They withdrew one of the ToS points, which stated that they would not leak/sell personal data.
Can LibreWolf team fix it?
They withdrew one of the ToS points, which stated that they would not leak/sell personal data.
Can LibreWolf team fix it?
Only changes to the source code of firefox might need to be fixed for librewolf. The policies are not really a threat for librewolf.
@sertonix wrote in #2276 (comment):
Only changes to the source code of firefox might need to be fixed for librewolf. The policies are not really a threat for librewolf.
But they already added new code in FF stable versions and this code already cleaned from LibreWolf?
Firefox's new policy, while IMO very troubling, explicitly affects only the Firefox browser, and explicitly does not cover the source code. Since Librewolf disables Mozilla telemetry as part of doing what it does, I'd argue it's entirely unaffected by whatever they're smoking in the land of the lizard.
That's one reason we've seen so many normies (myself included) pour in lately who really just want a fork of FF and not a hardened privacy browser. If I can contribute anything to the project I'd be happy to contribute documentation to support these refugees (of which I am one, honestly) in understanding how to set up LW the way they want it ... and maybe documenting the risks of doing so.
But really I would like to see a group of interested parties resume care of Iceweasel so that we can point the normies there and keep Librewolf as pure a privacy browser as we can. (I'm still happy to document the FPP overrides for the ones who need it, particularly since I'm among them for accessibility reasons.)
@knghtbrd wrote in #2276 (comment):
I would like to see a group of interested parties resume care of Iceweasel so that we can point the normies there and keep Librewolf focused on being a privacy browser
LW is already the normie alternative to TOR and Mullvad. But I get what you mean, though I think it would be easier to make IceCat more accessible.
Isn't Icecat the fork that says you're not allowed to run Javascript unless RMS gives it his holy blessing?
Realistically a nice UI to control the various settings are all we need. The privacy defaults are reasonable privacy defaults and if people want to disable them, that's their business. It's better if they have the UI to do it. There's not much more than a little settings window dressing I'd change beyond ... well the major one right now is webGL per-site permissions.
@knghtbrd wrote in #2276 (comment):
Isn't Icecat the fork that says you're not allowed to run Javascript unless RMS gives it his holy blessing?
RMS wants software "freedoms" above all, so LibreJS can be disabled. It's an entirely optional add-on.
Most of IceCat's changes are entirely optional. Only the ones that disable telemetry are hardcoded, as far as I know.
So it's much like LibreWolf-- but GNU prioritizes their ideologies over usability, so it's less useful than LW by default.
Realistically a nice UI to control the various settings are all we need.
And the sane defaults too. In theory, you can config FireFox and IceCat to behave exactly like LibreWolf.
But then you have to do this with every install. On top of that, you have to build IceCat yourself-- unless you use the same systems as RMS or trust what @chippy is doing (not implying it's inherently malicious, just inherently less secure- I respect the effort, though).
Bottom line: both browsers respect your "freedoms" but LW respects your time and personal preferences more.
I'm working on a guide that should help people get LW set up the way they want as "normal" users, and I'll be updating it as the requisite UI for normies gets implemented. The major thing missing right now is a need for me to just blow away my whole profile and recreate it from scratch, properly this time.
When I started using it, I just popped open about:config and started changing stuff I knew I needed/wanted changed. That was dumb. I can't reproduce that, I can't recreate it, and I can't recover it when I blow away this config. Not like I can with, say, bookmarks, which I can just save out as .html and recreate my entire bookmark structure in seconds. I should have been using the overrides file. And I will do so this time. The one I've created is kind of documented so I can hand it to users but ... it contains my settings. The goal is to teach people how to configure the most private thing that serves their needs. I need a lot of accessibility features most people don't, for example.
It'll be easy to do and to update starting fresh. Right now there's a lot of "it doesn't work for me, it works for you?"
But then you have to do this with every install.
There exists autoconf amd policies which allow this to be easily automated. I use these to have the same locked configuration on all my devices.
I am closing this since there doesn't seem to be anything left to discuss.
@bottlecap wrote in #2276 (comment):
@knghtbrd wrote in #2276 (comment):
Isn't Icecat the fork that says you're not allowed to run Javascript unless RMS gives it his holy blessing?
RMS wants software "freedoms" above all, so LibreJS can be disabled. It's an entirely optional add-on. Most of IceCat's changes are entirely optional. Only the ones that disable telemetry are hardcoded, as far as I know. So it's much like LibreWolf-- but GNU prioritizes their ideologies over usability, so it's less useful than LW by default.
Realistically a nice UI to control the various settings are all we need.
And the sane defaults too. In theory, you can config FireFox and IceCat to behave exactly like LibreWolf.
But then you have to do this with every install. On top of that, you have to build IceCat yourself-- unless you use the same systems as RMS or trust what @chippy is doing (not implying it's inherently malicious, just inherently less secure- I respect the effort, though).Bottom line: both browsers respect your "freedoms" but LW respects your time and personal preferences more.
Well... I've been running tests on several browsers and honestly Librewolf wants to be seen in the server logs. Reason why they change the user-agent (icecat and tor browser use firefox user-agent in order not to stand out). Now this might seem nothing special, but it certainly tells what browser you are using, dramatically increasing the uniqueness of your browser.
So on purely logical point of view, using a unique user agent and making everyone aware that this many people are using LibreWolf seems to me some sort of investment in the possible future sale of the project with a certain guaranteed user base.
This brings to memory the funny story of waterfox sort of exit scam. Did you know about that? Waterfox Recap or Original on Reddit
With this i like to point out that while LibreWolf can (and possibly will) sell the project, GNU CANNOT sell Icecat even if they wanted.
I hope that this maybe will offer you a perspective you haven't considered so far.
Take the time to test your browser yourself. Observing that every time you open firefox it will send your data to mozilla, cloudflare and google (and more), only to tell them that you just open the browser, will affect your approach to this.
Chip
So on purely logical point of view, using a unique user agent and making everyone aware that this many people are using LibreWolf seems to me some sort of investment in the possible future sale of the project with a certain guaranteed user base.
It seems like you encountered this known bug which affects some builds: #2235
Could you maybe check if the user agent doesn't differ when enabling Resistfingerprint? And maybe mention which build you are using?
With things like this occurring, we might want to consider permanently including the useragent.patch that I tried (but then reverted again, for --with-app-basename wasn't the clean solution I was looking for at that point) with the 137.0 profile folder situation.
(librewolf/source@7b7f98649d)
With this i like to point out that while LibreWolf can (and possibly will) sell the project,
That, btw., is certainly quite an assumption you're making there. Sure, maybe we might be able to sell it (not a lawyer or anything, so I just don't know much about things like that), but that would go so very much against, well, everything we would like LibreWolf to be; and, I mean: we (intentionally) don't even accept donations.
I'm very, very, very certain that none of the core maintainers would ever allow something like that to happen.
@sertonix wrote in #2276 (comment):
So on purely logical point of view, using a unique user agent and making everyone aware that this many people are using LibreWolf seems to me some sort of investment in the possible future sale of the project with a certain guaranteed user base.
It seems like you encountered this known bug which affects some builds: #2235
Could you maybe check if the user agent doesn't differ when enabling Resistfingerprint? And maybe mention which build you are using?
No, the #2235 is from a couple of months ago, i tested it like a year ago and that was the standard.
That and the constrained window sizes.
Probably after that it was changed, you can check yourself in the builds of early 2024.
Chip
@ohfp wrote in #2276 (comment):
With things like this occurring, we might want to consider permanently including the
useragent.patchthat I tried (but then reverted again, for--with-app-basenamewasn't the clean solution I was looking for at that point) with the137.0profile folder situation. (librewolf/source@7b7f98649d)With this i like to point out that while LibreWolf can (and possibly will) sell the project,
That, btw., is certainly quite an assumption you're making there. Sure, maybe we might be able to sell it (not a lawyer or anything, so I just don't know much about things like that), but that would go so very much against, well, everything we would like LibreWolf to be; and, I mean: we (intentionally) don't even accept donations.
I'm very, very, very certain that none of the core maintainers would ever allow something like that to happen.
What about 10M $? Would you sell?
In my opinion librewolf is too "simple" to make selling even possible. Compared to other FF forks librewolf has very few patches (which is a good thing for exactly this reason).
Sure,
I made once the mistake of getting gangbanged by librewolf people on reddit and I won't do it again.
So ok you won't sell pinky swear.
Chip
Ah, yeah, alright: it's somewhat clear now then that this avenue of discussion won't lead anywhere useful, and whatever I'd reply wouldn't matter either. So let's get back to the tech part of things:
No, the #2235 is from a couple of months ago, i tested it like a year ago and that was the standard.
If I understood that right, you haven't had the UA issue with recent builds (with RFP enabled or disabled) then?
I tested this more than one year ago, when the UA was changed by your build script.
Since then i haven't tested or used librewolf again.
Chip
No due date set.
No dependencies set.
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?