Newly born Firefox 71 emerges from its den – with its own VPN and some privacy tricks Patting itself on the back for blocking more than one trillion web tracking requests through its Enhanced Tracking Protection tech, Mozilla on Tuesday continued its privacy push with a further test of its Firefox Private Network service, an update to Firefox Preview Beta for Android, and the debut of its latest desktop browser, …
Nimbus Capture is a Firefox add-on I use for producing as-it-looks-on-screen captures and prints of web pages or parts thereof; maybe it will be of use to the OP.
Also can be done via [Lightshot]
(Do not confuse with Firefox addons with same name.)
See ..... https://app.prntscr.com/en/index.html
Runs outside of Firefox, so can capture *anything* displayed on screen, including Firefox !!! :)
Note:
You do not need to configure it to upload captures although it can do this.
Simply select a region on screen and type Ctrl+C to copy to clipboard.
Paste clipboard wherever you want to save it !!!
And yet still it can not sensibly handle Javascript in any realworld heavy usage (many windows+tabs).
1. Multiple JS scripts running
2. User control over same
Point 1:
There seems to be some sort of bottleneck within Firefox re JS, such that the browser will grind to a halt as the number of scripts rises. Every other app and the OS will be running along fine at near-normal speed, but all your FF windows are greyed out and in Task Manager shown as "Not Responding".You can extend this horizon by keeping JS switched off and only key sites whitelisted, but it's just an extension -- JS is bloody everywhere now. And if you don't also have Ghostery or similar running, the ads' scripts will shorten that horizon drastically (normal now for ads' scripts to run over 20,000 lines -- rarely well written).
Point 2:
And FF has no UI for the user to control/manage those scripts. PlugIns allow allornothing (+ex-ante whitelisting) pre-load, but this is useless once a script has run off with your browser (eg, advert or just a JS-happy site). As happens if you temporarily need JS switched back on to be able to properly load a site/page you need.VERY useful would be even the ability to auto-pause sites' scripts when the site's tab does not have Focus (and allow manual override eg whitelisting : eg happy to have gmail polling in the background, NOT happy to have a news story('s ads) do the same), would dramatically improve things.
And/or to auto-pause any 3rdparty scripts.
These are not new problems (or rather, problem and lacuna/oversight). But the real-world effect is worsening as JS's use (and abuse) spirals ever higher.
.
Chrome is even worse, btw. FF will gradually grind to a halt, giving you some warning and ability to react ; Chrome will just suddenly go unresponsive / jam .
<i<Plenty of ways to recycle tech.</i>
ack (even a pentium runs Linux well enough to give to a kid to play with)
Occasionally a recycle company will do a neighborhood pickup here in San Diego. Just leave the junk out along with the paper thing they hung on your door and they take it. I once left a large screen broken DLP TV out for pickup that way. Another time there was a drive to bring stuff to a local high school parking lot, so I did that with a bunch of old computers.
(if it's convenient, people will recycle)
I normally just run 'noscript'
and if a web site is SO scripty that allowing its components would either screw up my personal "block JS mode" security model (i.e. allowing sites like CloudFlair or Google Analytics) or else (due to all of the 3rd party servers) requires SO many 'allow' clicks that it becomes IMPRACTICAL, then I do the simple thing:
a) use 'su' to switch to a totally unprivileged dedicated user
b) use the 'export DISPLAY=localhost:0.0' method to run FF on the desktop already running
c) set up FF to allow script, but erase ALL history and cache when it closes [I like this feature]
d) don't open ANY tabs not related to THAT web site
then, any tracking they do will be on what I did on THEIR SITE ONLY, and it all gets erased when I'm done - cookies, 'crackers' (script that stays running when I close a page), history, web cache, yotta yotta. "Track That" - ha ha ha ha!
Now, if their VPN plugin involed the TOR network, I might be interested.
I also can't blame them for trying to monetize their (otherwise free) browser.
I've ALSO been wanting to fork their browser for a while, RESTORE the 3D skeuomorphic menu-based system with NO 'hamburger' icon, like what the legacy UI plugins let you do prior to 57... so maybe a fork like that would DEFAULT TO USING TOR ??? [oh wait, that's been done, hasn't it? 'Onion' browser]
I'm interested to know why you allow Google Analytics ? At best it's just a waste of bandwidth.
My setup sounds much the same as yours, except I keep google blocked since they're the primary armholes that initially weaponised the internet against us. Sometimes I need to allow the maps API to look something up, but then it's blocked again.
Streetmap.co.uk far superior for Britain. OpenStreetMap improving elsewhere.
Last weekend was having a rare look at the plugins for Nextcloud.. A passable map plugin that not only uses OSM but also has something I haven't seen much of in ages, a topographical map!
(Does reference 3rd-party data though, wonder if there's a plugin to host all that on my own machine? :) )
Fascinating how many people don't read posts -- instead see only trigger-words, then construct strawmen.
* My own boxes run with javascript switched OFF, and with Ghostery trapping everything, not just ads. Clearly stated in the post. So my env is NOT raw/unprotected but as harsh as, or harsher than, every suggestion.
* I have seen this behaviour on a WIDE range of machines, from all-SSD fat-RAM fat-CPU gamesmachines to 12yo laptops on HD to maxspec VMs on light-loaded HP/HA clusters -- with no material change in behaviour.
* Heavy usage means heavy usage, not "gosh wow you weawwy can wun a youtube window, oo-wah, oo muss be siwwy".
On this box, I currently have 34 FF windows open with 10-40+ tabs per window. Multiple concurrent work/research/deepdives/quickchecks/etc. I like to be thorough. This is just starting to strain FF's limits -- it's just starting to occasionally jam for a few mins. This is a light-ish session for me -- I periodically run to 3+ pages deep in the window-list popup from the taskbar, and 2 pages deep on the tab-list dropdown.
The problem only starts once I have to start opening whitelisted sites or have to crack open JS for the duration of opening a site which shows only garbage without it.
.
And it's much much worse with Chrome. I do know that Chromium/Chrome has(had?) an acknowledged single-bottleneck/-queue within the browser itself. But JS hammers it harder or hits another one.
Both browsers' problems with JS have been growing over the last few years as the core problem becomes hammered harder by the world and his dog/ad ramping up the JS running unasked client-side.
Wow! I thought I ran with a lot of tabs open (often 50 or more). You're in the hundreds and maybe topping a 1000 at times. That's definitely in the league where that's so rare the developers aren't going to spend time supporting it.
I doubt you look at every tab every day, there isn't enough time. I guess you're using them more as bookmarks or task recording (ie an open tab is a reminder to do something). Of course you *could* switch to using bookmarks instead but I know what a pain it can be to change your workflow when you already have a way of working.
I'd recommend trying a tab unloader addon such Auto Tab Discard.
https://addons.mozilla.org/en-US/firefox/addon/auto-tab-discard
I've been using it for a while on a laptop to help battery saving and hasn't impeded me at all. It unloads tabs that haven't been looked at in a while (user-definable timeframe), and so killing background scripts which you probably don't care about and freeing up memory. You can whitelist pages for things you want to keep running, eg webmail. Going to the tab will (re)load the page, so a little slower than if it was already loaded, that's the trade-off.
No, what the OP meant is that useful and handy feature where you could tell FF that cookies from site A should be kept, cookies from site B dropped, and cookies from site C only kept for the running session. The whole with a handy manager which allowed you to black/white/greylist domains according to your needs and wishes.
I know there are now add-ons which do that same thing, but it once was part of standard FF. Unfortunately pressure from the ad industry who finances them made them remove this feature many years ago.
It's still there, but for "some reasons" FF made the UI to manage them very user-unfriendly (just like the cookie manager dialog).
Go to Options -> Privacy & Security -> Cookies and Site Data, click Manage Permissions
Here you can enter which domains are always allowed/blocked, or allowed only for the session. If you enter just the domain name, both http:// and https:// will be added automatically.
You can't manage single cookies, though.
my favorite cookie-thingy plugin [which had buttons on the toolbar] no longer supports >= 57. But it allowed 'memory only' cookies, which would (literally) ONLY be stored in memory. Set that by default and hardly any cookies would be saved. I guess these other plugins do the equivalent of that? looks like I'll have to go look at them now...
I dare to disagree. I use VPN to read many US news web pages which show a finger to Europeans. I do not think it breaks any laws on either side of the pond (a newspaper policy is not law).
Also it helps you to avoid broken cloud servers. If I see the web page showing the local cloud server cannot be accessed, I try the VPN IP address in another country. This works more often than I expected.
That's my problem with VPNs being touted as a catch all "it's just more secure" particularly as one VPN vendor varies hugely from another and the end user has little if any visibility or understanding of it. They just read "VPN GOOD" and assume they are doing the right thing.
VPNs can be very helpful but it's entirely use case related. I can't remember the last time I used one since the web more or less moved to HTTPS tbh.
If you are going to do that just to get Pi Hole, you might as well just run up a VM on your laptop and run Pi Hole in it,setting it as your DNS resolver for use when away from home. That way, Pi Hole is always available on your laptop irrespective of the local network you connect to (that might not allow a VPN back to your home).
If you are going to do that just to get Pi Hole, you might as well just run up a VM on your laptop and run Pi Hole in it,setting it as your DNS resolver for use when away from home. That way, Pi Hole is always available on your laptop irrespective of the local network you connect to (that might not allow a VPN back to your home).
These days I'm much more likely to take a tablet on a trip than a laptop, and thankfully if someone is blocking VPN's then I have the easy choices of switching to another network or doing without the internet for a while. If I have a situation where I need to get $$$ out of my savings account into my main one, I can phone the bank if I can't use online banking (which I won't use away from home unless on my own VPN or at a bank branch on their network).
Of course mine is the case of someone who very seldom does IT stuff and if I'm away from home it's not for work purposes :) Cleaning up for people who can't do it for themselves is so relaxing compared to the IT world!
But I will bear that in mind and if I remember will put that on later today - thanks very much for the suggestion :)
chrome is open source like FF but doesn't even PRETEND to not try to track you, etc..
However, dumping the chrome cache is pretty easy. It's all in the same directory. Just wipe it out, and the entire history and cache goes byby. THAT is pretty convenient, though ti should be an item in the menu to do that while the browser is running. [maybe it is NOW, but I've never seen it in the past]
I like chrome for SOME things, like 'slack' [which I use for work-related things sometimes]. But if the only thing running in chrome are those things you don't care about script/tracking with, it's 'ok' I guess...
(is there a 'noscript'-like plugin that would work with chrome?)
chrome is open source like FF but doesn't even PRETEND to not try to track you, etc..
Chrome is bankrolled by Google, Surely using it and worrying that you might be tracked is like wading hip deep in unprocessed sewage and chemical waste armed with a packet of wet wipes?
Sure you're not thinking of Chromium?
Agent Tick does have a valid point. What is not mentioned in TFA is that with 71 (and beyond), each update will create a new profile. The only way to retain access to saved passwords, autofill, etc. is by handing your data to Mozilla. There is no provision to do a local import from an older FF version.
Agent Tick does have a valid point. What is not mentioned in TFA is that with 71 (and beyond), each update will create a new profile. The only way to retain access to saved passwords, autofill, etc. is by handing your data to Mozilla. There is no provision to do a local import from an older FF version.
Got a source for this? I can find no details about this anywhere.
Sorry for the late response. I installed 71 (the day before this article) and that is what it says on two splash pages on its first run.
Looks like the change was introduced with 67, but 71 is the first one stating a Sync account is the only way to retain access to your information across versions.
https://support.mozilla.org/en-US/kb/dedicated-profiles-firefox-installation
It may be possible to wrangle the Profile Manager to regain access, but for how long? And how many regular users even know that thing exists?
I can't recall the number of times I've been a bar / restaurant / hotel and their stupid wifi either blocks sites, or tampers with the content (e.g. to inject ads). A very large number of American news websites even block European IP addresses rather than fix the site to comply with privacy rules. And video streaming & game services can get very annoying if they think you're in the wrong country.
So having a VPN is a very handy tool even if you aren't in an oppressive regime. I can't say I use them all the time, but I like to have one available for when its needed.
The use of VPN's when using public hotspots (WiFi or fixed line) is well established over several decades, because it does increase the security of communications over the local hotspot infrastructure.
However, the "makes tracking more difficult." claim is a little over egged. Yes, only the VPN provider will see the IP address of the hotspot you are at, but is this style of tracking an everyday cause for concern? I suggest not when compared to tracking cookies et al.
The circumvention of geoblocking is also a well known feature of VPN's, provided you can use a VPN that puts you inside the relevant geo-fenced region.
>mozilla are just backporting some of the protections from the Tor Browser into mainline FF
Well if Mozilla are minimising new development, that would mean FF & FF VPN are just a consumer friendly versions of the Tor Browser and VPN connection to the Tor network(*)...
(*) Not saying that connecting to Tor is difficult, just that it requires a little effort - something many (non-IT) people find difficult and easy to put off.
Nowadays the installer takes care of everything, quickly and effortlessly. The biggest issue I see with the Tor browser is that non-IT-knowledgeable users might think that it's a total solution to every form or tracking and not understand how -or when- to tweak the security settings either to prevent breaking the target webpage's functionality or to prevent advanced tracking methods.
I mainly use it for preventing geoblocking and finding health issues related info, but if I were a dissident in a dictatorship, I'd be extremely careful and only visit "safe-ish pages" that can be used with the highest browser security settings.
A very large number of American news websites even block European IP addresses rather than fix the site to comply with privacy rules.
TBH I can understand them doing that. If they're not under European laws and not trading with European citizens, then those laws simply should not apply. You're coming to my place to view my site, not me going there.
I'd probably ignore such laws myself, but may put in a disclaimer to say that NZ is my jurisdiction, and anyone visiting agrees to act in accordance with NZ laws. You'd have to do the same if you came to my house anyway :) A different matter if I sell something (I see some sites get around those issues by only shipping locally)
pretty ironic they offer you "privacy", as long as you give it up to them (and obviously, they'll keep all the logs to make sure your privacy can be shared for various reasons from "optimizing our performance" to "appropriate legal requests". In other words, instead of having your data captured by google, it will be captured by mozilla. For your own good, no doubt.
"sure your privacy can be shared for various reasons from "optimizing our performance"
I think you will find that you can opt out of pretty much all FF telemetry and performance data gathering...
You cannot do that with Google or M$ products short of breaking their functionality..
"why should I have to "opt out"? Why should I have to assume that the default"
Translation:
I'm having a rant without a fucking clue what I'm on about.
When you install it, these options are VERY clearly presented to you, with decent descriptions of what they do and what they are used for. They are not hidden options you have to spend hours looking for.
pretty ironic they offer you "privacy", as long as you give it up to them
Yes, when I read "FPN creates a secure tunnel from the user's browser or device to the internet," my first thought was "to which particular bit of the internet?". A VPN needs two endpoints, and I'm not convinced that one which terminates on a Mozilla host will necessarily improve things in terms of tracking and marketing.
exactly what I came here to say... As soon as a "service" wants me to create an account so I can use it, where I don't believe one is necessary, I avoid it. I use Firefox currently but don't have a Firefox account because I don't give a damn about sharing stuff between devices.
Quite disappointed when they stopped doing firefox sync with no registration required. Enter about 14 letters to match those shown by your main browser, and then they'd link with no account information required. Supposedly encrypted on the server, too.
Now it's "login to Firefox to sync, so we know where you are."
Presumably, they dropped that because it's not really that secure, and FF sync can sync things like saved passwords, which you definitely wouldn't want someone to get hold of because they happen to have compromised the machine you're using and screen-grabbed the address bar of your browser. Or taken a picture over your shoulder, or whatever.
happen to have compromised the machine you're using and screen-grabbed the address bar of your browser. Or taken a picture over your shoulder, or whatever.
if they're doing that, they can probably get your firefox account credentials anyway...
You can set up your own sync server.
There are (rough/unsupported) instructions on the mozilla website for how to do it.
edit: here it is: https://github.com/mozilla-services/syncserver
In fact you have to run (build, configure and keep updated to maintain client compatibility) your own sync server (python), accounts server and content server (both nodeJS). With, last I looked, public docs that are an afterthought and you're doing very well indeed if you don't have to throw yourself on the mercy of the services-dev mailing list before long. Then there's the client configuration ... [twitch, dribble]
I gave it a red hot crack and it did work for a while but honestly, life's too short especially if you're not conversant in python, node (and mailing-lists). I thought I cared, but given my data is all encrypted client-side I really don't care enough to justify that much ongoing grief.
Since they're planning on charging for the use of their VPN, how do you propose that they regulate this without having people create an account of some sort?
If you don't want to use it, you don't need an account. It's hardly an imposition.
Regular Regitards will be familiar with the substance of this response but I include the detail for the benefit of any newbies wanting a quick guide to achieving reasonable privacy online.
That GitHub post almost looks like a schill.
No, VPN is not THE solution to privacy but it's a major component. Especially if you randomise your choice of server.
No, You can't trust VPN providers without performing some serious due diligence.
Generally speaking, in the world of security, nothing less than a formal security "reduction" (proof) is considered convincing, but in the case of my own preferred supplier (PIA - see this review) proof of the pudding comes by way of their survival of at least two State based attacks - one in Russia, where their servers were seized and no user details were retrieved; and one in the USA where the court determined that they were unable to comply with demands for user data. That's at least as convincing as a formal security proof and, arguably, more so!
No, VPN alone will not prevent tracking,
You need to throw about half a dozen other weapons at that problem, including switching on the Do Not Track options, DNS over Https, ad blocking via Ublock Origin (my preference) or Adblock Plus, script controls with Umatrix or Noscript (or similar), Sandboxed browsing with automatic deletion of web traces (eg Sandboxie, though I'm a bit nervous about their new owners) and Canvas fingerprint blocking. On the subject of which, my private experiments recently tipped me back into Firefox (along with other improvements in V70) and away for SRWare Iron when, after testing various Canvas fingerprint blockers using Panopticlick to confirm their effects, I discovered that NONE of those available for Chrome engines actually did much good. Yes they change or mask your fingerprint but they don't do the only thing which works, which is to randomise it. Only Canvas Blocker in Firefox passed that test.
But the issue that angers me most, especially when the source is another technically literate contributor like the author of that github post, is their wilful ignorance of the threat posed by the combination of the Surveillance State and Surveillance Capitalism.
His 2nd "legitimate" use of VPN is:
"You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters."
which implies that he's perfectly content with "government sanctioned adversaries". Most of us who visit these pages, however, recognise that government adversaries are, by far, the biggest threat. (I only recently bleated on a similar issue in a recent Reg discussion) and they are easily my own major reason for using the above countermeasures (and a few others).
And the point that is most often glossed over by such pillocks is that the single biggest advantage to be gained by widespread adoption of things like VPN and secure private email (I strongly recommend Protonmail) is "Herd Protection". There are millions of legitimate reasons to oppose and campaign against the forces of internal repression (occasionally called "governments") and that makes all of us prepared to voice such opposition potential targets for their digital surveillance. The more of us who use masking and privacy protocols, the more protection we supply to each other, not just ourselves.
I don't think mozilla gives a fuck about my privacy, they implement vpn, because "privacy" is becoming an issue discussed more and more in media, and therefore, mainstream users start to ask questions. It's like the current fad, therefore, "must include", particularly if your competitors make it available already (opera). Never mind how much real protection it gives you, it's VEE! PEE! EN!!! WE!!! PROTECT!!! YOU!!! CLICK!!!! HERE!!!
That is a very clear exposition leaving nothing to quarrel over. I raise some connected general points.
There likely is no such thing as absolutely assured online anonymity and/or privacy. Also, bear in mind that people doing dodgy dealings (e.g. illicit drugs) using generally pretty secure tools like Tor/Whonix are usually reported caught by traditional investigative techniques rather than computer wizardry. A vulnerability in security occurs at points where the digital world intersects the physical world e.g. drugs must be paid for (even Bitcoin is not wholly anonymous) and delivered (trust a postal service or trust meeting a stranger in a dark alley). People active in discussion fora may become traceable elsewhere through fingerprinting their vocabulary, spelling, grammar, punctuation, sentence construction, linguistic idiosyncrasies, and topics of interest to them. Linkage to physical identity results from painstaking observation of activity by trained human investigators rather than automated processes and encryption cracking derring-do.
Investigation of that nature is resource intensive, not least of which is human operatives, and its use must be well-targeted and have prospect of success. Thus, very serious crime, espionage, terrorism, and suchlike enter the spotlight. Somebody using BitTorrent to download the latest Hollywood offering to culture or via Sci-Hub 'stealing' from Elsevier that which actually is communal shared property has nothing to fear from the likes of GCHQ and the NSA. Attacks upon so-called 'pirates', that is on individuals rather than black market providers of 'content', are sponsored by copyright rentier industries using private sector companies; these are easily deflected.
Thus, online security is a balance between resources invested by individuals/organisations and those invested by legitimate security/crime investigative agencies. It becomes a matter of horses for courses. Simple file sharing, assuming not state secrets or highly criminal 'content', can be undertaken without fear of consequence by using easily obtained tools of which VPN is one. Even should a disreputable VPN provider keep detailed logs and submit to civil action demands for revealing user activities the best that copyright rentiers could achieve would be sending out speculative invoices; even within context of USA jurisdiction it's highly likely evidence of wrongdoing and causation of damage would not suffice for civil litigation.
The report giving rise to comments begs the question of why anyone with even rudimentary nous would opt to pay for Mozilla's within-browser VPN service. Even should it provide a 'secure' channel for all activities on a device it is unnecessary for browsing and with Mozilla being under US jurisdiction potentially a risk. Simple browsing of harmless intent is far more convincingly protected by Tor. Also, although not suited to Torrenting Tor is acceptable for ordinary file download but probably not streaming. Tor is easily installed on mobile devices (e.g. 'app' for Android). The greater the number of people using Tor the more quickly it will become established as a confidential (but not top secret) parallel WWW.
Tree Style Tab addon for Firefox, one of the best addons ever (outside privacy addons like uMatrix/NoScript/uBlock).
Is it just me or has the term VPN been coopted to be equivalent to proxy server? I always understood a VPN to be the mechanism whereby you could connect securely over the public Internet to another server /device that you controlled. Using one to browse the net via a third parties server is not a good description of a a private network.
Lawn, NO!
Most discussion of VPN currently identifies hiding your IP. I agree a proxy is what is needed for that. For some odd reason people think of VPN as secure encrypted proxy whether they know it or not. VPN's capability of blocking tracking is minimal at best.
But a VPN traditionally provided the service of a leased line over the much cheaper public net. It mattered not if both ends were controlled by the same entity. Another traditional term used for VPN was an encrypted tunnel. Use cases of VPN were never limited to just a secure interconnection. The focus on proxying using a VPN is relatively new though,
I use a VPN to obscure my data from my ISP when home, and when travelling from public WiFi operators and users.
I do not expect any tracking protection except from my ISP. I am more concerned about traffic blocking. Ironically, some servers I am trying to reach block access from VPN for security reasons.
I am looking into establishing my own VPN server with a hosting service strictly for my own use.
He pointed to a widely cited GitHub post that argues the legitimate uses for VPNs are very limited.
That is an argument ridiculously false. To believe it and not realise the exact opposite has one rendered as a puppet to the few proving it a useful tool for all.
* And that is not a trick question asked of the likes of any Global Operating Device/SCADA Operating System. It is an opening which offers you access to abilities and facilities you may constantly fear and imagine are just so good as to be not at all real and certainly surreal. :-)
Climb aboard that vessel and there's no going back to where you be from, for now in the futures there, is everything completely different too, just as it be revealed to you all here too.
It is quite outstanding news, which it is most odd that mainstream media organisations are not vying to direct and server/produce and present. Such renders them as more the simple follower rather than any leading light in the genre to be revered and regaled. I wonder if that is a result of too much or too little intelligence right at the top of such infrastructures/business empires.
Here's a little something which always hits the sweet spot ...... "The World Is a Business, Mr. Beale"
It is an interesting notion to exercise.
In response to Mozilla's post about FPN, Tavis Ormandy, a noted security researcher at Google, expressed skepticism on Twitter about the value of VPNs outside of hostile network scenarios. He pointed to a widely cited GitHub post that argues the legitimate uses for VPNs are very limited.
The GitHub post is from 2015.
But in the end, my poor little Google fool, whatever you aver: a VPN will mean a filthy organisation like Google cannot track me like the Stasi quite so easily. And anything that breaks Google benefits us all.
And yes I willingly use some Google products. That in no way entitles the firm to track me. or anyone else.
And yes I willingly use some Google products. That in no way entitles the firm to track me. or anyone else.
Well.. If their TCs say "by using our product you agree to let us track you wherever/whenever/however etc we wish".... :)
But.. Since they've had their people illegally photograph me on my property whilst going about my business (I think - can't be sure it's me of course :) ) then I'm more than happy to use their services without complying with their terms. If they kick up a fuss, they may find they have a lot of photo-editing to do (or just remove all of NZ from street and sat views)
Tavis Ormandy, a noted security researcher at Google, expressed skepticism on Twitter about the value of VPNs outside of hostile network scenarios.
Just reading stuff.co.nz (in incognito mode) on Chromium which I'm giving a whirl atm (as a 2nd browser, Waterfox still being my preferred desktop one).
An annoying ad showed up, so I opened up my PiHole admin page and looked through the query records to make sure I never see the annoying advert again.
Whilst there, I had a happy-joy moment seeing all the google entries in red text.
This is the one and only legitimate reason I am interested in for VPNs, Mr Ormandy. It keeps thieving scum like you and your organisation from getting your grubby mits on my data, whether home or abroad.
Not at all surprised someone from google tries to claim there's little value or legitimate use for VPNs, as they seem to make it harder for you to steal other peoples information.
It's pretty obvious reasoning actually. We want to protect ourselves from the likes of you.
(Ok, I also like that I can feel a little more secure about my banking and email data on someone else's network, but mainly it's for privacy)
If the promise is no records kept, how are the powers going to keep track of the usage if their not looking? Does this no tracking but timing mean in the extreme that all hours with Firefox count or a second sign in contained within the initial sign in - the possibilities for confusion presented by this release seem to fall in some set of infinities.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
