Slashdot Mirror

Why should I waste many hours (if not days or weeks...) of my time tracking down and fixing stupid performance problems in Firefox, when I can take about 45 seconds and install Chrome, or Chromium, or Vivaldi, or Opera instead and get very good performance? Heck, in even less time than that I could just use a pre-installed browser like Safari or Edge and still get better performance than Firefox!

Don't give me any bullshit about Firefox "respecting our privacy", either. Just look at its privacy policy to see that it's sending a lot of data back to various places. Be sure to click the "Learn More" links so that you can see the full details.

Firefox doesn't deserve our contributions.

Facebook Blocker Firefox add-on.

Google, Apple, and Facebook and their customers will keep increasing the abuse, apparently. Abusing other people is personally damaging, but the managers of those companies apparently don't have the social understanding to realize that.

The thing everyone jumped on WoSign for was doing a customer a favour. Some significant Australian customer wasn't ready for SHA1 certificates being phased out and asked if WoSign could help them out. WoSign issued back-dated SHA1 certificates for the customer.

Yep - and I'm pretty sure we know who that customer was. There are still major institutions still using SHA1 certs internally - and if they get moved to newer ones by the end of the year then I'd be shocked. The reality is, this stinks of a scapegoat - the industry in question would face *MASSIVE* disruption for the everyday Australian because of the relatively quick move to higher level certs. A lot of these are still contained within embedded devices that cannot upgrade so easily.

Instead, let's execute the CA for political reasons. Don't pretend its anything else.

Looking through the list on Mozilla's list of WoSign Issues it looks like WoSign not just issued

• long lived SHA1 certs
• identical certs other than the notbefore date
• certs with identical serials
• certs that violate the "Baseline Requirements"
• certs using unapproved cryptographic settings

but their setup also violated a number of other best practices and security measures too (such as unpatched servers). However I'll note that on the political front folks were unhappy that the Startcom acquisition wasn't made public earlier. Outside that though there are a lot of different technical complaints.

CA's have been dropped in the past for non-political problems (see DigiNotar) so I don't think it's fair to attribute WoSign's woes to purely political motivations as you alleged.

It wasn't just a few bad certs, there was a whole set of issues. Here is Mozilla's list: https://wiki.mozilla.org/CA:Wo...

Check out issue N, it is particularly bad.

Not sure why they went their separate way for this though.

AOMedia and NetVC are not separate efforts, they complement each other. The same people involved with NetVC work on AV1. NetVC will use AV1.

It will take about 10 years for it to become a viable standard.

No, the AV1 bitstream format will be frozen later this year, browsers will add support for AV1 soon after that (Mozilla, for example, is already working on it in Firefox), and YouTube, which is the world's largest video site, intends to start using AV1 as soon as possible. AV1 will be adopted quickly.

Considering how many devices out there that won't support it.

Many devices will be able to support it in software. My iPhone 7 doesn't "officially" support VP9 but VP9 video plays back just fine in VLC for iOS.

Nor will I be re-encoding my videos until forced

You don't have to re-encode anything unless you want to.

Facebook Blocker for Firefox and Pale Moon browsers.

HackTheWeb
https://addons.mozilla.org/en-...

Unfortunately as is mentioned on their add-on page at https://addons.mozilla.org/en-US/firefox/addon/classicthemerestorer/ Classic Theme Restorer will no longer work in Firefox 57 which is expected to be released in November 2017. Mozilla is dropping support for XUL/legacy add-ons.

bestweasel noted:

E.U. member states agreed [last month] on an ambitious new open-access (OA) target. All scientific papers should be freely available by 2020, the Competitiveness Council - a gathering of ministers of science, innovation, trade, and industry - concluded after a 2-day meeting in Brussels.

http://www.sciencemag.org/news...

Unfortunately, that was just the Competitiveness Council's resolution. To put actual teeth into it as an EU policy will require action by the European Parlaiment.

In the meantime, there's the Unpaywall extension for Firefox and Chrome. If there's a non-paywalled version of a journal article available on the Web, it'll find it for you. (And it pays to check back, because free versions often become available sometime after the initial publication of a journal article.)

Mozilla isn't trying to decentralize the internet. The challenge with the money involved is either to deploy access to places that have none OR deploy BETTER access to places that have lousy access.

NEITHER OF THOSE IS "DECENTRALIZATION."

" When Focus is running in the background, we'll remind you through a notification and you can easily tap to erase your ..." https://blog.mozilla.org/blog/...

Fell for the hyper babble I guess, thread did get me noscripts(.net).

Can you use the FFUpdater app available in F-Droid? It's not automatic, but you can always run it before you begin a browsing session.

Besides, new Firefox releases are widely-reported, including right here on slashdot. It's not really a Sisyphean task to stay updated on your own. The calendar for major releases is published far in advance.

There is also fennec-fdroid available from fdroid's archive repo. It's up-to-date, but not in the main repo because reasons.

GNU Icecat is also available, but hasn't been updated since March.

Firefox really is a much better browser than the stock browser in LineageOS. I find the benefits of FF vastly oughtweigh the minor annoyance of keeping it up-to-date.

What about the Desktop by Default addon for firefox?

You could always just download it straight from Mozilla.

Other than DRM there is no point in the encryption with localhost communication for a video player app.

The other point is to satisfy the mixed active content blocking policy of major web browsers. If the outer page is HTTPS, all requests it makes must also be HTTPS. Or do you consider the mixed active content blocking policy itself pointless?

Fourthed!

Try Gmail with Thunderbird & IMAP over SSL. Very convenient, very solid. Safe to use over questionable networks. Doesn't (necessarily) tie your automated profile to your web browser.

With GMAIL you can use the plus (+) sign in your email address, as in example+whatever@gmail.com. Gives you an infinite number of unique email addresses. You can see who's using your info from where...

From the Gmail web-browser interface, you can redirect mail to different folders based on the +whatever part (amongst many other options). You can forward your email from all sorts of other accounts to unique folders automatically. It's very useful with Amazon, Newegg, ThinkGeek, etc. Anyone who spams you. Or old business/school email accounts.

I wish someone replying on this actually knew why, rather than just guessing. (sorry to pick on this specific branch, Sloppy).

My understanding of it, and I haven't confirm this either, was that Firefox was moving to multi (initially 4?) processes, and each of those would be responsible for different areas and may have a bunch of threads within each. There are also different types of threads (user, kernel, etc), so these 4 processes may be implemented as heavy threads on windows.

The summary could have benefited from a link to the info on the e10s (electrolysis) project page: https://wiki.mozilla.org/Elect...
That covers loads more info more accurately than any of these comments, my own included :-)

I thought the idea was that one process could crater without taking the rest of the browser with it.

^ This guy Firefoxes.

p.s. Congratulations Firefox. You finally get to close this 8 year old bug.

Nope, features that would actually benefit the user get auto-WONTFIXed. And it's not a new thing.

XML can transform with XSLT clientside

So can JSON, through JSLT. To get started with JSLT, see Vanilla JS and DOM Intro.

(Hint: JSLT is just JavaScript that builds a DOM.)

Your Thunderbird link is ten years old. Here's one from two years ago showing increased usage over that time. An AC posted a link to an article talking about the Mozilla foundation dropping Thunderbird, here's a recent article showing that that's a mischaracterization - Thunderbird isn't going anywhere.

It's true that Firefox is losing market share, but so is everyone else relative to Chrome. It's still at #2 for desktop browsers, which is a pretty big deal even if the total share is small percentage-wise.

Your Thunderbird link is ten years old. Here's one from two years ago showing increased usage over that time. An AC posted a link to an article talking about the Mozilla foundation dropping Thunderbird, here's a recent article showing that that's a mischaracterization - Thunderbird isn't going anywhere.

It's true that Firefox is losing market share, but so is everyone else relative to Chrome. It's still at #2 for desktop browsers, which is a pretty big deal even if the total share is small percentage-wise.

I see official 32-bit builds for the latest version for both Windows and Linux? Mac I'm not sure about; it may be some kind of combined package, or perhaps 32-bit Macs are no longer a thing.

I see official 32-bit builds for the latest version for both Windows and Linux? Mac I'm not sure about; it may be some kind of combined package, or perhaps 32-bit Macs are no longer a thing.

Firefox was once far larger than Chrome, at one point they had a third of the market.

https://upload.wikimedia.org/w...

Than Firefox decided to get on a rapid release calendar. Users and businesses asked them to go back to a standard release cycle. People told Mozilla that the rapid release cycle made maintenance too cumbersome. Damn the torpedoes and full speed ahead! The switch to a rapid release cycle started in May of 2011.

https://wiki.mozilla.org/Rapid...

You can actually see the impact this decision had by looking at historical browser trends. The previous slow decline in browser share transitioned into a 1% loss in one month - their quickest loss ever. Within 6 months Chrome overtook Firefox in browser share and never looked back.

The result of the rapid release cycle was a disastrous impact, if you updated it you broke something, if you didn't update other things broke. Packaging, deploying, extensions, patching and testing became a nightmare for the enterprise. Requests for support for the enterprise were blown off by offering extended support release - which completely missed the point. The result was IT departments chose to use browsers that were willing to offer real enterprise support.

The cries of users fell on deaf ears - all that mattered was making developers happy. Chrome didn't win, Firefox committed suicide through hubris.

Regarding sound in Firefox, default support for anything but PulseAudio has already been pulled and they are planning to remove the code supporting anything but PulseAudio in the near future.

https://bugzilla.mozilla.org/s...

A bunch of crazy-ass trendy projects that got killed

You should read up on Mozilla's Electrolysis and Quantum projects. Seems like Mozilla's got an "OK, we'll fix that" attitude to me.

A bunch of crazy-ass trendy projects that got killed

You should read up on Mozilla's Electrolysis and Quantum projects. Seems like Mozilla's got an "OK, we'll fix that" attitude to me.

Read through this bug on adding concurrency to Firefox to get a good feeling why Mozilla lost so much browser market share:
        https://bugzilla.mozilla.org/s...

After reading, what I get is the devs saying procceses/threads as dictated wont solve the problems being described. And that they will work to solve them a different way.

Perhaps given your job title you should look at your own performance and take a closer look at home as to why Firefox doesn't do as well as it should. If you don't competition get out of the game.

Read through this bug on adding concurrency to Firefox to get a good feeling why Mozilla lost so much browser market share:
    https://bugzilla.mozilla.org/s...

"Always with you what cannot be done."

$350M in funding per year, and they couldn't straighten out threads/processes. A bunch of crazy-ass trendy projects that got killed - those got millions of dollars in funding each. Users cursing at their slow browser - not even a priority.

If Chrome is winning (has won?), it's because its dev team seems to have an "OK, we'll fix that" attitude.

Thank you!

I've recently done a project where our (new) Angular2 front-end was supposed to get data from (somewhat oldish) SOAP web services. (For those not up to date, SOAP came from the era when XML was all the rage, so guess what the requests and responses contain - yes XML.)

(I'm not sure if Angular2 is really the next thing or just a fad, but hey, it puts bread on the table. And seems to work for Google - e.g. Gmail's web interface.)

Calling REST web services that produce JSON, and consuming that JSON in the tech's underlying JavaScript is a no-brainer and is done with the built-in JSON.parse()/.stringify() methods. Converting the XML returned from SOAP web services to something usable is quite a bit more involved. Not least of all because it seems that there are again a couple of competing conventions for doing it "properly". And you will either need some library, or even worse roll your own. Also seems that parsing the more character-rich XML might be a bit slower, although I have no first-hand comparison data.

But hey, whatever puts bread on the table.

But then you have a minority (15) who will not like at all your attitude and will look for a different alternative; they might even talk bad about you and make you lose much more than what you would be earning if they would view yours ad.

Where has "talk[ing] bad about you" actually mattered? The 15 percent who run into problems viewing WIRED, the INQUIRER, and The Atlantic with tracking protection turned on haven't yet caused enough bad press to shut down those publications. These publications have been able to get away with not only demanding to show ads but also demanding to track the user from one site to another.

Most unnecessary JavaScript is associated with scripts that track you from one website to another. Users of Firefox can therefore drastically reduce execution of unnecessary JavaScript by activating tracking protection across the whole web. In about:config, set privacy.trackingprotection.enabled to true.

The one downside of enabling tracking protection is that you lose the ability to read websites whose operators believe that cross-site tracking is part of the economic bargain that qualifies you to receive articles from the site. Last I checked, this included WIRED, the INQUIRER, The Atlantic, and Jellynote.

I love Linux (and my job is supporting it!) and do want to see it take over the desktop, but this exact same thing could happen for Linux too.

Correct me if I'm wrong but if you applied all Windows updates from 2 months prior, you wouldn't get it. Right?
The business decision to delay updating can affect any OS.

You don't think the NSA has exploits that may have leaked for Linux?
Speaking of that, we should really reform that system: https://blog.mozilla.org/blog/...

Since Mozilla cancelled Aurora (FF Developer Edition), I've been using the "Mozilla Developer Preview", which self-identifies as Nightly, but appears to be a version behind (54). With Nightly 55, almost all extensions are listed as "Legacy" and most of their icons are removed from the interface. So things aren't looking very bright now.

Try this:

1. Install Firefox (desktop).
2. Open Firefox and run a Slashdot browsing session.
3. Look at Firefox's memory use.
4. In about:config, set privacy.trackingprotection.enabled to true. This enables Firefox's built-in tracking blocker. In practice, it behaves as an ad blocker because most sites neglect to replace tracking-based elements that fail to load with ads that don't track the user.
5. Restart Firefox and run a comparable Slashdot browsing session.
6. Look at Firefox's memory use. See how much memory was wasted on tracking the user.

It is true that FF has the best privacy plugins TODAY. But that is no longer going to be true once they change to Chrome's plugin architecture.. It will be on equivalent terms to other browsers then and a lot of low level customization potential is going to be lost.

Face it, mass surveillance is winning on the web. Once all the major browsers restrict what you can do with plugins, and require all plugins be signed so there is top-down control of the whole ecosystem, you may as well give up.

Palemoon + Addons:
Cookie Monster - https://addons.mozilla.org/en-...
RequestPolicy - https://addons.mozilla.org/en-...
NoScript - https://addons.mozilla.org/en-...
Secret Agent - https://www.dephormation.org.u...
No java, no flash. Good luck finger printing that.

Palemoon + Addons:
Cookie Monster - https://addons.mozilla.org/en-...
RequestPolicy - https://addons.mozilla.org/en-...
NoScript - https://addons.mozilla.org/en-...
Secret Agent - https://www.dephormation.org.u...
No java, no flash. Good luck finger printing that.

Palemoon + Addons:
Cookie Monster - https://addons.mozilla.org/en-...
RequestPolicy - https://addons.mozilla.org/en-...
NoScript - https://addons.mozilla.org/en-...
Secret Agent - https://www.dephormation.org.u...
No java, no flash. Good luck finger printing that.

yeap

this and DownThemAll Add-on keeps me using it's browser :P

So it looks like this is supposed to solve the same "problem" that web components was created to solve, but without all of the interesting parts like CSS, Javascript, Shadow DOM, and (run-time) HTML imports...

Can somebody please mod down the parent? It's flat out wrong.

From the Firefox telemetry FAQ:

Why is Telemetry enabled by default on the Firefox pre-release channels?

Users use Firefox pre-release builds in order to test and provide feedback on new features; enabling Telemetry by default on these channels makes it easier for them to do so by allowing Mozilla to better identify new issues and regressions early in the development cycle and make Firefox a better product.

Some versions of Firefox do come with telemetry enabled by default. The parent is wrong.

Besides, disabling telemetry doesn't address the other 15+ privacy issues the GP listed.

Is there a modern web browser that we can use that doesn't collect so much information and distribute it to the browser vendor or other parties?

I know that a lot of people will suggest Firefox, but when I looked at the Firefox privacy policy earlier, it sure did list a heck of a lot of information that gets sent to Mozilla and possibly others.

Their page clearly lists various types of identifiers and browsing history that might be sent, including such things as: "IP address", "location", "phone number", "email address", "URLs", "information about visited sites", "terms you type in the Awesome Bar or Search Bar", "website domain", "Google advertising ID", "active URL at time of crash" and "personal information".

These are some of the things I saw listed when I looked earlier:

"Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version."

"Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed."

"Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address."

"Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address. For example, you can enter your phone number to receive an SMS to install Firefox on Android. Your information is received and handled by our email and mobile marketing vendor."

"This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, how old a profile is, count of crashes, and count of pages."

"Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service. "

"Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log."

"When Telemetry is enabled, certain short-term experiments may collect information about visited sites."

"Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid)."

"Firefox sends Mozilla a request once to look up your location at a country level using your IP address."

"Firefox may send the terms you type in the Awesome Bar or Search Bar to your Default Search Engine to retrieve suggestions"

"Firefox may send “Referral Data” such as the website domain"

"Firefox sends Referral Data to our mobile analytics vendor, and also includes a Google advertising ID, IP address, timestamp, country, locale, operating system, and app version."

"Firefox records and sends Referral Data to Mozilla as part of Firefox Health Report. "

"Firefox may use several pieces of data to determine your location, including your operating systems geolocation features, Wi-Fi networks, cell phone towers, or IP address."

"This report contains technical information for us to improve Firefox including why Firefox crashed, the active URL at time of crash, and the state of computer memory during the crash. The crash report we receive may include personal information."

"Firefox sends information to Mozilla, including the list of add-ons you have installed, Firefox version information, and your IP address."

Some people will try to justify this by saying nonsense like "At least they disclose it!"

Unfortunately there are bugs in Firefox that make us recommend using another browser to our users. Here is an example:

In some situations Indexeddb in Firefox gets broken beyond repair. As a consequence, people who encounter this error will not be able to visit pages that used Indexeddb anymore. Not only once of for some days, but never again. The error is permanent and cannot be fixed by a normal user. Users only have the option to switch to another browser or delete the storage folder in the used profile (which requires a bit of technical knowledge). This is a total show stopper and I have the feeling that Firefox developers are not really aware how severe this is. Here is the bug report: https://bugzilla.mozilla.org/s...

Hell, we would even donate money to get this bug fixed. But all we can do is cast a single vote, sit on the sidelines, hope and pray.

Maybe in 10 or 15 years Firefox will be production ready. So instead of crashing several times daily, it might only crash several times weekly.

Are you sure you're using the same Firefox as me? It crashes less than once a year, and that's on Debian unstable, with 33 extensions and hardly ever below 100 tabs. Firefox does have its flaws, such as dropping sound support, massive memory use and using lots of CPU even when idle, but crashiness isn't one of them.

If you experience crashes "several times daily", you'd better check your hardware. Or perhaps you're running some bogus DRM scheme.

The only reason I haven't dumped it completely yet is because there are some useful add-ons that aren't available for Chrome...

Don't worry, they work hard on phasing out XUL add-ons with version 57 at the end of 2017, so that they will have just as few add-on choices as chrome.

Please don't delude yourself into thinking that Firefox is any better when it comes to privacy and not tracking its users.

Just look at how much user info Firefox can collect and send to Mozilla and others.

Their page clearly lists various types of identifiers and browsing history that might be sent, including such things as: "IP address", "location", "phone number", "email address", "URLs", "information about visited sites", "terms you type in the Awesome Bar or Search Bar", "website domain", "Google advertising ID", "active URL at time of crash" and "personal information".

In case you don't believe me, let's look at some examples from their page:

"Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version."

"Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed."

"Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address."

"Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address. For example, you can enter your phone number to receive an SMS to install Firefox on Android. Your information is received and handled by our email and mobile marketing vendor."

"This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, how old a profile is, count of crashes, and count of pages."

"Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service. "

"Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log."

"When Telemetry is enabled, certain short-term experiments may collect information about visited sites."

"Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid)."

"Firefox sends Mozilla a request once to look up your location at a country level using your IP address."

"Firefox may send the terms you type in the Awesome Bar or Search Bar to your Default Search Engine to retrieve suggestions"

"Firefox may send “Referral Data” such as the website domain"

"Firefox sends Referral Data to our mobile analytics vendor, and also includes a Google advertising ID, IP address, timestamp, country, locale, operating system, and app version."

"Firefox records and sends Referral Data to Mozilla as part of Firefox Health Report. "

"Firefox may use several pieces of data to determine your location, including your operating systems geolocation features, Wi-Fi networks, cell phone towers, or IP address."

"This report contains technical information for us to improve Firefox including why Firefox crashed, the active URL at time of crash, and the state of computer memory during the crash. The crash report we receive may include personal information."

"Firefox sends information to Mozilla, including the list of add-ons you have installed, Firefox version information, and your IP address."

Some people will try to justify this by saying nonsense like "At least they disclose it!" or "At least some of it can be disabled!", but none of that really matters. What does matter is that this information is being collected and sent to Mozilla in the

Firefox is still the only major browser that even nods the head toward respecting your privacy and the open web.

Don't delude yourself into thinking that Firefox is any better.

Just look at how much user info Firefox can collect and send to Mozilla and others.

Their page clearly lists various types of identifiers and browsing history that might be sent, including such things as: "IP address", "location", "phone number", "email address", "URLs", "information about visited sites", "terms you type in the Awesome Bar or Search Bar", "website domain", "Google advertising ID", "active URL at time of crash" and "personal information".

In case you don't believe me, let's look at some examples from their page:

"Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version."

"Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed."

"Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address."

"Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address. For example, you can enter your phone number to receive an SMS to install Firefox on Android. Your information is received and handled by our email and mobile marketing vendor."

"This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, how old a profile is, count of crashes, and count of pages."

"Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service. "

"Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log."

"When Telemetry is enabled, certain short-term experiments may collect information about visited sites."

"Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid)."

"Firefox sends Mozilla a request once to look up your location at a country level using your IP address."

"Firefox may send the terms you type in the Awesome Bar or Search Bar to your Default Search Engine to retrieve suggestions"

"Firefox may send “Referral Data” such as the website domain"

"Firefox sends Referral Data to our mobile analytics vendor, and also includes a Google advertising ID, IP address, timestamp, country, locale, operating system, and app version."

"Firefox records and sends Referral Data to Mozilla as part of Firefox Health Report. "

"Firefox may use several pieces of data to determine your location, including your operating systems geolocation features, Wi-Fi networks, cell phone towers, or IP address."

"This report contains technical information for us to improve Firefox including why Firefox crashed, the active URL at time of crash, and the state of computer memory during the crash. The crash report we receive may include personal information."

"Firefox sends information to Mozilla, including the list of add-ons you have installed, Firefox version information, and your IP address."

Some people will try to justify this by saying nonsense like "At least they disclose it!" or "At least some of it can be disabled!", but none of that really