a.x61.sh

Ironfox doesn't have privacy.resistfingerprinting set to true in about:config?
from zdhzm2pgp@lemmy.ml to privacy@lemmy.ml on 27 Feb 18:08
https://lemmy.ml/post/26533400

How come?

#privacy

threaded - newest

Undertaker@feddit.org on 27 Feb 18:12 next collapse

They changed some basics from Mull and decided to go other ways. That’s why I’m not using thus browser

iturnedintoanewt@lemm.ee on 27 Feb 18:15 next collapse

What would be your suggestion?

[deleted] on 27 Feb 19:00 collapse

zdhzm2pgp@lemmy.ml on 27 Feb 19:19 next collapse

But weren’t they acquired by some big evil company?

breadcat@sh.itjust.works on 27 Feb 19:27 collapse

not anymore

celenity@lemmy.zip on 28 Feb 20:15 collapse

Waterfox contains proprietary Google Play libraries, and doesn’t include any hardening when compared to standard Firefox on Android. It’s a completely different project with a different set of goals than IronFox or Mull.

You would be far better off using standard Firefox over Waterfox, in terms of privacy & security.

celenity@lemmy.zip on 28 Feb 20:17 collapse

They changed some basics from Mull and decided to go other ways.

What basics did we change, and why do you have a problem with them?

IronFox still has the same core goals/mission as Mull: to provide a privacy & security-oriented Firefox-based web browser for Android. If IronFox isn’t for you, that’s completely fine - but I’m just perplexed by your reasoning here, and would appreciate any elaboration so that we can improve.

iturnedintoanewt@lemm.ee on 27 Feb 18:16 next collapse

Wow. First news. Shitty of them claiming to follow Mull’s legacy if they’re doing their own thing.

AkashicOwl@lemmy.world on 28 Feb 03:29 next collapse

What’s the alternative on Android tho? (not saying there isn’t one, just that I don’t know it if it exists)

celenity@lemmy.zip on 28 Feb 20:21 collapse

Shitty of them claiming to follow Mull’s legacy if they’re doing their own thing.

How?

Our change in approach to fingerprinting was very carefully considered and discussed, both privately and publicly.

FYI: Arkenfox doesn’t enable RFP by default anymore either, and LibreWolf is also considering switching to FPP with an approach like ours.

IronFox still has the same core goals/mission as Mull: to provide a privacy & security-oriented Firefox-based web browser for Android. If IronFox isn’t for you, that’s completely fine - but I just don’t understand how this is shitty or compromising Mull’s legacy/ideals.

Steve@communick.news on 27 Feb 19:04 next collapse

If I remember, that setting is extremely aggressive, and breaks lots of sites. Firefox has by default, a more complicated and nuanced feature that works practically as well, without breaking everything.

zdhzm2pgp@lemmy.ml on 27 Feb 19:20 collapse

So is Firefox mobile or Fennec actually better in this regard?

sunzu2@thebrainbin.org on 27 Feb 21:24 next collapse

Firefox selling their ass out so I lost trust in them to be using their apps

Steve@communick.news on 27 Feb 22:04 collapse

In that specific regard, probably.
I use Fennec. I’ve found the more security minded versions, tend to have problems with some site or another, and annoy me.

sunzu2@thebrainbin.org on 27 Feb 23:51 collapse

I noticed that the sites that have issues are the sites I should avoid.

After a while, you just don't need them if you are willing to make the changes needed to reduce that corpo exposure

Steve@communick.news on 28 Feb 01:10 collapse

Sites like my banks, and local movie theaters, and self hosted VTT games.
I’ve had issues with all. Not acceptable

Neptr@lemmy.blahaj.zone on 28 Feb 02:20 next collapse

Idk why, it doesnt say anything on their gitlab about changing that. Maybe it is a problem with the build process? I remember on Mull a couple months ago i did a clean install and RFP was disabled. You can just enable it if you want.

celenity@lemmy.zip on 28 Feb 20:13 collapse

See here for our explanation.

Neptr@lemmy.blahaj.zone on 28 Feb 20:46 next collapse

Ok, might want to make that more clear under the section about issues inherited from Mull which still mentions RFP.

Your explaination seems sound.

celenity@lemmy.zip on 28 Feb 21:00 collapse

Yeah, we’ve been waiting to update documentation until our website is ready (since that’s where we’ll keep everything). You’re right we do need to make this more clear.

Neptr@lemmy.blahaj.zone on 28 Feb 21:06 collapse

Understandable, thank you for your (and contributor’s) work on this project. I am happy that i dont need to compile Fennec with hardening from source for each update.

Neptr@lemmy.blahaj.zone on 28 Feb 20:48 collapse

Maybe consider enabling RFP for private browsing. Is letterboxing enabled?

foremanguy92_@lemmy.ml on 28 Feb 11:53 next collapse

In my opinion you should enable it

Didn’t watch out for reasons, maybe ironfox gives one?

celenity@lemmy.zip on 28 Feb 20:13 collapse

We don’t recommend enabling it; you can see our reasoning as to why we don’t enable RFP here - we use a hardened configuration of FPP instead.

FYI: Arkenfox doesn’t enable RFP by default anymore either, and LibreWolf is also considering switching to FPP with an approach like ours.

foremanguy92_@lemmy.ml on 28 Feb 22:06 collapse

Thank you useful read

celenity@lemmy.zip on 28 Feb 20:11 collapse

We very publicly discussed our approach to fingerprinting and the reasoning for this. But a basic TL;DR is that we’re using a hardened configuration of FPP - which matches all of RFP’s targets, except the few known to cause breakage/be undesirable for users. I’d recommend reading that GitLab issue for a detailed explanation, and please let me know if you have any questions or concerns.

FYI: Arkenfox doesn’t enable RFP by default anymore either, and LibreWolf is also considering switching to FPP with an approach like ours.

zdhzm2pgp@lemmy.ml on 28 Feb 20:13 next collapse

Thanks! 👍

Templa@beehaw.org on 28 Feb 22:19 collapse

Thank you for getting out of your way and explaining it here.