
2. (Not so preferred) Add to Options "Geolocation" with it set to off/disabled and with a warning (OK) dialog alerting the user that they may be at risk if they choose to enable/turn on geolocation.

I am still giving serious consideration to not going to Fx 3.5 when it is released that is how much I am opposed to having geolocation included as part of the browser code. IMO, it is a move in the wrong direction for Mozilla when they claim they are providing a fast, safe and secure browser. Geolocation as a part of the base browser programming is the opposite of this. To provide fast, safe and secure browsing, Mozilla should be striving to make the user's browsing more anonymous, not less. Geolocation can only make browsing less anonymous. I am not willing to put my faith in just disabling/turning off geolocation. If it ain't there, it cannot be accessed.

Besides, we need to be honest about what Google's reasons for geolocation are. Google wants geolocation to market better and sell more ads without having to pay out as much. They get the users' inputs for free. Google will be able to show regional and local ad clients data to help sell the clients on advertising in Google.

Well, if Google wants my help with marketing, they can pay me. I'll sign up right now for $100K per year with cost of living adjustments.

[zeniko]

1. (Preferred) The ability to not have geolocation installed when installing the browser.

So during installation we should ask the user "Do you want to enable <technical term the user most likely won't understand without further reading even though s/he just wanted to install a browser>"? Doesn't sound like the most user friendly solution to me.

alerting the user that they may be at risk if they choose to enable/turn on geolocation.

How is the user at risk? Enabling the Geolocation feature will only allow web pages to display an infobar, asking for the user's permission to actually get any location information at all. Are you afraid of users accidentally hitting "Tell them" on one of the very few sites to actually use this new feature?

Google will be able to show regional and local ad clients data to help sell the clients on advertising in Google.

In case you haven't noticed: Google already does this to some extent, purely based on your IP address (which you most likely don't try to hide).

BTW: The Geolocation feature can be "uninstalled" from the browser by deleting the file NetworkGeolocationProvider.js (this could break stuff, though, so do this at your own risk and please don't file any bugs you might encounter afterwards). You might want to keep it though and see, how long it actually takes until you hit the first Geolocation aware website you haven't explicitly googled for...

[naotachannel]

I'm not sure what the point is, of defending something that obviously - NO ONE WANTS.

[LoudNoise]

Or at least there is no crying need for anyway.

[Soothsayer]

In case you haven't noticed: Google already does this to some extent, purely based on your IP address (which you most likely don't try to hide).

The thing about IP addresses though, is they are not very accurate. Indeed, using my current IP address (I have a dynamic one, like most people in the UK) about the only useful thing you can find out is I am in the UK.

The actual location of the IP address is at my ISPs central data centre which is some 200 miles away from me.

Incidentally, I am not convinced that setting the geo.enabled preference to false entirely works. If I go to the test site with this disabled, then I get a message saying it could not find my location. However, if I visit it with a browser that does not have this function, I get a different message.

To me that means that even when disabled, the browser still publishes the functionality so if any exploits are discovered, they may still work.