The logs still contain sensitive information about where the request came from, but not insofar as what Google or Facebook kinds of tracking.
Still involves Chromium. Don’t trust that one bit with those recent API changes.
I am wrong to recall that you can use the Tor Browser without it running on the Tor Network itself?
With regards to the new theme, I like it. You probably need to change your desktop environment/window manager to a compact theme. I like it on Manjaro GNOME’s adwaita-maia-dark-compact theme
Also, ftp should die because we should be using sftp or ftps
Someone brought up IceCat. Does the GNU foundation remove the Mozilla Telemetry or not? If not, the problem still stands.
Also, huge problem porting IceCat cause there are no Official Mac and Windows builds due to non-free software. I need it on my Mac too.
There’s a whole 'nother rabbit hole with LibreJS and how that counts towards proprietary vs open source and privacy considerations. Could actually break even more sites.
GNU foundation even uses FTP as the primary. It’s not gonna die like Windows XP ATMs refuse to die.
Unless it’s something I find “unethical”, or even merely distasteful, I see nothing wrong to bow to money.
I wish nothing more than web 2.0 to burn and die a painful death. But I’m not “stubborn” as to use unsecure browsers. I use Firefox or Brave because they are mostly up-to-date and patch security vulnerabilities faster than downstream browsers like Waterfox or Palememe.
Unsurprising. I use Firefox and NoScript on pretty much all sites, with few exceptions like Level1 (man, fugg Discourse) and YouTube (albeit I don’t allow google videos, I use youtube-dl).
Eeewww.
Did you just assume I’m non-binary? REEEE (it’s a wordplay on spectrum, mkay?)
Wait until all extensions are gone as well and we have unified extensions on all web browsers, which will be a thing. They may not necessarily be available on all browser add-on stores, like still having separate Firefox add-ons and Chrome web store with the same and different extensions, but you could technically set your browser in developer mode and install extensions from other stores.
Internet banking is so cringe, yet so useful as to not go and wait in line at a dang bank. But it’s so insecure and their mobile programs are basically website wrappers, it’s terrifying. It’s never too late to go back to web 1.0.
Lmao, my firefox profile blocks even more stuff, because I’m insane like that.
You can just install Firefox and NoScript or uMatrix, alongside maybe uBlock Origin. You can allow uBlock in private mode, but it also works to slightly protect you at the beginning when most things you will do will be temporarily allow everything on some websites. After you get used to it, you won’t even allow stuff anymore and just use websites that you trust usually, while navigating away from websites that don’t work w/o JS.
Startpage is fine. It’s basically a proxy search engine for Google. You get google search results, without Google tracking you, just the pool of queries that startpage does for their users, which is basically useless to Google. Duckduckgo does the same with the most predominant search being Bing. If you search the same terms between Bing and DDG, if you look at images, they will be the same. DDG aggregates from more than just Bing, but I recall Bing being something insane like 80% of DDG results or something like that. Nothing to really worry about though, except the dependence on big tech maybe. Brave search is looking to have its own indexing db, which is good, but wouldn’t completely trust them either, neither do I completely trust DDG or startpage for that matter.
Never heard of any Startpage controversies, especially since they’re based in EU (used to originally be called https://ixquick.eu, the link redirects to https://eu.startpage.com) , where the EUSSR party rules over the internet companies with iron fist regulations, I doubt they can do shady stuff without us finding out about an insane fine or more.
I somewhat agree with removal of FTP. Just use an FTP client, like FileZilla on Windows. Or better yet, stop using FTP, use scp / rsync / sshfs (basically use SSH). Aso, FTP doesn’t work on i2p, so it’s useless. SSH works.
Quote from the article
The total word count of the W3C specification catalogue is 114 million words at the time of writing. If you added the combined word counts of the C11, C++17, UEFI, USB 3.2, and POSIX specifications, all 8,754 published RFCs, and the combined word counts of everything on Wikipedia’s [list of longest novels](https://en.wikipedia.org/wiki/List_of_longest_novels), you would be 12 million words short of the W3C specifications.[2](https://drewdevault.com/2020/03/18/Reckless-limitless-scope.html#fn:2)I conclude that it is impossible to build a new web browser . The complexity of the web is obscene . The creation of a new web browser would be comparable in effort to the Apollo program or the Manhattan project.
It is impossible to:
- Implement the web correctly
- Implement the web securely
- Implement the web at all
Purge them with flames!
Literally use NoScript or uMatrix. Default Deny is the standard in all serious firewalls, why don’t we use the same methodology on the web, which is the biggest vulnerability that malware can get through. Blocking acesss to SMB, SSH, RDP, VNC, etc. from the Internet is moot if you allow literally remote code execution via you dang browser. Remember when web crypto miners were a thing? People should have raised red flags from back then and start default-deny like NoScript does, but it obviously goes against monetization, so Google throws tons of shekels around to push for more new web standards.
Disable JavaScript. Most websites will still show images and text. Some will refuse to work without JS, so you should refuse to use them if you don’t trust them or like them.
You shouldn’t have trusted Chromium to begin with. The API changes to remove Google bookmark sync and other APIs from Chromium were obvious. And Edge Chromium and I think Brave didn’t even use Google’s Sync services. Not sure if we should trust ungoogled-chromium, as retroactively removing bloat when the source code is so massive is way harder than actively writing code yourself, but frankly, modern web is a mess, as stated in the article attached above. HTTP is an ok standard, but what was built on-top of it is a complete disaster.
FOSS malware is still fugging malware. JS was a mistake.
1 Like
I think security is definitely an important point that often gets glossed over when browser forks are brought up; while still necessarily adding a patching delay, simpler modifications like Icecat or ungoogled-Chromium are (in theory) capable of staying safely fairly close to upstream; by contrast, something like Palemoon/Goanna will require much more active development to stay secure, even if simply to review newly discovered vulnerabilities from Firefox/Gecko, and see which still apply to it.
From the The reckless, infinite scope of web browsers post you linked I noticed this peculiar criticism:
… WebKit falls well behind its competition.
Is this not exactly what we want?
So long as Apple maintains its not-invented-here mindset, WebKit can act as somewhat of a brake on the feature gluttony that we see now. Apple is in a perfect position to avoid or delay any feature creep, since it would prefer anything overly complex be done in native code, both for performance, and for the potential of getting a 15-30% revenue cut if the App Store is used (or required as on iOS).
Furthermore, Apple is a large enough target that security researchers remain interested, and it has the resources to patch what those researchers discover.
Also, WebKit already works with open source projects, we can even see links to Epiphany (AKA GNOME Web), WPE (embedded), and WebKitGTK+ on the official WebKit site’s download page: webkit.org/downloads/
Re-read the sentence, carefully. The problem is not that Apple falls behind in feature set, which is desirable. The problem the article points out is that (old) Edge and Webkit / Safari fall behind Blink and Gecko in market share, which further tightens the browser duopoly grip. Google at this point is subsidizing Mozilla just because they know they will get under investigation for anti-trust with a browser monopoly, because, while open source, Chromium is developed under the Google umbrella under close surveillance. Google decides what new technology gets implemented in the modern web, w3c at this point is just adding google technologies as protocols for the web.
The browser duopoly is only growing stronger, too, as Microsoft drops Edge and WebKit falls well behind its competition.
I do not see how this is true at all; something like StatCounter shows Safari at more than twice the marketshare of Firefox for every continent (or whichever collection of countries StatCounter treats as Oceania along with Australia). Even if it were not, being the built-in browser of a widely available and frequently-used commercial product line forces developers to care about its implementation.
StatCounter - All User Agents
| World | Asia | Europe | North America | (Oceania) | Africa | South America | |
|---|---|---|---|---|---|---|---|
| Chrome | 65.13 | 73.52 | 60.48 | 50.76 | 52.44 | 65.86 | 82.59 |
| Safari | 18.64 | 11.65 | 19.29 | 34.11 | 32.72 | 11.2 | 6.07 |
| Firefox | 3.45 | 1.92 | 6.33 | 3.53 | 3.22 | 5.64 | 2.43 |
StatCounter - Desktop User Agents
Here is the same table’s worth, only for desktop; note that NA and Australia/Oceania still have Safari at more than twice the marketshare of Firefox, Asia sees roughly marketshare parity, Europe favours Firefox slightly, and Africa and South America heavily favour Firefox:
| World | Asia | Europe | North America | (Oceania) | Africa | South America | |
|---|---|---|---|---|---|---|---|
| Chrome | 68.58 | 77.28 | 62.39 | 60.33 | 63 | 67.13 | 82.2 |
| Safari | 9.47 | 5.33 | 9.08 | 17.09 | 17.97 | 2.99 | 1.96 |
| Firefox | 7.62 | 5.06 | 11.92 | 6.59 | 5.35 | 17.64 | 4.71 |
I think it is more a case of, if Google stopped supporting Firefox, the users would generally move over to Chrome, rather than safari, (given the choice) and the market would have a single huge player, and a small side note of safari. Bearing in mind, not all Apple users use safari, and almost all the safari users are in Apple, it locks it to a small portion of the market. Apple might be a reasonable size in NA, but ROW not so much.
Edit: wow, Australia heading towards 45% iOS smartphones. There might only be 25m of them, but they like it fruity down under!
My point is that Google cannot as easily drop support of WebKit because it is a built-in browser for a widely-used commercial product.
As a third-party browser, Firefox coexists with a built-in browser that Google can treat as a fall-back if it does not want to bother with Gecko. As a built-in browser on Linux, Google can safely assume that whoever (end user, family tech, or distro packager) installed Firefox can be forced to install Chrome/Chromium if Google breaks functionality on Gecko. The userbase, in effect, selects for users who can be more easily forced to switch browsers.
With Safari it is the inverse, as a built-in browser of a website-browsing product (Mac/iPod/iPhone/iPad) many more of Safari’s end users might not know how to install or might not trust a third-party browser. If Google breaks WebKit support, a far larger portion of Safari’s users may decide to switch away from Google rather than Safari.
Was the legacy engine.
The new one, Quantum, is the engine since version 60 IIRC.
They’re not going to do that because the Blink engine is their private fork of Webkit.
They would have to retool their entire engine from scratch and then do feature parity to the current engine.
It is easier (cheaper) to leave it as is.
Their might be plans in place to make a new one, however, that is a multi-year project.
Edit: see post below or Quantum - MozillaWiki
I do not have a good primary source, but Quantum is the marketing name of the project/initiative of porting into Gecko some code originally developed under the Servo project/initiative. The rendering engine itself is still called Gecko.
They rebuilt the entire thing in Rust.
I’m doing research on my claim, hold on.
Here we go: Quantum - MozillaWiki
Some while some of it is marketing, they did in fact rebuilt at least some of it in Rust.
So same project name but newer parts under the hood (which does contradict my earlier statement so I’ll update).
True. Maybe he meant just desktop browsers? But then again, it’s a discussion about web browsers, not desktop web browsers. Fair point.
True. But if we count iOS users, all of them, no exception use WebKit, because Apple anti-competitive practices. iOS Chrome and Firefox use WebKit as the web engine. They probably have different user agents though, so they are still shown as Chrome/WebKit instead of Chrome/Blink or Firefox/WebKit instead of Firefox/Gecko.
They did shadier stuff in the past, like nerfing youtube performance on Firefox and Edge. Not sure they can easily do that with WebKit, because as mentioned above, iOS Chrome uses WebKit itself.
Firefox 57 IIRC. Also, not really.
Funny how I specifically execute “firefox-wayland” and it says I’m using X11. GG Firefox.
1 Like
happened on mobile. FF mobile killed a lot of extensions
I already aired my grievances here
1 Like
Good thing I hate mobile phones.
1 Like
This is an excellent point, hence why there always needs to be backwards compatibility support when you use online banking with WebKit browsers. Unfortunately social media is of the Chrome mindset and it stopped working on iOS 9.3.5 a long time ago.
I think I’ve worked out a temporary solution:
The last version of ESR 78 Vanilla, but then take arkenfox’s user.js, modify it so only what makes sense is applied, then apply a distribution/policies.json to lock it in place.
Of course, modifying a pre-made user.js requires meticulous reading of the in line comments so I don’t make a mistake and might take an entire day. RTFM people.
A LibreWolf Lite has to remove Mozilla branding, but at the same time the thing I miss most from CTR and Waterfox classic is text options for the context menu. Anyone found a way to do that without Waterfox and Classic Theme Restorer?
Well the developer choosed for the money.
The browser itself is still in development but is now owned,
by not such a cool company.
You could either like it or not, if not just use something else.