"Your browser is being managed by your organization" in abrowser (malware!?)
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
Recently I started to see "Your browser is being managed by your organization." that does not let me chamnge settings in Privacy tab of Preferences of Abrowser. After I tried to search what it is I saw a lot of answers in Mozilla that it is avast related malware and such antivirus activity. It is mostly being found and complained on in proprietary crap like Edge and Chrome and mostly in Windows. What's going on? Do I have a malware on my newly installed Trisquel 9 ?
chkrootkit found nothing.
Firefox-based browsers support system-wide policies which on GNU/Linux are defined in a policies.json file. Avast is malware disguised as antivirus software, which among other invasive things edits users browser policies. Avast only plagues Windows though, so that's not your problem.
See if you have a policies.json file. It would probably be in /usr/lib/abrowser/distribution. If this file exists, check out that date that it was created or last modified, and copy/paste the content here.
Accessed Fri 24 Jul 2020 02:56:19 PM EDT
Modified Tue 23 Jun 2020 11:36:11 AM EDT
Contents:
:/usr/lib/abrowser/distribution$ cat policies.json
{
"policies": {
"AppUpdateURL": "",
"DisableAppUpdate": true,
"DisableMasterPasswordCreation": true,
"DisableFeedbackCommands": true,
"DisableFirefoxAccounts": true,
"DisableFirefoxStudies": true,
"DisablePocket": true,
"DisableProfileImport": true,
"DisableSetDesktopBackground": true,
"DisableSystemAddonUpdate": true,
"DisableTelemetry": true
}
}
Nothing in there looks problematic. All of those settings look redundant to the defaults Trisquel already sets for Abrowser. I'm not sure where the file came from though, as it does not look like Trisquel's [package helper][1] for Abrowser creates it.
If you delete the file with
$ sudo rm /usr/lib/abrowser/distribution/policies.json
then the warning should go away. After that, try reinstalling Abrowser with
$ sudo apt install --reinstall abrowser
to see if the file comes back.
[1]: https://devel.trisquel.info/trisquel/package-helpers/blob/etiona/helpers/make-firefox
Thank you.
After I deleted this file warning line went away, but the sense of all this - restrictions are still there: I can't change anything in Security page of Settings. It is still closed. Before I reinstall,
sudo apt install --reinstall abrowser
Will this command delete all my bookmarks and addons, so do I need to save all my bookmarks before I do it?
APT never touches anything in /home (including the personal settings).
But bookmarks are not in /home they are in browser Toolbar. I have no idea how to download them all, they are a huge amount.
They are my standard privacy apps collection under GPL and MPL for any browser I have, but Settings restriction happen only in Abrowser.
Thank you all for answers!
cd ~/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/
bash: cd: /home/san/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/: No such file or directory
cd ~/.mozilla/abrowser/
:~/.mozilla/abrowser$ ls
f6ev4g1w.default-release installs.ini profiles.ini y760ypce.default
security.enterprise_roots.enabled is set to false
All other Preferences are open. Closed are only those in Pivacy & Security --> Enhanced Tracking Protection
I reinstalled abrowser. Nothing changed - no warning no access to above.
> cd ~/.mozilla/abrowser/YOUR_UNIQUE_NAME.default/
You were supposed to change "YOUR_UNIQUE_NAME" to the unique string of characters in the name of your profile directory. Run
$ ls ~/.mozilla/abrowser/*.default
to see what it is.
> They are my standard privacy apps collection under GPL and MPL for any browser I have, but Settings restriction happen only in Abrowser.
What are the addons? Do you still have trouble changing settings if you disable all of your addons?
> Do you still have trouble changing settings if you disable all of your addons?
Yes.
They are some social networks containers. Noscript, cookies auto delete.
Thank you for a tip
~$ ls ~/.mozilla/abrowser/*.default
times.json
If there is only times.json in the default profile, then you use another profile. You can list the profiles and start any of them by executing in a terminal:
$ abrowser -P
By the way, if you choose another profile or create a new one, does the problem still exist?
abrowser -P
shows 2 profiles:
default
default-release
I am in default-release, if I choose start abrowser with default, there is no bookmarks or addons but restrictions are still there.
Here are outputs:
:~$ ls ~/.mozilla/abrowser/f6ev4g1w.default-release
addons.json permissions.sqlite
addonStartup.json.lz4 pkcs11.txt
AlternateServices.txt places.sqlite
bookmarkbackups places.sqlite-wal
broadcast-listeners.json prefs.js
browser-extension-data protections.sqlite
cert9.db search.json.mozlz4
compatibility.ini SecurityPreloadState.txt
containers.json security_state
content-prefs.sqlite sessionCheckpoints.json
cookies.sqlite sessionstore-backups
cookies.sqlite-wal shield-preference-experiments.json
datareporting SiteSecurityServiceState.txt
extensions storage
extension-settings.json storage.sqlite
extensions.json storage-sync.sqlite
favicons.sqlite times.json
favicons.sqlite-wal TRRBlacklist.txt
formhistory.sqlite weave
handlers.json webappsstore.sqlite
key4.db webappsstore.sqlite-wal
lock xulstore.json
:~$ ls ~/.mozilla/abrowser/y760ypce.default
addonStartup.json.lz4 places.sqlite
AlternateServices.txt prefs.js
bookmarkbackups protections.sqlite
cert9.db search.json.mozlz4
compatibility.ini SecurityPreloadState.txt
containers.json sessionCheckpoints.json
content-prefs.sqlite shield-preference-experiments.json
cookies.sqlite SiteSecurityServiceState.txt
extensions storage
extensions.json storage.sqlite
favicons.sqlite times.json
formhistory.sqlite TRRBlacklist.txt
handlers.json weave
key4.db webappsstore.sqlite
permissions.sqlite xulstore.json
pkcs11.txt
Btw some alarm: on my other machine also with Trisquel 9 with all the same addons and much more everything is ok, no restrictions in abrowser.
I was searching this restricted functions around about:config and noted that a lot of things there are also locked.
Yes if I create new profile problem still exists.
Another alarm: I was wrong. All my browsers (firefox and icecat) in this computer have "Your organization has disabled the ability to change some preferences".
Also in debian 10 firefox also has this "organization" problem.
https://github.com/intika/Librefox/
Lol it seems I am an idiot because I visited this page and found there that it is their policy and I forgot this. When I manually corrected mozilla cfg as they advise and copy pasted into all folders of all browsers they changed privacy to what I wanted. I am sorry for making everyone worry. It was Librefox.
I learned if anything is changed other than cookie and SSL settings inside about:config it will trigger not allowing accessing or changing any other Preferences TAB. And give that warning!
It is a hard lesson to learn, they are intent on winning the "Backdoor War".
As I used to spend 5 mins disabling all the Telemetry Google Firefox telemetry. They contact an unimaginable amount of various "Resources" to collect data.
If any of it is touched it now acts like a breach of contract browser.
Best way to learn is to use Tor Browser and play with settings as even reinstalling abrowser does not work. Using a new Tor Browser bundle is much easier to play with.
You have to go into Synaptic and remove it than go to Package and Force Version to a lower version of abrowser to re-install for it to clean up the about:config settings.
As I used to spend 5 mins disabling all the Telemetry Google Firefox telemetry.
Enabling/disabling Mozilla's telemetry is a matter of clicking on the box "Allow Abrowser to send technical and interaction data to Mozilla" in the "Privacy & Security" tab of the "Preferences". If what you call "Telemetry Google" is "Google Safe Search", which is not telemetry, the box is below: "Block dangerous and deceptive content". In both cases, Abrowser has them unchecked by by default.
If any of it is touched it now acts like a breach of contract browser.
??
If there are some settings you NEED changed in about:config, it is possible to change the Preferences before you change about:config, but you won't be able to change them again unless it is possible to change them using about:config like proxy, jave ect.....
- Vous devez vous identifier ou créer un compte pour écrire des commentaires