this post was submitted on 30 Nov 2025
49 points (87.7% liked)

Firefox

21316 readers
30 users here now

/c/firefox

A place to discuss the news and latest developments on the open-source browser Firefox.

Rules

1. Adhere to the instance rules

2. Be kind to one another

3. Communicate in a civil manner

Reporting

If you would like to bring an issue to the moderators attention, please use the "Create Report" feature on the offending comment or post and it will be reviewed as time allows.

founded 6 years ago
MODERATORS
k_o_t@lemmy.ml
golden_zealot@lemmy.ml
49
On Linux, Firefox stores site-data in a folder named the same (europe.pub)
submitted 1 day ago by brokenwing@discuss.tchncs.de to c/firefox@lemmy.ml
13 comments fedilink hide all child comments
 

Is this behavior expected? I would imagine it would be a privacy violation in a multi-user system. I thought they had some sort of encryption for hiding the sites that I visit.

BTW, FF does not do this on private mode. But still it is concerning, that any program can know about the sites I visit just by looking at ~/.mozilla/profile/storage/default.

you are viewing a single comment's thread
view the rest of the comments
[–] terribletortoise@lemmy.world 42 points 1 day ago* (last edited 1 day ago) (4 children)

The tilde (~) means that path is located in the per-user home directory. The default behaviour is for user home directories to be only accessible by that specific user.

The encryption you're referring to is likely specific to Firefox Sync (i.e. syncing your FF settings, history, etc. across devices). Sync is end-to-end encrypted. But I'm not surprised that it's unencrypted on disk.

[–] brokenwing@discuss.tchncs.de 3 points 1 day ago (2 children)

But wouldn't it be better if they chose to obfuscate it. Are there any inherent disadvantage in doing so?

[–] dormedas@lemmy.dormedas.com 22 points 1 day ago (1 children)

Generally, no. If a person has access to your home folder, it doesn’t matter if site-data is site-data or some UUID, the person can still look around and find that data. How to do so would be on the internet, in the source code for Firefox.

Firefox simplifies its engineering efforts and makes site-data clearly visible to the proper user by relying on the system’s security measures instead of inventing its own bespoke ones.

[–] naeap@sopuli.xyz 2 points 1 day ago

You could hash the duckduckgo URL for example

But yeah, the data would be there, not sure how much that would help

[–] douglasg14b@lemmy.world 2 points 1 day ago* (last edited 1 day ago)

I mean, lots of problems rise from this from interoperability, debug ability, removing control & ownership of your own data...etc

Obfuscating the data means you (The user, via your own means) no longer have access to it, you cannot integrate with it, ....etc This is a problem for a project that promotes itself for openness and compatibility.

Firefox should not be solving your user level access permission problems, that's not it's job 🤦

load more comments (1 replies)