❌ Software Removal | Firefox #856
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#856
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
Pretty unfair that you're recommending Firefox and not Waterfox. Especially since FF has recently banned free speech extensions from its repo. Twitter censors everyone, so we have Gab. Gab made an extension, and Mozilla censors it? This is going too far... Part of "privacy" is what you're allowed to see & use (in the privacy of your own computer)!
Forks are always behind mainline in terms of security.
Also Waterfox doesn't have any stuff you can't do in Firefox.
Firefox + gHacks user.js is much better solution then such a fork with just few maintainer
it was in my head.
Anyway, in term of privacy, tor browser is recommended in top.
From what I've read, Mozilla has removed the addon from their addons website saying it violates their terms due to promoting hate speech. That's fine, if they wan to do that they are within their right to do so since it is their platform. However, from what I've read is that Firefox blacklists the addon and will remove it when you restart the browser. I haven't confirmed that is the case, but if true that is stepping over the line. Mozilla has no right to remove/block an extension that an end-user has chosen to install on their system.
Let's not split hairs in regards to left/right wing politics, but look at the implications and precedent that is being set that could be applied to any addon. I don't think @dm17 is wrong to see this as a something to be concerned about.
Thank you; I agree... And just look at all of the stuff Waterfox strips out of Firefox! That there is so much tracking and crap in there now that Waterfox even has a major following is evidence that Firefox is not a "privacy tool"!
@quantumpacket which "addon" you're talking about?
I believe it's this addon https://dissenter.com/download once again, I have yet to test that the browser blacklists it, but there was a reddit post asking for help on preventing Firefox from unloading it on restart.
So you blame Mozilla to blacklist a addon on a external site which doesn't provide the source code for that addon and track users on their website itself?!:
https://webbkoll.dataskydd.net/en/results?url=http%3A%2F%2Fdissenter.com%2Fdownload#requests
Sound like invalid / trolling post
@beerisgood I didn't mind your first post, but now this is borderline trolling. As I have said twice, the topic is not just Mozillas censorship. Primarily, based on the fact that privacytools.io is supposed to be about privacy and Firefox is not defaultly as private as other browsers with your data.
So the politics of George Soros & the Mozilla foundation aside (and their supporting RiseUp) - we can speak objectively about the privacy of Waterfox vs Firefox. It is simply unfair to be promoting Brave & Firefox as the top privacy browsers. Brave defaultly whitelists Facebook and Twitter trackers. Most users will never figure out how to disable most of Firefox's privacy issues - and Waterfox goes much further than one can do manually anyway.
It was originally hosted on the Mozilla addons site, which as OP has stated was removed. The source code is here https://github.com/gab-ai-inc/gab-dissenter-extension/ also what does their download page have to do with this post? Tracking is done on even Firefox's download page.
@dm17 I never vote for Brave. Instead i vote for removing that Chrome/ Chromium shit
Hmmm, this seems like a slippery slope. When a browser has advert-blocking on by default, I do not consider it to be restricting my freedoms nor invading my privacy somehow, when it blocks me from seeing those adverts. If I want some other behavior, I can adjust the settings, and if the browser does not let me adjust the settings the way I want, I can install some other browser.
Same goes for browsers that have anti-phishing and IP-based anti-malware blacklists ... often these are implemented questionably from a privacy perspective (the people providing the blacklists use them as a means of spying on what websites I visit while they scan for whether I'm visiting a website I should not ... typically that was the real motive for providing the free-as-in-beer service in the first place I often suspect), and also the very idea of letting some third party blacklist websites is questionable from a freedom standpoint (often the listing process is politicized either overtly or covertly).
Similarly, if an OS comes with a firewall on by default, that prevents me from visiting certain websites, or even blocks entire domains from loading (a la PiHole or the old-school HOSTS file with badsites explicitly prevented from loading), that is not a privacy invasion, that is usually a desired behavior. As long as I can turn it off, if I choose.
Here is background, https://en.wikipedia.org/wiki/Gab_(social_network)#Dissenter
mozilla-sysadmins versus gabDissenter-devs... unclear to me what the current state is?
You sound like you are saying there was more than one such incident. Are there other examples of where firefox sysadmins and programmers, have seemingly let their political biases or their systems of ethical beliefs, lead them to blacklist addons for non-technical reasons? I will note that mozilla corporation might be subject to the legal constraints against certain kinds of legislatively-defined-hate-speech in Germany and France and such places, is there any indication whether the removal of GabDissenter was due to it being made illegal by a court, rather than just firefox people deciding on their own? I will also note this, https://xkcd.com/1357/ ...and that the addons website is something mozilla pays to host.
There is a reddit-thread about GabDissenter versus MozillaAddonsSysadmins, and like a lot of things nowadays, seems to be full of self-censorship and maybe forum-mod-censorship and possibly even reddit-sysadmin-censorship (I'm not familiar enough with reddit to say on way or the other). https://old.reddit.com/r/firefox/comments/bbugc5/firefox_bans_free_speech_commenting_plugin/?limit=500 Google has removed the pages from their cache, and Chrome has followed mozilla in blocking the extension in question. The reddit thread DOES assert that the GabDissenter addon can be installed still, just, no longer installed from addons.mozilla.org -- it has to be installed from the extension-owner's site with some kind of different code-signing procedure, or something? Quoting:
End quoth. I dunno whether what is said there is true, or maybe, was true at one point and now firefox is detecting and unloading the addon at runtime, or what. But the waters(heh) around the most recent firefox-versus-waterfox controversy seem pretty muddy.
waterfox-vs-firefox is a different issue, and a thorny one
I don't have a firm opinion on the waterfox-versus-firefox question, except to say that every year there is always Yet Another Firefox Fork which promises to provide better privacy and on-by-default settings and whatnot. PrivacyToolsIO even used to list one, the JonDoBrowser project if memory serves. But it is actually shockingly tough to maintain a soft-fork of a complex thing like Firefox, and almost none of these projects tend to make it over the long term.
The default behavior of Firefox w.r.t. privacy is "pretty good" (compared to chrome especially), and with a few key addons (also listed further down the page), that becomes "very good". Soft-forks that promise to do better, tend to end up doing worse: they fall behind on the upgrade-treadmill, and at some point are not pushing the security-patches needed (browsers are a huge risk when it comes to using them without the latest security-patching done promptly).
As for the question of whether Waterfox should be WorthMentioning (which is distinct from the question of whether Firefox should be delisted-or-demoted), unlike most of the soft-fork efforts waterfox seems to have been around quite some time. Not sure how well they keep up with security-patches, but well enough not to wither away over the years, at least. They have a wikipedia page https://en.wikipedia.org/wiki/Waterfox and the project was started in 2011. It has mostly nerdy-technical difference with stock firefox, but also some good moves for privacy: no Pocket, telemetry, data-collection, startup-profiling, the EME/DRM disabled by default, and the default search-engine is Ecosia rather than Google-or-similar (they started out as a tree-friendly search engine in 2009 but as of 2018 have apparently begun to rebrand as also being a privacy-oriented search engine).
p.s. Brave is not the best of all available options, but in some situations it is necessary: not just Chrome, and the reference-implementation Chromium, but also every other major browser (in terms of market share I mean) browser except firefox-and-firefox-clones, is based on the same engine as chromium. That means Safari, Opera, and MicrosoftEdge are all running on the same basic rendering-engine and javascript-engine as Chrome... and in turn, means that webdevs fairly often JUST test their websites on Chrome. Firefox is down to the single-digits of market share nowadays, much like it was back in the days of MSIE6 dominance fifteen years ago. Point being, there are plenty of websites where TorBrowser just does not work right, and firefox is also at risk of such things happening, so a webkit-or-chromium-based browser that tries to respect privacy is needed pragmatically today, even if not ideal from a long-term perspective.
p.p.s. There is no need for accusations of trolling, and counter-accusations of the person making the accusation getting accused of trolling. Please stick to the merits of the case, and whether privacy is at risk with a particular tool, and if so to what degree, compared to other tools that provide similar functionality. Personal bickering is non-helpful.
I appreciate the long and thoughtful reply. The following addresses a few issues:
Here's an incomplete list of privacy features that Waterfox has over Firefox:
https://github.com/MrAlex94/Waterfox/#user-content-features
As you can see there are a load of privacy enhancements that Waterfox has over Firefox - even after a power user does the typical privacy-enhancing modifications to Firefox.
Since this project is called "privacy tools" and not "security tools," then is the fact that Firefox has quicker security patches an argument for it to stay in the recommendation list no matter what? I think not.
As previously mentioned, the censorship the Mozilla foundation is participating in is not a primary component of my GitHub ticket. The lack of privacy in two main PrivacyTools recommendations a) Firefox, and b) Brave - is the issue (especially when compared to the well supported alternatives like Waterfox).
a) Firefox - please see #1 for a list of privacy features Firefox lacks, and Waterfox has.
b) Brave - how can defaultly whitelisting Facebook & Twitter trackers be seen as "privacy centric?" We can open another ticket about this; I'm trying to keep this one focus on the Firefox recommendation.
You said, "As for the question of whether Waterfox should be WorthMentioning (which is distinct from the question of whether Firefox should be delisted-or-demoted), unlike most of the soft-fork efforts waterfox seems to have been around quite some time. Not sure how well they keep up with security-patches, but well enough not to wither away over the years, at least. They have a wikipedia page https://en.wikipedia.org/wiki/Waterfox and the project was started in 2011. It has mostly nerdy-technical difference with stock firefox, but also some good moves for privacy: no Pocket, telemetry, data-collection, startup-profiling, the EME/DRM disabled by default, and the default search-engine is Ecosia rather than Google-or-similar (they started out as a tree-friendly search engine in 2009 but as of 2018 have apparently begun to rebrand as also being a privacy-oriented search engine)." -- Agreed - great points!
And you also said, "almost none of these projects tend to make it over the long term." But that doesn't seem like a reason not to promote and try for privacy. Netscape didn't last either.
security and stability not good for FF
Mozilla develops at an unstable speed as they tend to push frills and extra features. It's actually wise to stay behind a bit because the feature richness they always chase actually causes security bugs. Users on the chronic upgrade path are always exposed to the highest number of unknown bugs, which are more risky than known bugs that can be controlled for if needed.
I sometimes have to pin a past version of Firefox because of a reckless release, and in a couple cases it took a couple years for Mozilla to put out a version that overcame nasty behavior like spontaneous crashes.
OTOH, Firefox + gHacks (Librefox) empowers users to decide whether they want to be on the bleeding edge or not. That control is an advantage for advanced users. Novice users will just take any upgrade, which means they'll take upgrades that just deliver new functionality (read: more bugs).
Mozilla ❤️'s CloudFlare
Recent versions dance for CloudFlare (a privacy abuser). It's said to be disabled out of the box but it's still not a privacy-respecting direction.
Does Mozilla alter users' configs?
👀 yikes; that's really fucked up if it's true. Fair enough if they want to control what's in their repository (since 3rd party repos are an option).. but to take end-user control away from users (who should be in control over their own installations) is an unacceptable appropriation of liberty.
Firefox doesn't teach visitors anything new
Everyone knows about Firefox so users don't get much value out of seeing it on PTIO. Exceptionally, if PTIO actually studied Firefox in depth and had strong reasons to dismiss other forks, then it would make sense but this doesn't seem to be the case. It's likely one of the blind crowd-following endorsements.
Tor Browser is a Firefox fork in the top slot. Showing users Firefox only distracts them from what they should be considering.
(FF-guts) Waterfox vs. Librefox (Firefox + gHacks)
I've not dug into that but perhaps someone should. The problem with letting Tor Browser stand as the only Firefox implementation is that it can't handle profiles. So if a user wants a secure way to do profiles using a Firefox-based client then one of these might be the answer.
(edit) Starting to dig in a little... Waterfox has had lags of ~9-14 days on security updates. Librefox wouldn't have that problem.
PTIO's focus is mass surveillance and FF-raw defaults to sending telemetry data. PTIO should put its own mission above all. It seems Waterfox is more suitable than FF-raw for endorsement, but the listing should warn users about the security update lag and let them decide. These are the relevant features to PTIO:
For me ATM, FF-raw is a loser. Endorsement should go to Waterfox or Librefox. Someone needs to dig into the pros and cons of Waterfox and Librefox strictly in terms of mass surveillance and present their findings.
(Chromium-guts) Brave vs. Ungoogled Chromium
Indeed it's a problem. Ad blocker projects usually profit by kickbacks from advertisers in exchange for favorable treatment. Ads are already unfair, creating an arms race whereby vendors are forced to push ads to offset damage done by their competitors' ads. Then ad blocker projects like Brave manipulate ad exposure to game it to be even less fair.
I looked into Chromium-based browsers a year or so ago and short-listed these for a closer look:
https://github.com/eloston/ungoogled-chromium (sources from Iridium and Inox)
https://iridiumbrowser.de/ (ungoogled-chromium sources from it)
https://epicbrowser.com/ (mac/pc only)
https://www.comodo.com/home/browsers-toolbars/browser.php (windows only)
https://en.wikipedia.org/wiki/Brave_%28browser%29 (ad replacement)
https://github.com/gcarq/inox-patchset
http://otter-browser.org/
In the end I favored Ungoogled Chromium. I didn't keep good notes so I don't recall why it came out ahead, but it's certainly harder to trust Brave with all its controversy and advertising shenanigans.
"Web Browser" category is in the wrong place
It shouldn't be at the top level. It's software, and should be under the software category.
Thanks @libBletchley, very concise reply.
Would be nice if the folks that thumbed down my post (Mikaela, lumbo7332, abbluiz, ookangzheng) would state their reasons why. I don't see how to @ them though.
Then i ask you why the builds are all stable? Even the beta build. (never test alpha build)
Also you recommend a Chrome/ Chromium Fork which do the same, but have a lot worse privacy.
All Chrome/ Chromium Forks still send data to Google and none of them remove or disable all google telemetry.
Only in Firefox you can do that in about:config or with a user.js -> see gHacks user.js
I guess the mean the encrypted DNS stuff?
Well you know that Google does the same right? Not with CloudFlare but with their own DNS.
Mozilla have a deal with CloudFlare for respect user privacy. You don't have that with Google
@dm17
I hope whoever makes these decisions (@BurungHantu1605?) would ignore votes. Votes just indicate what idea is popular but there are plenty of down-voted yet uncountered posts. An uncountered argument is an argument conceded.
I started a ditch Github thread and downvotes came but not a single good reason was given to put GH over the alternatives from a mass surveillance standpoint. Decision makers would be foolish to give much consideration to votes.
I have yet to see a good case for FF-raw in this thread.
This begs the question. I've seen Firefox deploy unstable crash-prone releases, and they've even escaped the quality control of Debian. I had to pin an old version to get something that simply functions for a while. Stability is a clear weakness for Firefox.
If that's true users should be warned of that on PTIO (in the Brave endorsement). And if you've found a bug in Ungoogled Chromium, have you reported it? Or is there an existing bug report? I would be interested in seeing what you're talking about specifically with U/C.
Chromium has pros and cons but it's not easily dispensable because most webmasters target it (I think @five-c-d mentioned this as well -- Firefox only has like 5% of the market). PTIO should endorse the lesser of Chromium-based evils, as well as a lesser of Firefox-based evils, and take care to make it clear which is the lesser of those evils.
uMatrix does not exist on Firefox IIRC, and the alternatives are dicey.
I use TB, UC, and FF-raw; giving up any of the 3 would be problematic^1 (although I should replace ff-raw with either librefox or waterfox). I've only hesitated because FF-raw is official Debian, and giving that up steps outside of Debian's generally decent QA. That's the one advantage to FF-raw, but it's unique to users of Debian-based OSs.
(1) Using privacy-focused add-ons breaks websites in various ways that's not always trivial to fix and tends to sidetrack workflow. So when FF + <shitload of PTIO-relevant extensions> breaks a site, often Ungoogled Chromium + uMatrix (and others) will produce a funcational privacy-centric result.
Just check it by yourself?!
Also did you read the project description from the browser you use? Then you would know that they don't remove all Google telemetry/ tracking/ services. None of the forks
Firefox is still the best browser for privacy and security. Not matter if 5% on some suspicious statistics.
What? Kidding? https://addons.mozilla.org/en-US/firefox/addon/umatrix/
It exist many years for Firefox. Same like uBlock Origin
Chrome/ Chromium and Privacy are two different worlds. You can't get privacy with such a browser. No matter which addons or configs you use. See above
Pushing a privacy newb to a Chromium-based browser is very uncool. A lot of people take PTIO at face value and place 100% trust in their offerings.
Firefox, as much as I detest what Mozilla has become, is the lesser of all evils when it comes to privacy. Firefox + the about:config / profile hacks are perfect for people just getting their feet wet.
The people that run this site seem to have a dislike for the Firefox forks, I doubt you will ever see them posted. Those that take issue with Mozilla's behavior will find them on their own, as I and many others have.
This site would lose a lot of credibility if they started suggesting Google browsers.
Nothing in the project description on this page:
https://github.com/eloston/ungoogled-chromium
supports your claim. This is why it's important to cite your sources, when asked. I could dig through bug reports and try to guess what it is that you're talking about, but in the end it's only a guess and your claim is vague.
Exactly what information is Ungoogled Chromium sending to Google?
If you're talking about FF-raw, you've contradicted your statement about gHacks. Please be clear about which "Firefox" you are referring to.
Most users don't tamper with the user-agent string, so I see no reason to consider the stats suspicious.
In effect, you are saying remove Brave and replace it with nothing Chromium based. Yet, you've not made a case for Ungoogled Chromium leaking data.
At first you seemed to be talking about FF-raw. But it's implied you're actually talking about Librefox, correct? Please be clear.
We are not here to please those running the site or to tell them what they want to hear. We are exposing privacy abuses and countermeasures. Those making the decisions can do what they want with the information. I'm not here to filter or bend the findings to their taste or to fit into their pre-existing world views.
Credibility is already on the low side, and Ungoogled Chromium is not a "Google browser". If the unfiltered information about privacy abuses and countermeasures is disregarded, that's what harms credibility.
@libBletchley Agreed; I have no idea what you're talking about @angela-d. No one is "pushing" anything; this issue is about removing Firefox, which is not acceptable as a "privacy recommendation" compared with the alternatives. Please state why it is "uncool" to recommend a chromium-based browser (which is sort of off-topic in this thread). How is ungoogled-chromium a "Google browser?" It is even in the name that it is not... Perhaps you have access to evidence that we do not?
You have stated this opinion before, and I am happy to look at any evidence for it... But so far no one in this thread has supported that claim with evidence. Furthermore, I would like to truncate this conversation to one topic at once (not both privacy & security, but just privacy - for now). Furthermore, if Waterfox is Firefox minus some privacy-leaking behaviors, then how is it not self-evidently better?
@beerisgood, @angela-d also mentioned that you cannot get privacy with ungoogled-chromium... Can you please cite some evidence for this? Theoretically, if you have a browser leaking information about you (chromium in this example), then you strip out the code that is responsible for that information leaking - why is that invalid or impossible?
@libBletchley
I stand corrected, the leaks I had read about were, of course, vanilla Chromium based.
I am
The forks in general, here. They aren't listed and don't seem like they ever will be. There's been a lot of posts suggesting the same forks in different threads, yet they chose Brave over all of them.
Only a select few can push changes to the site, no? So yes, you have to "please" them or your commits don't get pushed.
Waterfox is a fork, but Librefox is not. Librefox is standard FF with a series of gHacks. I'm not sure if the PTIO config changes you linked to are wholly the same as what composes Librefox, but I see that
ghacks-user.jsis there. PTIO makes no mention of Librefox, so it would be useful to know how PTIO's config differs from Librefox.One of the problems is that "Mozilla Firefox" is endorsed, and then further down the page users are given a series of tasks to harden it. That style of mass surveillance avoidance will fail the lazy masses. If the endorsement were for "Librefox" instead of "Mozilla Firefox", and included a statement on the spot about steps required make it "Librefox", that would be more compelling than endorsing FF-raw and then listing optional tasks further down.
Those with the power have to go along in the end for something to change, but it would be backwards to let guesswork about what will be liked influence the findings - like when a UK prime minister orders scientists to discover that marijuana is harmful, it's a disservice to all for the scientists to undermine scientific principles to get the demanded result. If we find that Waterfox is better at avoiding mass surveillance then that's what should be presented regardless of whether it compels action.
Well that is worrisome! Perhaps they're taking money or have interests over privacy? Perhaps you have more information about this? It is well known that well-funded companies fund seemingly unrelated sites (like privacytools.io potentially) to market their products.
Perhaps I'll make another thread recommending to remove Brave. It is obviously more interested in pleasing advertisers than protecting customers.
Yes, and perhaps they are secretly alien invaders with big tentacles instead of eyeballs! Maybe they just built privacyToolsIO and invested hundreds of hours of time for free trying to thwart mass surveillance, because they have something to hide: their alien mothership on the dark side of the moon, whilst sending pod-people to infiltrate humanity! Oh nohz!
Hint: Please. Do. Not. Start. This. Kind. Of. Stuff.
Sure, nothing wrong with having that discussion. But please be aware that privacyToolsIO is not about purity of essence, and it is aimed at a broader userbase than people who are willing to hand-compile their own ELinks for OpenBSD so as to avoid the slim possibility of JPEG-file-format zero-day remote arbitrary code execution exploits. Nine out of ten website-visitors are running a flavour of Chromium, and privacyToolsIO has to recommend a flavour-or-two of chromium that
Rather than looking at things from the purist perspective (if it ain't perfect then remove it), try to look at things from the pragmatic perspective (what tools satisfy A+B+C the best and which of them is currently best-in-class for everyday endusers and which of them is WorthMentioning for hardcore endusers willing to go the extra mile).
No, you are wrong: the word 'fail' implies a failure. That pathway is exactly what the masses need, to incrementally upgrade their privacy-consciousness and their toolkits.
the issue here is monkey
9 out of 10 people run Chrome or a knockoff thereof (msEdge/appleSafari/opera/etc) which are purposely built to monitor the habits of the enduser, direct the enduser to specific search engines, and so on -- browsers with built-in-adverts are not the norm, but browsers are very much indirectly facilitating the advert industry and the user-profiling biz.
If you want them to get out of that, you have to give them something they can put to use immediately which does not have a learning-curve like the Matterhorn.
Partly that is usability, but partly it is existing rep. Most people have heard of firefox -- and likely used it in the past in some form, if they have been alive long enough. It is a well-known brand with a decent reputation amongst the public. Specifically, unlike Tor which is either an unknown or a negative-reputation to a very large slice of humanity. Firefox is not perfect, by any stretch, but let not the perfect be the enemy of the good-enough-for-now. And especially not when what the masses will use INSTEAD is typically going to be Chrome-on-Windows and Chrome-on-GooglizedAndroid! "Firefox on all platforms" is the recommendation of privacyToolsIO because it is a large incremental improvement over that base-level-state.
The section on installing hardening-tweaks via about:config and/or ghacks, as well as the section immediately above on hardcore addons like NoScript, is a good thing because it once again incrementally improves privacy-levels for individual endusers. Using firefox instead of chrome-and-knockoffs is a fairly easy-to-stomach upgrade for most endusers. They can keep using the internet the way they are used to. They can get assistance from a vast number of forums and helpdocs and walkthrus and such. Firefox concentrates hard on being compatible with 99.99% of the websites out there which matter to endusers.
Once they HAVE made the leap to a browser used by the 10% of somewhat-privacy-conscious folks, it is possible they will go further, and join the 1% -- hardcore-privacy-conscious folks which run TorBrowser-the-firefox-ESR-fork, or misnomer-Librefox-the-firefox-alt-config, or somewhat more simply stock-firefox-with-NoScript-and-uMatrix-and-all-the-trimmings. But one step at a time, is the key to this happening someday, not "anybody who does not handcompile ELinks is a lazy sheeple"
This is not a true statement, without the qualifiers, but it is essentially correct. Firefox is the best browser for privacy and security, that the masses are likely to actually install, if they are only somewhat-privacy-conscious and not interested in hassle of a niche-browser. If you want to fight mass surveillance, you need to help the masses, incrementally. So that makes firefox the proper browser for privacyToolsIO to recommend, either top1 or top2, depending on what the intended audience/readership is.
Right now the list is TorBrowser + Firefox + Brave, followed by tweaks to harden firefox (some straightforward and some complex/arcane/hassle). Which is not perfect but is solid. One could argue for Firefox + TorBrowser + Brave, or maybe even Firefox + Brave + TorBrowser, and still have the 9-out-of-10-use-chrome-based-masses firmly in mind.
But several people in this thread seem to mistakenly believe that not only must firefox be completely removed as no better than GoogleChrome, but also that brave should be junked as no better than GoogleChrome. This would give a fundamentally altered top3, possibly Waterfox + ungoogledChromium + TorBrowser if @dm17 got their way, or ELinks + ungoogledChromium + TorBrowser if @libBletchley had their druthers... if I'm slightly wrong on the exact picks or exact ordering, apologies, but I'm not FAR wrong. Nothing really incorrect with those ... iff the audience is hardcore privacy cipher-punk humans, the small slice of humanity that ALREADY cares a lot, and is ALREADY willing to go the extra mile.
But that is no longer fighting mass surveillance, that is just, insiders swapping insider-tips with each other. Completely different target-audience, completely different idea of who the readership is, and is very much no longer trying to help the masses: indeed, the whole point of insider-tip-lists like that is to feel superior to the masses ('they are just lazy' kind of contrast to insiders). Yes, most people are lazy, if you define that as "unwilling to spend dozens of hours re-installing all their tools every few months for getting the best-of-the-best-of-the-best" in privacy-respecting purity.
If only everybody really deeply cared about privacy, that might even work! But we live in a reality where most people cannot even spell metadata, let alone tell you what it means. They won't install random binaries from the internet they have never heard of, either, because it has been drilled into them that this is ludicrously poor infosec/opsec. (Which is true.) And no, they won't invest dozens of hours researching tools, followed by dozens of hours carefully installing and configuring all of the results of that r&d effort.
They are reading privacyToolsIO for some helpful "double your privacy-level with this one cool tip" type of thing. That is the audience: everyday people, not hardcore wizards.
Interesting that you feel comfortable mocking me like this. You must be some kind of authority here. I'm going to stick to the argumentation below:
I did not claim privacyToolsIO is about purity of essence. This also seems like mocking my efforts here to get the easiest to use privacy option to the masses. Can you point to any of my suggestions that would decrease ease of use for the masses? For instance, people on all platforms can easily click a download-and-install binary on the Waterfox website. OpenBSD is not a from-source distro, and someone running OpenBSD would merely install Elinks from the ports system. So again, this just sounds like you're mocking me.
Decently? Why down play it? If there are easy-to-install and more privacy-respecting alternatives, then why not a "greatly privacy-respecting" recommendation?
Can you be more specific here about which browser recommendations would result in "endpoint-pwn'age"?
Can we address why Waterfox, for example, does not fulfill this?
I'm not saying there should be a "top 3" - or "if it ain't perfect then remove it." I'm saying, why not pick the top 3 that are easy to install for the masses in terms of privacy. What is the evidence for lack of pragmatism in this suggestion? Again, why is Waterfox so "hardcore?" I don't think basic privacy respect is hardcore.
You want the masses to incrementally upgrade their privacy? Seems reasonable, but if there is an easier path, then why not recommend it?
Are you implying here that non-mainstream browsers like Waterfox are "random binaries"? I agree that people should have to spend lots of time researching tools; I take that as one of the primary purposes of sites like privacyTools - and is the reason why I want to contribute back to it after my research into why Firefox is not a browser that is good for privacy.
No one here suggested Matterhorn. Why stress "immediately?" The suggestion in this thread was Waterfox as a privacy-respecting Firefox - can't it be used just as immediately?
I don't get how this adds to your argumentation that it should be suggested to them.
If a browser is starting to invade privacy more and more, then why should privacyTools continue to reenforce this reputation?
I don't get this. Tor is in the #1 recommendation slot on privacyTools. If public reputation plays a factor, then why is Torbrowser a top recommendation? If public reputation is not a factor, then your previous claim does not make sense.
Again, I'm not implying the audience is wizards. This is a straw man argument. If you think this is not a straw man argument, then you need to state who is arguing that the audience of privacyTools should be more adept or is wizards. Again, I'm arguing that the audience should not have to be so adept to figure out - against the recommendation of privacyTools - that Firefox is not a very privacy conscious choice.
I'm not mocking you, I'm pointing out you are "rhetorically" accusing the six people that run this project of being paid plants of the mass surveillance giants.
Do not do that. There is an edit-button on your post where you did that. Edit out your slur, and I will happily remove my analogy pointing out how ludicrous your accusation is ("on nohz maybe the people running the site are invaders from planet zorg"). Both of those hypotheticals are completely groundless conspiracy theories. If you really have evidence, then post it immediately, right now. If you have no evidence, then you are behaving so badly in "merely" positing the hypothetical, that you either recognize what you are doing is wrong, and fix the situation by striking the wrong thing you did... or you fail to do so. Pick one or the other. But no, the person in the wrong here is you, not me.
Ones that have relatively lower security: lagging patch-level, lack of personnel concentrating on security-problems, lack of eyeballs reviewing the codebase, potential MitM opportunities in the distribution-chain, etc. Librefox is better in this respect than Waterfox, which is better than PaleMoon, which is better than MSIE6 on winXP (hundreds of thousands of these still hitting wikipedia), which is better than MSIE6 running on Win98 still (thousands of these!).
TorBrowser is probably slightly ahead of Librefox because it has more people involved that are competent when it comes to security... the old with-enough-eyeballs-all-bugs-are-shallow kind of thing. Firefox has some problems, but the average grandpa can install it from a well-known place and let the auto-updates take care of security, for the most part. This is not the-best-of-the-best-of-the-best security, mind you: it is just, good enough for what grandpa can stomach, so that he is not backsliding to Chrome at some point. Brave browser I'll save for your new thread about the evils of Brave ;-) [edit: see below for Brave-vs-PaleMoonAndBasilisk]
Waterfox has one single dev, correct? It is not in privacyToolsIO 'worth mentioning' section at this point, let alone in the top3. Your proposal is to eliminate firefox entirely, rather than demoting it to the worthMentioning section, and promote waterfox immediately into the top3.
What plays a factor, to my knowledge, is A) whether the project is widely vetted and widely respected, and B) the balance of the amount of privacy provided with the amount of ease-of-use plus ease-of-installation plus likelihood the project remains viable, aka sustainability.
pretty clear who has a well-vetted reputation
TorBrowser is pretty widely vetted and (amongst privacy-nerds) pretty widely respected, and gives a large amount of privacy without a SEVERE amount of hassle. It is definitely a two-wizards tool however: you cannot expect to just install it and go about browsing as usual, there will be hiccups along the way. See also, using firefox+noscript, which is recommended but with a caveat.
Firefox with addons is very widely vetted and (amongst privacy-nerds) reasonably respected ... despite screwups repeatedly over the years, Mozilla is still a reasonable option, compared to the major-browser-alternatives. It is a one-wizard tool: install it and install some addons from the well-known place and go. Incrementally return to tweak further: even better.
Waterfox is not widely-vetted, it has an extremely small userbase and an even smaller number of developers. It is, unlike TorBrowser which is ESR-based and unlike Librefox which is current-rolling-release-based, in that twilight zone of old-version-with-manual-backports ... thus, even if it hypothetically had tenfold as many devs as TorBrowser, the waterfox project is structurally harder to vet. You can get a sense of how many eyeballs are looking into a given project, by using wikipedia pageviews as a proxy-measure:
If you don't like wikipedia pageviews, you can use alexa pageranks, or subreddit subscriber-counts, or google queryzeitgeist, or various other things. They all give the same answers, about which projects are dominant (Chrome), which projects are significant (Firefox and Safari), which projects are niche but well-vetted (TorBrowser), which projects are very niche but somewhat-well-vetted (BraveBrowser and Chromium), and which projects are ultra-niche and less-well-vetted (Waterfox and PaleMoon and clinging-for-dear-life-to-relevance ELinks). The same nums also tell us, as well, which projects are so esoteric they do not even have a wikipedia article yet, and cannot be well-vetted by the normal english definition of the word well and the word vetted: Librefox and UngoogledChromium.
pretty clear who is arguing for the wizards
If the target audience of the site is the masses, recommending things that are to the far end of the esoterica spectrum will backfire: they will trust in the reputation that privacyToolsIO has been cultivating, and install some random binary from some random site on the internet. Which will end poorly. Not just for the people that got burned: for privacyToolsIO, whom they will blame for the improper recommendation.
If the target audience of the site is insiders that are willing to invest dozens of hours, then recommending only the best-of-the-best-of-the-best esoteric tools with a large amount of hassles, a higher possibility of vetting-trouble, and so on... well, that is fine. But it changes the character of the website, and makes it useless to grandpa, in the process. No offense to grandfathers -- plenty of them are extremely tech savvy, have endless hours to research tools and tweak configurations (benefit of being retired), and care deeply about old-fashioned ideals about privacy. But the average grandfather is just like the average person: not that wizardly, does not have the stomach for extreme hassles, only cares somewhat.
Definitely @libBletchley :-) This is the same argument they have against signalapp, which they want to replace with Jami-fka-RingCx-fka-SFLphone, on the basis of "vetting does not matter and privacyToolsIO must only recommend the best-of-the-best-of-the-best tools without regard to hassles and hiccups". 99% of their arguments are political in nature, not technical. To a lesser extent yourself @dm17 since you are wanting to drop all the somewhat-mainstream options and start listing the ultra-niche ones in the top3. If you were arguing that Waterfox should be in worthMentioning, that is one thing, but you are specifically arguing that two of the current top3 should be deleted en toto, and you are arguing mostly on political grounds (the GabDissenter thing and how it was handled) rather than on privacy-of-the-enduser grounds.
If you want Firefox demoted from the top3 and put into worthMentioning, then you have to make the argument, and show what should replace it -- aka is relatively better in all key aspects (where "key aspects" is determined by the target audience's implied needs rather than on some absolute uber-privacy-nerd scale). Firefox, even without addons, is better than Chrome, which is what the majority of people run. Firefox, with a handful of addons -- helpfully right on the same page firefox is recommended -- is a VERY good step up. Some people will keep taking that route, and apply all the tweaks, eventually and incrementally.
Some people will switch gears, and use TorBrowser-aka-Firefox-ESR instead. (Ask yourself: since TorBrowser is based on a delayed-by-a-few-months respin of Firefox, doesn't that make every single politically-based argument you are putting forth against Mozilla Foundation, apply to TorBrowser-a-few-months-from-now? If not, why not?)
Is firefox a maximally-privacy-conscious choice? Nope. Does that mean demotion? Maybe, show me the alternative which Dave-in-Denmark can use as easily and with as few hassles, yet gives about-equal security-levels and significantly better privacy-levels. Does that mean not just demotion to worthMentioning, but outright deletion? Unlikely, unless there are enough other tools to REALLY fill the gap. And there are not. Browsers are tough.
It is a failure. It fails in a variety of ways:
Ambiguity: is PTIO endorsing FF-raw? A user who reads the whole page can only guess. Maybe they endorse FF-raw (to the detriment of users); maybe they only endorse FF with mods. So which ever way it is, PTIO has failed to make it clear.Page design fails to convey: just like Signal's APK page, a lesser option is at the top and only users who scroll down will see the better option. The listings are immediately followed by "Browser Fingerprint", creating discontinuity and compelling those not interested in that level of detail to leave the page before reaching the config hacks, and this also includes those who already know about browser prints. Many (possibly most) users won't be reached purely due to lack of scrolling.Note as well that those who advocate "Firefox" in this thread are exploiting the same ambiguity described in the first bullet. They advocate FF-raw, and then when issues are pointed out they back-peddle and advocate FF with hacks, which isn't the same thing and also not what most users are lead to.
(edit) I missed this: "Don't forget to adjust the settings according to our recommendations: WebRTC and about:config and get the privacy add-ons." So apparently FF-raw is not endorsed, and I overlooked that due to sloppy speed reading.. I probably saw "Firefox is fast, reliable, open.." and quit reading the box at that point.
BTW, "reliable" should be removed. Firefox is not reliable; it is buggy. PTIO doesn't need to sell reliability and it only serves to mislead and appear biased. Even if a particularly stable version is on offer at some moment in time, no browser is "reliable" after it's hardened. Hardening inherently breaks a lot of sites and users should expect that.
It's exactly what fails most users. Incremental labor-intensive approaches are non-starters for the general public. While it's useful for enthusiasts to get that info, the current presentation disservices the masses to help a few.
A design that mitigates this problem while still catering for enthusiasts and tinkerers would be to endorse Waterfox at the top, with a statement "or if you prefer to harden plain Firefox, scroll down for hands--on instructions".
It's the status quo that requires extra diligence and attention from the user, not what's being proposed.
Rather than neglecting some perspectives, try to look at all perspectives and advocate the lesser of evils for the baseline group of normies who are unlikely to manually hack their configs. It would be a straw man to claim anyone is saying "if it ain't perfect then remove it", because no one is advocating for an empty page.
Waterfox is a fork of code you're claiming to be well vetted, which means the code has had the eyes of its own project plus the eyes of the parent. The eyes of the parent don't see the privacy-focused changes, but let's not lose sight of the target PTIO visitor and split hairs and undermine changes made directly to facilitate privacy whilst using market share as an obtusely blunt instrument by which eyes-on-code is measured. The Waterfox changes are also removals to a large extent. Removing Pocket removes bugs (all code has bugs). Waterfox also has less code to review -- less code if you review the whole project, and also if you just review the changes from FF stock that's likely manageable for just one person.
@five-c-d said, "Waterfox has one single dev, correct?" Another disingenuous argument. I don't know how many developers work on Firefox, but for the sake of this discussion let's say "50." Ok, so Firefox has 50 and Waterfox has 1? No! Waterfox encapsulates Firefox for the most part. So Waterfox has what Firefox has + 1 developer who strips out privacy-invading features from Firefox as his primary task.
@libBletchley You said, "(edit) I missed this: "Don't forget to adjust the settings according to our recommendations: WebRTC and about:config and get the privacy add-ons." So apparently FF-raw is not endorsed, and I overlooked that due to sloppy speed reading.. I probably saw "Firefox is fast, reliable, open.." and quit reading the box at that point."
So you're a wizard (according to @five-c-d) and you still missed this?! Just goes to show the high expectations on average users! I'm not going around in circles with you @five-c-d until you start addressing the root of these arguments. Here's a brief summary of arguments you've not addressed:
@five-c-d, you last said, "If you want Firefox demoted from the top3 and put into worthMentioning, then you have to make the argument, and show what should replace it..." This is just dishonest. Myself and others in this thread have made arguments as to why Firefox deserves demotion as a top privacy browser. You have the right to ignore our argumentation, but I find it dishonest to claim that we have not many arguments as to why other browsers are "relatively better in all key aspects" than Firefox for an average user's privacy.
Browse the closed pull requests and other issues. A lot of really good debates have taken place and they just get closed, with no explanation, by one of the moderators.
Not every PR is worthwhile and nobody owes it to anyone to commit a PR, as with any project; but the lack of explanation for refusing some of the commits after a lively debate is interesting.
This is one debate I am referring to. It's taken place multiple times.
@five-c-d Do you have another account?
You have an authoritative tone to your replies and its curious you have no projects in your profile.
I know there's a lot of other users that aren't active anywhere else on Github, which is also curious, given the nature of PTIO. Makes me wonder about the intentions of the recommendations given by the anonymous users, is all.
@angela-d No, I'm just one human, with one github account. I don't list any project in my profile because I don't run any projects on github :-) I didn't participate in your past discussions here trying to get the fork-browsers listed, but I did (as part of researching THIS thread here) read most of them. You were on the verge of getting something committed, but you insisted on a copyright-license that was incompatible with what the site was using at the time, from what I can tell. Which is unfortunate because a comparison-table is needed, not just for browsers but for a lot of sections. I'm working on such a thing for VoIP/etc, but I cannot use your stuff in my efforts because it is incompatibly-licensed and I am hoping to get some changes committed. Maybe reconsider?
@dm17
your six points, summarized
I see you making arguments, sure, just -- not ones that address the aspects that I think need addressing :-)
what I think the key aspects are, and are not
You have argued that "Gab made an extension, and Mozilla censors it? This is going too far... Part of 'privacy' is what you're allowed to see". Which I disagree with, see explanation of the slippery slope you are on upthread. You also argue "Waterfox even has a major following", see proxy-metric pageview numbers upthread, it has 3x the following of ELinks but perhaps half the following of BraveBrowser. You say "Firefox is not defaultly as private as other browsers" which is 100% true... but you imply that those other browsers are 100% equal to firefox, which is false, see every other paragraph in this comment-post for how it differs and why that matters. Yeah, default config matters, absolutely, but it is not the only thing that matters.
You have argued that "quicker security patches [is not] an argument for it to stay in the recommendation list no matter what" which is correct, if the final three words are emphasized. Quicker patch-cadence does matter, and who does it also matters. You have gone further, and argued that "well supported alternatives like Waterfox" is a correct description, but I think we just differ on what the words well-supported mean in this context. People that are hardcore nerds will have no trouble getting waterfox installed, and keeping it operational, with the size of the waterfox-support-community... but everyday folks that are not in that classification will sooner or later hit a snag. When there is a snag in your encrypted email, you can fall back on encrypted IM, and if there is a snag in that you can fall back on encrypted VoIP, or a face-to-face conversation.
No, I am talking about the enduser being hardcore, not about waterfox being hardcore: if they are a hardcore privacy-nerd, then sure, waterfox might suit them, because they understand the patch-cadence thing and can monitor the CVEs and then understand the codebase-vetting and can do their own source-audits, they are crystal-clear on how sha256sum from the command line functions when dealing with a potentially-untrusted distribution chain, and so on and so on ad infinitum. The problem is not that waterfox is hardcore necessarily, the problem is the enduser has to be hardcore when they run into a hiccup with waterfox-and-some-website-they-need-to-work at any point.
When there is a snag in your browser... the ramifications are more severe then a snag in your encrypted webmail selection, especially if you are not-super-tech-savvy (aka not hardcore). Websites don't email, text, call, or f2f. If browser X is not DTRT on some website the non-hardcore enduser needs to work, browser X gets closed and browser Y gets opened, or in the worst case browser Z. We are talking, for most everyday endusers here. The sequence implied by the privacyToolsIO listings right now: TorBrowser=X, FirefoxWithTweaks=Y, BraveBrowser=Z, which is a reasonable ordering, because reliability/compatibility probability goes up with each step. Waterfox does not seem to fit anywhere in that listing, unless one believes it is indistinguishable from FirefoxWithTweaks.
Because waterfox and firefox are not equal -- by any definition of what the word 'is' is. One is a soft-fork and the other is the upstream of that soft-fork. Waterfox removes some telemetry, slows down the patch-cadence, inserts some deprecated code for old extensions API support, and has a small teamsize (possibly equal to one fulltime human).
To be clear, I think waterfox is not a bad candidate for adding to the worthMentioning area... but it is not better than TorBrowser at achieving a high degree of privacy out-of-the-box, it is not better at chromium-compatibility than braveBrowser, and it is not as well-suited to everyday-endusers as firefox+ezAddons. To be even more clear, I don't have commit-access so I don't have any authority whatsoever, beyond being a fan of privacyToolsIO. I give it out to people that need digital-privacy-advice, when I don't have time to help personally; it is a good starting-point for them, regardless of whether they need a lot of privacy with a modicum of hassle (TorBrowser) or a modicum of privacy with not much hassle (Firefox plus three addons or thereabouts). I would still be a fan if it recommended ELinks + UngoogledChromium + WaterfoxWith77Tweaks, but it would no longer be a site suitable for everyday folks.
Project-reputation is not transitive in that way.
"The code" in waterfox is several things:
Maybe other stuff, I have not analyzed waterfox in depth. By contrast librefox avoids three of those four: they don't support deprecated extension APIs intermixed with modern ones, they don't soft-fork at all, and they let mozilla foundation do the security-patching work (no need to backport because librefox is not a soft-fork). They do complicate the distribution-chain, and they do alter the reliability/usability of stock firefox with their changes... but trying to argue about the SQA-level of well-vetted field-hardened configs is going to have to wait for another day since we are still stuck on code repos, let alone codepath tweaks. This is the heart of 'well-vetted' versus 'widely-vetted' however and ideally a project wants both a lot of competent devs eyeballing it as a whole, and a lot of endusers field-testing the specific desired config as a whole.
Also a strong contrast, TorBrowser avoids the majority of those four: they don't try to support very old firefox code, but they also don't try to support somewhat-new firefox code either, TorBrowser specifically targets somewhat-old firefox ESR which is maintained mostly by the LTS distros: IBM RHEL/CentOS and Canonical UbuntuDesktopLTS and their mainly-corporate clientele. This means there is backporting of security patches to TorBrowser... but for the most part the backporting work is done by huge teams at IBM and ShuttleworthFoundation, not by the TorBrowser team, who benefits from that upstream effort. Like with librefox, torbrowser complicates the distribution-chain and the security/reputation/etc thereof.
When you have a project like firefox, and IBM and Canonical work (with help and cooperation from Mozilla Foundation folks) to make downstream soft-fork FirefoxESR and backport security-patches to it, the ESR flavour as a whole is eyeballed only by the IBM and Canonical folks, and vetted by them. You do not add the firefox-rolling-release eyeballs onto that, because they are not looking at the same thing at the same time. ESR is a soft-fork, and must supply their own vetting/reputation/distribution/etc. They benefit from starting with a well-vetted codebase, but they do not inherit the associated properties whole-cloth, and how they use what they started with is more critical than what they started with usually... except in rare situations where the downstream entity dwarfs the nominally-upstream entity (e.g. MongoDB-on-AWS versus MongoDB -- cf the SSPL controversy).
Usually when you have a bunch of people that are hard at work on project baz, and then a small team decides to soft-fork project baz and create project qux, the result is not that qux is less buggy than baz, that qux is more secure than baz, that qux is better maintained than baz, and so on and so forth. Quite the opposite usually! Qux is fubar, despite starting from well-vetted field-tested baz. This is the inherent nature of the soft-fork: it takes a lot of careful painstaking effort just to keep abreast of all the stuff happening upstream, let alone improve on what upstream is doing. Especially if upstream has a larger teamsize. Especially-especially if the soft-fork has a lot of disagreements with upstream and makes a lot of alterations.
Analyzing which projects are more well-vetted, which project-configs are more widely-field-proven, and so on, is not simple, but it is not THAT difficult either. Everyday endusers don't understand any of the stuff we are discussing here, and to me, that is why it is worth discussing: we want to recommend something to them, that won't have them backsliding to GoogleChrome. This means we have to pay attention not just to a hypothetical privacy-features checklist -- which is important -- but also pay attention to some other concerns that have usability ramifications and project-stability/-reputation ramifications.
Did you miss the part where I replied saying I did not commit a license with my PR; PTIO changed their license AFTER my commit was submitted.
My PR was submitted in December of 2017, they changed their license in April of 2018. If the moderators had any intention on merging it at all, they'd of done so much sooner than that.
Shifterovich:
To which I replied:
Shifterovich:
He did not cite PTIO's license change as incompatible with my (older) PR.
I am not sure if you're entirely familiar how licensing works, but you can relicense projects and license your contributions independently of the project (unless the project leaders explicitly forbid it).
There is nothing in the GPL that forbids relicensing contributions. So this is a moot point and was not why the PR wasn't merged. This PR was one example that was closed silently with no reason given for the rejection.
So what you are saying is that all of the PR's prior to this license change need to be relicensed? Not a single person did that with their contributions. This is blowing smoke.
I'm just interpreting what I saw, and cannot speak for why the thing was closed. But my reading/interpretation is that it was closed because the license of the contribution was incompatible with the project-licensing.
And yes, I realize there was some timing-related difficulty: when you submitted your work in Dec'17, it WAS under the license of the privacyToolsIO content at the time you submitted. When the offer was made to merge in Nov'18, however, the license had been changed. And I believe it has changed again, seems like it was GPLv3 "codebase license" and then CC-BY-SA-4 "wikipedia license" and is now WTFPL aka "hyper-permissive" ...my understanding is that CC0 would be legally safer compared to WTFPL which has some downsides in certain jurisdictions so maybe the license will change again by the time you and I finish our conversation here :-) :-) :-)
Absolutely, if you are the contributor, and your work was an original and not a derivative-work of some existing effort.
That is only true if you are the original contributor! :-) I cannot relicense your original work on the comparison-table, because I received it as a GPLv3-licensed work. Any effort that I put into improving your original work, would therefore be a derivative-work, and by the terms of the copyright-license you granted me for the original, my derivative would also need to be GPLv3. Which I'm fine with, and I thank you for licensing thataway.
But if I want to get a comparison-table merged into the currently-WTFPL-maybe-someday-CC0-repo of privacyToolsIO, then I either need to start from scratch on my own comparison table (so that it is not a derivative work and I can set the license to be compatible with what privacytoolsIO is using nowadays), or I need permission from the original creator of the GPLv3 work -- @angela-d being the original creator in this case -- to relicense their contribution to WTFPL, or dual-license-GPLv3-and-WTFPL, or tri-license GPLv3-and-WTFPL-and-CC0, or something like that.
No, I wasn't saying that, but then, I'm not positive whether that is actually wrong. Is there not some kind of contributor-license-agreement, where privacyToolsIO contributors say "I hereby give copyright for my GPLv3 work of 2017 over to the people running privacyToolsIO website" or something like that? If not, then yeah, the project-license cannot be changed from GPLv3 to CC-BY-SA-4 to WTFPL just because the project-owners want it... they have to get sign-off from the contributors, either pre-emptively via clickwrap contributor-agreement type thing, or retroactively via explicit sign-off. I will see if I can find what is going on here, and if not, will open a separate issue about it.
I think they did
Here is the key bit == https://github.com/privacytoolsIO/privacytools.io/pull/379#issuecomment-442154952 and to me that was why the PR was closed, a licensing-conflict. I have the same understanding of the trouble, as @gjhklfdsa seems to have.
p.s. And before you ask, no they are not my sockpuppet, no they did not pay me to have the same opinion as them, no I'm reasonably positive we do not know each other in real life or elsewhere on the internet, and no I have no clue who they really are. We just have the exact same understanding of how copyright-licensing works. And we are both 100% correct about it as well ;-) Seriously though, it was closed because of a licensing-conflict, nothing more and nothing less.
@Shifterovich can you confirm you are still in favor of adding a comparison table perhaps, and that Angela relicensing her contrib would not be moot necessarily? I have not looked at her table, since I don't want to inadvertently infringe on the GPL license if I have to make my own from scratch, so I cannot comment on the table-contents, but you apparently liked them back in November 2018 from the "I'd like to add this" comment, so I assume the offer still stands, if the nobody-at-fault-here licensing snafu can be worked out?
The user that bought that up was one of the empty Github-profile users. He wasn't a moderator and cannot approve/merge commits.
Can you point me to where it states this, officially?
gjhklfdsa's profile is nothing but forks of projects. Another anonymous identity. His comments, actually, were the first to raise suspicion of controlled opposition involving themselves in PTIO. Why would a new, zero-history user give a toss about the licensing of an elderly commit that was submitted long before they even had a Github account?
Shifterovich made no mention of such being the issue. Again, the only person that even bought it up was an anonymous user that didn't exist when that PR was initially submitted.
... Have you read the GPL?
Have you looked at my fork? (It's long since been deleted!) - so again, what's the issue with the licensing..? As of now, that commit is in public domain. Its parent fork does not exist.
I'm exceptionally curious why you and gjhklfdsa are harping so much on the issue of a fork's license.
The license was not part of the commit. Since you have forks on your own profile, surely you understand how they work?
Pretend for a moment, gjhklfdsa didn't comment in that thread. Why then, was that commit not merged?
Shifterovich has said in other threads, "Pale Moon is too small to be added to PTIO" - and then regarding Brave (when project size is bought up): "We recommend many projects with less contributors."
Which lends weight to the fact if the moderator simply doesn't like something, it doesn't get merged, even if it may be useful to PTIO's audience. Likewise, if a moderator likes a project and even if its a bit of a disservice to PTIO's userbase, the project will get recommended by PTIO.
I don't disagree that this is PTIO's prerogative; it's their project - they are free to decline or accept any commits they want.. but it is disingenuous to close issues without an explanation, or inform users what needs to be changed in order to be accepted. In recent submissions, I seen Mikaela doing just that (requesting changes) so perhaps the leadership has begun cleaning up.
I don't have any forks in my github profile, but yes, I understand how forks work, and how pull-requests work, and what is a derivative work, and what is not, under copyright law. And yes, I've read the GPL, the first time was in the previous millenium ;-)
Any kind of project that is serious about libre-licensing, has to be serious about the exact process by which the licensing happens. Otherwise bad things can happen.
Any time you have multiple people contributing to a project, and all the contributions are getting merged together into a unified whole, and the point is to then redistribute that newly-upgrade whole under a specific copyright-license... you HAVE to do it properly, or you open the project up to risks at a later date. Specifically, the following sequence is definitely going to result in a copyright violation:
The failure is at step#4 ... C cannot legally relicense until they get permission from B. That is why gjhklfdsa and myself have asked that you please re-license your GPL'd 2017 effort, because it is not possible to perform the five steps above, unless you have this as step#4:
The other viable pathway is to have step#1 stay the same, step#2 stay the same, step#3 completely changed (person C is best not to even look at the GPL'd codebase -- they have to create their own original work completely from scratch aka do it all again from nothing), the simpler version of step#4 is now possible because step#3 produced an original work.
But those are the only two options: either get relicensing-of-the-original permission from the original author of the GPL'd piece prior to attempting to create a WTFPL'd derivative work thereof, or completely start from scratch and do not touch the GPL'd work ever. Otherwise person C is going to get project A in hot water, with tainted licensing fubar headaches.
I think the commit was not merged because of the license-incompatibility that gjhklfdsa correctly pointed out. It is a violation of copyright-law, for Shifterovich to accept a GPL'd pull-request, for Shifterovich to re-license the work as WTFPL, and for Shifteroverich to then merge the just-relicensed work into the larger existing WTFPL project. Only the original author of the pull-request can authorize the re-licensing step because they and only they hold the copyright.
This assumes that the pull-request was entirely original though! If the pull-request was not entirely an original work, then the author of the pull-request is not the copyright owner of their own from-scratch original work, they are the partial-copyright-owner of a derivative work that they based on an earlier work. Eventually if you follow the chain of authorship back far enough, you get to what is legally an original work, the source of all the derivative works that came thereafter. Signoff from each author in the chain is needed, if you want to fully protect the project against legal challenges -- such as DMCA takedowns which are the typical way copyright violations are handled on the interwebz nowadays.
No, as I explain above, it would be foolish for me to look at your proposed PR, because I am person C in the example. If you won't relicense your GPL'd original work under WTFPL before I look at it, then I'm going to have to start from scratch and write everything myself, carefully avoiding my efforts becoming any sort of derivative work, of your efforts those many months ago. Copyright is enforced decades later, and is implicit.
Are you saying, that you believe this happens automatically because the repo under your username was deleted? That is not how copyright-law functions.
Alternatively, maybe you are saying that you ARE explicitly re-licensing your December 2017 pull request contents, from GPL to place them entirely in the Public Domain? If so, that would be great, because WTFPL is a compatible license with PD, so I would be able to create a derivative work without headaches and without starting over. But I cannot tell for sure if that is what you are offering, or if you were just talking about copyright-law in general.
More details here == https://stackoverflow.com/questions/5419923/can-gpl-be-re-licensed And no, I'm not Flimm and I'm not Ted, but they both have a solid grasp of copyright law and copyright assignment difficulties. See especially "Jack speaks with the judge." And the related comments about why Linus Torvalds cannot simply relicense the entire Linux kernel despite being the namesake: he is not the copyright-assignee of large chunks of the codebase. See also https://en.wikipedia.org/wiki/Software_relicensing which gives examples of where large projects successfully relicensed, and from 2002 this draft, http://www.catb.org/~esr/Licensing-HOWTO.html#compatibility
I agree, sure, but I don't think issues ARE being closed without explanation. In your pull-request, specifically, the explanation of the problem -- licensing-conflict -- was pointed out by gjhklfdsa ("...it cannot be merged...without [the copyright-holder Angela first] changing the license...Would you be so kind [, Angela, as] to re-license your work?") And you replied "modifying anything at this point seems futile" which means "no I will not". After that Shifterovich closed the issue -- without additional comment -- because it was impossible to merge without a relicense, and you didn't indicate interest in relicensing. That's my retroactive interpretation of what happened at least.
Reading it closely, maybe you were just wanting to get some encouragement that relicensing would NOT be a futile move. If so, then I encourage you: please relicense, one of the six people with commit-access already wanted to merge your change, I'll try and help push the merge to completion, because I also want to merge the change. (Even though I haven't seen it... I know I want something like it... because once we get it in there it will make my life easier, small changes are easier to merge than big ones, and a comparison-table is just flat-out a Good Idea.)
Arguably it is, yes. Because it is a hard-fork, and because it is a browser, and while a small team can maintain a note-taking app like Turtl, the same cannot be said for browsers, they are insanely more complex, and a small security-flaw in a browser unpatched for six weeks is far more serious than a similarly-severe security-flaw in a note-taking-app unpatched for the same length of time. There are literally hundreds of attack-vectors against browsers, many of them automated-in-the-wild.
detailed teamsize comparison of braveBrowser vs paleMoon
BraveBrowser is roughly 2x the size of PaleMoon in terms of mindshare (see my proxy-metric calculations above), and in terms of contributors has a team of 75 people of which half are programmers led by Brendan Eich. From their github there are three people with triple-digit commit counts, and a dozen people with double-digit commit-counts. https://github.com/brave/brave-browser/graphs/contributors More importantly, though, the architecture of the project is extremely close to upstream now: prior to 2018 braveBrowser was envisioned as an electron-front-end-hardfork and built on an electron-back-end-engine-soft-fork. This led to patch-cadence delays of up to six weeks from the stable-chromium.
The APK version of braveBrowser began mirroring the front-end-chromium as well as the backend-chromium-engine (switching the upsteam one and two notches closer to the wellspring respectively) in late 2017 or something, and the desktop-flavour of braveBrowser intended to follow suit as of sometime during 2018 (not sure if they are 100% done yet though it seems they mostly made it prior to 2019).
In particular, the endgoal is expected to be a chromium-native browser with some relatively light soft-fork patching to implement the C++ code that does adblock, and removal of google-phone-home-telemetry, with the explicit stated goal of patch-cadence that is "should take less than a day" aka brave gets a security-fix within 24 hours of when chromium gets a security-fix, and explicitly tracks stable-channel rolling-release chromium (i.e. the same thing as what most rolling-release linux distros track... and unless I'm confused also what ALL linux distros that offer chromium do because the auto-update system built into chromium will start rolling as soon as it is installed from the distro repo).
Point being, they have a few dozen uber-hotshot engineers and they are now hewing pretty damn tightly to the stock-chromium flavour which means they share hotfix efforts with most linux distros. Firefox is still the default browser on most linux distros, last I checked, but plenty of people install chromium-or-braveBrowser side by side with (or instead of) their stock firefox. I don't know if they're hitting the sub-24-hour patch-cadence target but I don't have any question they can hit that target with the devs and money and soft-fork architectural choices they have made. If they don't I expect they'll keep pouring resources into the gap until they close it, because Brendan Eich is a sharp knife. https://news.ycombinator.com/item?id=18154545 especially the portion where @ohmygodel is grilling him is especially beautiful :-) [Edit: ahhh... ohmygodel is one of the core people listed at TorBrowser though I believe they are listed at the top because of alphabetical order and being named Aaron, rather than because they are the head-of-the-project or anything.]
PaleMoon has half the mindshare per my upthread proxy-metric calculations, five devs with triple-digit-commits, seven more devs with double-digit commits. However, they have to split their efforts across two projects that are significantly distinct at the architectural level, PaleMoon and Basilisk, and they have an architectural strategy which means nobody else can really help them and they have to maintain their mostly-hardfork of two different eras of the firefox codebase themselves, including backporting security-fixes to their two main named branches (not counting beta branches assuming they have those).
Basilisk is only available for Windows+Linux with no OSX+Android+iOS officially supported, which reduces the pressure on developers but also makes the privacyToolsIO recommendation harder to capture since -- my unofficial and completely non-authoritative observations only -- tools that support many platforms are strongly preferred in the top3 listings. (And for browsers in particular that seems important since people need a browser on almost every device they own and should not have to use a non-privacy-oriented browser if possible regardless of their device-on-hand at any given moment.)
p.s. Sounds like brave is explicitly planning to keep pace with UngoogledChromium feature-set, and vice-versa -- https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)#how-does-brave-compare-to-ungoogled-chromium From skimming they don't always agree with each other on whether specific patches are necessary, or exactly how to mitigate: UngoogledChromium eliminates all SafeBrowsing code whereas BraveBrowser proxies all SafeBrowsing via servers owned by Brave (stripping IP address and all other info of enduser prior to massblasting the info to google-servers and then mux'ing out the result-payloads back to the individual braveBrowser endusers).
This is a situation where privacyToolsIO could provide a new online service at safebrowsing.privacyTools.io whereby people that wanted to double-proxy their braveBrowser requests could do so? This would add latency for endusers and I think this is at a critical point in pageload so it might not be worth doing, especially since endusers are trusting brave's code and auto-updates -- including client-side machine-learning algos -- and it might thus be pointless to double-proxy the safebrowsing thing.
However, the ungoogledChromium folks might be interested in using safebrowsing.privacytools.io as a single-proxy solution to let them put the SafeBrowsing component back into their soft-fork? Probably what first needs to happen is that somebody proposes UngoogledChromium as worthMentioning though, before privacyToolsIO donation-bucks are expended on supporting that hypothetical scheme :-) And of course, no point in building such a thing if the UngoogledChromium devs don't even want to bake it into their browser-soft-fork, obviously.
I think removing Firefox would be a very bad idea as the forks cannot guarantee similar level of security (being always behind) and other browsers have too small teams or worse issues than Firefox making it the least evil.
Somewhat offtpic I am surprised that I don't find Pale Moon being listed on https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor being mentioned here with CTRL + F.
I have been uncertain on the codebase (I think I would feel more comfortable with markdown) and still am somewhat, even if it has improved and the preview builds make me more confident. I am a bit lost on my role (see https://github.com/privacytoolsIO/privacytools.io/issues/848), but I am doing my best.
@Mikaela There were some arguments above addressing the idea that all the Firefox forks are less secure that Firefox - you think they're all invalid? There is also an argument stating why it is unfair to say, for example, that Waterfox = 1 developer, while Firefox = dozens of developers... Since Waterfox encapsulates Firefox to a large degree, and that "1 developer" is dedicated to privacy improvements. Why is that argument invalid?
Would you mind linking me to the relevant comments directly? This is the 40th comment according to GitHub (excluding the original post) and I think reading them all from the beginning again would take a very long time. I have tried to read them as they arrive in my inbox, but I don't remember everything.
How long does it take for Waterfox to update when a new Firefox version is released (is it tracking Firefox ESR by the way?) and what happens when that person is hit by a bus?
This is exhausting. Who exactly needs to agree in PTIO before any chances in recommendations can be made? If he gets hit by a bus the Waterfox eventually becomes as privacy-violating as Firefox... And PTIO can change their recommendation again.
@Mikaela I summarized the arguments in the very last comment.
This is per @libBletchley 's preliminary research into the question
My own research into the type-of-forking indicates that Waterfox does not "closely" track ESR (like TorBrowser does), and does not track stable-channel-rolling-release-latest-version either (like LibreFox does), instead Waterfox is in a grey area where they start with ESR but then medium-soft-fork to add some deprecated code back in (older extension-API stuff to allow classic addons which are no longer receiving code-upgrades to still be installed). Waterfox dev backports security-fixes from mainline, but also I believe backports selected feature-upgrades as well. So it is not a medium-hard-fork like PaleMoon-and-Basilisk, but it is definitely not a light-soft-fork like BraveBrowser-of-2019 either.
Waterfox is more similar to the way Brave4desktop-of-2017 when it still was a partial-soft-fork-of-Muon. See comment here, "Project-reputation is not transitive in that way" portion. I am not positive there is just one waterfox dev, but reddit comments strongly indicate there is only one fulltime person involved. The focus on privacy is a fairly recent (but welcome of course) shift in emphasis... waterfox-in-2017 was still mostly about "supports classic addons API"
Mikaela is one of the project-leads. Who prefers markdown more than the complicated system of server-side-transcludes that some of the other project-leads who are sysadmins like to implement :-) So you are talking to the boss now, who could commit your suggestion in a few seconds, if you can make the case. There is some kind of internal-project-committer teamchat where they consult with each other internally, and things don't necessarily happen instantaneously ... especially when the suggestion would overturn longstanding precedent.
One question here is whether Waterfox ought to be WorthMentioning (which I think is a good one -- around since 2011 and privacy-oriented since 2018 or maybe earlier -- albeit with a caveat about "small teamsize so please also install a backup-browser" and maybe a caution to always sha256sum the binary prior to installing waterfox... or any similar thing for that matter).
Different question is whether Firefox ought to be demoted from top3 to WorthMentioning, and if so, followup-question is what ought to replace it (if anything... in rare cases there is only a top2 listing.)
p.s. Other threads should be opened for these, but some comments above discuss them. Yet another question is whether PaleMoonAndBasilisk are worthMentioning (my take is 'nay' and at one point PaleMoon devs explicitly said they did not want to be in any listings here). Librefox and UngoogledChromium have also been mentioned. And there has been a suggestion that BraveBrowser get demoted or doghouse'd as well, belongs in another thread.
@five-c-d
These are not related to PTIO. Since PTIO changed their license from GPL to "do whatever the fuck you want" I think it is certain they don't care about copyright of PTIO. All previous commits fell under this new license when it was re-licensed, I didn't see a single contributor re-submit their work or sign something stating they approve the change. I fall into this same group - while I appreciate the GPL, nobody contributes their efforts to something like PTIO and intends to keep close watch over who re-licenses their commits. This stuff about the license is pure nonsense.
I will say it again: gjhklfdsa is an anonymous user. He is not a PTIO team member. His suggestion was weird and off-putting, considering the age of the commit! Changing the license would not have gotten it accepted, else Shifterovich would have stated such when he closed it. It was denied for other reasons; most likely because he didn't like the forks as evidenced in my prior reply in this thread.
At this point, everything you and I say is speculative and it doesn't matter at this point. The site structure has changed since that commit was submitted, even if he had a change of heart, someone needs to re-write it with the new layout. I will not be wasting my time submitting anything unless I'm made aware before hand the commit will be retroactively accepted.
You are not a member of PTIO and this is the point I am trying to get across with gjhklfdsa's comments. You do not have the power to merge anything. You can submit a commit (as I have), it is up to a member of PTIO to accept and merge it.
What's considered too small and who has that authority? I am a regular Waterfox user and have been for years; I am fully aware of how large the project is. To me, it isn't too small. I'm aware of my threat model and for me, it is fine. IMO, this is where something like a comparison chart would be useful. Whereas someone like me who wants to simply dodge advertisers and trackers - Waterfox is sufficient. Something like Tor is overkill.
On the subject of Tor: Recommending this as a top suggestion to privacy newbies is a bad idea. You don't know who owns the node you're running on - what if someone logs into their bank account while on Tor and there's a bad guy on the other end? Tor is good for certain types of privacy, but users should be aware of potential risks while using the network, too. For a whistleblower sending things around that could get them killed, perhaps they'd need something more finely tuned for their threat model.
Arguments on Tor:
If Pale Moon and Waterfox are indeed deemed too small for PTIO, perhaps the PTIO team members should create guidelines for project sizes? Thresholds clearly outlining what a project needs to have met in order to be listed?
This is something that rides a fine line between personal preference and objectiveness and PTIO isn't clear on their overall consensus.
Likewise, where are the stats going to be obtained from? Registered members on the projects' Github, or what about contributors; patch submissions?
I suspect that was largely due to some of the childishness is that thread with personal attacks against a developer that joined the conversation.
It seems like it would be a rash decision to change our recommendation of Firefox (or Signal for that matter) without discussions at least coming to a close on both sides, and these are clearly very polarizing topics because many arguements are still being made both for and against removing/replacing our recommendations. I don't think we should make any decisions while discussions are actively ongoing.
In an ideal world, users should not have to be constantly staying perfectly up to date with the recommendations on privacytools.io, because the services currently being recommended are in theory relatively stable. If Waterfox is possibly a bit more private now, but Firefox is far more likely to be protective of it's users' privacy and security overall in the long term, because it isn't just going to... disappear one day, then in my opinion it makes more sense to recommend Firefox at this time.
Link? Didn't notice that anywhere.
https://github.com/privacytoolsIO/privacytools.io/issues/375#issuecomment-458566713
I think it's a good idea to make decisions before and after conclusion of an investigation. Consider the take-down request scenario. When content is claimed to be in violation of copyright, a hosting service would be taking an unreasonable legal risk if they maintain the publication while investigating. To mitigate legal liability, it's critical that a hosting provider complies immediately (before they even know if copyright is really at issue), and then decide at the end of the investigation whether the content can go back online.
PTIO isn't dealing with take-down requests, but it's still useful to be able to react quickly, knowing that eventually the right long-term decision will be reached. So it's really a question of: is it more damaging to fail to make a good recommendation, or to make a positive recommendation for something that is harmful? And while some people may be on the fence about that, the next question is: which carries more legal liability? I think neglecting to make a good recommendation is less harmful and less legally risky than recommending something that is harmful.
In reality, I can't imagine that anything PTIO recommends or fails to recommend would result in legal action. But just in terms of being diligent, being able to instantly remove something and restore it later after the discussion would demonstrate due diligence. At the same time, you wouldn't want to take that course on every minor flaw being reported. In the case of Waterfox there was no real drive to act quick. But if serious bugs are discovered being able to make a quick change is a good thing.
Regarding Pale Moon
I suspect mattatobin is a kid who is more of a business person and not really a privacy ethics proponent. He has too much respect for advertising. Pale Moon is like Duckduckgo - uses false positioning to get a piece of the privacy market when the product they pimp isn't suitable for it. Unlike DDG, Pale Moon struggles to maintain the pro-privacy narrative. But I would not simply write him off as a kid and disregard. He makes a good point about PTIO lacking credibility and the perception of that. He knows his Pale Moon has the same problem, and so he doesn't want to be further defined by PTIO. It's mutually beneficial if PTIO not endorse Pale Moon. From there, PTIO credibility will improve as some of the junk references get pulled, but Pale Moon will remain trapped in fake privacy.
I am not, I am just the newest member and possibly the most unsure one (https://github.com/privacytoolsIO/privacytools.io/issues/848)
I would like to think of myself as sysadmin, but as HTML isn't considered as coding, I probably cannot blame coders or devops on it.
I think the boss would be @BurungHantu1605 and my personal todo commits in other projects can also take days and I kept this email thread unread for three days (and I still didn't feel like going through it).
It actually has 4 of 9 people currently and I haven't seen one since I joined.
The top 3 seem to currently be Tor Browser, Mozilla Firefox and Brave in that order and I wouldn't start changing them.
👍 I have heard many people telling that they have had problems getting their family and friends from WhatsApp or Telegram to Signal or Riot and later when some services have went down or gotten hacked, they have had more trouble keeping the people on those platforms or trying to switch them to something else that they may not have ever heard of before.
I worry that some users would take Waterfox as recommendation and then bus factor happened and it would be unmaintained with many users thinking it's fine or secure, because it was recommended by Privacytools.io whenever they happened to read it. I don't know how often people generally check the site, but I know I wouldn't look at it this often if I wasn't actively discussing here.
Not yet, but I fear article
1317 may cause them towards services and who knows when there will be a takedown request due to terrorist content?Europeans, remember to vote next month!
Pretty long thread. I trusted Mozilla for years, but they have lost the original path. Alternatives aren't lacking, but the userbase and devs aren't so many. I personally use forks as Palemoon, as I still trust their choices. I want to make a point here: the trend of accusing any dev of being behind mozilla releases has a big flaw. Firefox releases are fast and tend to give new feats and experiments instead of closing real bugs and following users requests; so a fork that's some version behind upstream development seems lacking alot, while in reality is just a few bugs/corrections behind.
So, I don't mean to run outdated versions, but to run the versions that satisfy your needs.
You can look at Firefox release notes and see if the latest bugs/modifications apply to your own personal usage.
Most of the times these new feats doesn't bother me at all, so I stay on current ESR or even older ESR versions.
Would it be acceptable to change Firefox recommendation to Firefox ESR (https://github.com/privacytoolsIO/privacytools.io/pull/881)?
PrivacyToolsIO already recommends FirefoxESR as the top#1 pick, because TorBrowser is a lightly-modified FirefoxESR. (Shifterovich suggested at one point that it might make sense to recommend TorBrowser-with-TorNetwork-integration-disabled as the top choice ... because some sites block Tor and whatever.) So I think recommending Firefox ESR would increase stability for an enduser, but does not really increase security. And except in situations where Mozilla Foundation is pushing non-addon-related changes into the core of firefox-latest-stable-rolling-release that impact privacy, I don't believe Firefox ESR offers any privacy-increase over firefox-stable... and it does risk site-breakage, in small ways.
ESR is a very-well-staffed very-light-soft-fork, but *stability*-oriented
It might increase privacy, if Mozilla Foundation does something stupid ... as they have done over the years, from time to time. But ESR is really just a slightly-older-version of firefox, a soft-fork which is very light and also very-well-staffed -- it basically just pins a particular firefox version as 'the ESR' for 2018 or whatever, and then a fairly large bunch of people (IBM CentOS/RHEL + Canonical UbuntuLTS folks primarily) cooperate to backport security-fixes in a timely fashion. You can get a download in English for Linux/OSX/Windows in dozens of languages -- including @JonahAragon 's own country where Aragonese is spoken apparently! -- https://www.mozilla.org/en-US/firefox/organizations/all/ is the main place to get binaries direct (though if you run Linux your package-system also usually has a 'better' way to get firefox ESR rather than firefox-rolling-release-latest). As the page says, ESR is intended for "schools, governments, and businesses" aka people that care more about the switching-costs of maintaining their hundreds/thousands of PCs than about people who want every website to Just Work(TM).
That is the price of ESR, which it definitely does pay: most website-developers test in the browsers that are widely used, and Firefox-stable only has single-digit marketshare these days. If the website does get tested in Firefox, at all, it will only be firefox-rolling-release which gets a bit of SQA love, unless the website is aimed at exclusively government subcontractor employees, or something. So there is a stability-upside to running the ESR soft-fork, in terms of not getting something sprung on you by Mozilla Foundation ... and because large entities like IBM/Canonical/etc which use ESR in their enterprise-flavoured Linux distro respins handle the backport-effort there is zero BusFactor and security is not lowered ... but there is definitely a "risk that normal website XYZ will not function quite right".
The main goal of this thread is to replace Firefox with Waterfox, which I don't think is wise... though I don't think it is unwise to list Waterfox as worthMentioning (currently it is not), maybe that should become a different github-issue. The alternative suggestion that FirefoxESR should replace Firefox in the 2nd-recommendation-slot, does not seem to address the concerns of "mozilla is pushing political agenda when they remove addons" at all because both the rolling-release and the ESR release depend upon the same addons.mozilla.org location I believe.
(Whether the addon-developers test their stuff on ESR is, much like with whether website devs SQA their websites on ESR, pretty unlikely... and because privacyToolsIO has a lot of addons strongly recommended, this is an important consideration methinks. Most addons will tend to work on ESR, because they used to work on Firefox 60, the current ESR base-version, back when it was first released... but presumably it is rare that addon-devs keep testing on Firefox 60, they just test Firefox alpha-channel and Firefox rolling-release-latest-stable if they test more than one variant, I would guess.)
And although ESR has more security guarantees (patch-cadence speed and eyeballs and vetting of the backports and the hit-by-a-bus-factor) compared to waterfox, unlike waterfox ESR is not really privacy-oriented... it is just stability-oriented / sysadmin-friendly for deployment onto thousands of systems in schools/govt/corporate environs. Usually deployed side-by-side with 'spyware' mandated by the school/govt/corporation to make sure none of the students/bureaucrats/employees are downloading malware (captive portal that strips SSL and desktop-IDS-agent and whatnot).
There are some advantages to listing TorBrowser first: the more people utilize it with the stock settings, the more the TorBrowser userbase will be anonymized, because there is safety in numbers. But because it is using TorNetwork, and because it is based on a soft-fork of firefoxESR (which itself is a very light soft-fork of firefox-latest-stable), there are definitely some websites which TorBrowser "breaks" aka the site does not work properly. Endusers need a way to fallback to a more mainstream browser-offering, in such situations... and I think Firefox is a better pick for that job, than FirefoxESR, because of the testing-thing and because of the addons-testing-thing outlined up above. (When the website breaks even in firefox-rolling-stable then the fallback is BraveBrowser since it is chromium-based.)
p.s. It looks like @Shifterovich has already approved the commit in pull#881, but I am unclear on whether that was to the netlify thing, or to the full repo which will go live?
This seems reasonable, on paper. But there is a catch.
unless the discussion has a moderator it will become a brawl that drives away contributors AND comes to the wrong conclusions
It is pretty safe to say that @libBletchley will never agree that Jami is not the best of the best, until some other esoteric tool arrives they love even more. I also get the strong vibe that @Mikaela will never agree that OMEMO is not the best of the best. Both those have been around for at least a dozen years, never gaining traction, and though I might one day decide signalapp is not the best-shot-at-actually-taking-out-skype-and-whatsapp-and-friends and therefore giving a reasonable chance of thwarting mass surveillance (by reaching the masses), I think it is completely and totally implausible to hope that Jami or XMPP can ever catch up with wireapp's everyday-person userbase, let alone signalapp's, let alone facebook and their gigantic whatsapp+instagram+fbookMsgr walled garden. Messengers are a network-effect industry and usability is the key.
But these are arguments about the future. They are important arguments, but they are not something that one can prove with a line of code. They are predictive in nature, which makes them inherently subject to doubts... and therefore, neverending discussion. Mikaela also wants to boycott BTC because climate change. LibBletchley also wants to boycott AWS (which includes github + signalapp + wireapp) because Amazon. Those are not arguments about code, those are purely political arguments about ethical stances, which inherently will cause neverending discussion.
I think you just perfectly outlined why the people with commit-access CANNOT afford to just let things be discussed. It would be endless, exhausting, marathon word-battle, signifying nothing but emotion and political pre-conceptions. Factional infighting and a corrosive atmosphere would result, eventually poisoning the listings themselves. There must be a process. There must be a referee who can step in and keep the debate productive, rather than repetitive endless "uhHuh nuhUh uhHuh nuhUh" to infinity.
Github is not the place for such things, bickering about politics is for twitter and other stupid places like that, please please please :-)
If the people leading the project -- which absolutely positively includes Mikaela despite being unsure of the role which best suits their talents yet -- fail to keep the discussions from going off the rails, and critically, help discussion reach the PROPER conclusion for the intended readership of the website, sooner or later the project will fail due to infighting. Decide on the intended readership: is it section1 for everyday people looking for an alternative to Chrome, and section2 for people that don't mind waterfox and have a threat-model that accounts for the hit-by-a-bus-factor, and section3 for people that will hand-compile ungoogledChromium and use LibreFox+NoScript from the air-gapped OpenBSD when ELinks fails them? Figure it out please, and then document the decisions.
Nobody wants to read huge discussions that are always going off-topic -- so exercise the github project powahz and when something is off-topic, edit the post as the site-moderator. (Ideally move the info to the 'right' location ... which might be forum.privacytools.io or might be "take your issue off OUR github and blog elsewhere" type of thing ... but keep github which is intended to help improve the contents of the listings, for the intended audience of those listings, get sidetracked.) Nobody wants to contribute into a vacuum -- so try not to close something without at least a terse rationale. (Even the "obvious reason" is not obvious to all the people all of the time!)
But DO NOT just let the discussions rage endlessly, please, devolving into name-calling and bickering and all manner of weak argumentation propped up by appeal to factionalism. This is github, not facebook. Please. And when something is not going to happen, close the issue and set a deadline for when it can next be re-opened, but give people an outlet where they can continue the discussions -- as long as they ARE discussions using logic not name-calling and objectivity not biased selectivity -- such as forum.privacyTools.io or chat.privacyTools.io or whatever the people leading the project decide is the place for such things.
My recommendations are long and verbose, but my TLDR is simple: the people with commit-access are the leaders of the project. Set the parameters that will help you run the project well. And then enforce them, as necessary, acting as the referee and the moderator when needed, and then putting on your "individual contributor" hat whenever you want to participate in the discussion. But keep it a proper discussion, a logical debate about how to best present the website-listings that is centered around "is this html snippet an improvement versus this other one," and if yes why, and if no why not.
Try to keep the political aspects out of github -- by which I mean, it is fine to state "wireapp should be demoted because it runs on AWS and here is a link to why Amazon is evil" and it is fine to state "BTC is morally wrong because it uses proof-of-work which is more energy-intensive and here is a link to why climate change threatens us all". But the moment that those briefly stated rationales about "change line X of HTML to Y because Z" start to become arguing about the validity of Z aka bickering about the rationale rather than just stating a counter-rationale, github at that instant has turned into facebook/twitter/etc.
The referee hat must be put on, to stop that inherently-never-ending infightin, from happening. If the people with commit-access refuse to exercise moderator-powers and perform the referee function, the political discussion is allowed to happen. But this is github, and that is not the place for political bickering: the result will be an endless battle about IPCC'05 predictions versus recent research into ice cores from greenland, and in the very same github-issue, comparisons of Linode uptime versus OVH, and none of that belongs on github when discussion is supposed to be ABOUT whether to replace signalapp with jami or replace firefox with waterfox ... or at least, not if you want to avoid infinitely-long discussions that result in poor decisions.
As usual @libBletchley and myself disagree ;-) Treating the listings as if they were subject to Political Transgression Takedown Notices would completely destroy the usefulness of the website listings. But I do agree that, when a listing is being challenged for removal, it makes sense that there should be a little annotation attached to the listing which says something like "being discussed" and a hyperlink to the discussion. I suspect libBletchley would prefer the annotation be in 200pt blink-tag "WARNING: Under Investigation For Suspected Links To Privacy Abusers" given that they wish every github issue would immediately delist the tool in question :-) So I'm against that.
But it does make sense that when Ricochet is 'being discussed' or when firefox is 'being discussed' or whatever, that a note can be added to their listings. This needs to be a logical and moderated/referee'd objective conversation, though, and arguably, the 'being discussed' annotation should not be added until a discussion was open at least a week, and be immediately removed when the project-leadership (meaning anybody with commit-access) decides the discussion is no longer worth highlighting from the listings themselves. See above notes about "discussions that are endless in nature should be moved from github to a more suitable venue for the off-topic-in-github point of contention".
And on that note, since this is a thread about removing firefox, I'll shut up about meta-discussion for how to run the thread about removing firefox, and the other contentious github issues in similar vein ;-)
The only thing that is endless is your posts and strangely exhaustive and exhausting style of writing @five-c-d. If time is money, then you're obviously much better funded than me to shift PTIO opinion. I also view all the sarcasm as corrosive.
I'm a long-time-listener but a first-time-caller on privacyToolsIO, and when I arrive in the github, the first thing that I notice is "replace signalapp with jami because Amazon is evil" despite the tracker and the much worse usabiity, the second thing I notice is "replace firefox with waterfox because removing GabDissenter from the addon store is censorship".
Those are NOT technical complaints. They do NOT speak to whether tool X is better than tool Y, they very explicitly are virtue-stances based on factional politics, one left-wing and one right-wing. I see privacyToolsIO as a website that gives solid technology-upgrade advice to everyday endusers, and you want to give them bad advice: taking waterfox from not-listed-at-all to the top3, and removing firefox from the top3 and ditching it entirely over an add-on. I'm not being sarcastic here: that seems to be your actual position. If it is not your actual position, recommend you click edit and fix the OP to give your actual position, the technical things you see wrong, and an objective comparison on the merits of the various projects that might serve as alternatives.
PrivacyToolsIO is a project that is growing increasingly valuable, and that comes with a downside: people show up wanting to push their pet issues. My "pet issues" are that I think the listings are pretty good as-is. That's why I've been recommending privacyToolsIO website to people for many months now, and using it myself for even longer: because the listings are sensible. If you had your way, @dm17 the listings would still be sensible but they would only be USEFUL to people with a lot of tech-savvy or a lot of time to spend overcoming hassles and hiccups.
PrivacyToolsIO saves me a lot of time, because it gives good recommendations that everyday endusers can deal with, so I can recommend it to them. If the listings stop being helpful for those everyday endusers, it will cost me a lot more time than I'm spending trying to keep signalapp and firefox and other tools that have been stable long-term top3 listings for years, from being delisted and doghouse'd over things that belong in a forum, not here on github.
I don't run the project. Maybe I'm in the wrong here, and the goal has been to always recommend tools that hardcore people need, and ignore everyday folks. If so, fair enough. Alternatively, split the listings into two sections, or three sections, with high-hassle things like ungoogledChromium and neoMutt at the bottom of the page, low-hassle things like firefoxFocus and tutanota at the top of the page, and medium-hassle things like TorBrowser and Waterfox in the middle section.
(FirefoxFocus is pretty low-hassle, it is distinct from normal Firefox though, and only runs on smartphones so you may not have used it.) FirefoxStable, even with all the tweaks, is not as high-hassle as ungoogledChromium, where you have to build it yourself or risk installing a community-built binary from github. (Not something I want everyday endusers getting in the habit of.)
But yes, agreed, if you want NoScript+uMatrix then firefox is medium-hassle, definitely. Whereas if you just have firefoxESR+httpsEverywhere+decentraleyes+canvas addons, that's arguably pretty low-hassle, and all of them are available from an internationally known foundation with an army of software engineers.
You can install waterfox without TOO much hassle (see below about hashvals), but you lose the patch-cadence by a week or two (more if there is pneumonia or worse hit-by-a-bus), and you also lose the well-known brand because the download is from https://storage-waterfox.netdna-ssl.com/ quasi-officially or from https://github.com/hawkeye116477/waterfox-deb or maybe https://build.opensuse.org/package/show/home:hawkeye116477:waterfox/waterfox ...so I would recommend sha256sum to make sure the binary is legit. That's not high-hassle like building it yourself, but it is not low-hassle either: thus, medium-hassle (plus I think you have to add NoScript to waterfox just like you have to add it to firefox... it is not tweaked-to-the-max by default).
TorBrowser I actually consider medium-hassle, even though it is pretty straightforward to install, because of the usability issues (sites blacklisting exit-nodes and ESR baseline and whatnot).
You keep pushing this... No ons has mentioned Signal in here, and I do not see how your analogy is valid.
Just attack the issue of censorship and Mozilla making most of their $ from Google head on - no need to analogize like this.
Why? The privacy violating omissions from Waterfox that Firefox supposedly has are invalid? Why?
They do speak to whether it is better in terms of privacy. If that is the intended goal here...
It really seems like you're the one that can't stop discussing politics here. No one else is doing that. Us "wizards" are binary. Either there is censorship -or- there is not. Either there are privacy leaks -or- there are not.
Not only is this disingenuous; it is a lie. There were many other arguments for questioning the legitimacy of the Firefox recommendation within this thread. It is not "entirely over" an add-on.
Does not suffice as evidence that you are not... You've been sarcastic many times above.
You are correct, the full position within this thread to remove Firefox is not within the OP. I will not edit the OP as per your recommendation, however.
Done, if you scroll up you're see the comparison between the changelog of Waterfox (of removed privacy-invading code) with Firefox.
Straw man. No one argued for politicizing listings. I'm sure you can read the tone above of me getting tired of your antics - and this type of response is exactly why.
Please expand on this argumentation. It does not seem valid.
Insult noted.
You still have refused to argue why Firefox requires more tech-savviness than Waterfox. I'm not arguing for the idea that we should leave out less tech savvy people - therefore, again, you're arguing against someone/something else.
OK, I see no arguments here against this #856 - therefore it is off topic.
Another straw man. This insidious argument has been addressed many times in this tread. Please cite or link to one person that is arguing that we are targeting "hardcore people." This term is one that you injected into this thread, and why? @libBletchley effectively argued that layman should more easily be able to use privacy-focused recommendations - and I believe that I did too. No one here is arguing for "wizards" or "hardcore people" - this is one of those many insidious, sarcastic, and unfounded contributions to this thread by yourself. Please support this argument.
Please support this argument. It has not been done above or in other threads so far. If you believe it has been, then please quote those specific passages in those specific threads.
Yes, myself and others think it is honest to give comparisons between privacy focused browsers to everyone, including non-"wizards."
politics matter
When Amazon and Facebook each spend ~$200k to fight the California Consumer Privacy Act, they support mass surveillance. When you support those companies, you are working against the mission to provide "knowledge and tools to protect your privacy against global mass surveillance," by advocating to recommend tools that undermine "privacy against global mass surveillance".
It's not generally a coincidence that tools that abuse privacy are also tied to political activity that undermines privacy. Makers of privacy-abusing tools need to lobby against privacy-respecting laws for their bottom line. So when you continually repeat the "politics don't matter" narrative as an argument in attempt to support those suppliers, you are doing harm both in terms of policy and in terms of the technical nuts and bolts of which tool protects the user's sensitive data, both of which are relevant to the mission statement.
Stop supporting our adversaries.
This is exactly the kind of thing, that I'm trying to avoid, here in github: endless political arguments.
politics stuff
I think that mozilla removing the addon was politically wrong. We agree. But the conclusion you draw is therefore "delist firefox because mozilla foundation which is the sponsor of the software engineers who write firefox are doing things that are not good". Whereas the conclusion that I draw is "show me where in the firefox codebase privacy is being reduced". See the very first post I made: you are on a slippery slope.
What if you learned that one of the software engineers at mozilla held a political position you agreed with? Would you want to re-list firefox again? What if you found out the waterfox dev had donated to a politician who held positions you disliked? Would you want it delisted over that?
Firefox has been getting most of their money from google for almost a DECADE now. Since before chromium-and-chrome even existed. That is not new; what would be new, is if you had a better option. Waterfox gets most of their code from firefox, which gets most of their money from google, which means waterfox is funded by google, right? And uses code written by evil mozilla foundation people, right? This is not logical and objective. This is a political transgression and guilt-by-association.
My position is that privacyToolsIO discussions -- here in github at least where tools-listings are handled -- should concentrate on the privacy of the tools. And nothing else.
It is not an insult -- you should see my list of pet issues for signalapp it is a mile long -- it is just objectively the truth that gabDissenter is a pet issue. You are here trying to delist firefox because an addon you used was removed from their addon-website. If that addon was used by hundreds of millions of people, or billions, that would be one thing. If that addon was a privacy addon, one of the privacy-addons listed in privacyTools.io website, that would also be proper as a motivation for demoting, if not outright delisting. But the addon was rarely utilized, and not a privacy-addon, it is a chat-addon which as far as I can tell had no encryption. It is a social network addon for public shared commentary. That's not a privacy-addon, that's like neoFacebook-or-neoTwitter-or-something.
Of all the people out there in the world using Chrome on Windows10, would they be better off if they installed firefox with some addons, or waterfox with some addons? In terms of their privacy. And in terms of their overall privacy, over the long term. That is the big picture issue, that will help gradually rollback mass surveillance.
*delisting* over political transgressions, vs *promoting* privacy-respecting tools w/ high-quality codebases, and may the 'best' tool win
My thinking is that waterfox should be added to worthMentioning, it is a long-standing project which has recently shifted to a privacy-focus in the last couple/few years.
But you didn't come here to advocate "hey can we add waterfox as WorthMentioning because it is now privacy-oriented". You didn't come here to say "hey can we add GabDissenter into the recommended list of addons as a censorship-avoidance tool." Either of those, might have been something I could get behind (but it would depend if gabDissenter has any well-vetted crypto on the latter point... don't think they have any besides link-crypto).
What you came here for, was to argue that Mozilla's political transgressions make them an untrustworthy entity and thus all their works must be delisted. That is firefox, top2 in browsers, but also Thunderbird, top1 in email-clients, and also FirefoxSend, top2 in file-sharing. More than that: TorBrowser is based on FirefoxESR and if mozilla is evil because of their political transgressions, we better get rid of TorBrowser because obviously they are evil if they cooperate with evil mozilla foundation. Debian ships firefox as the default browser, maybe that makes them evil as well? Where does it end, here?
This is correct. I'm just speaking to the initial motivation. There is going to be another scandal linked to mozilla foundation later this year, I'm sure. And the year after that. And the year after that. See above: will you recommend removing any tool that is linked to mozilla foundation, or that uses their code internally, or that ships their code as part of a bundle, or that is soft-forked from them? You are recommending waterfox as the alternative to firefox... but if firefox were to stop existing what would happen to the small team that maintains waterfox... since it is a soft-fork of firefoxESR?
I am happy to address your other points, @dm17 , all fourteen of them which I have not yet (I counted). But to me, these ones are the ones which really matter. So let us get through them first please. Or not, if you insist I can reply to your others -- though as I say, political discussion are neverending ad infinitum. And as you say, such endless discussions can be exhausting.
Either you are politicizing the discussion, or you are not. To me, it is blindingly clear that you are here to punish mozilla foundation because they refused to host an addon that you like. To you that is censorship, to you that has short-term ramifications for trusting them, to you that has long-term ramifications for privacy. We agree, more or less. We just disagree about what to do about those things.
You can still use the addon, just, you cannot use it from the addons.mozilla.org website any more. Was that a good move by mozilla? Not in my book, no. Not in your book either. It was a political move. Might have been necessary if they were getting pressured by France or something, but I don't get that vibe, I think they self-censored their addons as a political stunt. But that is where my process halts.
Does that mean firefox, thunderbird, torBrowser, waterfox, debian, etc... must all be delisted? No, and why not? Because this is a site about software, about tools. Not about politics, not about foundations making political moves. Does the move reflect badly on the foundation? Yes. Does the move bode poorly for the tools, in the long term? Yes. Does the move make the tool bad right now such that everything named firefox must be delisted? No.
p.s. libBletchley
There is no question you are here to politicize discussion @libBletchley -- I don't expect to convince you that polarizing political guilt-by-association is going to screw up the listings, because you don't see that as a screwup, you WANT the only voip tools listed to be Jami and maybe Tox. But how can you support Jami, since it is written by Canadians, that is Five Eyes territory? If politics matters, and global mass surveillance is the eventual endgoal, that is top of the heap right there.
The problem with politicization is that every single tool has failings. The important problem with Jami is that it has terrible usability and FirebaseAnalytics in the playStore version, so to use it you have to be savvy enough for F-Droid and savvy enough for RingCx identifiers (plus maybe Ethereum-blockchain-usernames though I doubt those can be anonymized against timing-analysis attacks... blockchain is not an encrypted remix-ledger!)
Those problems aren't enough that I would advocate de-listing... indeed, I'm in favor of either listing Jami under the IM category, or better yet, merging IM+VoIP since there is so much overlap nowadays across those two, better to compare them all head-to-head. But the reason I don't think Jami is evil, is not because I love Canada and approve of trackers in APKs, it is because I think all tools are a mixed bag, especially when usability by everyday endusers is amongst the criteria which matter. And thus, I want objective non-politicized comparisons of the pros-n-cons, not boycott-the-badguys kind of stuff. Not on github.
@five-c-d My approve was only UI-wise, I haven't had the time to look into this issue yet, so I can't really comment.
replying to the long post at https://github.com/privacytoolsIO/privacytools.io/issues/856#issuecomment-484704400 by a now ghost
ghacks user.js is NOT Librefox and Librefox does not use the ghacks user.js as intended
Librefox simply used our comprehensive list , of which a lot is inactive and only there as a FYI, and quite a few of them as warnings not to tinker with, combined it with items from a few other sources (not even checking if things were deprecated or even correct), and then turned of almost everything it could. I could have done the same in a few hours. Let that sink in for a minute: it's source is multiple lists, combined, not checked, and contained outdated prefs .. outdated prefs.
The ghacks user.js is refined, always up to date. The librefox tweaks are just insane with as many changes as possible from default, and many are irresponsible, and many (hundreds) are not even needed. The dev come out of nowhere, spammed the product on reddit (or someone did), got 1.2K likes in a week, and then disappeared. It's a dead product, and a highly dangerous one.
Please don't associate our work with that abomination, thanks
I am open to other suggestions than OMEMO as long as they fill the requirements of me + people I currently communicate with XMPP+OMEMO. It may not be the best, but to quote someone from Matrix, perfect is the enemy of good and I am in understanding that the current setup (between people I use OMEMO with) is roughly equivalent to Signal.
On popularity of XMPP, you may be interested in XMPP.org/uses which does list WhatsApp as XMPP based. If I recall correctly XMPP recently turned 20, but OMEMO's first draft is dated
2015-10-25. Jami and Wire I am not checking now, I am using neither of them nor Signal.On the rest, this thread is too long for me and I didn't see anything else addressed directly to me. I have asked the team chat about this again.
And in case I didn't say it before, I cannot get over the bus factor of Waterfox and proposed Firefox ESR as a compromise in case it could be something "both sides" agree with. Personally I am running Firefox 67.0b14 (beta channel).
Btw, i recall that there was something with firefox esr that it only got critical and high security updates, leaving the medium and Low. Don't pin me on this yet. though, ill try and see if I can find it again tonight, but its something to keep in mind.
links that outline when security-fixes land in firefoxESR
@blacklight447-ptio , you are mostly correct, only the critical / high-impact security fixes are ALWAYS backported (by mozilla at least... not sure about what TorBrowser project does with their lightly-soft-forked flavour... and the major Linux distros also have their own repo which contains firefoxESR on their LTS variants). When a security-fix is medium-or-low, aka some software engineer decided "this is not high nor critical" then whether or not to backport is a discretionary thing... up to some other software engineer, who is working on firefoxESR specifically, usually, and has to triage which things get pushed right away and which things get rolled into a later ESR-version-bump.
In other words, sometimes Mozilla will backport the "medium bad" security-hotfix to FirefoxESR, and sometimes they will just document it and publish an advisory saying 'hey there is this vulnerability and here is the firefoxStable fix'. Whether downstream projects like TorBrowser and Debian do their own backport work on security flaws Mozilla decided were medium-and-can-be-deferred-a-few-months? I don't know.
There are also security-related things that are considered "new features" rather than being classified as "security holes" ... and those are NOT backported to firefoxESR by mozilla, although obviously, any that do work out, eventually become integrated into the next firefoxESR (released every eleven months or so roughly speaking).
The advantage to running ESR is that you get stability, and you get a bit of post-beta field-testing done, prior to any update -- even a chemspill security update -- hitting YOUR browser running firefoxESR. Endusers that are on firefoxNightly are the first wave of guinea pigs, then endusers that are on the firefoxBeta, and then (the vast majority) of endusers in the Mozilla family are on firefoxStable aka firefoxRelease ... and if there are mistakes or bad decisions, those folks tend to catch them in the teeth. Sometimes these are privacy-related screwups: MrRobot, Cliqz, Pocket, and so on... in general "most" of the bad design-decisions will tend to befall people in firefoxStable, and basically ALL of the bad design-decisions will impact people running firefoxBeta (people running firefoxNightly are constantly getting the very most up-to-the-minute security-improvements but they are also constantly getting the very most up-to-the-minute hair-brained schemes that some mozilla bigwig hatched on the back of a napkin).
So the primary reason to utilize firefoxESR is that you get a bit of breathing-room... you don't have to determine, on the fly, for every privacy-related scandal that Mozilla might push onto the regular userbase... should I switch to TorBrowser / Brave / Waterfox / UngoogledChromium / etc? Because for the most part, privacy-related scandals tend to get smoothed over before they make it to firefoxESR... and if you cannot stand the lack of GabDissenter in firefoxESR, or the inclusion of Pocket into firefoxESR, you have a few months to figure out a gameplan. Might be compiling your own firefoxESR that removes one unwanted feature, might be just an about:config tweak, might be switching to a new default browser, or might be "well it was a scandal but turns out it is not that serious for my use-case" and you just stay with firefoxESR.
In the long run, 100% of the security-fixes which need to be in firefoxESR, will get there.
This is why it says "[a]s the versions progress we should limit this to the most critical security fixes" ...because there is little point in backporting something to firefoxESR v60 on the first of June 2019, if firefoxESR v68 is going to be released on the second of June 2019.
Whether firefoxStable (as currently recommended by privacyToolsIO in second slot) should be replaced with firefoxESR, is partly a balancing-act: is the ability to miss ill-conceived stuff that mozilla pushes into firefoxStable releases from time to time, worth the slightly more roundabout patch-cadence, and the slightly smaller attack-surface? But to me the bigger question is what to do about android and iOS... should we recommend firefoxFocus or firefoxKlar on those, rather than firefoxStable? (There is no firefoxESR-on-mobile offically.)
I am also interested in knowing how closely TorBrowser tracks firefoxESR, if somebody can fill me in? Since it is a soft-fork of firefoxESR... in some sense, the first slot on the browser-list already recommends 'firefoxESR' because TorBrowser is a variant thereof.
@five-c-d i have some tie's with the tor devs, ill ask them.
EDIT: okay so i asked them and i understood their answer as following: tor browser follows th security patches that mozilla brings out, they do not patch security bugs except for rare occasions where a bug can really harm a user when ir for example causes an ip leak. But the vast majority of times, they will get medium to low bug fixes when bumping to the new esr version just like normal firefox esr.
@Thorin-Oakenpants The tor browser team told me that do not backport any sec-crit and sec- high themselves, they only fix stuff on VERY rare occasions where for example a proxy could be bypassed.
P.s. Im actully a fan of Firefox ESR, don't get me wrong. But I did think it was a topic worth bringing up.
@blacklight447-ptio ...sure I'm also a fan of FirefoxESR. But should it replace FirefoxStable, in the recommendations, as the top2 choice? Given that we already have TorBrowser listed as the top1 choice, and it is basically a purposely-very-light soft-fork of FirefoxESR?
If we do change the recommendations from TorBrowser + FirefoxStable + Brave, to instead be TorBrowser + FirefoxESR + Brave, what should be done about the firefox4android and firefox4ios portion, should those point to firefoxKlar, or firefoxFocus, or fennecFdroid, or just keep them pointing at firefoxStable? See comments in pull #881
Is that even the correct ordering? What should be in the top3, if not those?
What about the larger question, which is whether WorthMentioning should include Waterfox / UngoogledChromium / etc? Or should ONLY the three that are listed now, remain listed? @Thorin-Oakenpants is recommending that LibreFox not be WorthMentioning because of flaws in the way it uses the ghacks base-layer (LibreFox also pulls in a lot of pyllyukko stuff as well as adds things on top of what both those already-listed-as-related projects are doing). @libBletchley was only trying to summarize, not trying to associate, I'm sure. No offense intended to any of the three projects, in other words. But that does bring up the question, of whether ghacks and pyllyukko ought to be mentioned in the WorthMentioning area, rather than below the about:config tweaks near the bottom of the page.
I think that custom user.js files are something only a very advanced enduser would want to do, right? Somebody that has already installed hardcore addons, and already researched about:config tweaks, might want to consolidate their decisions into a user.js projects like pyllyukko or ghacks... but these are not things that the typical everyday person who just switched away from Chrome, would want to start with immediately, correct?
As discussed one the privacytoolsio matrix room, what we could potentionally consider is making a script that will configure firefox with privacytools.io recommend baseline(so for example the about:config prefs). Anyhow, as I understand it, there is currently no real issue that would make firefox a privacy unfriendly choice, and pushing users to alternative browsers will probbaly also have unforseen consequences. My vote would be to currently keep the browser as they are now, with tor as top recommendation, firefox as second, and brave as chromium based alternative.
Did you have a read over this thread? To be specific, why is this feature list not demonstrative of "privacy unfriendliness" (considering they are changes from FF mainline):
https://github.com/MrAlex94/Waterfox/#user-content-features
I read that as: "should PTIO censor more privacy-focused browsers from the masses who are unlikely to find them without PTIO?"
@dm17 I scanned over it, but im just putting it out there as an option nonetheless.
If you ask Google and Microsoft, then Firefox is an alternative browser... Could have unforeseen consequences...
Can you please respond to my reply to this @blacklight447-ptio?^
Thanks.
@dm17 Im kind of unsure what you want me to reply against sorry 😅
@blacklight447-ptio they opened this thread, wanting to replace Firefox (delisting entirely) and instead use Waterfox, which is a fork of somewhere-between-ESR-and-stable firefox, plus some portions that are only in Waterfox. Do you have an opinion on whether Waterfox should not be listed, should be WorthMentioning, or should be in the top3, is basically the question.
p.s. As to whether Firefox is an alternative browser, I think the answer is definitely yes -- it is now vastly outnumbered in marketshare by the chromium-based browsers.
How can this list of changes exist:
https://github.com/MrAlex94/Waterfox/#user-content-features
While at the same time, "there is currently no real issue that would make firefox a privacy unfriendly choice," as you say?
Well i see waterfox's "features" a bit of a mixed bag, for example they turn of eme, thats nice for people opposing drm, but will cause people to not be able to use netflix anymore, which in turn can scare them back to chrome. Also they support npapi plugins, which can be seen as a security hazard, they also remove pocket, which while seen as unnecesary bloat by some(me included) it is also seen by other users as a usefull feature, so wheter its bad or not to remove it depends on the perspective of the indiviual.
All and all, when i see the real impact of what waterfox does, and look the tradeoff of slower updates, I don't think it is currently a good idea to promote waterfox over firefox. Especially since most things that waterfox does which are universally seen as good(like turning of telemetry) can be done in firefox with a minimal amount of effort.
p.s. I would consider it a candidate for a worth mentioning, as it can be a bit lighter on resources, and indeed is drm free, which some users would like.
HN constrains comments to fairly mainstream views, and yet still contains a lot of relevant criticism:
https://news.ycombinator.com/item?id=19826827
A whole thread full of problems, most of which the alternative browsers aren't experiencing.
Yes, it is at least worth mentioning...
I don't want to judge anything, just my thought.. Life is short, relax and enjoy ~~ 😉
This can be closed as WONTFIX, issue resolved.
Why? Especially after this week's problems at Mozilla - which had again debunked many of the claims in this thread. I don't think this should be closed short of some action items that have been discussed above.
The reason being is because it was an accident, it has been explained and there is nothing to be gained from advertising insert shitty firefox fork.
Code signing is there in the long run to protect users from malicious addons.
Pretty pathetic skipping all of the above argumentation; care to actually make an argument? The above statements demonstrate how non-shitty some of these Firefox forks are... Especially when privacy is a goal.
One thing I have observed is there has been a concerted effort by new accounts to have Firefox removed from privacytools.io, particularly by new accounts/new users. I am curious to know is why libBletchley has deleted their account.
Those alternatives are not mature enough, widely available (multiple platforms) etc. The fact that none of those alternatives appear in distribution repositories should tell you something. The fact that that the Tor Project endorses and collaborates with Mozilla (and not some fork) should also tell you something.
None of the "issues" mentioned in this thread aren't mitigated by a user.js file like ghacks-user.js, it is mentioned at the bottom of the about:config section. Many of the points are politicized and conflated. I don't want to enter a pointless argument about this.
I'm not a new user; I joined GitHub in 2012. I will not delete my account either. If you want to get conspiratorial, then it would be against the side of Mozilla/Firefox (the huge company engaging in censorship and does not nearly have the privacy features as the browsers talked about in this thread).
Waterfox, in this example, is available on OSX, Windows, Windows portable, and Linux. How is that "widely available (multiple platforms)"? They do appear in distribution repositories. They are all in Arch Linux's AUR, for example. Besides, how is this an argument? Would we argue against Firefox because it isn't available to be installed via Microsoft's repository on Windows? No... No one would argue that.
Tor is heavily modified Firefox, so that should tell you something. I don't see how you argument works: that tor is private and tor is based on Firefox means Firefox is peak privacy? No, bunk argument.
You can call the argument pointless, but myself and others in this thread do not view it as pointless. Just look at the privacy features in the changelog of Waterfox and Pale Moon... They are more extensive than the typical modifications in user.js and ghacks-user.js. And as said many times, how many users will end up doing these modifications... Not many!
Yes and it is for a completely different threat model. Most obviously Tor Browser includes includes Tor. It also aims to keep one anonymous so the purpose is quite different to Firefox.
I'm not going to re-iterate what other people have said against Waterfox/other forks. I did read over the thread and I'm not convinced anything should change.
If you want to use a shitty fork go use it then but it does not belong on privacytools.io
PS: AUR is not an official repository and is use at your own risk. Literally anyone can make a PKGBUILD and submit it. I have done so myself, so that is not a measurement of anything.
Yes, so that supports my argument and does not support yours. Are you an authority at PTIO? You certainly speak with that kind of tone. I'm not familiar enough to know who runs it - and my thread was started from the idea that users visiting PTIO should not have to be so well researched and knowledgeable to know what to pick and how to use it.
Tor Project actually has a fairly renowned reputation, the other Firefox forks do not by comparison.
I have contributed in the past. I am stating my opinion on the matter. The fact is you're not the first person to come and spruik some fork of Firefox. Many of those forks have since become unmaintained.
The arguments have occurred on and off over the last 5 years, with the result staying the same and the same conclusions being reached.
funny that after all this time. @dm17 comes back to the same old arguments. If you ask me, I would vote to just close this issue. There was no real evidence provided, and the claim that firefox is privacy unfriendly has not been confirmed. Let alone make the small telemetry "issues" be worth the slow Down in critical security updates provided by shitty firefox forks.
I have to agree, removing Firefox as a recommendation makes no sense at this time.
Adding Waterfox as a worth mentioning browser... maybe? But that's a separate issue I think, or should be.