Waterfox: Disable or Provide Our Own Captive Portal Detection

...and while I do use a Firefox sync account, I do take issue with unnecessarily phoning home like this.

pref("network.captive-portal-service.enabled",false);
In the meanwhile, you can open the page about:config to disable it.

PS : Only this one ? Yes I believe and the word key is : "portal".
As reminder, no I don't have a huge knowledge on this matter but now you can search and check it (over the internet).
Because according to my memories, it was already mentioned (a few times) here on the Waterfox GitHub a long time ago.

I shouldn't default to disabling the feature.

I've seen too many situations where users are confused in portal situations. Guidance, resulting from detection, is more user-friendly.

… already mentioned …

detectportal.firefox.com is mentioned in:

• Connections to a lot of servers · Issue #270 …
• Waterfox keeps sending packets to a weird IP · Issue #341 … (closed).

If there were a success.txt file or just a HTTP 204 generator on the waterfox site, this could be kept with a more privacy friendly url.

For firefox, I just remove the URL and set it to 'false'.
For Tor Browser, it's disabled by default.

If Waterfox is for power users, why not add a checkbox: "Disable Portal detection"

more privacy friendly url

IMHO Waterfox webpage is behind Cloudflare, that's really privacy unfriendly.
See https://trac.torproject.org/projects/tor/ticket/24351

Please, let's keep this focused – captive portal detection.

Cloudflare discussions include:

• https://www.reddit.com/comments/8p4x1q/-/e1jffzc/?context=1 in the Waterfox subreddit
• https://redd.it/8ixnfa in the privacy area.

If you use sync, then phoning home will definitely happen. I do consider it unnecessary, but - by looging into sync - you just agreed to Mozilla way of using its services. Reconsider the use of sync, IMHO.

I have setup my own sync server, getting it to function is another
matter but all the services do run...

On 1/2/19 1:09 PM, Atavic wrote:
>

If you use sync, then phoning home will definitely happen. I do
consider it unnecessary, but - by looging into sync - you just agreed
to Mozilla way of using its services. Reconsider the use of sync, IMHO.

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
https://github.com/MrAlex94/Waterfox/issues/681#issuecomment-450954470,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAZUOod04sEnbibVmfbiSlTKbW6XWvlEks5u_QPSgaJpZM4U6SCn.

I have setup my own sync server

So my previous comment doesn't apply anymore, I agree with your concerns.

Things like this are why I think librefox, be it in stock firefox or in waterfox, seems like a great idea.

@mparnelldmp please, what problem do you find with the existing detection routine?

I don't think having it enabled by default is a good idea, the same goes for any other part of WF that reaches out and touches a remote server, except for maybe the WF updates server (which doesn't apply for distro packages).

I don't think having it enabled by default is a good idea, …

Why not?

… any other part of WF …

Please, let's keep this focused; captive portal detection.

I reported to Mozilla but, because it uses http, it's trivially easy to use MiTM to hijack these requests by faking the gateway on any given network and then redirect or replace the content with whatever nastiness the attacker desires, because it appears to be an "official" browser function since a little thing drops down and tells you to click here to login to the network...