IronFox (a new Mull fork)

Came across this today and thought it might be of interest to some folk here.

IronFox is a fork of DivestOS’s Mull Browser based on Firefox. Our goal is to continue the legacy of Mull to provide a secure, hardened and privacy-oriented browser for daily use.

From: IronFox

10 Likes

Interesting, good to see. No releases yet, no? Any channel/group chat set up yet? Self-hosted F-Droid repository forthcoming, or Obtainium all the way?

Will keep an eye out for further information on this. I was not looking forward to leaving Mull behind.

I’ll keep an eye on this project, as you never know when you might need a different app.

Right now, I’ll fairly happy with DuckBrowser for mobile, but anything can happen with organizational changes etc. so having a plan B is good.

1 Like

Hey! We have a discord already up for the project and just dropped the first test build tonight :slight_smile:

5 Likes

We aren’t using discord here, but we will cheer for the project! Thank you for your work.

1 Like

Thanks! Just saw it on GitLab releases.

This is the initial test build of IronFox, based on Firefox 133.0.3.

IronFox v133.0.3.

Time to add it to Obtainium!

2 Likes

Even if I’m using Vanadium (or Brave), heads up for keeping the former Mull Browser running.
We (others) will see if it lifes up. Until then. Cheers :face_with_monocle:

3 Likes

Was wondering where the sudden influx of users was coming from…

Hi folks - I’m one of the maintainers of IronFox, and I’ll gladly answer any questions or concerns you have.

We haven’t properly discussed yet how we’re going to distribute the app - but yes, in addition to Obtainium, a self-hosted F-Droid repo will definitely be considered. I’d also like to look into Accrescent.

We’re looking into setting up a Matrix room as well - I’m also not a fan of Discord… :confused:

This topic has been beaten to death in various other threads, so I don’t have much to add here. It’s true Firefox has security deficiencies compared to Chromium (especially on Android), and it’s unfortunate Mozilla hasn’t put a higher priority on catching up to Chromium like they should’ve here. We’re always going to be upfront and honest about that fact, and it’s left up to the user whether they’re comfortable with the risks, depending on their threat model.

That being said, I feel like it’s silly to ignore the value that Firefox-based browsers can provide - as evident by PG’s recommendation of Mull before its discontinuation…

13 Likes

Amazing! I actually haven’t quit Mull yet (I know…) and this is the last post written from Mull, from now on will be IronFox.

It’s basically the same as Mull which is great.

For recommending on this website, we don’t need to debate whether Firefox-based browsers are appropriate since we already settled yes by including Mull.

What we do need to know is ensure that this project is long-term.

[spoiler]

@celenity We would need to know whether this is a 1-person project or a group, and what this invidual/group resources are. And whether they plan to seek donations, etc (for sustainability)

5 Likes

Two weeks ago, you wrote:

Why not just fork Firefox and create your own browser like LibreWolf?
One Major reason: Security updates. I am the only person working on this project, and I am not currently in a position to guarantee consistent & timely browser security updates. Things happen. The majority of browser forks are simply hobbyist projects that do not take matters like this seriously, but Phoenix is different: We put privacy & security at the forefront of everything we do. I am not willing to put my users at risk, now or ever.

Why is this project any different (security updates wise), and what is to prevent it going the way of Mull (sustainability, etc.)?


For your Dove project, you require:

:warning: macOS users must have Homebrew installed, and must grant Terminal the App Management Permission.

The reasons why granting the app management permission is a serious security risk are documented here. I’m concerned about a security-first attitude which is crucial for a worthy successor to Mull.

Currently, including myself, there’s 4 of us working on it.

We’re still discussing how to handle funding internally; but for the time being, as we start out, we’re just self-financing. We’re going to consider taking donations in the future.

Why is this project any different (security updates wise).

I stand by everything I said there. The key difference is that IronFox provides unique value over standard Firefox, unlike LibreWolf (& other Firefox desktop forks). All of LibreWolf’s privacy & security benefits can be easily applied to any Firefox installation via several methods (Ex. a user.js file, a mozilla.cfg file, an autoconfig.js file, etc. etc.). Why introduce the added risk of using a fork when it’s not necessary?

The case with Android is completely different. You simply don’t have as much control over Firefox as you do on desktop, and there are fundamental issues that can’t be fixed with a simple config file (Ex. the proprietary libraries we remove…).

To put it simply: You can make any standard Firefox desktop installation as private & secure as LibreWolf. You can’t make any standard Firefox Android installation as private & secure as IronFox or Mull.

So, yes, the same risks as with LibreWolf generally still apply to IronFox (as they also did to Mull); the difference is that unlike LibreWolf, we provide meaningful benefits to offset those risks.

As I stated above, there’s also 4 of us working on this; so we have the time, resources, & full intention on keeping up with security updates. For comparison: Mull was maintained by 1 person (a person who was also maintaining a Chromium-based browser, an entire mobile Android operating system, and various other works), yet was still able to keep up with Firefox updates within a day or 2 after release for several years.

I just want to make it clear that as a user, I completely understand your concern here & the importance of security updates, and I wouldn’t have anything to do with IronFox if I wasn’t comfortable guaranteeing we could keep up with them. At the end of the day though, like nearly everything in the privacy & security world, this all comes down to your threat model and what you’re comfortable with. If you value getting the quickest updates possible directly from Mozilla more than the privacy & security hardening of IronFox, then use standard Firefox instead. This same logic also applies to any other Firefox fork & Chromium fork regardless of platform.

The reasons why granting the app management permission is a serious security risk are documented here. I’m concerned about a security-first attitude which is crucial for a worthy successor to Mull.

This is incomparable, and not at all a reasonable comparison IMO.

Dove is a project designed for hardening Thunderbird on desktop, and it fundamentally works by modifying the application’s files and adding a custom mozilla.cfg file, prefs.js file, and policies.json file. I’m aware of the security risk & spent several hours researching & trying to find a better way to support Dove without needing to give Terminal the app management permission, and was unable to find one. If anyone here has any ideas, let me know!.

I make it clear to the user that this permission is required (As evident by you quickly noticing it), and we support manual installations for users who are uncomfortable granting the Terminal this permission.

We can’t fix fundamental problems with macOS. Apple needs to allow more fine-grained controls (Such as the ability to grant permission to manage only specific applications rather than all or nothing, etc…), and Mozilla needs to allow reading config files for Firefox & Thunderbird without directly modifying the app’s contents.

If you don’t trust IronFox due to fundamental limitations of an unrelated project by 1 of the 4 maintainers, then don’t use it. I won’t tell you who you should or shouldn’t trust at the end of the day; that’s for you and you alone to decide. All I’ll tell you is that every project I’ve ever designed in this space has been done so with a security-first attitude. Myself & the other maintainers take this extremely seriously, and we’re not going to create a project that claims to improve privacy & security, while doing the opposite.

12 Likes

Thanks a lot, I really appreciate you taking the time to write such a fleshed out response. I hope it was clear from my original post that I really don’t want to detract from what you are doing, I just felt these were important questions for the community to get answers to.

That’s completely fair. Thank you for taking the time to explain anyways, it’s clear you are serious about prioritising privacy and security wherever possible.

5 Likes

No worries, thank you for asking them. You’re right that these are important questions that deserve answers.

5 Likes

Did this project idea predate Mull end?

Okay that’s good to know.

I still believe we might want to wait a couple of months to recommend it.

1 Like

This is excellent. I am glad to see one of the developers is on this forum and very thoroughly addressing user concerns here. If the team is able to keep up with upstream security updates promptly then I see no reason why this cannot become a direct replacement for Mull as PG’s recommendation.

5 Likes

The gitlab repo’s only existed for 6 days… Don’t think its responsible to recommend it, given it has zero history.

2 Likes

suggesting and recommending things, especially newer projects, is a long-ish process. (as it should be, especially considering the Skiff incident)

2 Likes

Even if the project does everything right, we would still have to wait for them to build up a track record, to see how close they stay to upstream regarding timely updates.

We can proceed with this discussion once they got that done.

4 Likes

you’re kidding us, right?

Neither are quite “reputable” to say the very least.

4 Likes