These threads discuss specifics but firefox by default is not private and has not made any indication it is heading back in that direction anytime soon:
Iâm sorry but if any other tool was suggested with the caveat that you have to spend time making it private yourself by opting in and out of different settings and on top of that, installing an ad blocker yourself, it would be rejected.
I know you also have to configure settings in Brave as well, but Brave is much more privacy respecting out of the box and does not require installing an ad-blocker yourself, nor changing the default search engine.
In terms of the âbest caseâ critea, default firefox does not meet the following:
Should include built-in content blocking functionality.
Should not include add-on functionality (bloatware) that does not impact user * privacy.
Should not collect telemetry by default.
Should default to a private search engine.
Should support cookie compartmentalization (Ă la [Multi-Account Containers]
In terms of security firefox is also just plain worse than a chromium based browser due to the weaker sandboxing. Plus, privacyguides links to the flatpack version of firefox for some reason. This also compounds the weaker security firefox has as chromium sandboxing can integrate with flatpack sandboxing better.
Finally, though that security concern also applies to hardened firefox, arkenfox at least provides extremley strong fingerprint resistance in a browser not using the blending in strategy. That offers the advantages of greater customizabilty and picking and choosing extensions unlike Mullvad or Tor. Plus I do not see the need to label arkenfox as (advanced) when there is an extensive wiki detailing how to install (takes 5 minutes if your not making overwrites) and update it.
Firefox was always lacking in fingerprinting protection and security. There are reasons to use Firefox (or maybe other Firefox-based browsers) but with the recent changes to their privacy policy and new AI integration, Firefox is becoming less of an ideal choice for those concerned with privacy. Revisiting the Firefox recommendation makes sense, there just doesnât seem to be an ideal replacement.
I donât see how itâd be a double standard. Generally speaking, beta software is experimental and not recommended for production use. It shouldnât be recommended if it is more likely to be prone to instability and security issues. Iâm also unsure if DDGâs anti-fingerprinting performance could be reliably tested and compared since we should expect it to change on a whim.
Assuming itâs comparable to Brave (which Iâm unsure of), Arkenfox is not quick or easy to set up and seems to have a significant negative impact on usability. If you donât believe me, go tell all your non-techy friends and family to go set up and use Arkenfox all on their own. Iâm rarely successful in getting people to switch from Chrome to Brave so Iâm certain Arkenfox cannot fill the same gap as Brave/Firefox in terms of usability.
Even LibreWolf wouldnât be a good solution as it still downgrades usability and introduces new security issues (according to their FAQ):
Updates usually come within three days from each upstream stable release, at times even the same day.
It should however be noted that LibreWolf does not have auto-update capabilities, and therefore it relies on package managers or users to apply them.
We disable Safe Browsing as we consider it a censorship concern, and we would rather not let Google control another aspect of the internet.
The way I see it, if Firefox is removed, Brave would be the only realistic recommendation most people could use. Thatâs not to say I strongly object to removing it, Iâm only pointing out that there isnât another browser well suited to fill the void Firefox would leave.
Yeah I worded this poorly, but it just seems the site is being extremely picky with browser criteria, yet turns a blind eye to the mountain of problems with non-hardened firefox. I just used duckduckgo as an example as it can be a replacment to occupy that niche of an easy to setup friendly browser that isnât Brave. This is not the main point of the discussion though.
I use arkenfox as a daily driver and i rarely find that it has that much of a negative impact on usability since letterboxing was removed by default.
Also, if I go to my non techy friends and show them default firefox anyway, there is no way in hell they would use it. By default the home page is filled with ads, then browser doesnât have profiles implemented well, and now I tell them to spend time going in and out through the menus opting out of services, changing their default search engine and installing an ad-blocker.
For non-techie people Brave already should be the default recommendation, with a step up being arkenfox or mullvad.
Thatâs better than overstating the value of using Firefox.
Personally, I think worth mentioning recommendations need to make a return to the site, at least to certain categories. Being unwilling to guide people when it comes to options that are less than perfect out of the box seems to be holding us back, when the reality is that most people would be far better off using a browser like Librewolf, provided they understand the potential implications, over Chrome, Opera, or even plain Firefox.
Educating users is something we have the luxury of doing here, yet there is this notion that for a product to be secure it must only be able to operate in a secure way. Demanding that developers make their products more secure and informing our readers how to do things more securely is not a zero-sum game, we can actually do both of those thingsâŚ
I think it would be a big disservice to only list the first 2 browsers, when we have the full knowledge that many people simply will not follow that advice.
Well the benefit is sane telemetry defaults relative to plain Firefox, and a commitment to not go down the same path as Mozilla with respect to tracking/advertisements. I donât know anything about their mod store lol
I guess I should note that I donât feel strongly about these specific recommendations, itâs just based on what Iâve heard people using in this community overall, and I would go with recommending a list very similar to the one above, if not that list exactly.
So yes, weâd have to do more due diligence into Librewolf and Zen Browser, which we havenât ever done before, since the general consensus historically has been to not even look closely at either one in the first place, because of surface-level âdisqualifiersâ that Iâd consider to be somewhat niche.
But I would personally like to get us in a direction where we do actually strongly consider these options to be listed with caveats, thatâs my main point.
Not relating much to your post, but would it be against any forum rules to retroactively change the title to âRemove Non-Hardened Firefoxâ and the category to tool suggestions?
If, say, only Brave and Mullvad were listed as browsers, it wouldnât make PG unwilling to guide people who wouldnât be able to use those options. It would just be listing a âgolden pathâ, and people not able to use those options can ask the forum.
Iâm for this, because privacy isnât a black-or-white thing and it gets annoying when people call things a security nightmare just because it isnât the most secure Google Pixel phone or the most secure Chromium-based browser or something. Itâd also cater to people who oppose big tech based on ideology. Speaking of, it gets really frustrating when people dismiss ideologies as harmful as if security is the only thing that matters (security does matter, but so does independence, avoiding vendor lock-in and walled gardens, and other restrictions). Not everyone wants to financially support Google, and having a monopoly on web browsers is harmful even if itâs easier to secure when one company controls the standard, because then they can push crap like Manifest V3 (itâs more secure than MV2 at the expense of good extensions not working anymore, a repeat of the transition from XUL to WebExtensions many years ago yet it seems like almost everyone here loves MV3 and doesnât want anyone to enjoy their advanced dynamic filtering and other cool extensions like LibRedirect, extensions that restore the RSS functionality Firefox dumped, etc.
Itâd also be good because we could mention things that have nothing wrong with them privacy-wise but still arenât recommended due to usability concerns (Mojeek search and Alpine Linux come to mind, though itâs been years since Iâve used Alpine). Yes this could tell viewers that just because something isnât recommended doesnât mean itâs a privacy nightmare and youâre better off using Googleâs whatever.
As for browsers, I agree with Librewolf and custom Firefox (Iâd probably rank custom Firefox over Librewolf). I havenât used Zen Browser. If Ungoogled Chromium and GNU IceCat distributed official binaries and Qutebrowser and Pale Moon werenât so terrible at security (sadly since the former has a reasonable use case for advanced users and the latter holds on to the classic web, but obviously thereâs no way either of these should be worth mentioning although Iâd rather use these than Chrome or Edge) those could have been considered too.
What is sane is subjective and situational. But setting that aside,
Basing browser choice on a default that saves you a click or two, feels like a disproportionately tiny factor in the overall decision of what browser to use, given that Firefox telemetry was designed to be robustly privacy preserving, and can be disabled with a click or two in the GUI if it makes you feel more comfortable. Zenâs (well technically Betterfoxâs) choice to disable telemetry by default is a small convenience to those who prefer it disabled ootb, but really shouldnât be a determining factor in browser choice.
Itâs also worth noting that Thorin (Arkenfoxâs maintainer, Tor core contributor) personally (and Arkenfox as a project officially) has confidence in the privacy and security of Firefoxâs telemetry system [1] and does not see telemetry (done right) as a negative:
[SECTION 8500] TELEMETRY: 'Arkenfox does not consider Firefox telemetry to be a privacy or security concern'
/*** [SECTION 8500]: TELEMETRY
ARKENFOX DOES NOT CONSIDER FIREFOX TELEMETRY TO BE A PRIVACY OR SECURITY CONCERN - comments below.
But since most arkenfox users prefer it disabled, weâll do that rather than cause overrides.
Opt-out
Telemetry is essential: a browser engine is a very large complex beast costing billions to maintain
Opt-in telemetry does not work and results in data that is unrepresentative and may be misleading
Choice
Every new profile on first use provides data collection/use policy and the abillty to opt-out
It can be disabled at any time (Settings>Privacy & Security>Data Collection and Use)
Data
I was a Firefox fan. In the last years, I feel like Firefox is a lost cause. Of course, it depends on your needs, but Firefox lags behind everything. There was no UI profile switcher, tab groups, lack per-site isolation on mobile, barebone mobile apps, ugly UI and more.
I am optimistic about Zen, but it is still in Beta.
The only advantage of Firefox for me at the moment is containers and being able to use addons without chrome store.
Canât disagree that Firefox is getting worse every update, but Brave too seems pretty bad to me.
There are tons of settings to opt in/out to prevent telemetry, and all those crypto and AI stuff + news/vpn garbage just makes me sick.
Also, all chromium-based browsers share a common inconvenience that one cannot change settings when forcing incognito. Firefox based browsers support always using private mode by default, but for chromium browsers, you should add a custom registry and assign a value, which prevents the settings page.