I don’t understand how they are supposed to “sell your data” if you just never use a Mozilla account and uncheck all the telemetry. Its not like they can secretly steal your data, since its Open Source.
It seems to me like just more FUD that Google is spreading to undermine our trust in free software.
I would like to point out that they are free to modify the source code before building the binary they distribute. Being open source does not mean protection from secretly stealing data.
With chrome it is obvious because the closed part is called chrome and the open is chromium. But it is certainly possible to not make “stealing” magic on top public.
This is mitigated by “reproducible builds”
Does Firefox do reproducible builds? This bug report makes me think it doesn’t (at least for Linux): https://bugzilla.mozilla.org/show_bug.cgi?id=885777
But maybe they do for Windows/Apple/Android?
Not sure. But you can change that, if not
You’re right that being opensource doesn’t mean the binaries don’t include extra stuff.
However, are you seriously suggesting no one would notice Firefox transmitting telemetry? Seems unlikely.
As someone else said, reproducible builds is a great mitigating factor for this secret changes. Firefox does have telemetry, but is very transparent and lets you turn it all off (as far as I can tell anyway). Don’t want ads? Easy. Don’t want Mozilla services? Simple.