this post was submitted on 20 Oct 2024
144 points (95.6% liked)

Firefox

17815 readers
8 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

EDIT

This issue may be due to WebRTC being disabled. WebRTC is required for google meet, but also used for fingerprinting.

Recently I tried to join a google meet meeting in my hardened config firefox browser, and google meet didn't let me in at all. I was confused as hell. I could join only on my phone, but not any of my three computers I tested it on. I then went into a virtual machine with regular firefox(also linux), and the meeting works. The only conclusion I can draw is that google is so desperate for my data that they refuse to service me unless I give them this.

This post intends to inform people that issues with google products may be related to their valid wish for security, and the actions they have taken in pursuit of that. The post also intends to inform people of a solution. The two apps that I recommend are:

  • Jitsi Meet: This is self hosted, but you can also make a meeting with jitsi's own servers. A excellent alternative to google meet, the only reason I didn't use it is that I had issues the day I needed to meet, and had to fall back to google meet instead.
  • Jami: This is a distributed-network chat and video calling app which is open source and a GNU package. It does require an app, but is free and open source and will serve your purpose.****_________
you are viewing a single comment's thread
view the rest of the comments
[–] Vincent@feddit.nl 13 points 1 week ago (1 children)

Exhibit #17837 why Firefox isn't "just more hardened by default".

It's also not necessarily just because Google wants more of your data (which they do); they may also just use a feature that can also be used to fingerprint you. But since it's also just useful in general, it's not disabled by default by regular Firefox.

[–] potentiallynotfelix@lemmy.fish 1 points 1 week ago (1 children)

The issue was likely WebRTC being disabled. The thing is, WebGL and WebRTC should be more secure. They shouldn't be implemented in ways that make it easy to fingerprint the user. Unfortunately, for now I can't change that, but I can use alternative methods like Jami or temporarily enabling rtc again to use a locally hosted instance of Jitsi.

[–] Vincent@feddit.nl 1 points 1 week ago (1 children)

I don't know much about WebGL and WebRTC specifically, but sometimes it's just inherent to the feature, and it's literally impossible to implement it without allowing fingerprinting the user.

For example, your screen resolution/viewport size can also be used to fingerprint you. It is impossible to allow adjusting a website to different viewport sizes without leaking those viewport sizes - the only way to restrict fingerprinting is to not offer the feature of using arbitrary viewport sizes (which is what Tor browser does, for example).

Yes, it's all a trade off of functionality for privacy.