Privacy

3131 readers

181 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago

MODERATORS

Ategon@programming.dev

danielintempesta@programming.dev

238

Waterfox Update 6.6.6 removes the Firefox code that allows them to make a Geo-IP Request without permission (infosec.pub)

submitted 4 days ago* (last edited 4 days ago) by finitebanjo@piefed.world to c/privacy@programming.dev

31 comments fedilink hide all child comments

https://www.waterfox.com/releases/6.6.6/

you are viewing a single comment's thread
view the rest of the comments

[–] finitebanjo@piefed.world 2 points 3 days ago* (last edited 3 days ago) (2 children)

I'm not going to accuse them of user error but I'm having trouble imagining how a browser without a tunneling engine could bypass that.

It would need a false endpoint before the user and the send all the otherwise blocked traffic through on a single channel and at that point everything is completely compromised.

[–] ulterno@programming.dev 1 points 3 days ago* (last edited 3 days ago)

It could just have enabled DNS over HTTPS in the settings, hence not having used the user set up DNS at all.
Except for getting the IP of the DNS that they then connected via HTTPS.
Librewolf uses Quad9 by default IIRC.

[–] Cort@lemmy.world 2 points 3 days ago* (last edited 3 days ago)

Honestly, it may have nothing to do with the browser.

For instance at&t's newest fiber gateway (bgw320-500/505, 3-4 years old at this point) has a known issue that bypasses pihole for all Wi-Fi devices. Such that only hardwired devices can utilize its DNS services. Even with the pihole acting as DHCP server