Hmm… Somehow even when I enable Cloudflare DoH in Firefox (“Max protection” mode), the https://crypto.cloudflare.com/cdn-cgi/trace still returns sni=plaintext
You do not need Cloudflare or DoH or DoT or dnscrypt or the Firefox resolver to use ECH.
You can use any resolver.
That domain is not ECH enabled:
dig https crypto.cloudflare.com
try https://pq.cloudflareresearch.com/cdn-cgi/trace instead
1 Like
Ah I see. I did not know about pq.cloudflareresearch.com. Thanks a lot.
I tested with Firefox’ DoH because somehow on my machine I can’t force ECH on the test websites (Windows 10, FF 130.0.1 new fresh profile) without FF DoH. I don’t know what’s wrong and how to solve it.
On https://pq.cloudflareresearch.com/cdn-cgi/trace , it returns sni=plaintext
On https://www.cloudflare.com/ssl/encrypted-sni/, Secure SNI returns X
Firefox only supports native HTTPS query on “Windows 11, Linux, Android 10+”, otherwise the built-in resolver is necessary.
1 Like
Oh I see, I understand now. Thanks for the information 
I agree completely with this comment. I’m a regular/average user and never did figure how to use arkenfox. It’s hard to find a tutorial giving step by step instructions to. I now use Librewolf instead on Kubuntu OS
2 Likes
Mullvad Browser is to be used without any configuration whatsoever, including installation of extensions. Librewolf or Firefox with arkenfox use case would be to configure it as you see fit + install any necessary extensions, at the cost of some fingerprinting privacy. I think the clear case for Librewolf is it being the simpler way to use arkenfoxed Firefox, with the downside of lacking behind in updates (and maybe some others).
1 Like
And it’s not even that bad. With the recent critical vuln discovered in FF, Librewolf updated within hours.
1 Like
I appreciate your reply!
You obviously have much more computing knowledge than me, but the topic of “slow updates” or “sparse updates” for Apps came up earlier and it really made me think!
I think most people assume that more updates an App receives the better/more secure/more reliable/more features it’ll have.
Apps that don’t receive updates often may just not need many updates because the Apps have been built with a strong foundation.
I use librewolf for day to day webrowsing. I like it fingerprinting resistance.
2 Likes
Hello everyone, I’m back.
I want to say two things:
First, that after two years of disappearing from this forum, I can’t believe my pride when I see that even today this thread I created is still being discussed and commented.
And second, that after two years of using and monitoring the Librewolf project, I do not change my mind that, at least, it should be mentioned in some way in PrivacyGuides.
What can I say: I enter PrivacyGuides, in the browsers section, and instead of finding Librewolf, a project that has demonstrated over the years not to vary in its eagerness to fight for the privacy of its users; I find Firefox, a project with many years behind it and that has demonstrated more than enough that its interest in the privacy of its users is pure propaganda. I do not deny that Firefox can be private. I am simply stating a fact: By itself, it is not.
Librewolf does everything Firefox should do, by default, as do Mullvad, Brave and Tor. Today Librewolf meets practically all the minimum (and many of the “Best Case”) criteria PG sets for recommending a browser.
Anyway, glad to be back on this forum and, @jonah, please reconsider even a small mention of Librewolf.
Best regards to all.
4 Likes
If this were actually true (it isn’t), then Librewolf would be a horrible choice for privacy (considering that every single Privacy feature Librewolf has comes directly from upstream Firefox).
If every Firefox Privacy feature was “pure propaganda” then Librewolf would be without privacy features.
The time money and work developing and implementing the privacy features you seem to like in Librewolf happens upstream at Firefox (and some cases Tor Project), and Librewolf gets to freely benefit as well.
6 Likes
So I understand that, based on your reasoning, Brave should not be recommended because it is based on a browser that does not pretend to protect the privacy of its users, right? Let’s not commit logical fallacies, please (Fallacy of the consequent).
I repeat what I have already said: It is not a question of how private Firefox can become thanks to the features they have developed for the browser, but how much it IS by itself, by default. I am not questioning its capabilities, but its standards.
You won’t find any serious privacy enhancement scripting projects for Brave, Mullvad or Tor on the internet, because they don’t need it, because by default they have their various privacy features enabled and/or accessible. For Firefox, they had to create Arkenfox. If the privacy standards in Firefox were as great as Mozilla claims, there would be no need for non-Mozilla projects based on Firefox like Arkenfox or Librewolf to exist. That’s what I’m saying, and nothing else.
Is it so hard to recognize that the average user should be given things chewed and prepared from the beginning? That not everyone, not even the majority, are “privacy geeks” like us, please, that Privacy Guides exist for a reason. I just propose to add alternative mentions for those users seriously concerned about their privacy who, in turn, have difficulties or find it too complex to thoroughly configure the programs they use.
Best regards.
1 Like
Please correct me if I am wrong, but isn’t the comparison between Brave and Chromium vs LibreWolf and Firefox bad?
Brave makes substantial changes to base chromium, including but not limited to:
- Native Ad blocker with customizable lists
- Brave Wallet
- Brave Ads, IPFS, Tor, etc.
It also does diverge from Chromium when it comes to compatibility, for example the MV2 support being continued in Brave for now.
While Librewolf does not actually develop new features from scratch using the gecko base, and instead just configures already present Firefox flags or settings.
Of course, I could be wrong since I don’t use Librewolf, but I assume it’s a Firefox fork and not a separate browser based on gecko engine. While Brave is not a chrome fork, but a browser built using the chromium engine.
You will in fact find many configuration guides for Brave, like the one Privacy Guides has. I agree for Mullvad and Tor, they don’t require config and rather have levels of settings that you can switch between.
5 Likes
No. You clearly have not understood my reasoning (which has nothing to do with whether a browser is based on another or not). Let me see if I can be a bit more clear.
My reasoning is simple:
-
Every single privacy feature present in Librewolf, comes directly from upstream Firefox. Firefox devotes considerable time, money, and resources to the privacy features we enjoy in Firefox or in Librewolf. Librewolf just flips some switches that Firefox makes available to them (and us). The same is not true of Brave which begins from a not-very-private base, and meaningfully improves upon it.
-
Brave’s privacy features are in many cases their own, not inherited from Chromium or Chrome. Brave substantially improves upon Chrome(ium), whereas Librewolf just enables upstream things already present in Firefox.
-
(put another way, Brave meaningfully improves privacy in many cases in spite of its upstream whereas Librewolf’s privacy is only possible because of it’s upstream)
If Firefox’s commitment to privacy were “pure propaganda” Librewolf (which relies 100% on Firefox for all of it’s privacy protections, and Arkenfox (a Firefox community project for its defaults) could not be any better since they don’t introduce any features of their own.
If you prefer Librewolf’s defaults out of the box, by all means, use Librewolf. But don’t pretend it brings anything new or different to the table beyond a set of defaults, and don’t erase/devalue the hard work done upstream to allow me (via Arkenfox or Mullvad) or you (via Librewolf) to have the level of privacy we desire. There are serious, committed, passionate real people devoting a lot of time, thought, and effort to building these privacy features that you, I, and small derivatives like Librewolf rely on.
7 Likes
Brave browser in my opinion is mid. I don’t care for all the crypto stuff. And I haven’t used Brave in a while so maybe they aren’t doing that anymore idk. Also though, and more importantly, being built on Chrome I’m sure manifest 3 integration will become mandatory at some point, which means uBlock will no longer work. Even if you side load it.
I think Mullvad browser is hard to beat. It basically comes with the same fingerprinting resistance that Tor browser comes with, and uBlock Origin is installed by default. You can even use Mullvad’s DNS if you aren’t already encrypting it another way. It basically checks all the boxes for a privacy respecting clearnet browser. If you need anything extra you might as well use Tor. In addition to clearnet, since some anonymity networks like i2p and hyphanet don’t have dedicated browsers, I think Mullvad browser would be an excellent browser to proxy their connections through.
3 Likes
“I have created the Ferrari Enzo of privacy, and I will beat my chest for my achievements, and I will sing to the four winds my successes, but when it is time to sell it to customers, I will leave it configured to give the performance of a Fiat Punto, and if they want it to perform at the level of the Ferrari Enzo, they can reconfigure it themselves or go to a mechanic to have it configured”… That’s propaganda. It doesn’t matter that Mozilla spends time, effort, sweat, tears, BLOOD… if in practice it delivers that great work with half of it not connected. Equivalent to buying a flat screen, that when you install it, only half of the LEDs light up, that you have to go to the configuration to activate the other half, and that we have nothing to complain to the seller of the screen for selling it with half of the screen turned off. I insist, your defense of Firefox seems to me quite poor.
Yes, everything Librewolf is inherited from Firefox. Now choose: Recommend the Ferrari that works like a Ferrari, or the Ferrari that works like a Fiat. Recommend the screen that by default only has half of the LEDs lit, or the screen that by default has all the LEDs lit. Recommend a finished job, or one with what you are looking for without activation.
To each one with what he decides from there, but please, let’s not deny the reality.
And let’s not deny what the other says either, because I remind you that what I have said from the beginning is this:
Best regards.
2 Likes
Configuring Firefox is very easy if you actually want to do it. Recommending Librewolf doesn’t make sense for all the reasons discussed above.
All you have to do to have the best privacy and security for Firefox is to:
- Go to about:profiles.
- Make a profile called arkenfox or give it whatever name you want.
- Close Firefox.
- Download three files from GitHub and copy/move them to your created profile directory.
- Open Firefox.
Making a new profile is optional, you could just reuse the same one if you want.
You do realize that Firefox is a competitor to Chrome and Chromium as a whole? If you want to become a widely used browser and not just stay a niche browser that is used by a few people, then you need to give the best experience for as many people as possible.
Imagine if someone who isn’t tech savvy at all decides to try Firefox and experiences breakage or things not working just because it’s configured to be as private and secure as you think it should be. That person would never touch Firefox again.
When you do things like setting up arkenfox or changing settings to more extreme ones, then you probably know what you’re doing, why you’re changing them, and what the possible consequences are.
For people like you who want the best privacy and security, there is Mullvad Browser, which is a million times better than Librewolf.
You want the best defaults? Mullvad Browser.
You want a browser that can be configured and used to your liking? Firefox.
Need or want Chromium? Brave.
It just doesn’t make sense to recommend Librewolf.
6 Likes
I am curious, what makes it not worthy of a recommendation (or a mention under Firefox) on Privacy Guides?