Showing results for 
Show  only  | Search instead for 
Did you mean: 
Strollin' around
Status: New idea

Thunderbird should have the ability to disable ALL telemetry and other unknown connections, in fact this should be the default.  The only place Thunderbird should be connecting to is the email provider's POP and SMTP servers, and/or IMAP servers.    If it wants to connect to anything else there should be a way to get a full explanation of where it is going, why it is going there, and we should have the ability to block that connection if it is doing things we don't want it to do.  Some of us do NOT want it trying to sync anything to any online cloud service!

A connection that ONLY checks for updates to Thunderbird and does nothing else that would be fine too, but as it is Thunderbird just wants to connect to various,, and addresses with no explanation of why or what it's doing.

Thunderbird needs to be much more transparent about what it's connecting to, and give users the opportunity to opt out without having to use external connection blockers such as OpenSnitch (Linux) or Little Snitch (MacOS).  The "just trust us" mentality that many developers have just doesn't cut it in these times, particularly for anyone who values privacy.

Strollin' around

a) Yes, I agree that telemetry should be available to developers - ideally. I am enormously grateful to any group that supplies me with software that is useful, feature-rich, flexible and secure. And I'd really like their work to be made as easy as possible.

b) Unfortunately, as users we've been abused in so many ways, for so long, that no one should be surprised we've become leery. Microsoft has been by far the worst offender: claiming "telemetry" as an absolute right; refusing to allow users to disable it (while allowing "enterprise" customers to do so); and making it as difficult as possible to discover what information is being sent. However, vanishingly few publishers are 100% blameless. I only discovered by accident that Firefox was sending out telemetry by default, and that config edits were the only way to disable this. (Please correct me if I'm wrong, or out of date.)

c) Nonetheless, I'm okay with "telemetry ON" being a default - as long as a great big dialog box pops up during installation, and offers me a clear choice between "ON" and "OFF." (I believe this is becoming a requirement in the EU.) Now, if developers want me to select "ON," the onus is on them to gain my trust. Trust is slow to build, easy to destroy - but total transparency about what's being collected would be a great start. As ed2718 points out, there are experts who will gladly verify the content - and they will create a cascade of trust among knowledgeable users.

It would be nice if users simply trusted their software providers, but that ship has sailed - and been scuttled. The sad reality is that privacy has been eroding dramatically over the past couple of decades, and users are clearly not wrong to be cautious. It's a shame that this does make extra work for developers, but that work can bring large dividends in the long run. Honest, non-corporate developers like Mozilla can lead the way into a better online world, where users once more know who to trust. Hey, guys: if you don't, who will?

Thanks again for all your hard work. The digital world would be a dismal, barren place if not for software like Thunderbird.

Strollin' around

How to provide telemetry in a trustworthy manner is a solved problem, and it has been used by very trusted companies for decades to help both the developers and users with trouble shooting.

  1. User has decided they have a need to share the telemetry information for specific purpose.
  2. App surfaces a "send diagnostic information" button or menu item that the app, such as under the Help menu (or app menu on Mac)
  3. User clicks the widget.
  4. Application explains what data it gathers and why, while gathering telemetry data and storing it locally.
  5. App asks the user if s/he wants to review the information, and presents a way of doing so, along with a Submit button that users may have grown to trust the vendor may want to use, when they already know what sort of telemetry data is being sent by this feature.
  6. User clicks the Submit button
  7. App uploads the telemetry bundle.

This sort of approach is the only respectful and trust-building approach to telemetry of someone else's device.

If you're a company like Lime/Voi, Uber, United airlines or any other company that need to instrument your own devices, then anything goes. Software running on others' machines has a Much higher bar for acceptable telemetry gathering. Hidden automatic collection is in essence no different than malware.