Bonum Certa Men Certa

Mozilla Firefox Takes Another Step in the Direction of Being Malware With “Firefox Suggest”

Guest post by Ryan, reprinted with permission from the original

Opening: Yesterday I was surfing the web when I found out that LKML.org, a centralized place to see what’s going on in Linux kernel development, was attempting to load an ad script from a company called “BuySellAds dot com”.

When I investigated the company in more detail, I found that there was an entire page where they plot with some of the titans of the web industry to track and psychologically manipulate people.



One such partnership was Brave. Apparently, this company is pushing Brave’s “ethical ads” from behind the scenes, and another was Mozilla.



"One such partnership was Brave. Apparently, this company is pushing Brave’s “ethical ads” from behind the scenes, and another was Mozilla."It said that they feed ads into “Pocket”, which is where the “Sponsored Content” (including from Big Oil companies like Exxon) keep popping up in the Firefox New Tab page, and now in your address bar if you live in the US (under the guise of Firefox Suggest).



Well, what I suggest is that Mozilla CEO Mitchell Baker does with Firefox Suggest and Pocket is probably anatomically impossible, but that’s outside the scope of this post.



It sickens me, that a great piece of software that I used from its inception in 2002 (pre-releases), and even before that (as Mozilla Suite, and before Mozilla, as the proprietary Netscape suite) has gone and done this as a cash grab on the way down.



Each release, there’s more stuff to turn off, and you have to remember to do all of that every time you install it somewhere.



"Each release, there’s more stuff to turn off, and you have to remember to do all of that every time you install it somewhere."There’s like 5 different settings (something like that) to fully disable DRM and keep it from coming back on or demanding it. That’s pretty bad when many of the sites using it are using it not for DRM, but as a fingerprinting attack.



Firefox ceased being Free and Open Source Software when distributed according to the Mozilla Trademark policies long ago, when they enabled Google DRM by default and pestered the user if they turned it off and then didn’t do some “about:config fu” to make sure it stayed off and disappeared from the GUI, but with Cloudflare DNS (a privacy hazard that OpenBSD patched to turn off!), Pocket’s Sponsored Crap, and Firefox Suggest, Firefox has not only straddled the line of what I consider to be “malware”, but has finally crossed it.



Perhaps there’s something very wrong with Debian for not going back to calling it “IceWeasel” and patching this stuff out of the source code so that it can’t come on. They are now in abeyance of their Debian Free Software Guidelines all so they can ship malware and call it Firefox.



You can perhaps forgive, under these circumstances, that some GNU/Linux distributions are throwing in the towel with Firefox, which doesn’t perform very well and uses gobs and gobs of RAM to perform the tasks, and are shipping some other browser.



Linux Mint spins are even putting in Vivaldi. And, if you frame it as a choice between Vivaldi and Firefox, I’d say Firefox is even worse than Vivaldi at this point, though Vivaldi doesn’t pretend to be open source like Firefox does, and they don’t beg for donations while they sell you down the river to adtechs like Mozilla does.



"Firefox ceased being Free and Open Source Software when distributed according to the Mozilla Trademark policies long ago, when they enabled Google DRM by default and pestered the user if they turned it off and then didn’t do some “about:config fu” to make sure it stayed off and disappeared from the GUI, but with Cloudflare DNS (a privacy hazard that OpenBSD patched to turn off!), Pocket’s Sponsored Crap, and Firefox Suggest, Firefox has not only straddled the line of what I consider to be “malware”, but has finally crossed it."What Mozilla fails to understand, obviously, is that by pissing off users into leaving, they not only have less who will stay and drive “ad hits” for them, but they’ll see a further collapse in their search royalty value to Google, and incoming revenue will fall faster than had they just left it alone.



Furthermore, by letting this incompetent twit remain as CEO and firing the engineers while leaving a “Global Chief Diversity Officer” and other dead weight so that they can be a political party, development of the browser’s underpinnings lags while they fritter away valuable capital towards these nutjobs.



Well, enough was enough so….



I finally figured out the dependency matrix to get Debian to allow me to apt purge firefox-esr from my Debian 11 system without trying to take out GNOME metapackages and the X server.



It turns out that I had to give up on using the GNOME Web flatpak from FlatHub, because it collides with the Stable version from Debian. So I backed that out, and deleted its settings and cache under the .var folder hierarchy, and put the epiphany-browser package back in.



"...on a clean install, Firefox Suggest is on by default and doesn’t even ask whether the user wants ads or a keylogger malware in their address bar."As long as that’s there, and those internationalization and LibreOffice Help Packs and foreign spell checkers and such that I removed the other day are gone, you can remove firefox-esr and the system won’t complain that you need a web browser.



It seems that Apt only wants to remove the gnome metapackages and xorg (Jean-Baptist…Emanuel….Zorg! Sorry.) if epiphany-browser is not already installed. If it is, it’ll shut up and let you get rid of Firefox.



Now you can also reclaim some disk space by removing .mozilla and all of the .mozilla and .firefox stuff under your Home folder (it’s all hidden but unhiding it with Ctrl+H and then using the finder is easy enough). In my case, I don’t use Thunderbird either, so I got rid of its stuff and now it’s just GNOME Web and Evolution.



Mozilla lies and says Firefox Suggest is off by default and that it is opt-in.



In the Bleeping Computer article about Firefox Suggest, which also notes Firefox’s dwindling market share (they went from being almost half of all web users at their peak to being only slightly more popular than Vivaldi, and still falling), they say that in their own tests and user reports, on a clean install, Firefox Suggest is on by default and doesn’t even ask whether the user wants ads or a keylogger malware in their address bar.



I installed the Firefox 93 Flatpak to find out myself. Mozilla even builds it and uploads the builds to Flathub, so they are official. Firefox Suggest was on by default, no message asking me if I wanted it.



When Ubuntu briefly implemented a keylogger that sent your Shell searches to Amazon in their now-abandoned Unity Shell, Richard Stallman called Ubuntu malware.



In its default configuration, Firefox not only sends everything you type into the address bar to Google (even though you can turn that off and split searches into a different box), but also to Mozilla, and Mozilla’s advertisers. This is certainly malware.



"How is it that Debian says the firmware to run my wifi, SSD, and graphics chip isn’t allowed (in the official image, which will lead some people to think Debian is broken and not bother figuring out why….while others have to know there’s a real installer that has firmware that is semi-hidden) but Widevine DRM blobs and a malicious keylogger in Firefox are fine?"How much longer will “Free” operating systems like Debian continue ignoring their own Free Software Guidelines to package this? It already had a grabber that’s on by default to download Google DRM blobs, and now this.



It’s bad enough that Fedora chucked its own Free Software policy out the door when IBM took them over, and started pushing Zoom, Microsoft Teams, and Microsoft Edge.



How is it that Debian says the firmware to run my wifi, SSD, and graphics chip isn’t allowed (in the official image, which will lead some people to think Debian is broken and not bother figuring out why….while others have to know there’s a real installer that has firmware that is semi-hidden) but Widevine DRM blobs and a malicious keylogger in Firefox are fine?



Sounds like someone at Debian should explain this.



As an aside, Mozilla is also considering changing the default search engine to Bing.



Every few years, they come in and decide which crappy privacy-violating mess with worse search results than Google to switch all their users to as part of a cynical ploy to ultimately get Google back to the table for more money.



Microsoft has never offered any browser vendor more money than Google, which is why Google is the default search engine on almost every browser, and the iPhone/Safari, even though Apple pretends they’re bitter enemies (over 60% of Apple iOS apps have Google tracking libraries in them).



I’m not a big fan of Google, but Bing is much worse. Instead of Google violating your privacy, it will be Microsoft, and then the search results often won’t even be usable.



When will Mozilla learn to stop manipulating its remaining users? Never?



Recent Techrights' Posts

Richard Stallman About to Give More Talks in Europe, Some Confirmed Already
In Göteborg
Justice for Wildlife
animals cannot speak to humans who hate animals
GNU Was Right 42+ Years Ago
Since then the abusive, user-hostile technology has spread like mushrooms
Almost Half of the FSFE's Money (the Fake 'FSF', Misusing the Brand) Comes From Vodafone
That money always comes with strings, even if they're invisible to most of us
 
Links 30/09/2025: Death Sentences, Internet Censorship, and Internet Shutdowns
Links for the day
Gemini Links 30/09/2025: Social Control Media and ROOPHLOCH
Links for the day
Links 30/09/2025: CERN in "Have I Been Pwned" and More Windows TCO Blunders
Links for the day
Microsoft Canonical is Selling Mass Surveillance and Back Doors as "Security for Ubuntu"
If you are looking for a GNU/Linux distro to use, just remember that Microsoft has Ubuntu in the bag
Cowboys Gonna Be Cowboys (on the Internet, They're Not a New Problem)
Boys will be boys
Cowboys of the "Left" and Cowboys of the "Right"
Don't believe the lie that this is some "leftist" thing
When Codes of Conduct Serve to Protect Criminals From Much-Deserved Scrutiny
CoCs are typically unfit for purpose because enforcement lacks context and suitable understanding of the full background (the "full story")
It Took the Open Source Initiative (OSI) 4+ Years to Address the 'Data Breach' or Data Protection Violation Reported to the California Privacy Protection Agency (CPPA) in March 2025
We may never know the dialogue or its nature
Even Microsoft's Biggest Boosters (and Media Operatives) Are Turning Against Microsoft
Expect many more layoffs before the fake "results" next month
Old Isn't Always Inadequate
How many gadgets manufactured today (in 2025) will still work in 2075?
The Monkey Business of Rust People
Compatibility won't matter
Microsoft Lunduke Spreads Deliberate Lies to Incite Online Mobs
Has he lost his reading comprehension skills?
Our 19th Birthday (in Just Over 5 Weeks From Now)
We meanwhile have ongoing, solid plans to cover patent-related issues when the FSF turns 40
British GNU/Linux Distro FydeOS Tops DistroWatch
That seems like a decent site and decent effort to keep an eye on
We'll Soon Have 75,000 GemText Pages
avoid many perils of today's Web
Google Used Free Software to Build a Monopoly. Now Google Kicks Free Software to the Curb
The "G" in "Google" does not stand for GNU. It never did. It's just another greedy company.
Gemini Links 30/09/2025: Retro Hardware, Federated Fragmentation, and Nex Server Written in C
Links for the day
4 More Days Till "4 decades, 4 freedoms, 4 all users"
We are now just 4 days away from the rare anniversary
Two Months After Merging to Hide GitHub Losses Microsoft is Doing It Again (This Time Windows)
Merging those two together is not a sign of strength but a tightening of budget
Speculations About the Next Large Wave of IBM/Red Hat Layoffs
the mass layoffs are likely to happen on week 3 or 4 in October
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 29, 2025
IRC logs for Monday, September 29, 2025
Links 29/09/2025: Opposition to Surveillance Giant Google and Conflicts Worldwide (Moldova Sides With EU)
Links for the day
Why the EPO Never Managed to Silence Us (After Over a Decade of Trying)
Firms like Mishcon de Reya and Brett Wilson LLP contribute to a bad stigma, staining the entire occupation
Links 29/09/2025: Datacenter Fires and "Too Much Internet Use Is Changing Teenage Brains"
Links for the day
Almost a Couple of Years After Microsoft Hijacked the Name 'Sudo' (to Describe Unrelated Windows Stuff) Microsoft Canonical Breaks Sudo in Ubuntu
These are vandals in "goodwill" or "security" clothing
Does the Good Law Project (GLP) Know the Director of Brett Wilson LLP Deems It OK to Endorse Violent Actions Against Trans People?
We were miffed to see this morning's report
Names Are Not Unique IDs and the UK Government's "Digital ID System" Would be a Nightmare
Digital surveillance, "apps", and worse (all the time)
What is Roy and Rianne's Righteously Royalty-free RSS Reader?
A news reader that uses OPML files and parses RSS feeds
The Free Software Foundation (FSF) Turns 40 in 5 Days
We should be talking about software freedom, not "Open Source"
It Feels Like Brett Wilson LLP Has Just Tacitly Admitted That It Defamed Me
It arguably admitted many other things by refusing to deny or address them (altogether)
Stefano Maffulli's Front Page Mentions "AI" 11 Times
They're more focused on slop (plagiarism) than sharing or Software Freedom
CMS Rot
With "modern" (bloated) content management systems (CMSs) there is a long chain of dependencies
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 28, 2025
IRC logs for Sunday, September 28, 2025
Slopwatch: Fake Articles About Linux 6.17 and Microsoft Meddling in Linux Development
today's Slopwatch is short because the picks are from Sunday
Gemini Links 29/09/2025: The Labor Wars and Retro
Links for the day
Links 28/09/2025: Windows TCO, Security Breaches, and Deutsche Bahn Woes
Links for the day
Datacentres Aren't Reliable for Backups
bad practices cause immeasurable levels of permanent data losses each and every day
Links 28/09/2025: Science, Censorship, and Security Incidents/Advisories
Links for the day
Gemini Links 28/09/2025: Golem and Cybertrucks
Links for the day
Links 28/09/2025: Moldova Elections, LLM Slop Failing Again to Accomplish Anything
Links for the day
Links 28/09/2025: Slop Does More Harm, Newly Released Epstein Estate Documents
Links for the day
Links 28/09/2025: Fentanylware (TikTok) 'Going Private' (the Dictator's Media Allies) and UK Mirror Lays Off More Journalists
Links for the day
A Year Ago, Only a Few Weeks After We Countersued the 'Hulk Hogan of UEFI', Our Webhost Came Under Attack
At the end of September 2024 our webhost received several threats
If Only Someone Warned Us About This...
Ubuntu is committing suicide with Rusty code
The Register - Kissing the hand that feeds it
hired to manage the publication several people connected to Microsoft, including the new Editor in Chief
The Myths of "Linux" and of "Intelligence"
As noted this morning
People Remembered GNU's Birthday (Which Helps Remind People It All Started in 1983, Not 1991)
Have the FSF and GNU earned the respect they deserve?
Slopwatch: Ponzi Schemes Promoted by Media Companies, Linux Journal Turning Its 30-Year Reputation to Dust, and Serial Slopper Brian Fagioli Plagiarising, As Usual
This bubble will end up very badly
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 27, 2025
IRC logs for Saturday, September 27, 2025