Google, Amazon, Bing extensions have been added to Firedragon browser. These do not show up under “Addons and Themes”. I only found them in “about:debugging”

This is a default install, with default settings. It is completely unaltered from what is shipped w/ Garuda. It does seem to be related to search provider settings.

Though Garuda is not a privacy based distro, FireDragon is based on LibreWolf. It seems the Garuda team decided to add these extensions in after the fact. Default Librewolf does not contain these extensions. (or at least the flatpak version I installed to verify didn’t)

This may, or may not, directly affect your privacy. I would guess that info is only sent to these providers if they are specifically requested. But it is JUST a guess.

I’m sure this has been done to monetize the distro, provide support, yada yada.

I personally do not care what the reasoning, or whether or not any information is sent to providers. I will be moving away from Garuda ASAFP. If they do this, what else has been done?

As always, stick w/ recommended on privacyguides.

  • tartar@lemmy.fmhy.ml
    link
    fedilink
    English
    arrow-up
    78
    ·
    edit-2
    1 year ago

    These are literally default search extensions from Mozilla that come with every vanilla Firefox install - some basic digging would’ve told you that (in fact, your very screenshot shows that the extension IDs come from Mozilla). They’re what allows the search options for those sites in Firefox. If you go to search settings and turn those search engines off, they have zero effect on you. Or better yet, simply hit “remove” in those settings to completely get rid of them, which makes them no longer show up anywhere, even about:debugging.

    You’re welcome to move away from Garuda; it just wouldn’t change anything. You could also fork the code to remove the extensions by default, but at that point ask yourself why neither LibreWolf nor the Garuda team found it necessary to remove these extensions by default if they were actually a privacy threat (and again, you could just remove them yourself in 5 seconds through search settings).

    Honestly, these default search providers could potentially be removed simply because more privacy-focused users have no reason to use such search engines, but that’s something you should take up with the LibreWolf/Garuda team in a polite discussion.

    Here, this post could potentially affect Garuda’s reputation for something that’s completely harmless and is 2 layers upstream from them (FF > LibreWolf > FireDragon). It also makes privacy enthusiasts look silly and paranoid.

    I understand why seeing these would make you suspicious, but the next step would be to look it up somewhere rather than jumping to a conclusion.

    OP, I’m not trying to scold you (and I’m sorry this comment feels that way) . Rather, this is a reminder to everyone here: please do some due diligence before posting stuff.

    (P.S. As someone who once also used this distro and browser, I would also recommend to just setup FF or even LibreWolf the way you want instead of using this specialized distro fork. Not for any malicious reason, but simply because important security updates are bound to come late to a fork of a fork.)

      • tartar@lemmy.fmhy.ml
        link
        fedilink
        English
        arrow-up
        11
        ·
        edit-2
        1 year ago

        Thanks, but I worry it may have been a little too assholish on my part. Again, I wasn’t trying to bring OP down and definitely don’t want to be one of those smug “I know better than you and will jump on every mistake of yours” types. I know what it’s like to have those kind of people jumping on your throat for a relatively minor thing, because I’ve made this kind of mistake before. Just want to state again that my intent isn’t to dogpile on OP but to remind everyone to be cautious before assuming.

        I edited the comment to remove the unnecessary snarky chromium bit. !@[email protected] I’m sorry if this comment made you feel shitty. It isn’t what I intended to do.

        • rodneyck@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          LOL, we can all come off sounding a little assholish, don’t worry about it. You made sound points. The OP came off sounding a bugle of fear without doing any research, or backing up any of their concerns. You stepped up.

  • Reliant1087@lemmy.world
    link
    fedilink
    English
    arrow-up
    40
    ·
    1 year ago

    From what I can see, these are search providers and vanilla Firefox ships with all of these as well, I think. You will find these under search settings rather then add-ons. I don’t think there’s anything nefarious about including search options used by a lot of people, especially when they include ddg side by side.

    Why don’t you reach out to the Garuda team before jumping to conclusions and maybe work with them to remove problematic search engines and add more privacy aware ones?

  • Yote.zip@pawb.social
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    I’ll just note that I also have these extensions on my LibreWolf install, from the AUR.

    • rodneyck@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      I would not recommend this guide. It only recommends rolling releases, so basically Arch. I use Arch btw, Garuda. However, it then goes on to say that only moderate or advanced users should use Arch. It also doesn’t recommend Debian or any debian based distros. I find this funny as many corporate servers use Debian, and I don’t really see any huge security issues since the 90’s waving red flags of warnings and issues. By following this guide, it really leaves no option for beginner linux enthusiasts. I (we) recommend not folloing this guide as it reads like privacy paranoia propaganda piece.

      • dngray@lemmy.oneM
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        If you’re going to use Arch use Arch. It is incredibly dangerous to be blindly trusting things in AUR, when they can be contributed by anyone.

        However, it then goes on to say that only moderate or advanced users should use Arch

        Yes because there is less QA, there is nobody testing those things before they are released to you. It also requires you to make a lot of selections which unless you know what components to choose (I also use Arch) would be not great for a newbie user.

        I find this funny as many corporate servers use Debian, and I don’t really see any huge security issues since the 90’s waving red flags of warnings and issues.

        A lot of them are Ubuntu these days, or Centos. In a corporate environment you tend to be running a lot of containerized workloads because you want redundancy, and high availability.

        By following this guide, it really leaves no option for beginner linux enthusiasts. I (we) recommend not folloing this guide as it reads like privacy paranoia propaganda piece.

        TLDR being there is no reason to look beyond Fedora or Ubuntu for a newbie user. That is the point that it makes. These other obscure distributions don’t provide anything that you need.

        • rodneyck@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          TLDR being there is no reason to look beyond Fedora…

          This whole privacy issue is about trust. And clearly your privacy recommendations are biased. For example, you seem to put all your trust in Fedora, a corporation owned by Red Hat…OWNED. A distro starting to 'trample on user’s privacy with telemetry integration.’

          Now you might say that telemetry isn’t like the others, it is “anonymised.” Except that is what corporations always say before they remove the username from the data collected and keep the unique user id. Again, it is about who you trust, and usually corporations are working and focused on the dollar, not the user.

          I encourage anyone to look at other privacy recommendation sites, and form your own conclusions.

  • NaN@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    10
    ·
    edit-2
    1 year ago

    Those are search engines and created by Mozilla. That’s why they all have @search.mozilla.org.