https://discuss.privacyguides.net/t/lost-topics/35995/5
With regard to the linked post, what would be the approach for this thread since it was rejected years ago? Does the discussion continue here, or would a new thread be the recommended approach? @jonah
8 posts were split to a new topic: When will Librewolf be moving to using FPP?
Itās important to understand that the browsers have different use case. Mullvad is made to avoid fingerprinting completely.
The other browsers like Librewolf have fingerprinting protection, but itās not the entire purpose of it.
I have very mixed feelings about thisā¦
As i think, LibreWolf should be recommended, even if there is downside like another dev to trust.
LibreWolf already come hardened (like Arkenfox, but native), already includes UBlockOrigin.
This is mostly all what you need for comfortable usage.
LibreWolf also non-comercial (they even donāt have donations!).
Also mullvad browser is commercial produc that can be used only with mullvad VPN (i cannot for example put there selfhosted VPN). It also haves another dev to trust.
So i think LibreWolf should be listed anyways. It is far more comfortable just to install LibreWolf without learning Arkenfox wiki (ideal for newcomers) and get pure experience without shitty AI in browser or extremely long config manualsā¦
Put a VPN on your router, and you can use Mullvad with any VPN.
Yes.
So I have read everything again and I have more thoughts, but right out of the gate, one of our minimum requirements is:
Must be available on Linux, macOS, and Windows.
I would argue that thisā¦
This happens because we do not notarize the macOS version of the browser: we donāt have a paid Apple Developer license and we donāt want to support this signing mechanism
ā¦means Librewolf does not meet this criteria, which has been an issue noted by the community here since 2023.
I note that LibreWolf does sign packages on Windows, and even distributes via the Microsoft App Store, making the argument against supporting Appleās distribution methods even less convincing. Do we know if there are any plans to change this?
It is available on macOS, just not through the more official sources when you install something on macOS.
Because you donāt have to pay the evil big corporation for distributing your app in the MicroSlop store, whereas you have to do it for CrApple.
TL;DR: https://ossign.org/, which has provided us the Windows cert, will soon also provide the required macOS signing certificate.
I believe LibreWolf happens to get code signing for free via OSSign, which makes this not a principled stance against any paid certificates, but merely a matter of expense LW doesnāt want to pay. If OSSign provided free macOS signing as well, would LW take advantage of it?
Iād prefer to get answers from someone who knows why LibreWolf specifically made this decision (from @any1 I would presume), not just a reason why codesigning on Apple is bad in general.
edit: so I think that last reply answers my question, and the answer is yes, right?
Yes. Once they add the ability to sign for macOS, we will start signing for macOS as well.
My second question is: Why do auto-updates remain so challenging for LibreWolf?
Other Firefox forks are seemingly able to do this trivially, namely Zen Browser (which doesnāt have the support from Mozilla that Iād expect Tor/Mullvad Browser do, so it signifies in my mind that this is not an insurmountable problem outside of Mozilla).
There was some work to support the MAR updates a few years back, but I am not sure why it was never finished.
My guess is that, since we already had the bundled Windows updater (which was supposed to be a temporary solution), it wasnāt seen as a priority.
I looked at how Mullvad/Tor Browser handles MAR updates a few days ago, and it should be doable and is something that I have planned on supporting.
I think both of these things are probably the only reasons I personally would block LW from being added at this time.
Canāt speak for the rest of the team here though, unfortunately, I believe a lot of them mainly lend stock to the idea that there is a community consensus against forks in general. Iād love to eventually kick Firefox out, on the other hand, given how often we are negatively reporting on them.
This is not a requirement though as per the criteria.
It would bug me if I didnāt received updates automatically from LW, but I do.
The macOS thing I can understand, but as for ProtonVPN, maybe PG should have some sort of notes that says ārecommended only for OS XYZ.ā Or have it on the recommendation page, but put a flag that says itās not recommended on macOS and state the reason why.
Yeah, Mozilla has been making very disappointing decisions compared to its former self.
Instead of trying to make an actually usable alternative to Chromium, they peddle this weird stance about being some kind of resistance against Big Tech and portray themselves as saviors while letting their most important project fall behind and struggle to keep up with Chromium (especially regarding security, which has many open Bugzilla issues that have been dormant for years). Their biggest mistake, in my opinion, was not following through with Servo and disbanding the team that was working on it.
It is sad to see how Firefox has fallen.
I quoted the minimum criteria where it is a requirement, and in addition automatic updates are also a long-standing requirement.
Firefox has gone beyond what projects like arkenfox can achieve with configs alone. LibreWolf and IronFox have had a FPP Canvas regression fixed for weeks and restored a protection that had been removed because it broke Google Meet, of all things.
If LibreWolf wonāt be added because the team disfavors forks, at least put Firefox out of its misery, since the current guide doesnāt help much when the base it builds on is broken.
Iām not sure to understand. LW has automatic updates.
Technically we have automatic updates for all supported platforms. We just donāt currently support the MAR updates that Mozilla uses.