Google, Amazon, Bing extensions have been added to Firedragon browser. These do not show up under “Addons and Themes”. I only found them in “about:debugging”
This is a default install, with default settings. It is completely unaltered from what is shipped w/ Garuda. It does seem to be related to search provider settings.
Though Garuda is not a privacy based distro, FireDragon is based on LibreWolf. It seems the Garuda team decided to add these extensions in after the fact. Default Librewolf does not contain these extensions. (or at least the flatpak version I installed to verify didn’t)
This may, or may not, directly affect your privacy. I would guess that info is only sent to these providers if they are specifically requested. But it is JUST a guess.
I’m sure this has been done to monetize the distro, provide support, yada yada.
I personally do not care what the reasoning, or whether or not any information is sent to providers. I will be moving away from Garuda ASAFP. If they do this, what else has been done?
As always, stick w/ recommended on privacyguides.
deleted by creator
From what I can see, these are search providers and vanilla Firefox ships with all of these as well, I think. You will find these under search settings rather then add-ons. I don’t think there’s anything nefarious about including search options used by a lot of people, especially when they include ddg side by side.
Why don’t you reach out to the Garuda team before jumping to conclusions and maybe work with them to remove problematic search engines and add more privacy aware ones?
Those are search engines and created by Mozilla. That’s why they all have @search.mozilla.org.
I’ll just note that I also have these extensions on my LibreWolf install, from the AUR.
Just a reminder, we specifically recommend against Garuda due to their unsafe usage of Chaotic-AUR.
I would not recommend this guide. It only recommends rolling releases, so basically Arch. I use Arch btw, Garuda. However, it then goes on to say that only moderate or advanced users should use Arch. It also doesn’t recommend Debian or any debian based distros. I find this funny as many corporate servers use Debian, and I don’t really see any huge security issues since the 90’s waving red flags of warnings and issues. By following this guide, it really leaves no option for beginner linux enthusiasts. I (we) recommend not folloing this guide as it reads like privacy paranoia propaganda piece.
If you’re going to use Arch use Arch. It is incredibly dangerous to be blindly trusting things in AUR, when they can be contributed by anyone.
However, it then goes on to say that only moderate or advanced users should use Arch
Yes because there is less QA, there is nobody testing those things before they are released to you. It also requires you to make a lot of selections which unless you know what components to choose (I also use Arch) would be not great for a newbie user.
I find this funny as many corporate servers use Debian, and I don’t really see any huge security issues since the 90’s waving red flags of warnings and issues.
A lot of them are Ubuntu these days, or Centos. In a corporate environment you tend to be running a lot of containerized workloads because you want redundancy, and high availability.
By following this guide, it really leaves no option for beginner linux enthusiasts. I (we) recommend not folloing this guide as it reads like privacy paranoia propaganda piece.
TLDR being there is no reason to look beyond Fedora or Ubuntu for a newbie user. That is the point that it makes. These other obscure distributions don’t provide anything that you need.
TLDR being there is no reason to look beyond Fedora…
This whole privacy issue is about trust. And clearly your privacy recommendations are biased. For example, you seem to put all your trust in Fedora, a corporation owned by Red Hat…OWNED. A distro starting to 'trample on user’s privacy with telemetry integration.’
Now you might say that telemetry isn’t like the others, it is “anonymised.” Except that is what corporations always say before they remove the username from the data collected and keep the unique user id. Again, it is about who you trust, and usually corporations are working and focused on the dollar, not the user.
I encourage anyone to look at other privacy recommendation sites, and form your own conclusions.