
Librefox: Firefox with privacy enhancements - philonoist
https://github.com/intika/Librefox
======
elagost
This seems like an a slightly more complete version of Firefox Profilemaker
([https://ffprofile.com/](https://ffprofile.com/)).

I personally use a fairly vanilla Firefox with a few addons and try to keep
customization as default as possible. How will further differentiating
yourself from the masses (especially since Firefox is already a minority
browser) help with privacy, tracking, and fingerprinting? Why not at that
point just change your user agent to Chrome/Win7 and run everything in a
virtual machine?

edit: To that end, does anyone use browser forks (like Waterfox and Palemoon,
or things like unGoogled Chromium) and seriously think they're better than the
mainline browser? I see a lot of fair criticism for what Mozilla has done with
Firefox (deprecating old extensions, Mr. Robot addons, Cliqz, etc) but it's
pretty much the most trustworthy Internet company as far as I'm aware. They
seem to genuinely have good will and Open Source at their core, and these
forks claiming that Mozilla is this monstrous organization looking to invade
your privacy (along the lines of what Google does) seem a little silly to me.

~~~
JoshuaRLi
Forked software is usually reasonable, but for me, the sheer complexity of the
graphical, interactive web sadly begets an exception for modern browsers. Even
if much of the work is offloaded to the corporations backing modern free/libre
browsers (e.g. keeping up with new web standards and technologies), it
certainly goes without saying that rebasing with upstream or even just
applying the latest security fixes is no trivial task I would entrust any
browser fork with minimal developer backing with.

This problem is especially worsened with the kind of user base that firefox
forks tend to attract, from what I have seen. These users tend to ask very
high-level questions e.g. "is waterfox more secure than pale moon" and will
usually blindly switch from one fork to the next based on poorly-backed,
unsubstantial crowd opinion. No userbase means waning support + maintenance.
If you ask me, I think in the very special case of browser technologies, it
would be more beneficial if the developers and users of firefox forks directed
their energies towards making generally desirable changes in upstream.

~~~
elagost
Not just the weird habits of the users, either. I have way more confidence
that Mozilla will fix issues in a timely manner than the one developer behind
Waterfox, or the several behind Palemoon. Especially when the forks are
depending on upstream to fix things for them. A few years ago there was a
build of Waterfox that was substantially late because the one developer had
exams.

~~~
kbenson
It seems like the solution to this would be to have the build system
reproducible from a base image with everything other than the code repo
required to successfully kick off a build other than the code repo itself.
Uploaded (or made available to upload yourself) to any of the cloud providers
(or run locally in a VM), it would allow you to sync the repo and kick off a
build for any supported architecture.

Dev not available to integrate a pull request and start a build? Download the
appropriate build arch image, fire up VirtualBox, sync the repo (and apply a
pull request if the dev hasn't had a chance to do that yet) and start the
build script.

This doesn't entirely solve the problem, if nobody has submitted a fix yet,
and you don't know enough to pull in the upstream fix and merge it yourself,
you're at the mercy of some other user having that knowledge and making a pull
request. It does close the gap somewhat though.

Are there existing projects to help get to this level of build reproducibility
that can serve as a base to use? It would be awesome to know people are
already working on making this easy to adopt.

~~~
JetSpiegel
THis is not the issue, I think. See:
[https://git.archlinux.org/svntogit/packages.git/tree/trunk/P...](https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/firefox)

The problem is that it is a giant codebase, you need to compile C++, Rust for
hours. Even pulling the latest code is an ordeal.

It's not feasible on lowly workstations and garden variety cheap cloud VM
builders, the performance is just crap.

~~~
kbenson
I was speaking more to the general case of projects with small bus factors for
deploying. And slow is moistly irrelevant to the point, which is making
something possible which largely wasn't before.

------
amelius
I don't get the name. How is "libre" connected to "privacy", considering that
Firefox is already "libre" in many ways.

~~~
JoshuaRLi
It isn't. The naming is just unfortunate; privacy cultists typically associate
free/libre software with the notion of privacy.

~~~
JoshTriplett
The term "privacy cultists" does not advance any reasonable argument or point.

~~~
JoshuaRLi
Sorry you found it unsubstantial. I mean to express distaste for people who
tend to loosely throw the terms "privacy" and "security" around, especially
when recommending laundry lists of configuration options, patches, extensions,
etc. There is often little to no regard for threat modeling and pragmatism.
Take "gHacks/pyllyukko base is kept up to date" for example - these batch
tweaks and their effects are hard to understand and apply for the average
user, and unfortunately tend to break the mainstream web.

I view projects like these as temporary bandages that pacify users (those
technical enough to even be able to use them) in the now to ignore the larger
and more fundamental issues at hand. Upstream should adopt reasonably sane
defaults, because whack-a-mole with complex software simply isn't sustainable
and the projects in question will become less effective over time as
maintainership wanes. With regards to further hardening options, there really
needs to be better upstream documentation, education, and accessibility. When
that is realized in the free/libre browsers with the majority market share,
then I am optimistic that the mainstream web will heal in accomodation.

~~~
JoshTriplett
> I mean to express distaste for people who tend to loosely throw the terms
> "privacy" and "security" around, especially when recommending laundry lists
> of configuration options, patches, extensions, etc.

This is a much, _much_ more useful description. And I'd agree. Usability is a
critical part of privacy and security, and recommendations for tools that
cater exclusively to advanced users (whether the tool developers realize that
or not) can do more harm than good.

~~~
JoshuaRLi
Not just recommendations for advanced tools, but the unfortunate reality that
they are currently necessary means. I reiterate - this functionality must be
made upstream, accessible, and visible.

~~~
m463
I find that "upstream" might be at odds with security/privacy, both in terms
of funding and data collection (benign reasons being debug/crash data
collection as well as "what and how do people use this")

------
cedex12
Something I'd like to see instead of a modified version of ff is some sort of
meta-extension that I could install on vanilla ff. It would essentially be a
bundle of

* add blocker (say ublock)

* js disabler (noscript)

* https stuff

* anti tracker

* url cleaner

* user agent spoofer

* cookie cleaner

* whatever decentraleyes does

* enable the right settings in about:config

* …?

All the extensions are there already, but it would guarantee them working well
together and you wouldn't have to look for each extension and wonder if it's
actually the one you want, but just install "the one".

~~~
nextos
The problem I find with Firefox is that options in about:config are too
stateful.

You can't use user.js as a regular dotfile such as .emacs, .vimrc or .muttrc.
That is, once you set an option you need to manually unset it. I wished they
introduced a more sane mechanism.

Besides, there is no way to programmatically declare you want to use some
addons.

IMHO, all this makes maintaining relatively complex user configurations very
costly.

~~~
Yoric
I don't understand, what would you want, exactly?

Options that can be set only for the duration of the current session?

~~~
nextos
Yes. In Emacs, if I setq some variable it doesn't stay set forever. In
particular, not after I remove the setq statement.

~~~
vngzs
A hack around this would be to remove things by specifically unsetting them in
the user.js file, much as one would do to remove a previously installed
package using configuration management software.

------
cadecairos
Considering this hasn't received an update in two months, it seems unsafe to
install and download it. There have been many fixed security issues in Firefox
just in the past few weeks.

[https://www.mozilla.org/en-
US/security/advisories/](https://www.mozilla.org/en-US/security/advisories/)

~~~
boomboomsubban
This installs on top of Firefox currently, so all of those fixes are still in
place.

------
neilv
I haven't tried Librefox yet, but Internet privacy&security is a big interest
of mine, and I'd like to suggest that another option to consider is Tor
Browser.

Tor Browser is generally more privacy-focused than Mozilla, and the nicely
integrated Tor support gives me a bit of privacy from my infamous ISP (VPN
services tend to be sketchy, too).

Drawbacks to Tor Browser are that Tor itself is a bit creepy (e.g., presumably
draws more attention to you from your own country's domestic surveillance),
some news sites block US Tor exit nodes (whether they know it or not;
Cloudflare seems to most often be the culprit), uBlock Origin is not part of
the Tor Browser distribution (which means that people who add it lose some
crowd anti-fingerprinting benefit), the NoScript part should really be
replaced with uBlock Origin, Tor is much slower than direct, and the Tor or
Tor Browser project could end/fizzle much sooner than Firefox does.

How I'm using Tor Browser currently is that I use it for sites that don't
require logins or otherwise identify me. For sites that identify me anyway
(e.g., banking, online ordering), I use Firefox. I don't use Firefox often.
Keeping them separate also discourages me from logging into sites
unnecessarily.

What I'd ideally like is for Mozilla to become more aggressive than Tor
Browser about privacy -- not going to Tor, but doing things that would peeve
much of the dotcom surveillance industry. This includes pushing privacy tweaks
upstream to Web standards. Mozilla is perhaps the best positioned to play
chicken with the dotcoms on this; most genuine privacy efforts would be simply
broken by the sites, and lose their users. Mozilla has a lot of upper
management, so presumably they could figure out how to peeve a lot of dotcoms,
while still keeping the funding flowing.

(I should add that I use Tor Browser for only a casual, on-principle attempt
at privacy from snooping companies. I _don 't_ believe that Tor or Tor Browser
is sufficiently safe for many kinds of journalists and activists, for
example.)

------
nukemandan
Unclear if this is going to continue:
[https://github.com/intika/Librefox/issues/119](https://github.com/intika/Librefox/issues/119)

[https://github.com/intika/Librefox/commit/45a4d3ce647b8c896e...](https://github.com/intika/Librefox/commit/45a4d3ce647b8c896e81ce3e5ac5ddc95ff045e0#commitcomment-32174421)

may have Terms & conditions violations.

------
kylek
>> NoHTTP: Block http traffic and/or redirect it to https (Excellent
replacement for the unrecommended https-everywhere)

Why isnt the EFF's HTTPS Everywhere recommended? (And why is this addon,
tagged "experimental", with <100 users opted for?)

~~~
Arnavion
It's discussed here:
[https://github.com/intika/Librefox/issues/23](https://github.com/intika/Librefox/issues/23)

------
tdhz77
I was once told we shouldn’t use libre in titles. But, I don’t have any reason
for this. Anybody have any idea where they got this?

~~~
AdmiralAsshat
It's become a common way of signaling that your app/service is "Free as in
Freedom", as opposed to "Free as in beer", open source vs. FOSS, etc.

I find it a little odd here, because Firefox already meets the definition of
FOSS. But it's not unheard of for a popular project to go from free to
proprietary, and for a fork of the last free version to somewhere work "libre"
into the title.

~~~
humblebee
At one point I understood the distinction of `"Free as in Freedom", as opposed
to "Free as in beer"`, but I have since forgot.

Is there a longer form explanation I can read / bookmark?

~~~
salutonmundo
this is free as in freedom [https://www.gnu.org/philosophy/free-
sw.html](https://www.gnu.org/philosophy/free-sw.html)

free as in beer just means you're not charged a fee.

------
kylek
Curious if this sticks out like a sore thumb in terms of fingerprinting.

~~~
floatingatoll
Quite.

------
minitech
Isn’t that the AppVeyor logo? (edit: yes:

    
    
      <a href="https://github.com/intika/Librefox/"><img width="727" src="https://img.shields.io/badge/Librefox-Browser-lightgray.svg?logo=appveyor&longCache=true&style=popout"></a>

------
uponcoffee
My main concernsvwith these types of posts are management and defaults.

If management isn't automous, then you'll get fragmentation which becomes a
fingerprinting mechanism.

If the defaults are too harsh, then you deter adoption and encourage
fragmentation of those that do adopt (as they'll muck about in the config and
unbreak different things).

With low adoption, using this could potentially make you more identifiable
(mirroring the concern of Do Not Track as of late) , [citation needed, on
mobile].

I'll definitely spin up an instance of later today, but it looks like the
defaults might cause a fair bit of breakage

------
intopieces
Two questions:

(1) Why does the logo for Librefox look like a flatter, less colorful version
of the Chrome logo?

Edit: Apparently (from a sibling comment) it's actually the AppVeyor logo.
[https://en.wikipedia.org/wiki/AppVeyor](https://en.wikipedia.org/wiki/AppVeyor).
Why?

(2) How can this be a valid claim: "Librefox is NOT associated with Mozilla or
its products." It's obviously associated with one of Mozilla's products --
Firefox. What distinction am I missing here?

------
brian_herman__
Wonder how this compares to waterfox. [https://www.waterfoxproject.org/en-
US/](https://www.waterfoxproject.org/en-US/)

~~~
duskwuff
Significantly different. From what I understand, Librefox intends to follow
upstream development with limited changes. Waterfox, on the other hand, is a
fork of the pre-XUL, pre-Electrolysis Firefox circa 2017. As upstream
development continues, it will become increasingly difficult to maintain these
sorts of forks.

------
lelf
See also: GNU IceCat
[https://www.gnu.org/software/gnuzilla/](https://www.gnu.org/software/gnuzilla/)

------
superkuh
Does it remove the change they made in Firefox 37-42 where you can't run or
edit any add-ons/extensions without approval from Mozilla?

------
Ultramanoid
The same person maintains some builds of Ungoogled-Chromium for Linux :

[https://www.opendesktop.org/p/1265177/](https://www.opendesktop.org/p/1265177/)

------
ChrisSD
Why isn't it a fork? Does it make full use of the
`privacy.resistFingerprinting` settings? Surely Tracking Protection should be
switched on unless uBlock Origin is actually installed? Either that or bundle
uBlock Origin.

~~~
boomboomsubban
For ease in keeping current with Firefox/trademark issues. Seemingly yes.
Tracking protection is too new to be worth competing with uBlock Origin, and
I'd guess the current release format makes bundling difficult.

------
capi_salazar
If I'm getting it right, is it a customized setting to use in Firefox to make
it more privacy-oriented?

------
tya99
Honestly I wouldn't go anywhere near Palemoon. Not unless you feel like using
an antiquated browser such as Firefox 28 which is where it forked.

I expect their shills will be deployed to this thread shortly.

It's certainly not _more secure_ when you've got all your extensions running
at highest level privileged (not WebExtensions), the sandboxing code "removed"
because mattatobin a Palemoon developer says that it "doesn't work", without
giving any specific use case and their non-compliance with the HSTS spec
RFC6797 [0]. There's probably countless other things wrong with it, but that's
what I spotted after a cursory look.

Their developers are also toxic
[https://github.com/privacytoolsIO/privacytools.io/issues/375](https://github.com/privacytoolsIO/privacytools.io/issues/375)
that's all the proof you ever needed.

Many of your sentiments there are demonstrated in that very thread. One of the
developers (mattatobin) repeatedly avoids answering my questions and just says
"fake news" and goes all trumpian on me.

Don't bother trying to ask on their forums about this they will just delete
your posts and go on about "the untrue narrative" without addressing your
questions.

If you contact them on twitter they will block you. It seemed like their while
mode of operation was very "alt-right" if that makes sense. They live in a
small "social bubble" it would seem.

I also found it rather lol that a so called "privacy browser" has to resort to
using google advertising on their main page.

    
    
      15:05:34 www.palemoon.org -- script https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js 3p
      15:05:34 www.palemoon.org -- script https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js 3p
      15:05:34 www.palemoon.org -- script https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js 3p
    

[0]:
[https://tools.ietf.org/html/rfc6797#section-8.4](https://tools.ietf.org/html/rfc6797#section-8.4)

~~~
apostacy
I'm sorry for your bad experiences with the Palemoon guys. You are obviously
not who this software is meant for.

I don't need or want sandboxing for my extensions -- I can take care of my own
sandboxing external to the browser profile instance. And I don't want it
either, because it makes them less flexible and powerful. XUL based extensions
turn my browser into a power tool, Chrome is a toy.

I don't know why you are upset, because the vast majority of the Internet
agrees with you. Most people are happy to have Google control their web
browsing experience. Why do you engage with them if they make you so upset?
Why are you threatened by a small group of users who want a browser their own
way?

As for the HSTS thing, I'm sorry nobody explained that, I'd be happy to
elaborate a bit more for you. My computer belongs to me, and I get to decide
what runs on it. I can choose to use Palemoon how I want to. Not implementing
HSTS according to the RFC is harming nobody except potentially myself. The way
HSTS is written is self serving for the powers that be. It reenforces the SSL
certificate infrastructure, and takes away user choice in the name of
"security". For practical reasons, being able to disable HSTS is important for
development. And even without Palemoon, there are still plenty of ways to
bypass HSTS. All Palemoon is doing is saving users time.

Besides, Google, Apple, Facebook and Microsoft happily trample on the RFCs
when it's convenient for them. Chrome itself was infamous for this when it
first came out. I remember seeing Chrome users clobbering webservers and
violating protocol to get slightly more speed. Of course, Chrome now sets the
standards.

I have to disagree with your characterization of Palemoon users as fascists.

If you don't like Palemoon, then you are more than welcome to not use it and
leave the community alone. The Palemoon community represents a dying breed.
Soon enough, most hardware will be forced to use their browser, and will only
be permitted to go to websites that they approve of. And mandatory DRM.
Mozilla also loves DRM.

Anyway, if you have any more questions I'd be happy to answer.

~~~
tya99
> I'm sorry for your bad experiences with the Palemoon guys. You are obviously
> not who this software is meant for.

Who is it meant for if it's not meant for users? Are they intentionally trying
to turn away certain people?

> I don't need or want sandboxing for my extensions

I think you'll find with all security, it's best to have the "principal of
least privilege"
[https://en.wikipedia.org/wiki/Principle_of_least_privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege)
at all levels of software. The reason for this is because if something happens
to exploit one area of your setup, the hope is that it will be stopped
somewhere else.

> I can take care of my own sandboxing external to the browser profile
> instance.

As do I. I use multiple VLANs (network segregation), Virtual Machines, and
other things in addition to browser profiles. Most people however do not.
Software should be designed for "most people".

> And I don't want it either, because it makes them less flexible and
> powerful. XUL based extensions turn my browser into a power tool,

There's plenty of frameworks out there. Perhaps what you're trying to do
shouldn't be a browser extension.

> Chrome is a toy.

Okay if you mean high performance web browser with a lot of market share that
Mozilla must compete against in order to stay relevant?

> I don't know why you are upset, because the vast majority of the Internet
> agrees with you.

They do because I am right. I rarely say this as I do often like a good
debate, however in this situation I will.

> Most people are happy to have Google control their web browsing experience.
> Why do you engage with them if they make you so upset? Why are you
> threatened by a small group of users who want a browser their own way?

I didn't engage with them. They came to our bug tracker and started to push
their software on us. I contribute to the privacytools.io website. I was
explaining why that particular piece of software did not belong there.

> As for the HSTS thing, I'm sorry nobody explained that, I'd be happy to
> elaborate a bit more for you. My computer belongs to me, and I get to decide
> what runs on it. I can choose to use Palemoon how I want to. Not
> implementing HSTS according to the RFC is harming nobody except potentially
> myself. The way HSTS is written is self serving for the powers that be. It
> reenforces the SSL certificate infrastructure, and takes away user choice in
> the name of "security". For practical reasons, being able to disable HSTS is
> important for development. And even without Palemoon, there are still plenty
> of ways to bypass HSTS. All Palemoon is doing is saving users time.

For software that is distributed to the public certain 'sane' defaults are
expected for the software to be labeled as _secure_. These are usually
according to spec as I pointed out in
[https://github.com/privacytoolsIO/privacytools.io/issues/375...](https://github.com/privacytoolsIO/privacytools.io/issues/375#issuecomment-458464446)
there are a number of reasons why software developers should make certain
choices for users.

There are a couple of reasons for this:

> 1\. Users could be socially engineered into bypassing the warning

> 2\. The warning gets "ignored" because lazy users just want to "visit that
> website", without thinking of or understanding the consequences.

> 3\. Advanced users (web developers etc) can simply fix the error server
> side, do something like this, [https://blog.filippo.io/mkcert-valid-https-
> certificates-for-...](https://blog.filippo.io/mkcert-valid-https-
> certificates-for-localhost) or at worst compile their own browser.

> 4\. Website owners will fix errors as it will mean their customers, visitors
> will not be granted access.

The fact is, if Mozilla designed software for "a small group of users who
think they know everything" nobody would use their software as the majority
would have a poor user experience.

What I mean by that is allowing users to override certain security (they may
not understand and may put them at risk) is not a solution to lazy site owners
who have TLS errors. It is very good that those site owners _must_ now fix
their problems, or the sites simply _won 't work_.

> Besides, Google, Apple, Facebook and Microsoft happily trample on the RFCs
> when it's convenient for them. Chrome itself was infamous for this when it
> first came out. I remember seeing Chrome users clobbering webservers and
> violating protocol to get slightly more speed. Of course, Chrome now sets
> the standards.

Maybe so, and those are separate issues. Those issues should be constructively
criticized when they come.

> I have to disagree with your characterization of Palemoon users as fascists.

I didn't say their users were. I said that certain developers certainly give
off that vibe. I also said that they do engage in censorship, on their forums
and on Twitter
[https://news.ycombinator.com/item?id=13395682](https://news.ycombinator.com/item?id=13395682).
I've read about that here on HN and Reddit, ie 'forums' that they do not
control. I witnessed it in that thread when one of them attempted to brigade
the GitHub issue I was conversing in.

> If you don't like Palemoon, then you are more than welcome to not use it and
> leave the community alone.

[Insert Leave Britney Alone meme] The point is I only made an argument as to
why it would not be added to privacytools.io the "defenders of Palemoon" came
there and accused me of spreading "fake news", and spreading "false
narrative". They didn't however refute what I said in a technical sense, which
is what is expected in technical communities.

If you want to say someone is wrong, then provide proof/examples, or you'll be
laughed at.

> The Palemoon community represents a dying breed.

Progress will do that.

> Soon enough, most hardware will be forced to use their browser, and will
> only be permitted to go to websites that they approve of.

I don't believe that for a minute. The big tech companies have been very
active in standards forums like the IETF.

> And mandatory DRM.

That only happens when you want to use content like Netflix, and then it's a
part of the user license agreement that Netflix MUST agree to in order to
satisfy content creators/rights owners etc.

Mozilla never says that a site must use DRM, but does provide the option
should they need to.

> Mozilla also loves DRM.

You mean they implement it so their browser can use things like Netflix? Sure,
because if they didn't everyone would just use Chrome.

> Anyway, if you have any more questions I'd be happy to answer.

This is the point, though isn't it. The "Palemoon defenders" never refute what
I say with actual evidence.

~~~
apostacy
lol, my reply to you was too long.
[http://dpaste.com/3H8SRNZ](http://dpaste.com/3H8SRNZ)

~~~
tya99
> lol, my reply to you was too long.
> [http://dpaste.com/3H8SRNZ](http://dpaste.com/3H8SRNZ)

No problems. Simply split your post over multiple replies. There is a 2000
character limit per reply.

~~~
apostacy
I never got to read your reply. Look I'm sorry for any negativity. I think
there is a place for you and what you are doing. But I'd like to make my own
software my own way.

I don't agree with your paradigm for how people should use computers, but
that's ok. I know I can very vocally disagree with the direction software is
going, but I'd very much like for us to coexist peacefully.

