this post was submitted on 30 Nov 2025
50 points (87.9% liked)

Firefox

21320 readers
14 users here now

/c/firefox

A place to discuss the news and latest developments on the open-source browser Firefox.

Rules

1. Adhere to the instance rules

2. Be kind to one another

3. Communicate in a civil manner

Reporting

If you would like to bring an issue to the moderators attention, please use the "Create Report" feature on the offending comment or post and it will be reviewed as time allows.

founded 6 years ago
MODERATORS
k_o_t@lemmy.ml
golden_zealot@lemmy.ml
50
On Linux, Firefox stores site-data in a folder named the same (europe.pub)
submitted 2 days ago by brokenwing@discuss.tchncs.de to c/firefox@lemmy.ml
15 comments fedilink hide all child comments
 

Is this behavior expected? I would imagine it would be a privacy violation in a multi-user system. I thought they had some sort of encryption for hiding the sites that I visit.

BTW, FF does not do this on private mode. But still it is concerning, that any program can know about the sites I visit just by looking at ~/.mozilla/profile/storage/default.

you are viewing a single comment's thread
view the rest of the comments
[–] terribletortoise@lemmy.world 44 points 2 days ago* (last edited 2 days ago) (1 children)

The tilde (~) means that path is located in the per-user home directory. The default behaviour is for user home directories to be only accessible by that specific user.

The encryption you're referring to is likely specific to Firefox Sync (i.e. syncing your FF settings, history, etc. across devices). Sync is end-to-end encrypted. But I'm not surprised that it's unencrypted on disk.

[–] brokenwing@discuss.tchncs.de 4 points 2 days ago (2 children)

But wouldn't it be better if they chose to obfuscate it. Are there any inherent disadvantage in doing so?

[–] dormedas@lemmy.dormedas.com 25 points 2 days ago (1 children)

Generally, no. If a person has access to your home folder, it doesn’t matter if site-data is site-data or some UUID, the person can still look around and find that data. How to do so would be on the internet, in the source code for Firefox.

Firefox simplifies its engineering efforts and makes site-data clearly visible to the proper user by relying on the system’s security measures instead of inventing its own bespoke ones.

[–] naeap@sopuli.xyz 3 points 2 days ago

You could hash the duckduckgo URL for example

But yeah, the data would be there, not sure how much that would help

[–] douglasg14b@lemmy.world 2 points 1 day ago* (last edited 1 day ago)

I mean, lots of problems rise from this from interoperability, debug ability, removing control & ownership of your own data...etc

Obfuscating the data means you (The user, via your own means) no longer have access to it, you cannot integrate with it, ....etc This is a problem for a project that promotes itself for openness and compatibility.

Firefox should not be solving your user level access permission problems, that's not it's job 🤦