I started using Librewolf since Lunduke made a video on FIrefox’s new tracking changes a few days ago.
I’ve been pretty happy with it, but there is an issue with how the javascript handles the shift key detection if the caps lock is enabled. When the Caps lock is enabled, the javascript event.shiftKey is considered true instead of false, when the shift key is not being pressed, and false instead of true, when it is. Basically it tracks if the letter should be uppercase or not, which makes it pointless. It should just be tracking whether the shift key is being pressed down or not.
You can demonstrate this by running the following snippet in a keypress handler in LIbrewolf and in Firefox, and pressing shift + s with caps lock enabled/disabled and seeing the difference:
if ((event.which == 83 || event.which == 115) && event.shiftKey) // shift-s
{
console.warn("shift key is down");
}
I made a post about this on the Librewolf “Lemmy” (which I had not heard of before), when I was searching for a support forum. Unfortunately, it’s received some feedback, but no concrete solution, and I’m wondering if I’m missing something.
I’ve been pleasantly surprised at how helpful this forum is with computers and open-source problems in general, so I just wanted to see if anyone here has some useful tips. I would really like to not have to change the use of the shift key for a shortcut, as I feel that it’s the browser behavior that is incorrect here. However, if someone knows if there is something I need to do at the OS/installation level (I’m running Ubuntu 22.04, and used this method) that I can do to fix this, or probably a setting to configure in about:config, I would love to know.
Librewolf is severely behind security updates, use Mullvad Browser instead
Mullvad Browser’s website immediately advertises their VPN service.
I’ve been meaning to do a whole blog post/rant on how stupid VPN services are. The only VPN you can sorta trust is the one you setup yourself (get a VM, slap on Wireguard and Tinyproxy and get FoxyProxy for your browser). Why is that important? Because if you learn how to set one up, you see exactly how it works, and it’s limitations (because your host: Vultr, AWS, Azure, DigitalOcean, whoever) can still get all your data from that VM if they really wanted to (or were court ordered to).
Anyway, Mullvad immediately strikes me the wrong way from their website. Librewolf’s webiste is clean and they use tons of open tools (Matrix/Lemmy) for their community.
What security updates is Librewolf behind on? I’m running the version in Gentoo portage and I get regular updates all the time. I’ve been on it for over two years now. The only issues I’ve had is the audio is garbled for some HTTP live streams.
Its an honest advertisement, its much more honest than Mozilla’s business model that is about to collapse.
On a separate note, LibreWolf 128 came out 3 days after the FF release of 128. Now why would you allow yourself with no protection for that long?
If it was only 3 days, I’m happy with that. I’m glad that it is being maintained in a reasonable amount of time. Why would I wait 3 days for an alternative version to FF? Because of all of the recent changes Firefox is implementing as referenced in the Lunduke video.
If mullvad makes a browser that’s one thing, however, I want to just make it clear that I’m not trying to discuss VPN’s for privacy in this topic. I think VPN’s are up to a user to implement separate to the browser. I just wanted to find a browser that would remove the telemetry and still facilitate things like having adblocker extensions.