• LWD@lemm.ee
          link
          fedilink
          arrow-up
          6
          ·
          6 months ago

          All that being said, if you don’t want to tweak Firefox with Arkenfox user.js (or tweak it yourself), and you can live with the fact that Librewolf makes these outgoing connections [to update uBlock Origin and its lists], Librewolf is currently one of the most privacy respecting browsers out there.

          It’s in my “good enough for me” list because the alternative is dealing with Firefox myself

        • Possibly linux
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          6 months ago

          Yeah, no some guys blog stating his personal opinion is not evidence. We are just talking about things that are better than Firefox anyhow

          • ssm@lemmy.sdf.org
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            6 months ago

            It would be more useful if you had something more substantiative than “it’s a blog so it’s wrong”. Is there actually something in the article you take issue with?

            • Possibly linux
              link
              fedilink
              English
              arrow-up
              3
              ·
              6 months ago

              They blog doesn’t give much of a reason of why it isn’t private. It feels more like “I don’t use this so you shouldn’t” mentality

              • ssm@lemmy.sdf.org
                link
                fedilink
                arrow-up
                2
                ·
                edit-2
                6 months ago

                How is Librewolf and Waterfox connecting to Amazon Cloudfront and a bunch of other domains on first boot and Waterfox having a sketchy privacy policy (article’s is out of date but the new one isn’t much better) a subjective opinion?

                • Possibly linux
                  link
                  fedilink
                  English
                  arrow-up
                  6
                  ·
                  6 months ago

                  For one, Librewolf clearly states what it does on startup. It has to update ublock origin and other threat lists. That is better than having out of date protections is it not? Just because it connects doesn’t mean it sends much data. Things need to be hosted somewhere.

                  For Waterfox the argument is less bad but Waterfox is about on par with a lot of other stuff. It isn’t going to be crazy good and it is no where near as good as Librewolf but it is better than Firefox and many others. I would rate it as half bad.

                  Librewolf is the arguably best privacy browser. You haven’t named anything better. It breaks sites occasionally but it does protect privacy and security and scores well on fingerprinting resistance.

                  • ssm@lemmy.sdf.org
                    link
                    fedilink
                    arrow-up
                    2
                    arrow-down
                    1
                    ·
                    edit-2
                    6 months ago

                    I agree it’s much less egregious than the other examples in case of Librewolf, but I don’t like the dependency on Mozilla addon servers by default. Mozilla has already shown themselves to be bad actors, and I’m not totally trusting of their repositories, even if ublock or whomever else has done nothing wrong. If it wants to fetch extensions by default, I would at the very least hope they incorporate some sort of checksum verification against an extension compiled/copied from ublock’s source.

                    There’s also the problem of extensions auto-updating, which is problematic for security for hopefully obvious reasons.

                    Librewolf is the arguably best privacy browser. You haven’t named anything better.

                    I named qutebrowser in my first post. Privacy and security can (and should) come from outside of the browser, through system-wide dns blocking and firewalling. Inside the browser, there’s domain-specific script toggling, as well as userscripts. There’s also torsocks if you trust tor. If a user decides to use 3rd party firefox extensions, that’s up to them; but I don’t think it should be a default.

            • LWD@lemm.ee
              link
              fedilink
              arrow-up
              3
              ·
              6 months ago

              Personally I disagree with the conclusions stated by the blog post, but I can respect the reasoning for getting there, and I can draw my own conclusions from it myself.

    • thingsiplay@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      6 months ago

      The biggest problem with the alternative browsers I wanted to use is, that they are not managed by my distribution (repository).

      • ssm@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        6 months ago

        What distribution are you using? Every distro I’ve tried, even the more obscure ones (alpine, void, openbsd), package most of the webkit/webengine browsers.

        • thingsiplay@beehaw.org
          link
          fedilink
          arrow-up
          3
          ·
          6 months ago

          EndevourOS, based on Archlinux. I was looking into forks of Firefox. For a webbrowser, it should be in the repository (not AUR) and it should be as quickly updated as Firefox itself. None of the forks I looked into match this criteria.

          • ssm@lemmy.sdf.org
            link
            fedilink
            arrow-up
            2
            ·
            6 months ago

            Why use Arch (or something Arch based) then? I don’t like the AUR either (or systemd, or the bleeding edge (buggy) packages), which is why I like Void Linux.

            • thingsiplay@beehaw.org
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              6 months ago

              I wouldn’t call Arch bleeding edge. There are 2 stages before packages get updated in the repository for everyone (maybe besides trusted projects? which get immadiate update). I wait since almost 3 weeks until they update RetroArch. :D But that’s just terminology and not really important.

              I personally want the newest stuff and being updated all the time. Systemd isn’t a problem for me, it’s fine to me. The packages from Arch repository aren’t buggy for me, so no complains there. You can always find reasons why to switch to another distribution, but that often is not the entire truth. There is often so much more to consider. My previous point is about the software I was looking into not packaged by the distribution of my choice. So many people say packages should come upstream, like in Flatpak and distributions should not package anymore. I hardly disagree here. But I digress… again…

              I’m not here to switch my distribution, but think about switching to another Firefox base. I think Firefox is a great browser and want to keep using it, but have a few disagreements with Mozilla lately. That’s why I was looking into an alternative fork. I will stay on EndeavourOS slash Archlinux… at the moment at least.

              Edit: Dang it, I did it again. Why do I need to write entire blog posts as a forum reply?