Nearly a month has passed, is this not enough time? Ironfox uses Ublock, which is a pretty powerful content blocker compared to brave and cromite’s.
Updates are consistent for now. Latest release was 3 days ago according to their GitLab releases page:
7 Likes
Last release was now 7 hours ago. I think they’re consistent enough but should we wait longer?
My personal take would be wait for around 2 years before PG really recommending it.
Not saying PG should not mention the project at all, but from my experience if a project / team could survive the first 2 years, they have the stability and commitment to stay around for much longer.
If PG has a honorable mention / Candidate list, I would suggest putting them there.
Just to be clear, I used Mull, I am using Ironfox, and I am more than happy to donate when they are ready to receive from Librepay / OpenCollective.
1 Like
While I am aware that commitment and consistency matter a lot, I think 2 years is overkill for a browser like Ironfox, which is way more secure and private than the current mobile options, excluding Tor of course. I feel personally that a month or just two months should be enough time to judge its consistency in releases.
1 Like
I think the weight of recommending things from a personal and community / organizational level is different.
As an org or community you cannot sway like a normal person, unless they position themselves as salesman where they just follow and sell hypes.
Everything PG evaluates/ recommends are kind of serious and sensitive in nature, which heavily relies on reputations built upon good track record. I don’t see any benefit that justifies gambling with the hard-earned reputation unnecessarily just to recommend a software that still in evaluation stage.
While I recognize the general critieria as well as Mobile browser criteria do not specify all evaluation details, including probation that could be used to evaluate the stability of the Dev Team, financial sustainability (if applicable), etc. Theses elements should be thoroughly assessed based on the sensitivity level and potential disruption of the tool.
In this case, browser activities are highly sensitive, switching browser could be quite disruptive, imagine if the user does not use Mozilla accounts for syncing, and use Ironfox to install many PWAs.
Edit: In my head, the length of probation could be calculated based on the sensitivity and migration difficulties of the candidate:
Tool Sensitivity: Low (6 Months) / Medium (9 Months) / High (12 Months)
Migration difficulties: No (3 Months) / Low (6 Months) / Medium (12 Months) / High (24 Months)
e.g. For Ironfox, it is highly sensitive and migration difficulties is in medium level, that makes the probation period to be 12 + 12 = 24months
For email services, would be 12+24 = 36months (so Skiff would be failed and not being recommended)
This is only an example.
This simply isn’t true. IronFox is no more private while being less secure than Brave.
I don’t think a simple formula and waiting time alone can assess the trust of a software. It depends on the software, how effective is it privacy-wise, security-wise. I don’t really consider migrating to or recommending “IronFox” as sensitive. Security-wise, it’s just better than the current recommendations and I don’t really like repeating but it has uBlock which is a hundred times more effective than brave’s blocker or cromite’s. If you doubt the developer’s dedication or consistency in updates, I can just call them here if you want.
1 Like
How is it less secure? It has RFP.
IronFox is more private than Cromite and Vanadium which have poor trackers and or FP protection.
Easy to come up after the fact, but this is not fool proof. We did recommend DivestOS which had been there for years and it did shutdown.
Nothing’s everlasting but it reduces the chance that PG recommends projects that fail in early stage.
It also provides clarity and support for PG Team and community, to better protect them from being pushed to recommend any projects.
This is my personal take and my practice for recommending products to friends and family, anyway.
1 Like
RFP has nothing to do with security. Regarding security: Firefox finally rolling out Fission on Android - #6 by sha123
It’s wrong to assume that you provide less fingerprinting information just because there are stronger mitigations in place.
1 Like
I would rather wait two years than two months! If we recommend Ironfox, then we have to assume that people will download it based on our recommendation. And if it fails to meet the the expectations, we would be screwed.
I think that we should at least AT LEAST wait six months. But better one year. Because who knows if devs will be able to keep the development strong all the year along, even in periods like Christmas, Thanksgiving, New Year, Holy weeks, etc ? Are they able to face unforeseen events (health, deaths, births, family issues and events, military conscription) and even to clear some holidays maybe ?
These are things that happen yearly and that could slow down the development so in my view we should wait one year to see how they handle these.
What’s more, there is no urgency as there are alternatives (Firefox/Focus/Klar(?), Brave, Vanadium).
However, this would be a double standard because we are still recommending Stingle photos which no one is trusting I think and which has done a much worse job than Ironfox if we look at the last few months.
(post deleted by author)