• ssm@lemmy.sdf.org
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    5 months ago

    How is Librewolf and Waterfox connecting to Amazon Cloudfront and a bunch of other domains on first boot and Waterfox having a sketchy privacy policy (article’s is out of date but the new one isn’t much better) a subjective opinion?

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      6
      ·
      5 months ago

      For one, Librewolf clearly states what it does on startup. It has to update ublock origin and other threat lists. That is better than having out of date protections is it not? Just because it connects doesn’t mean it sends much data. Things need to be hosted somewhere.

      For Waterfox the argument is less bad but Waterfox is about on par with a lot of other stuff. It isn’t going to be crazy good and it is no where near as good as Librewolf but it is better than Firefox and many others. I would rate it as half bad.

      Librewolf is the arguably best privacy browser. You haven’t named anything better. It breaks sites occasionally but it does protect privacy and security and scores well on fingerprinting resistance.

      • ssm@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        5 months ago

        I agree it’s much less egregious than the other examples in case of Librewolf, but I don’t like the dependency on Mozilla addon servers by default. Mozilla has already shown themselves to be bad actors, and I’m not totally trusting of their repositories, even if ublock or whomever else has done nothing wrong. If it wants to fetch extensions by default, I would at the very least hope they incorporate some sort of checksum verification against an extension compiled/copied from ublock’s source.

        There’s also the problem of extensions auto-updating, which is problematic for security for hopefully obvious reasons.

        Librewolf is the arguably best privacy browser. You haven’t named anything better.

        I named qutebrowser in my first post. Privacy and security can (and should) come from outside of the browser, through system-wide dns blocking and firewalling. Inside the browser, there’s domain-specific script toggling, as well as userscripts. There’s also torsocks if you trust tor. If a user decides to use 3rd party firefox extensions, that’s up to them; but I don’t think it should be a default.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          3
          ·
          5 months ago

          What are you going to use outside of the add-on store? At the end of the day no ones going to move unless they do something really bad.

          • ssm@lemmy.sdf.org
            link
            fedilink
            arrow-up
            1
            ·
            5 months ago

            What are you going to use outside of the add-on store?

            Userscripts, usually from greasyfork. Some popular extensions can be installed as userscripts (not ublock or umatrix unfortunately, though in the case of qutebrowser it’s own internal tooling can be configured to fit these usecases to some degree).