We had dedicated much energy in the past, 2 years ago, to advocate for Palemoon and you should at least read the piece about the NoScript parody, and how we gave up on it for specific suspicious reasons (still holds unchanged, Palemoon has branded NoScript as “dangerous” because it breaks pages). We had seeked refuge at Waterfox, retaining some old firefox functionality and ensuring us it is blocking all of Mozilla tactics of robbing you of private data and feeding it to “who knows who”.
Waterfox officially was sold by mr Alex Kontos to System1, a UK payperclick ad company, which it would be absurd to believe that it wouldn’t utilize the browser’s ability to feed their other interests with private data. Or why else would they buy to promote their own browser, to make all others break while they are getting robbed?
Thank you Alex for your sincere efforts and sleepless nights of coding, all these years, it has been a great ride, and it is too bad it had to crash in such a bad time for browser variety and period. Goodbye and good luck for all that you had done up to now.
Waterfox lost sound ability while playing videos when glibc 2.31 started hitting some distros. It would automatically be fixed if you reverted to 2.30.xx but then most of your other software compiled with that new library “might” break. There was a fix, and I quote:
In a terminal console: tex@localhost ~]$ export MOZ_DISABLE_CONTENT_SANDBOX=1 tex@localhost ~]$ export MOZ_DISABLE_GMP_SANDBOX=1 [tex@localhost ~]$ waterfox
and after this was published Feb5 as a problem and nobody at Waterfox responded (usually the specific insider named below has been extremely helpful with any problems), for 2 weeks (2/19/2020 now), we get this response:
It’s rather temporary fix, disabling sandbox may decrease security.
Related => bugzilla.mozilla.org/show_bug.cgi?id=1600574
But why fix a MAJOR BUG while you are about to sign in and get some cash. Too busy with lawyers and bankers to push a patch. None of Alex’s business anymore, let the corporate team figure it out.
But it is the only fix for now, unless you know how to run a container with the previous stable glibc library and run waterfox in it. Decreased security of disabling sandbox internally may mean the necessity of sandboxing (firejail …?) around waterfox. But if we were to run to such measures to just use a browser we might as well sandbox the authentic Mozilla corporate/agency product, isolated tab by tab, and entering no personal information anywhere ever.
– Waterfox never run in musl, and I failed at all attempts to build it without glibc.
So, keep your 2020.02 version of waterfox as the last, broken, but not signed by a major corporation browser alternative to evil itself (chrome,firefox,explorer) or the weirdo palemoon.
So, where do we go from here? Anybody knows? I have been toying around with Brave (brave nightly to be exact – alpha/beta stuff) which when researched deep inside the “advanced” settings, it tunneled private information back to “their trustworthy” associate, themselves. I was under the impression brave was created to avoid such tactics. It run inside firejail fine, up until recently, then it couldn’t. With brave-nightly you may get two updates a day, so whatever you set up the one morning maybe unset by after lunch time. In a very Mozilla like fashion, where your “options” are no longer compatible and the new defaults are reversing your options.
Do you know how a common database works? Fields, columns of data, for example:
so you enter:
If they change Name to Name0 and Lastname to Name1, then those 2 new fields can be set to a default value till you change it. So whatever security options you set, once an upgrade comes through, they can be UNSET. So, everytime you upgrade something, don’t expect your previous settings and configurations to last.
Let us get back to Mozilla now, the dear friend and associate of this other “character”, tor-browser. Ever since those two enemies (tor-browser used to have a gnu version of firefox, also carried by debian long ago, under the tags ice-xxxx but hacked that one too) got married and keeps up with mozilla’s -esr version, the partnership left us scratching our heads. Not for the M, that was a given for years, but for the tor team as well. If your comrade marries a cop, it is obvious she/he is not a comrade anymore. No offense, but there are choices in life. TorBirdy, also utilized in tails, was an addon to thunderbird ensuring all communication goes through a proxy. Mozilla made sure it wouldn’t work anymore, and the tor-team left it unmaintained. What time is it now? It was 2018 when they last touched it. You can still set proxy manually, but do you really trust it? If you do, and it is working, then why can’t it resolve .onion servers but only sees “official” net addressing?
There is no way out of all this. You think you can trust tails and run some VM from inside tails and you are anonymous and secure? If tails wanted security they would be eager to get rid of security threat No1, systemd. But Nooo… tails and torteam has been bedfellows with debian and fedora for so long it would be unheard of to expect them to separate.
Faw getta boud it! You can’t escape, your best friend coder will sell out at his/her best opportunity to cash in the expertise. When they do, no heart feelings, they decided not to be your friend any more and there are better things in life than friendship; like an 11s car or a 9s bike, or a 25s bicycle, but you can’t really buy legs, even for a 25s run.
Keep swimming, upstream like a trout, we’ll get there.
PS It was similar reasons and topics that made us scratch our heads about Devuan, and how they dealt with onion.repositories and how did they identify onion connections, separated them, and forwarded them through a different route to debian, without alerting users of beta-testing their crap for 3-4 months. Then when it came time to answer and explain they felt it was better to ban people than have to give a public explanation. Keep swimming, don’t forget. Don’t forgive even though they think you forgot.
PS2 https://www.waterfox.net/blog/waterfox-has-joined-system1/ What a piece of work, we should cry and feel sorry about this UK “based” alternative to big browsers being engineered in California and bound by UK/EEC law. Retroactively you may find out it also moved to the US, where it is not bound not to be spyware-browser at the same time. He says it almost himself, it is privacy and security minded, that doesn’t make it either private or secure. And his 5c worth of advice “if you want privacy go to tor” it is just that, 5c to tor-browser 4c for waterfox. Under what authority would someone be able to advise that tor-browser is secure?
He is right and telling an important truth about browsing, if you want security and privacy you can’t have browsing fluff. If telemetry is turned off (100%, even to the browser developer) and scripts turned off, with the exception of really trustworthy sites, then you have nothing to worry about. And who can you really trust with your browsing history and habbits and why are they using scripts in the first place? To make stuff pretty and functional. Things can be pretty and functional with html alone and html video plays just fine.
Selling out fans and users to corporate (and who know what other interests) and making money is a major motive in the industry. Let’s not cry about it calling you on the very act you aimed for.