Skip to content

Add disclaimer that tracker library detection doesn't indicate active use #496

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

Add disclaimer that tracker library detection doesn't indicate active use #496

Copilot wants to merge 4 commits into from

Conversation

Copy link
Contributor

Copilot AI commented Jan 4, 2026
edited
Loading

Privacy-focused browsers (IronFox, Fennec F-Droid, Tor Browser) have removed/stubbed tracking libraries but TrackerControl still detects code signatures, misleading users into believing these apps actively track them.

Changes

  • String resources: Added disclaimer to trackers_static_explanation and trackers_static_explanation_playstore explaining that detection ≠ active use, apps may have disabled libraries but traces remain detectable
  • UI rendering: Updated TrackersListAdapter to use Html.fromHtml() with FROM_HTML_MODE_LEGACY for proper bold text rendering

Display

The "Tracker libraries" section now shows:

TrackerControl detects tracking in the code ('libraries') and network traffic of apps.

Tracking that is detected in the network traffic can be blocked with TrackerControl.

Note: Detection of tracker library code does not mean it is actively being used. 
Some apps may have removed or disabled these libraries, but traces can still be 
detected. Take these results with a grain of salt.

Translation note

Base English strings updated. Crowdin will sync translations for 36+ supported languages.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • dl.google.com
    • Triggering command: /usr/lib/jvm/temurin-17-jdk-amd64/bin/java /usr/lib/jvm/temurin-17-jdk-amd64/bin/java --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.lang.invoke=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.prefs/java.util.prefs=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.util=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.prefs/java.util.prefs=ALL-UNNAMED --add-opens=java.base/java.nio.charset=ALL-UNNAMED --add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.util.concurrent.atomic=ALL-UNNAMED --add-opens=java.xml/javax.xml.namespace=ALL-UNNAMED -Xmx4608m -Dfile.encoding=UTF-8 -Duser.country -Duser.language=en -Duser.variant -cp /home/REDACTED/.gradle/wrapper/dists/gradle-8.13-bin/5xuhj0ry160q40clulazy9h7d/gradle-8.13/lib/gradle-daemon-main-8.13.jar (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

This section details on the original issue you should resolve

<issue_title>Falsely reporting that IronFox, Fennec F-Droid, and Tor Browser contain 'tracking' libraries</issue_title>
<issue_description>Do you use TrackerControl from Google Play/F-Droid/other?
2025.12.15-fdroid

Describe the bug
TrackerControl is incorrectly claiming that IronFox contains Mozilla Telemetry & Sentry tracking, despite us going through great lengths to remove/stub/no-op these libraries, disable telemetry, etc...

This has caused us to receive multiple complaints from users being misled.

TrackerControl is also making similar false claims for Fennec F-Droid and Tor Browser.

Please fix this; this is actively harming users and turning them to use other browsers that are actually tracking them and far less private and secure... (For reference, TrackerControl claims that Google Chrome has no tracking libraries under this section :/)

To Reproduce
Steps to reproduce the behavior:

  1. Install TrackerControl.
  2. Install IronFox, Fennec F-Droid, and/or Tor Browser.
  3. Select IronFox, Fennec F-Droid, or Tor Browser in TrackerControl.
  4. Observe the incorrect detected tracker libraries under the Tracker libraries section.
    </issue_description>

Comments on the Issue (you are @copilot in this section)

@kasnder Sorry that this is causing issues. I guess this is a mixed bag: TC would not detect anything if there weren't any traces of these libraries. Moreover, just because a library is detected – in any whatever app – does not mean that this code would ever be used. So, these results must indeed be taken with a grain of salt – but this is true for any app. @kasnder Yes, agree. I'll make sure to add something.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI changed the title [WIP] Fix false tracking reports for IronFox, Fennec, and Tor Browser Add disclaimer that tracker library detection doesn't indicate active use Jan 4, 2026
Copilot AI requested a review from kasnder January 4, 2026 22:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kasnder kasnder Awaiting requested review from kasnder

Assignees

@kasnder kasnder

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Falsely reporting that IronFox, Fennec F-Droid, and Tor Browser contain 'tracking' libraries

2 participants

@kasnder