GitHub - arkenfox/user.js: Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
github.com
external-link
Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening - arkenfox/user.js

I prefer Librewolf as it is easier and simpler to use

@Freuks@lemmy.ml
link
fedilink
3
edit-2
3M

deleted by creator

JokeDeity
link
fedilink
25M

There’s no benefit to ANY of these. You can do what all of them do yourself with stock Firefox and set it up however you like, and you’ll be the first to get updates and security patches.

Arkenfox is a tool to assist setting up stock Firefox.

JokeDeity
link
fedilink
15M

Ah, I didn’t catch that, but it still sounds sort of unnecessary for most users.

Seconded.

Chemical Wonka
link
fedilink
10
edit-2
5M

My approach to use internet nowadays (joke)

1000020015

https://stallman.org/stallman-computing.html

Possibly linux
creator
link
fedilink
45M

I unironically run everything in VMs

me too

Can’t recommend this. It broke couple sites that I frequently use when I tried it some time ago

@ivn@jlai.lu
link
fedilink
25M

This is expected if you keep the default settings. You shouldn’t use it as it is but read the wiki and configure it to find the balance you want between privacy and usablity.

Contact the site owner and let them know. Tell them to test in Tor Browser too

I really doubt they would care about something like this. Even getting them to support firefox was an annoying process. I emailed them every month for six months until they added firefox support

That’s some mad dedication

Possibly linux
creator
link
fedilink
75M

Broken sites are a small price to pay for privacy

Firefox Focus anybody?

Possibly linux
creator
link
fedilink
2
edit-2
5M

It has proprietary blobs and telemetry

Damn. I been using this for a while. Switch to Mull browser instead? Better options?

Possibly linux
creator
link
fedilink
25M

Mull is way better

Proprietary boobs are my favourite

Bobs. They said bobs

I read between the limes on this one

Its better to just go through the settings yourself then rely on arkenfox. This just adds a middleman into the process of keeping your settings updated.

Have you seen the user.js, you have to change a lot of settings and you cannot keep up to date with them, secondly Arkenfox prefers you to go over their user.js by your self and their updater script has the -c flag to show you the difference between current user.js and new user.js

Overall it would be very difficult to manage something like this on our own as most things are not visible on the settings page of Firefox

In addition, if you use user.js then you essentially cannot change those settings at runtime (via about:config or otherwise), because your user.js will override the settings on next startup. Maybe that’s desired for some, but good to keep in mind nonetheless.

Lemongrab
link
fedilink
15M

That is not how Arkenfox works. You apply the patch using the script, and then re-run this patch everytime Arkenfox receives an update. In between running, you can change settings in about:config and settings, but it will be overwritten if a different value is included in the user.js. A more permanent solution is using the user-overrides.js file required by the script before patching to create a persistent config.

Something like: user_prefs(“privacy.resistFingerprinting.letterboxing” , “false”);

More details about user overrides can be found here.

What I’m trying to point out here, is that prefs declared in user.js (whether they are put there using scripting or otherwise) cannot be persistently modified at runtime from within Firefox. That may or may not be a huge problem, but something to be aware of.

Lemongrab
link
fedilink
15M

Yes, I understand. I am pretty sure that is incorrect. With an Arkenfox profile, I have modified my prefs in about:config and retained those changes persistently.

You can modify prefs at runtime and have them persist - except those prefs that are also declared in user.js. The problem arises when folks apply whole list of prefs via user.js from one repository or another, which could be hundreds, without acknowledging what prefs they set and without checking what those prefs do. If they then have some reason to change any one of those prefs - their change won’t persist if that particular pref is in user.js

A thing you could do is to just start Firefox once with a user.js file, and then remove that file. On that single startup Firefox sets prefs according to user.js, and all those changes persist to prefs.js when Firefox is shutdown. You are then able to also persist changes to all prefs because by removing user.js Firefox won’t try to override the your session saved prefs with user.js at startup.

Lemongrab
link
fedilink
1
edit-2
5M

I have independently tested you can change settings before. I will test again tomorrow if I remember to.

kadotux
link
fedilink
45M

There’s the provided user-overrides.js that’s meant to do this

I don’t think that could work. Not unless we are talking about different things, or unless you run their updater script everytime before starting Firefox.

If you use user-overrides.js, it adds your custom preferences at the bottom of the user.js, as the prefs are read from top to bottom, if a new duplicate exist in your user-overrides.js but with a different value the new value would be used as it is at the bottom.

Yes, but that is not what I’m talking about. What I mean is that when Firefox is running and you go to change some setting in say, Settings page, then the new value for that preference is stored into prefs.js (at latest on Firefox shutdown, it might remain only in-memory for some time I’m not sure). Anyway, the new value persists only for that browser session, because on next startup whatever value was set by user.js will override it.

Have you independently confirmed this?

What is preventing user.js from doing exactly what you’re describing right now on your system?

Sure. For simplified example have only the following in your user.js file:

user_pref("browser.tabs.warnOnClose",true);
  1. Start Firefox
  2. Observe that the pref is indeed true
  3. Go to Setting > General, observe that Confirm before closing multiple tabs is checked
  4. Uncheck the option
  5. In about:config observe that browser.tabs.warnOnClose is now false
  6. Restart Firefox
  7. Observe that the pref is again set to true

The reason is also very simple. Firefox will never write anything to user.js - thus any changes you do at runtime will only be stored to prefs.js. However, user.js always overrides prefs.js at startup.

@slug@lemmy.world
link
fedilink
8
edit-2
5M

I know this is somewhat defeating of the privacy purpose but I use FF because of sync- is there an alternative that can use something like webdav to sync my bookmarks/history/etc between instances? e; i know floccus is around for bookmarks but i find history useful too

Librewolf supports Mozilla sync

:O

Librewolf my beloved. Unfortunately not on mobile iirc

Possibly linux
creator
link
fedilink
235M

Use Mull

What about iOS ?

no great options but Orion by kagi is much better than base safari since you can at least get extensions like ublock

Possibly linux
creator
link
fedilink
105M

Safari is your only option as all iOS browsers are Safari. Also there are not as many apps as Apples ecosystem is locked and requires a lot of money to develop for. Add that to the fact that it is closed source and you have a anti freedom device. Apple also is bad about data collection despite there claims.

their* claims.

@plumpfella@lemm.ee
link
fedilink
-3
edit-2
5M

I want to switch off but I can’t see Android being much better as it is literally developed by an advertising company. You could root and go with an open source fork but how many phones out there still let you do that outside of the lower end

Google Pixel phones are, ironically, the best supported by de-googling projects like CalyxOS, GrapheneOS and /e/os. They are quite cheap to buy too (especially second hand).

Possibly linux
creator
link
fedilink
25M

Just get the fossdroid setup. I’m talking about F-droid plus Lineage OS. You also could go with something privacy focused such as Calyx OS or Graphene but I personally don’t care for those. Lineage OS is simple and combined with F-droid you have all the apps you likely need.

If I want to root though and still want a decently high end phone aren’t I just stuck with a pixel?

Possibly linux
creator
link
fedilink
05M

You don’t want root as that breaks Android completely. It isn’t designed in a way that root is necessarily and it breaks the isolation.

What you probably want is a device supported by Lineage OS.

https://wiki.lineageos.org/devices/

There are also third party device finders but use those at your own risk. Additionally you can also port a new device to Lineage OS if you are knowledgeable and motivated. Most phone manufacturers allow boot loader unlocks but a few don’t so be mindful.

That’s what I do. LibreWolf on desktop and Mull on Android, with FF Sync enabled between them. Works like a charm!

If you are willing to compromise I would recommend Betterfox as it breaks far fewer sites while still being better than the default Firefox profile.

Remember, all these forks are possible because Firefox is open source

Arkenfox is not a fork FYI

TIL.

Thanks.

How is it not a fork?

Arkenfox is simply a set of configuration you can (and should) apply yourself onto a clean Firefox installation.

A fork means taking the source code and modifying it directly, not providing an alternative configuration file.

Lemongrab
link
fedilink
245M

It is a script that automatically changes the internal flags of Firefox (accessed manually through “about:config”) but isn’t a recompile. A fork that uses most of the Arkenfox config is Librewolf.

That sounds like the definition of a fork

Lemongrab
link
fedilink
95M

Arkenfox quite literally is not a fork. It is just changing settings. That is like saying I am making a Firefox fork by changing it to dark theme and changing the default search engine to Bing.

Arkenfox isn’t a fork, even with a script it is manual for much of it. A fork requires redistributing the code, which for Firefox requires the Dev to change the name and replace icons of the application (to comply with Firefox’s license), which requires modifying the source code and compiling.

Taking the latest release and then running a script to patch it with some modifications is the definition of a fork.

By your logic, Tor Browser isn’t a fork of Firefox.

Lemongrab
link
fedilink
15M

It is not patching Firefox. I already explained this bit I will say it again. No source code is changed, no promo icons, and no recompile is done, therefore it is not a fork. Tor browser does a lot of stuff behind the scenes. Arkenfox is not a fork. Tor browser comes prebundled with “No Script” extension, arkenfox cannot bundle extensions because it literally only copies text from one config file to another. Tor browser patches out the phone home to the Mozilla Add-on Store, Arkenfox literally cannot because it doesn’t modify the code and without recompiling it causes a crash. There are many many more differences between forks of Firefox and Arkenfox, I’ll leave that research for you because I think I have said enough. Arkenfox is not a fork of Firefox by definition, it does not modify any code. It would be like saying “I forked Minecraft” because I create a text file with my fav config of keybinds and settings and then share that config. Arkenfox is just a text file config and a script that modifies the default config of an existing Firefox profile. When you create a new Firefox profile, it is generated as default without Arkenfox settings. Librewolf, which uses much of Arkenfox’s user.js config, must follow the forking guidelines outlined by Mozilla, patches out phone homes, bundles extensions, changes ui, and (crucially) if you create a new profile, it is preconfigured with security and privacy settings.

Wilmo Bones
link
fedilink
35M

Its not modifying the code, it’s changing existing settings that are already available to be changed to optimal settings for privacy…

It is not a fork you are completely wrong.

No, you’re mistaken. A fork is a whole new product. This is not a whole new product. It’s a patch.

Tor makes changes to the FF source though for it to run, no?

Arkenfox merely makes config changes in FF

My understanding is that this Arkenfox thing is a script that changes the config of your existing Firefox install. A fork would be a version of Firefox you can download that has those changes applied by default upon download.

It’s more akin to a plugin since it doesn’t change the code at all.

It’s a template to help set all the security and privacy hardening features that Firefox already ships with but are disabled by default.

Possibly linux
creator
link
fedilink
15M

Not entirely

@ssm@lemmy.sdf.org
link
fedilink
-12
edit-2
4M

deleted by creator

Nice FUD.

By your own logic, Chrome should have fewer developers than Konqueror, since its engine is essentially a fork of a fork of a fork.

that’s not how things work. open source projects don’t start with a set amount of developers and start splitting. even if they do, they don’t split in equal parts. if you have 500 developers working on a project, and 10 of them create 8 different forks, that doesn’t really change much.

some developers may move around, and more developers can join the pool all the time, on any fork. i don’t understand how any of this is a problem.

Possibly linux
creator
link
fedilink
135M

And that’s why we should use Chrome?

@ssm@lemmy.sdf.org
link
fedilink
-7
edit-2
4M

deleted by creator

Possibly linux
creator
link
fedilink
85M

Forks create options. Only a handful of forks will actually be used.

@ssm@lemmy.sdf.org
link
fedilink
-12
edit-2
4M

deleted by creator

yeah, Linux is a kernel, not an OS, build whatever you want onto it.

Possibly linux
creator
link
fedilink
135M

That’s the idea. It is good to have options. Single standards are a bad idea even though they are convenient in the short term.

@ssm@lemmy.sdf.org
link
fedilink
-3
edit-2
4M

deleted by creator

deleted by creator

Possibly linux
creator
link
fedilink
05M

LibreJS is a bad project and it is never going to work. Free software is very important to computing and the web but I wish the FSF would stop shoveling broken junk. What’s worse is that if you dare to disagree with the FSF cult they see you as the enemy

The Cuuuuube
link
fedilink
55M

“Richard Stallman is a sexist and a transphobe”

“You’re a corporate shill!”

Like I couldn’t have possibly reached that conclusion based on the things that he says or the way the be acts…

I feel like there are far too many IceAnimal forks that just vanish the month after they put out a release.

It might not be entirely true, but it just feels like that.

maintaining a full blown FOSS project and community, especially a browser, is a lot of work. most people likely give up pretty fast

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.13K Posts
  • 78.3K Comments
  • Modlog