What does Firefox do when you start it?
The following video shows you the connections that Firefox does when started. This is data collection and user tracking.
Look at the domains it tries to connect.
Blog
Mullvad browser audit
I audited Mullvad Browser: why does the browser contact the following endpoints?
What I did for this test:
- downloaded the browser,
- extracted it,
- ran it with no interactions, in other words leaving the browser window alone for about 5 minutes.
I did not open any web page or did anything... I can tell that github is probably used for Ublock... But the rest stinks.
I ran the Browser in an ad-hoc network namespace to make sure that this traffic only comes from Mullvad browser.
I see google, cloudflare, fastly... edgecast
also who is edgecast?
Do they have any sort of agreement with these companies? Do they tell their users about this?
Application Network Auditing
I see that many people carelessly express their opinions about how private and privacy oriented some applications are, especially in the browsers landscape, but, so far, all failed to report a strict analysis with real world data or numbers.
Here you can find some of the possible ways of auditing a web browser for background network connections. Specifically to see if it phones home, if it bypasses the system dns, if it contacts third parties.
While this type of auditing requires some experience in networking, it is also meant to be naive and superficial by showing only connections and not their content, to show what actually happens behind the scenes and finally have some actual real world data and visuals on this.
There are easier or quicker ways of doing this kind of test, for these, check the last part of this article where I propose some alternative methods.