Ko tenda hembiapoite sa’ivéta oñemba’apokuévo hese hembiapo porãve hag̃ua. Peteĩ jehaipyre nomoĩporãiramo ne apañuái ha eporanduséramo, roguerekohína ore nepytyvõ rekoha ikatútava ndeykeko @FirefoxSupport Twitter-pe ha avei /r/firefox Reddit-pe.

Eheka Pytyvõha

Emboyke pytyvõha apovai. Ndorojeruremo’ãi ehenói térã eñe’ẽmondóvo pumbyrýpe ha emoherakuãvo marandu nemba’etéva. Emombe’u tembiapo imarãkuaáva ko “Marandu iñañáva” rupive.

Kuaave

Why is firefox always connecting to amazon services ?

more options

I start firefox without any open tab, all extensions deactivated.

I can see that it automatically connects to compute.amazonaws.com and cloudfront.net. This is a gross privacy leak !!! Isn't Firefox supposed to be on top of privacy issues ? Is it expected ? Can it be removed ?

I know mozilla's website relies on amazon services (and this is a deep flaw in mozilla's privacy commitment), but there is no reason for Firefox to use it.

I start firefox without any open tab, all extensions deactivated. I can see that it automatically connects to compute.amazonaws.com and cloudfront.net. This is a gross privacy leak !!! Isn't Firefox supposed to be on top of privacy issues ? Is it expected ? Can it be removed ? I know mozilla's website relies on amazon services (and this is a deep flaw in mozilla's privacy commitment), but there is no reason for Firefox to use it.

Opaite Mbohovái (9)

more options

@ Fffred :

Please ignore the post from the so-called "Firefox Expert" - it's a scam.

more options

Hi Fffred, to manage the connections Firefox makes at startup and during operation, please review the steps in the following support article: How to stop Firefox from making automatic connections.

more options

@jscher2000 does this mean Firefox, by default, connects to Amazon? What's the point having such advanced anti tracking features if it does provide information to trackers anyways? This is not advertised on Mozilla's website. Instead there is a lot about privacy blabla, which looks increasingly fishy these days

more options

Amazon, Google, and Microsoft provide cloud services for a lot of companies. The data related to Mozilla's little bit of the cloud (rented servers) and the data used by the Amazon e-commerce platform are -- to the best of my knowledge -- not connected. They are not connected in Firefox because data is stored under the host name, so the cookies and local storage data/identifiers are completely separate.

more options

Same issue here. As soon as I open Firefox, even without anything loaded, it connects to a host at *.us-west-2.compute.amazonaws.com (port 443). I understand it might be checking for certificate revocations and such on startup, but in that case the connection would cease in a few minutes. Here it just stays open for good. Even when I'm not doing anything, or computer is idling, the https connection to *.us-west-2.compute.amazonaws.com is always there.

I already have everything off, including telemetry, crash reports, I don't use sync... and I never did. This issue didn't exist until a few weeks ago.

more options

Hi cloudbox1, are you able to figure out what request Firefox is sending? Knowing the hostname would be useful to adjusting the behavior.

In addition to the connections listed in the support article, Firefox keeps open a channel for web/push notifications. That is mentioned in another article: Web Push notifications in Firefox. That appears to currently use the host name push.services.mozilla.com which is hosted on AWS.

I haven't experimented with completely disabling push notifications (beyond quieting requests as described in that article), but traditionally you would do this:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box above the list, type or paste push*ena and pause while the list is filtered

(3) Double-click the dom.push.enabled preference to switch the value from true to false

I don't know whether it is necessary or desirable to modify the value of dom.push.connection.enabled -- I don't remember that one from the old days.

If you try that, does it make any difference?

more options

Thanks, I'll give that a shot, and report back in a day or so. At the moment, they're both Enabled. So this is despite the "official" setting "Block new requests asking to allow notification" is checked?

more options

cloudbox1 said

So this is despite the "official" setting "Block new requests asking to allow notification" is checked?

That setting mutes the notification permission icon so sites can't trigger it, but the mechanism for receiving notifications is still set up for sites that you manually add to the permissions list (either through the Page Info > Permissions panel, or on the Options/Preferences page).

more options

Well, it seems that changing the two toggles to Disabled did the trick. No more unsolicited connections of this kind.