• Ephera
      link
      fedilink
      37 months ago

      Firefox Sync is end-to-end-encrypted, meaning your data gets encrypted before upload and decrypted after download. The encryption key, i.e. your password, never leaves your computer. The way a password reset works, is by simply erasing your data from the server and then re-uploading from your Firefoxes. This means, if law enforcement or attackers get data from Mozilla’s servers, they can’t do anything with your Sync data.

      I’m on board with being sceptical about security, but this is one of the simplest and most bulletproof approaches.

        • @Emotet@slrpnk.net
          link
          fedilink
          27 months ago

          Without trying to sound condescending, you’re basically rambling surface level half-truths about encryption, companies, legal pressure and proprietary components like IME.

          Firefox Sync is open source. It gets encrypted locally. If for some reason someone is interested in your bookmarks, they won’t be able to get them from a Firefox Server. They’ll simply grab them from your local system in their unencrypted state.

          Yes, most currently relevant CPUs for consumers, implement something like the IME or the AMD equivalent of it. This can be a source of paranoia, but, unless you are expecting to be the target of state actors, not a very logical one.

          It honestly sounds like you read some technical keywords, looked up their definition on Wikipedia and drew your own, wrong conclusions.

    • voxel
      link
      fedilink
      1
      edit-2
      7 months ago

      ff sync data is encrypted locally, on your machine.