Didn't look at the repo thoroughly, but I can appreciate the work that went into this.
user-overrides.js
file for the standard arkenfox user.js
file?user.js
file, but didn't notice anything in particular handling specific URLs differently.https://github.com/owntracks/android
The F-Droid version (which is available on IzzyOnDroid's repo) utilizes OSM. You'll need a server to sync the data to though and it likely does not have all of the features that Life360 has.
I'm still not sure what point you are trying to make. Your initial claim was:
Although Mozilla encrypts the synced data, the necessary account data is shared and used by Google to track those.
@utopiah@lemmy.ml asked:
Are you saying Firefox shares data to Alphabet beyond Google as the default search engine? If so and if it applies to Sync (as if the question from OP here) can you please share sources for that?
You stated:
Mozilla does, sharing your account data
You also provided evidence that Mozilla uses Google Analytics trackers on the Firefox's product information website. I mentioned that it's not sufficient evidence of your claim as the trackers are independent of Firefox the browser and Sync. Additionally, the use of trackers for websites is clearly identified on Mozilla's Privacy Policies and there is not much else mentioned on the Privacy Policies outside of those trackers and Google's geolocation services in Firefox.
You've also mentioned Google's contract with Mozilla, which is controversial for many people, but isn't evidence of Mozilla providing user data to Google even in conjunction with the previously mentioned trackers. You then discussed various other browsers, but I'm not sure how that is relevant to your initial claim.
While it seems we can both agree that Mozilla and it's products are far from perfect, it is looking like your initial claim was baseless as you have yet to provide any evidence of your initial claim. Do you have any evidence through things like code reviews or packet inspections of Firefox or Sync that hints Mozilla is sharing additional information to Google? At this point, I would even accept a user(s) providing evidence of some weird behavior like the recent issue where google.com wouldn't load in Firefox on Android if someone could find a way to connect the weird behavior to Mozilla sharing data with Google.
I don't understand what point you are trying to make. Mozilla has several privacy policies that cover its various products and services which all seem to follow Mozilla's Privacy Principles and Mozilla's overarching Privacy Policy. Mozilla also has documentation regarding data collection.
The analytics trackers that you mentioned would fall under Mozilla's Websites Privacy Policy, which does state that it uses Google Analytics and can be easily verified a number of ways such as the services you previously listed.
However, Firefox sync uses https://accounts.firefox.com/ which has its own Privacy Policy. There is some confusion around "Firefox Accounts" as it was rebranded to "Mozilla Accounts", which again has its own Privacy Policy. There is no indication that data covered by those policies are shared with Google. If Google Analytics trackers on Mozilla's website are still a concern for these services, you can verify that the Firefox Accounts and Mozilla Accounts URLs do not contain any Google Analytics trackers.
Firefox has a Privacy Policy as well. Firefox's Privacy Policy has sections for both Mozilla Accounts and Sync. Neither of which indicate that data is shared with Google. Additionally, the data stored via the Sync service is encrypted. However, there is some telemetry data that Mozilla collects regarding Sync and more information about it can be found on Mozilla's documentation about telemetry for Sync.
The only thing that I could find about Firefox, Sync, or Firefox Accounts/Mozilla Accounts sharing data with Google was for location services within Firefox. While it would be nice for Firefox not to use Google's geolocation services, it is a reasonable concession and can be disabled.
Mozilla is most definitely not a perfect company, even when it comes to privacy. Even Firefox has been caught with some privacy issues relatively recently with the unique installation ID.
Again, I'm not saying that Mozilla is doing nothing wrong. I am saying that your "evidence" that Mozilla is sharing Firefox, Sync, or Firefox Accounts/Mozilla Accounts data with Google because of Google Analytics trackers on some of Mozilla's websites is coincidental at best. Without additional evidence, it is misleading or flat out wrong.
I'm not disputing the results, but this appears to be checking calls made by Firefox's website (https://www.mozilla.org/en-US/Firefox/) and not Firefox, the web browser application. Just because an application's website uses Google Analytics does not mean that the application shares user data with Google.
Your options will depend on how much effort you are willing to put in and what other services you have access to (or are willing to run).
For example, do you have a Network Video Recorder (NVR) or something like Home Assistant that can consume a Real-Time Messaging Protocol (RTMP) or Real Time Streaming Protocol (RTSP) video feed? Can you modify your network to block all internet traffic to/from the doorbell? Are you comfortable using a closed source, proprietary app to setup the doorbell? Is creating your own doorbell feasible?
I'm not aware of a doorbell that you can buy which meets all of your requirements without at least one of the items I mentioned above. Additionally, I believe the only doorbell that meets all your requirements is building your own doorbell. However, some other brands that will get close to meeting your requirements are Reolink and Amcrest.
There are a few recommendations for the PineTime in this thread. It is a great privacy focused smartwatch, but I don't think you would be happy with it based on your requirements. It is not a device that allows you to go for a run and keep your phone at home.
The storage on the device is extremely limited, which prevents you from playing any audio (eg songs, podcasts, etc) directly. The device does not have any wireless connectivity (outside of Bluetooth) so it cannot stream any audio either. I'm not certain if you can even connect it to wireless headphones. It does not have any speakers either.
The watch has some apps, but there are no apps that are well suited for fitness. It does count steps well, but it does not directly calculate distance, pace, etc. It also does heart rate, but, currently, the watch screen must be on for it to record the heart rate. I think the longest the watch screen will stay on for is 30 minutes without any interaction, which may be too short for long runs or bike rides. Additionally, I'm not aware of any GPS/location tracking functionality.
Lastly, since the apps are limited and there is no advanced wireless functionality, you can't use it for things that you may be used to for on the go activities. For example, you won't be able to use it to pay for a drink half way through a run or call someone if you hurt your ankle a few miles from your destination.
With all that said, I still highly recommend the PineTime as a privacy focused, FLOSS, smartphone companion, smart watch. I don't think you'll find these features in any other device, particularly at this price point. However, you will be extremely disappointed with it if you're getting it so you can take it on runs while leaving your phone at home.
The classic triathlon event:
I'm not privy to what is going on, who the users from the screenshot are, or what this is all in reference to, but saying they "actively setup RSS feeds" for this is a bit disingenuous. The ability to consume Reddit users' RSS feeds has existed for longer than GrapheneOS has been around. Anyone posting on Reddit (especially on public subs) or any other public site should have the expectation that their posts/comments can be monitored/tracked/followed, searched, recorded/copied, etc. This should just be viewed as a reminder of that.
In terms of privacy, you are giving your identity provider insight to each of the third party services that you use. It may seem that there isn't too much of a difference between using Google's SSO vs using your Gmail address to register your third party account. However, one big distinction is that Google would be able to see often and when you use each of your third party services.
Also, it may be impossible to restrict the sharing of certain information from your identity provider with the third party service. For example, maybe you don't want to share a picture of yourself with a service, but that service uses user profile pictures or avatars. That service may ask (and require) that you give it access to your Google account's profile picture in order to authenticate using Google's SSO. You may be able to overwrite that picture, but you also may not be able to revoke the service's ability to retrieve it. If you used a "regular" local account, that Google profile picture would never be shared with the third party service if you did not upload it directly. The same is true for other information like email, first/last/full name, birthday, etc.
There are other security and operational concerns with using SSO options. With the variety of password managers available, introduction of passkeys, and increased adoption of multi-factor authentication, many of the security benefits associated with SSO aren't as prevalent as they were 10 years ago. The biggest benefit is likely the convenience that SSO still brings compared to other authentication methods.
Ultimately it's up to you to determine if these concerns are worth the benefits of using SSO (or the third party service provider at all if they require SSO). I have a feeling the common advise will be to avoid SSO unless its an identity provider that you trust (or even better - one that you host yourself) - especially if you're using unique emails/usernames along with strong and unique passwords with multi-factor authentication and/or passkeys.