Hi all!

Latest version of Konform Browser just dropped and now I come here to share with y'all about what's been cooking.

If you are new to Konform Browser, dev writing and previously posted on on this community introducing the project here.

Highlights since last time:

• Latest security fixes from up to most recent Firefox ESR 140.7.1.
• A new welcome screen (pictured) where user can quickly choose between how private vs integrated experience they want, from a locked down "Purely Private" all the way to an unleashed "Just Make It Work" (affectionately referred to as "yolo mode")
  • The "Show detailed information" link leads to a table showing exactly what settings will be impacted by each preset so user can make educated decision and understand impact before choosing.
• Improvements around privacy and fingerprinting. In particular: Closed a significant vector of identity leaks and fingerprinting from unique IDs sent in Origin headers of HTTP requests by addons. This is a previously known issue (1405971) that has been considered wontfix by upstream for 6 years now.
  • To my knowledge, Konform Browser is the only Firefox derivative which protects against this under defaults and improves over status quo in chromium too. Attempts are being made to reach out and see if the patch can also be of interest and benefit for Tor Browser.
  • New user pref network.http.addonOriginBehavior can be tweaked to further change behavior and work around any breaking addons.
  • A future update might change default to 3 (random), which could make browser choice less fingerprintable. The current default is not set in stone and I'd be very curious about what breaks and what doesn't if anyone plays around with this.
• Now also publishing binary packages for easy installation and updates from Alpine Linux and Arch Linux package repos, alongside deb/rpm ones. All builds and releases are produced by Codeberg CI. Building from source is of course still supported.
• Various improvements and fixes for optional features unlocked by "Just Make It Work" preset

There is also now a more official fedi account on Mastodon where an abbreviated version of this post is already shared with a couple of screenshots of the new onboarding: @konform@techhub.social^1^.

As always, installation and build instructions can be found from release notes and doors are open on Codeberg for issue reports and merge requests alike.

https://codeberg.org/konform-browser/source/releases

^1^: Still figuring out how crossposting works or doesn't across the fedis! In case federation clients botcher the link: https://techhub.social/@konform

Hi all!

Latest version of Konform Browser just dropped and now I come here to share with y'all about what's been cooking.

If you are new to Konform Browser, dev writing and previously posted on Lemmy introducing the project here.

Highlights since last time:

• Latest security fixes from up to most recent Firefox ESR 140.7.1.
• A new welcome screen (pictured) where user can quickly choose between how private vs integrated experience they want, from a locked down "Purely Private" all the way to an unleashed "Just Make It Work" (affectionately referred to as "yolo mode")
  • The "Show detailed information" link leads to a table showing exactly what settings will be impacted by each preset so user can make educated decision and understand impact before choosing.
• Improvements around privacy and fingerprinting. In particular: Closed a significant vector of identity leaks and fingerprinting from unique IDs sent in Origin headers of HTTP requests by addons. This is a previously known issue (1405971) that has been considered wontfix by upstream for 6 years now.
  • To my knowledge, Konform Browser is the only Firefox derivative which protects against this under defaults and improves over status quo in chromium too. Attempts are being made to reach out and see if the patch can also be of interest and benefit for Tor Browser.
  • New user pref network.http.addonOriginBehavior can be tweaked to further change behavior and work around any breaking addons.
  • A future update might change default to 3 (random), which could make browser choice less fingerprintable. The current default is not set in stone and I'd be very curious about what breaks and what doesn't if anyone plays around with this.
• Now also publishing binary packages for easy installation and updates from Alpine Linux and Arch Linux package repos, alongside deb/rpm ones. All builds and releases are produced by Codeberg CI. Building from source is of course still supported.
• Various improvements and fixes for optional features unlocked by "Just Make It Work" preset

There is also now a more official fedi account on Mastodon where an abbreviated version of this post is already shared with a couple of screenshots of the new onboarding: @konform@techhub.social^1^.

As always, installation and build instructions can be found from release notes and doors are open on Codeberg for issue reports and merge requests alike.

https://codeberg.org/konform-browser/source/releases

^1^: Still figuring out how crossposting works or doesn't across the fedis! In case federation clients botcher the link: https://techhub.social/@konform

Cross-post. Original Thread @ https://discuss.tchncs.de/post/54998565?scrollToComments=true

Hi all!

Latest version of Konform Browser just dropped and now I come here to share with y'all about what's been cooking.

If you are new to Konform Browser, dev here and previously posted on Lemmy introducing the project here.

Highlights since last time:

• Latest security fixes from up to most recent Firefox ESR 140.7.1.
• A new welcome screen (pictured) where user can quickly choose between how private vs integrated experience they want, from a locked down "Purely Private" all the way to an unleashed "Just Make It Work" (affectionately referred to as "yolo mode")
  • The "Show detailed information" link leads to a table showing exactly what settings will be impacted by each preset so user can make educated decision and understand impact before choosing.
• Improvements around privacy and fingerprinting. In particular: Closed a significant vector of identity leaks and fingerprinting from unique IDs sent in Origin headers of HTTP requests by addons. This is a previously known issue (1405971) that has been considered wontfix by upstream for 6 years now.
  • To my knowledge, Konform Browser is the only Firefox derivative which protects against this under defaults and improves over status quo in chromium too. Attempts are being made to reach out and see if the patch can also be of interest and benefit for Tor Browser.
  • New user pref network.http.addonOriginBehavior can be tweaked to further change behavior and work around any breaking addons.
  • A future update might change default to 3 (random), which could make browser choice less fingerprintable. The current default is not set in stone and I'd be very curious about what breaks and what doesn't if anyone plays around with this.
• Now also publishing binary packages for easy installation and updates from Alpine Linux and Arch Linux package repos, alongside deb/rpm ones. All builds and releases are produced by Codeberg CI. Building from source is of course still supported.
• Various improvements and fixes for optional features unlocked by "Just Make It Work" preset

There is also now a more official fedi account on Mastodon where an abbreviated version of this post is already shared with a couple of screenshots of the new onboarding: @konform@techhub.social^1^. Since I couldn't figure out how to crosspost Mastodon -> Lemmy you get me rambling here instead 😘

As always, installation and build instructions can be found from release notes and doors are open on Codeberg for issue reports and merge requests alike.

https://codeberg.org/konform-browser/source/releases

^1^: In case federation clients botcher the link: https://techhub.social/@konform

Hi all!

Latest version of Konform Browser just dropped and now I come here to share with y'all about what's been cooking.

If you are new to Konform Browser, dev here and previously posted on this community introducing the project here.

Highlights since last time:

• Latest security fixes from up to most recent Firefox ESR 140.7.1.
• A new welcome screen (pictured) where user can quickly choose between how private vs integrated experience they want, from a locked down "Purely Private" all the way to an unleashed "Just Make It Work" (affectionately referred to as "yolo mode")
  • The "Show detailed information" link leads to a table showing exactly what settings will be impacted by each preset so user can make educated decision and understand impact before choosing.
• Improvements around privacy and fingerprinting. In particular: Closed a significant vector of identity leaks and fingerprinting from unique IDs sent in Origin headers of HTTP requests by addons. This is a previously known issue (1405971) that has been considered wontfix by upstream for 6 years now.
  • To my knowledge, Konform Browser is the only Firefox derivative which protects against this under defaults and improves over status quo in chromium too. Attempts are being made to reach out and see if the patch can also be of interest and benefit for Tor Browser.
  • New user pref network.http.addonOriginBehavior can be tweaked to further change behavior and work around any breaking addons.
  • A future update might change default to 3 (random), which could make browser choice less fingerprintable. The current default is not set in stone and I'd be very curious about what breaks and what doesn't if anyone plays around with this.
• Now also publishing binary packages for easy installation and updates from Alpine Linux and Arch Linux package repos, alongside existing deb/rpm ones. Building from source is of course still supported.
• Various improvements and fixes for optional features unlocked by "Just Make It Work" preset

There is also now a more official fedi account on Mastodon where an abbreviated version of this post is already shared with a couple of screenshots of the new onboarding: @konform@techhub.social^1^. Since I couldn't figure out how to crosspost Mastodon -> Lemmy you get me rambling here instead 😘

As always, installation and build instructions can be found from release notes and doors are open on Codeberg for issue reports and merge requests alike.

https://codeberg.org/konform-browser/source/releases

^1^: In case federation clients botcher the link: https://techhub.social/@konform

Hi Beehaw people! New here and hope some of you will take interest in this toolkit and accompanying writeup. :3

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible.

It has containers for official Firefox, its Debian version, and some other FF derivatives that market a focus on privacy or security. Might add a few more of those or do the chromium family later - if you read the thing and want more then please let us know what you want to see under the lens in a future update!

Tests were run against a basic protocol for each of them and results are aggregated at the end of the post.

Apart from testing browsers themselves it can be useful for putting extensions under the lens. Making a modern browser properly accept a proxy and trust the mitmproxy cert is a lot more obscure and fiddly than it might seem so hopefully this can be helpful in empowering and pushing other people to peek inside what's actually going on inside their own systems without spending hours or days figuring out what actually makes it tick.

Rewritten cross-post. First Thread @ https://discuss.tchncs.de/post/53845514

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible.

It has containers for official Firefox, its Debian version, and some other FF derivatives that market a focus on privacy or security. Might add a few more of those or do the chromium family later - if you read the thing and want more then please let us know what you want to see under the lens in a future update!

Tests were run against a basic protocol for each of them and results are aggregated at the end of the post.

Posting with ambition that this can trigger some follow-ups sharing derived or similar things. Maybe someone could make a viral blog post by doing some deeper tests and making their results digestible ;)

Cross-post. Original Thread @ https://discuss.tchncs.de/post/53845514

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible.

It has containers for official Firefox, its Debian version, and some other FF derivatives that market a focus on privacy or security. Might add a few more of those or do the chromium family later - if you read the thing and want more then please let us know what you want to see under the lens in a future update!

Tests were run against a basic protocol for each of them and results are aggregated at the end of the post.

Posting with ambition that this can trigger some follow-ups sharing derived or similar things. Maybe someone could make a viral blog post by doing some deeper tests and making their results digestible ;)

Cross-post. Original Thread @ https://discuss.tchncs.de/post/53845514

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible.

It has containers for official Firefox, its Debian version, and some other FF derivatives that market a focus on privacy or security. Might add a few more of those or do the chromium family later - if you read the thing and want more then please let us know what you want to see under the lens in a future update!

Tests were run against a basic protocol for each of them and results are aggregated at the end of the post.

Posting with ambition that this can trigger some follow-ups sharing derived or similar things. Maybe someone could make a viral blog post by doing some deeper tests and making their results digestible ;)

Good time-of-day, Linux users! I hope you will take kindly^1^ to coming here to tell you about Konform Browser and what it is. And also ask you to try it out in case this is your cup of tea :)

In short, Konform Browser is a web browser with the goal of promoting user freedom and access to the rights of security, privacy and anonymity. It is intended as a general-purpose browser fit both for daily online surfing as well as targeted deployments in secure or untrusted environments. It is fundamentally a patched build and custom configuration of Mozilla FireFox ESR. It started as a fork of LibreWolf and now stands on its own four feet.

Some highlights to give an idea to those familiar with LibreWolf or other FF fork:

• Security: Konform is based on Firefox ESR instead of Rapid Release. This means a more stable base without missing out on the latest security updates, in exchange for longer time waiting for the newest features from Firefox. It also enables shorter lead times to backport upstream updates.
  • In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.
• Freedom: Konform allows a higher level of customization. It gives the user control and trusts you with that responsibility. Some examples:
  • Allows enabling dark mode and following system theming even when Resist Fingerprinting is enabled
  • Allows installing your own self-built unsigned add-ons
  • "Spoof referer source" user configuration option
• Privacy and security: Disables all browser features relying on external network connections.
  • "RemoteSettings" is completely disabled^2^.
  • No cloud "AI" integrations. You can run Konform on a disconnected network and not notice any reduced functionality.
  • All telemetry, metrics, and ads from the browser disabled.
  • OCSP turned off (but we have CRLite).
  • tcpdump and see the difference!

I should add that even if we contrast with LibreWolf above, this is not at all meant as a dig or criticism. I think they have done and continue to do great contributions for the benefit of all of us. That we chose it as upstream and that it's the easiest to compare with is a testament both to how closely aligned we are and that Konform has a lot to thank Librewolf and the wider Firefox customization community for. Like they built from Librefox and Arkenfox to bring private browsing to a wider audience, so are we but the next to try help widen and deepen the browser ecosystem.

The recommended installation method is building from source but there are also binary packages for x86_64 and arm64 built by Codeberg CI. Currently Linux only, considering Android next and could use some assistance with that.

Doors open for users, testers and contributors. Looking forward to hear what you think and if there's anything missing!

^1^: Disclosure: Am dev. This is a rewritten crosspost.

^2^: This means that local full-page translation is also unavailable even if in principle it should be possible to bundle and run translations fully locally. It's just the way Mozilla built it. Patches towards allowing users to enable fully offline translations would be very welcome.

Sources: https://codeberg.org/konform-browser

Deb / RPM / Tarball / Container image

See releases for details.

Arch User Repo package

Arch User Repo binary package

Screenshot

There is a new Firefox fork in town: Konform Browser. Its focus is privacy, security and user freedom. Yes, I know this sounds familiar - but hear me out, I do think we have something to bring to the table!

The project started as a fork of LibreWolf and now stands on its own four feet.

Some highlights to give an idea to those familiar with LibreWolf or other FF fork:

• Security: Konform is based on Firefox ESR. This means a more stable base without missing out on the latest security updates, in exchange for longer time waiting for the newest features from Firefox. It also enables shorter lead times to backport upstream updates.
  • In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.
• Freedom: Konform allows a higher level of customization. It gives the user control and trusts you with that responsibility. Some examples:
  • Allows enabling dark mode and following system theming even when Resist Fingerprinting is enabled.
  • Allows installing your own self-built unsigned add-ons
  • "Spoof referer source" user configuration option
• Privacy and security: Disables all browser features relying on external network connections.
  • "RemoteSettings" is completely disabled^1^.
  • No cloud "AI" integrations. You can run Konform on a disconnected network and not notice any reduced functionality.
  • All telemetry, metrics, and ads from the browser disabled.
  • OCSP turned off (but we have CRLite).
  • tcpdump and see the difference

I should add that even if we contrast with LibreWolf above, this is not at all meant as a dig or criticism. That we chose it as base and that it's the easiest to compare with is a testament both to how closely aligned we are and that Konform has a lot to thank Librewolf and the wider Firefox customization community for. Like they built from Librefox and Arkenfox to bring private browsing to a wider audience, so are we but the next to try help widen and deepen the browser ecosystem.

The recommended installation method is building from source but there are also binary packages for x86_64 and arm64 built by Codeberg CI. Currently Linux only, considering Android next and could use some assistance with that.

Doors open for users, testers and contributors. Looking forward to hear what you think and if there's anything missing.

^1^: This means that local full-page translation is also unavailable even if in principle it should be possible to bundle and run translations fully locally. It's just the way Mozilla built it. Patches towards allowing users to enable fully offline translations would be very welcome.

Sources: https://codeberg.org/konform-browser

Arch User Repo package

Deb / RPM / Tarball

See releases for details.

Screenshot

Redmond97-SE is a living continuation of the now unmaintained Redmond 97.

"Redmond" style themes for GTK, Xfce, Metacity, WINE.

Includes both old-school retro variants to emulate Win9x/2000/XP, plus more modern darks for the productivity-focused desktop.

AUR packaging for Arch Linux just dropped.

• Distribution: QubesOS 4.3
• Desktop Environment: Xfce
• Theme: Redmond97-SE
• Window Manager: Xmonad
• Terminal: xterm + tmux
• Launcher: Rofi^1^
• Bar: xfce4-panel

Windows

Top-left to bottom right:

1. neovim "IDE" with integrated terminal editing dotfiles (Debian)
2. dom0 admin terminal (Fedora)
3. Qubes Manager looking at some templates (Fedora)
4. Thunar File manager about to move a file between qubes (Whonix)
5. Konform Browser browsing codeberg (Arch Linux)

Each app and window can belong to a separate qube (Xen VM), visually discriminated by differing color schemes.

Thanks to Ben Grandes qusal which was very helpful as base for setting things up.

This is a setup optimized for productivity and efficiency, which is reflected in the lack of eye-candy and gratuitous margins.

^1^: Not pictured - I figured the screenshot was busy enough. If y'all want to see more LMK.