Encrypted Sync vs. Filesystem Trust: Linux Users Brawl Over the Illusion of Privacy
Mozilla's Firefox Sync service uses end-to-end encryption, meaning the company provider cannot decrypt user data, though the actual data stored on disk remains unencrypted. For Linux file access, standard setup dictates that any process running under the same user can access files within the home directory.
The debate centers on what level of privacy is actually achieved. Some users, like folekaule, argue that only system-level measures, specifically encrypted home directories, provide true security, dismissing application-level obfuscation as a false guarantee. Opposing this, users like terribletortoise and Branquinho state that the current file visibility is the 'expected' and standard behavior for Linux, suggesting that AppArmor, SELinux, or containers are the correct tools for additional restrictions. kylekatarn confirmed the E2EE aspect of Sync with a local password. Furthermore, steel_for_humans noted self-hosting options exist for maximum control.
The community consensus splits sharply: either filesystem encryption is mandatory for any claim of privacy, or the default OS behavior is acceptable and sufficiently restricted by user-space tools. The fault line runs between demanding perfect, kernel-level isolation versus accepting standard per-user process boundaries.
Key Points
Standard Linux access means any process for the same user can read home directory files.
Branquinho stated this behavior is normal and expected on Linux.
True privacy requires full filesystem encryption (e.g., encrypted home directories).
folekaule strongly argued that any access outside system encryption invalidates privacy expectations.
Firefox Sync data is end-to-end encrypted, preventing Mozilla from reading content.
kylekatarn detailed that the data is secured locally by a unique password before transmission.
OS sandboxing tools are the correct answer for limiting application visibility.
observantTrapezium suggested Flatpak or Snap, while Branquinho cited AppArmor or SELinux.
Storing site-data in the user home directory is considered standard, predictable behavior.
terribletortoise cited this as expected behavior based on the per-user home directory scope.
Source Discussions (3)
This report was synthesized from the following Lemmy discussions, ranked by community score.