this post was submitted on 27 Jul 2024
91 points (94.2% liked)

Firefox

17898 readers
101 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

I'm actually pissed. I and many other users on the forum got an email from Chris Hayes on this:

Hello,

This is a friendly email to make you aware that your personal email address is currently visible to the whole internet via Mozilla's Discourse forum. It will show up in Google Search results. The affected email is the one that this email was sent to.

Many users may not be aware that their email address is publicly visible and Mozilla has not done anything about it in the 4 years it has been known, so I've taken this into my own hands to inform you.

What can you do?

You can update your profile name to be something else (actually, profile name is completely optional, so you can leave it blank if you want).

Steps to update profile name:

  1. If you search for "Mozilla Discourse forum" it should be one of the first results.
  2. Login. (Top-right)
  3. Click on your profile picture at the top right.
  4. Then, click on your username, at the top of the dropdown menu.
  5. Click on the "Preferences" button.
  6. Change the "Name" field, and click "Save Changes".

How did this happen?

There's a misconfiguration with Mozilla's Discourse forum that when you sign up with your Firefox account, it will by default use your personal email address as your profile's public name.

This is not a new issue, and has been known since 2020. The Mozilla Discourse forum is not actively maintained by Mozilla, so this has yet to be fixed.

You are one of 4,630 other users impacted by this privacy issue. It impacts 19% of all forum users, and 28% of new users.

More information:

There's a Discourse discussion about this problem here: https://discourse.mozilla.org/t/email-is-displayed-by-default-for-the-new-account/92266

If you have connections to Mozilla, please help escalate this issue to the right people. This is a serious and long-standing privacy issue at an organization that should value "Privacy by default".

Sincerely,@chrisA fellow Mozillian

I am not Mozilla: This is not an official Mozilla email, I do not represent or work for Mozilla. This is an email from a fellow community member spreading awareness of this unaddressed privacy issue.

you are viewing a single comment's thread
view the rest of the comments
[–] dojan@lemmy.world 1 points 3 months ago

I disagree. The forum is hosted by Mozilla, they have a duty to ensure it’s handled properly. If they wish to no longer maintain it, fix outstanding privacy issues and archive it.