White-listing what addresses a web browser can reach seems to go against the intended use - you know, to browse the web.
Edit: Also, I don't think this is as much about trust as it is about avoiding being part of the huge target that the centrally hosted Firefox Sync servers must be.
While Firefox developers and Mozilla might be wholly trustworthy, they might become compromised by some configuration error or zero day vulnerability.
So someone might steal the sweet sweet treasure that is in the Sync servers.
Now, that is encrypted of course, but they might have made a simple error[1] in how encryption is implemented and the encryption may be defeated.
alias_neo|3 years ago
Anyone _that_ concerned can operate a whitelist-only policy on their network, now nothing goes anywhere they don't want it to.
hosteur|3 years ago
Edit: Also, I don't think this is as much about trust as it is about avoiding being part of the huge target that the centrally hosted Firefox Sync servers must be.
While Firefox developers and Mozilla might be wholly trustworthy, they might become compromised by some configuration error or zero day vulnerability. So someone might steal the sweet sweet treasure that is in the Sync servers. Now, that is encrypted of course, but they might have made a simple error[1] in how encryption is implemented and the encryption may be defeated.
[1]: See for example: https://www.schneier.com/blog/archives/2008/05/random_number...