I'm not sure you can derive any useful conclusions from this post.
Various browsers invoke various numbers of connections to remote peers upon initial startup.
There is no technical reason that a browser (or any software) couldn't open a single connection, and funnel every piece of data it can extract from your machine to a remote host. That remote host could then distribute that data to any number of other hosts/services without your awareness.
For the purposes of privacy, all connections numbering more than 0 are functionally identical. At a minimum it might be helpful to include some information on the amount of data transmitted over these connections.
> I'm not sure you can derive any useful conclusions from this post.
A striking one is that many browsers continue to claim to be privacy respecting, when in reality they are not even though it is easilly verifiable.
You are correct in saying that from the standpoint of privacy there is either zero telemetry or everything else. There are other drawbacks from having many unnecessary 'phone home' requests, like performance in slow connection environments.
And may I add - telemetry on by default is just not decent, browser is supposed to be my ("user") agent, not somebody else's.
Another striking conclusion is that even browsers that value privacy need to have some level of understanding about what features their users are using and what they are not.
Sure, but only if you opt-into it. If a browser sends your private information like IP address to a third party, without your consent, that is by default opposite of privacy-respecting. (there is no privacy being respected there).
1. I don't think an IP is particularly identifiable information for a browser vendor - the information they have is "this device currently associated with this IP uses our browser", which is not significant.
2. Just because the IP is sent doesn't mean it's collected and stored. They may drop it as soon as the data gets to the server - meaning that the IP may have been transferred but it in no way is analyzed to attribute any information to you.
User privacy is no longer something you can tiptoe around - it *has* to be informed and opt-in; i.e. if you slipped into someone's bed at night and had sex with them without consent, was it okay?
The point is that we disagree, not that one of us is right. Mozilla isn't using some objective term, they're using one that's highly subjective.
You didn't address the major point I had, which is that they can just drop your IP and not store it. Soooooo, anyway, I'm ignoring the rest of your post because I don't care about the debate, I was just trying to explain that telemetry is privacy respecting.
You didn't address the major point I had, which is that they can just drop your IP and not store it.
The point is that you don’t know that and you cannot guarantee it. You just assume the best case.
As analogy: is sending your bank password a privacy problem? You argue no, because they could just throw it away immediately, instead of going on a Christmas shopping spree. That's an insane argument to make.
> For the purposes of privacy, all connections numbering more than 0 are functionally identical.
Even a browser that launches zero connections upon first startup could start doing so after a random delay and/or while you're connecting to a legitimate website. And if you visit any website from any entity that produces the browser, it can smuggle out data without opening any new connections, e.g. Chrome could backchannel data up to the mothership when you access any Google-owned website. And on desktop, who's to say that the installer itself didn't already send up data, or otherwise install a separate binary that will? And on mobile, Google and Apple already have half the world's data, because they own the OS!
So in effect, this benchmark shows nothing at all. It's a web browser, at some point you're going to access the web with it or else you wouldn't have installed it, so demonstrating that it has network connectivity is not particularly interesting.
Network connection because the user expects it, is fine. If a browser is privacy-protecting it may even proactively block connections related to ads/trackers.
However if a browser claims to be privacy respecting than it has to be zero telemetry by default, otherwise it isn't. If you do not care about it being privacy-respecting, than sure, why not relay information to browser vendor and/or 3rd parties on startup.
Sure, and yet this comment has zero relevance to the content of this post, because this method cannot disprove that any of these browsers have telemetry, nor do any of these connections imply telemetry on their own. Read the source code if you want to prove or disprove the absence of telemetry. And if you don't control the source code or if you can't build reproducibly, you've already lost.
How so? This method (monitoring connections through network proxy) is perfectly viable for detecting outbound connections from a browser. If a browser makes an unwanted connection to the browser vendor and/or third party site, that is unwanted telemetry. Regardless of what the purpose of that request was, user's IP address has been transmitted (hence telemetry from user standpoint) and users's privacy was not respected. Client source code is irrelevant from the standpoint of privacy, as such requests are processed server side and to my knowledge no browser with telemetry has open sourced their server side data processing code.
> I'm not sure you can derive any useful conclusions from this post.
Sometimes a conclusion isn't necessary. Just having that information written down and spelled out is useful in terms of informing people. There are a lot of things we take for granted, and some heinous things that are happening that shouldn't be but are allowed to happen because the consequences don't feel real or tangible enough.
I think it has a point until it becomes a benchmark, because as you said it's easy to only have one connection if you want to.
Before it becomes a benchmark, I think it kind of leaks a measure of the amount of things that are being done on the first run, all possibly exposing yourself in various ways.
>I think it kind of leaks a measure of the amount of things that are being done on the first run, all possibly exposing yourself in various ways.
Not really, because "thing" is a totally arbitrary concept, and can be implemented as "service1.example.com/api/" or "example.com/api/service1". Whether the former or latter gets chosen and with what probability is dependent on organizational factors, so comparing between companies makes little sense.
There is no technical reason that a browser (or any software) couldn't open a single connection, and funnel every piece of data it can extract from your machine to a remote host. That remote host could then distribute that data to any number of other hosts/services without your awareness.
For the purposes of privacy, all connections numbering more than 0 are functionally identical. At a minimum it might be helpful to include some information on the amount of data transmitted over these connections.