"Your browser is being managed by your organization" in abrowser (malware!?)

21 respuestas [Último envío]
lan
lan
Desconectado/a
se unió: 02/03/2020

Recently I started to see "Your browser is being managed by your organization." that does not let me chamnge settings in Privacy tab of Preferences of Abrowser. After I tried to search what it is I saw a lot of answers in Mozilla that it is avast related malware and such antivirus activity. It is mostly being found and complained on in proprietary crap like Edge and Chrome and mostly in Windows. What's going on? Do I have a malware on my newly installed Trisquel 9 ?

chkrootkit found nothing.

chaosmonk

I am a member!

I am a translator!

Desconectado/a
se unió: 07/07/2017

Firefox-based browsers support system-wide policies which on GNU/Linux are defined in a policies.json file. Avast is malware disguised as antivirus software, which among other invasive things edits users browser policies. Avast only plagues Windows though, so that's not your problem.

See if you have a policies.json file. It would probably be in /usr/lib/abrowser/distribution. If this file exists, check out that date that it was created or last modified, and copy/paste the content here.

lan
lan
Desconectado/a
se unió: 02/03/2020

Accessed Fri 24 Jul 2020 02:56:19 PM EDT

Modified Tue 23 Jun 2020 11:36:11 AM EDT

Contents:

:/usr/lib/abrowser/distribution$ cat policies.json
{
"policies": {
"AppUpdateURL": "",
"DisableAppUpdate": true,
"DisableMasterPasswordCreation": true,
"DisableFeedbackCommands": true,
"DisableFirefoxAccounts": true,
"DisableFirefoxStudies": true,
"DisablePocket": true,
"DisableProfileImport": true,
"DisableSetDesktopBackground": true,
"DisableSystemAddonUpdate": true,
"DisableTelemetry": true
}
}

chaosmonk

I am a member!

I am a translator!

Desconectado/a
se unió: 07/07/2017

Nothing in there looks problematic. All of those settings look redundant to the defaults Trisquel already sets for Abrowser. I'm not sure where the file came from though, as it does not look like Trisquel's [package helper][1] for Abrowser creates it.

If you delete the file with

$ sudo rm /usr/lib/abrowser/distribution/policies.json

then the warning should go away. After that, try reinstalling Abrowser with

$ sudo apt install --reinstall abrowser

to see if the file comes back.

[1]: https://devel.trisquel.info/trisquel/package-helpers/blob/etiona/helpers/make-firefox

lan
lan
Desconectado/a
se unió: 02/03/2020

Thank you.

After I deleted this file warning line went away, but the sense of all this - restrictions are still there: I can't change anything in Security page of Settings. It is still closed. Before I reinstall,

sudo apt install --reinstall abrowser

Will this command delete all my bookmarks and addons, so do I need to save all my bookmarks before I do it?

Jaret
Desconectado/a
se unió: 12/19/2018

What add-ons do you have? One of them may be malware.

Magic Banana

I am a member!

Desconectado/a
se unió: 07/24/2010

APT never touches anything in /home (including the personal settings).

lan
lan
Desconectado/a
se unió: 02/03/2020

But bookmarks are not in /home they are in browser Toolbar. I have no idea how to download them all, they are a huge amount.

lan
lan
Desconectado/a
se unió: 02/03/2020

They are my standard privacy apps collection under GPL and MPL for any browser I have, but Settings restriction happen only in Abrowser.

Jaret
Desconectado/a
se unió: 12/19/2018

You said you have "newly installed Trisquel 9", later it's revealed that you have "privacy apps collection" installed. You added stuff on top of default Trisquel install.

Anyway I found on the web what may be a solution:
in address bar type about:config
hit enter
search for security.enterprise_roots.enabled and set it to false

If this setting is locked, look for for Autoconfig files in:
~/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/

A file named prefs.js is normal. Any other script file in this folder is suspicious and could be used to lock preferences. Remove any such files to a neutral location for further analysis at your leisure. You can rename the file with a .txt extension and examine it for the name of another file that contains the locking code.

Then try again to set to false security.enterprise_roots.enabled

lan
lan
Desconectado/a
se unió: 02/03/2020

Thank you all for answers!

cd ~/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/
bash: cd: /home/san/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/: No such file or directory

cd ~/.mozilla/abrowser/
:~/.mozilla/abrowser$ ls
f6ev4g1w.default-release installs.ini profiles.ini y760ypce.default

security.enterprise_roots.enabled is set to false

All other Preferences are open. Closed are only those in Pivacy & Security --> Enhanced Tracking Protection

I reinstalled abrowser. Nothing changed - no warning no access to above.

Jaret
Desconectado/a
se unió: 12/19/2018

As Chaosmonk said YOUR_UNIQUE_NAME is your unique profile id which seems to be y760ypce
the path should be
~/.mozilla/abrowser/y760ypce.default/

chaosmonk

I am a member!

I am a translator!

Desconectado/a
se unió: 07/07/2017

> cd ~/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/

You were supposed to change "YOUR_UNIQUE_NAME" to the unique string of characters in the name of your profile directory. Run

$ ls ~/.mozilla/abrowser/*.default

to see what it is.

> They are my standard privacy apps collection under GPL and MPL for any browser I have, but Settings restriction happen only in Abrowser.

What are the addons? Do you still have trouble changing settings if you disable all of your addons?

lan
lan
Desconectado/a
se unió: 02/03/2020

> Do you still have trouble changing settings if you disable all of your addons?

Yes.

They are some social networks containers. Noscript, cookies auto delete.

Thank you for a tip

~$ ls ~/.mozilla/abrowser/*.default
times.json

Magic Banana

I am a member!

Desconectado/a
se unió: 07/24/2010

If there is only times.json in the default profile, then you use another profile. You can list the profiles and start any of them by executing in a terminal:
$ abrowser -P
By the way, if you choose another profile or create a new one, does the problem still exist?

lan
lan
Desconectado/a
se unió: 02/03/2020

abrowser -P

shows 2 profiles:

default

default-release

I am in default-release, if I choose start abrowser with default, there is no bookmarks or addons but restrictions are still there.

Here are outputs:

:~$ ls ~/.mozilla/abrowser/f6ev4g1w.default-release
addons.json permissions.sqlite
addonStartup.json.lz4 pkcs11.txt
AlternateServices.txt places.sqlite
bookmarkbackups places.sqlite-wal
broadcast-listeners.json prefs.js
browser-extension-data protections.sqlite
cert9.db search.json.mozlz4
compatibility.ini SecurityPreloadState.txt
containers.json security_state
content-prefs.sqlite sessionCheckpoints.json
cookies.sqlite sessionstore-backups
cookies.sqlite-wal shield-preference-experiments.json
datareporting SiteSecurityServiceState.txt
extensions storage
extension-settings.json storage.sqlite
extensions.json storage-sync.sqlite
favicons.sqlite times.json
favicons.sqlite-wal TRRBlacklist.txt
formhistory.sqlite weave
handlers.json webappsstore.sqlite
key4.db webappsstore.sqlite-wal
lock xulstore.json

:~$ ls ~/.mozilla/abrowser/y760ypce.default
addonStartup.json.lz4 places.sqlite
AlternateServices.txt prefs.js
bookmarkbackups protections.sqlite
cert9.db search.json.mozlz4
compatibility.ini SecurityPreloadState.txt
containers.json sessionCheckpoints.json
content-prefs.sqlite shield-preference-experiments.json
cookies.sqlite SiteSecurityServiceState.txt
extensions storage
extensions.json storage.sqlite
favicons.sqlite times.json
formhistory.sqlite TRRBlacklist.txt
handlers.json weave
key4.db webappsstore.sqlite
permissions.sqlite xulstore.json
pkcs11.txt

Btw some alarm: on my other machine also with Trisquel 9 with all the same addons and much more everything is ok, no restrictions in abrowser.

lan
lan
Desconectado/a
se unió: 02/03/2020

I was searching this restricted functions around about:config and noted that a lot of things there are also locked.

Yes if I create new profile problem still exists.

lan
lan
Desconectado/a
se unió: 02/03/2020

Another alarm: I was wrong. All my browsers (firefox and icecat) in this computer have "Your organization has disabled the ability to change some preferences".

Also in debian 10 firefox also has this "organization" problem.

lan
lan
Desconectado/a
se unió: 02/03/2020

https://github.com/intika/Librefox/

Lol it seems I am an idiot because I visited this page and found there that it is their policy and I forgot this. When I manually corrected mozilla cfg as they advise and copy pasted into all folders of all browsers they changed privacy to what I wanted. I am sorry for making everyone worry. It was Librefox.

LpSkywalker
Desconectado/a
se unió: 06/29/2017

I learned if anything is changed other than cookie and SSL settings inside about:config it will trigger not allowing accessing or changing any other Preferences TAB. And give that warning!

It is a hard lesson to learn, they are intent on winning the "Backdoor War".

As I used to spend 5 mins disabling all the Telemetry Google Firefox telemetry. They contact an unimaginable amount of various "Resources" to collect data.

If any of it is touched it now acts like a breach of contract browser.

Best way to learn is to use Tor Browser and play with settings as even reinstalling abrowser does not work. Using a new Tor Browser bundle is much easier to play with.

You have to go into Synaptic and remove it than go to Package and Force Version to a lower version of abrowser to re-install for it to clean up the about:config settings.

Magic Banana

I am a member!

Desconectado/a
se unió: 07/24/2010

As I used to spend 5 mins disabling all the Telemetry Google Firefox telemetry.

Enabling/disabling Mozilla's telemetry is a matter of clicking on the box "Allow Abrowser to send technical and interaction data to Mozilla" in the "Privacy & Security" tab of the "Preferences". If what you call "Telemetry Google" is "Google Safe Search", which is not telemetry, the box is below: "Block dangerous and deceptive content". In both cases, Abrowser has them unchecked by by default.

If any of it is touched it now acts like a breach of contract browser.

??

LpSkywalker
Desconectado/a
se unió: 06/29/2017

If there are some settings you NEED changed in about:config, it is possible to change the Preferences before you change about:config, but you won't be able to change them again unless it is possible to change them using about:config like proxy, jave ect.....