ken

joined 1 week ago
sorted by: new top controversial old
Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de 2 points 19 hours ago* (last edited 18 hours ago)

Someone asked me about donations. There is no way to directly fund the project today (TBD) but if you have cash to spare then:

  • Codeberg e.V. providing supportive and enabling infra and a point of collaboration for growing part of FLOSS ecosystem. This isn't free.
  • EFF hopefully doesn't need an intro here
  • noyb.eu
  • Tor Project
  • The maintainer of some other FLOSS software you care about
Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de 1 points 21 hours ago* (last edited 21 hours ago)

Nice, I hope it lives up to expectations!

Oh and one more thing on the overrides: There are a couple of prefs flags that exist in one of Konform/LibreWolf but not the other mostly due to being based on different FF versions - so in case you have some particular override not being effective, I'd first check that it's not just a case of differences between FF versions 140-147. Not expecting that to come up in practice and setting non-recognized prefs should be harmless, but knowing this might save some head scratching in case you have an extensive overrides config with recent additions.

Looking forward to any feedback you may have <3

Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de 3 points 1 day ago* (last edited 1 day ago)

Low-effort snark.

Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de 2 points 1 day ago* (last edited 1 day ago) (2 children)

Yes! In fact while the browser otherwise has its own branding, it does recognize override config as librewolf.overrides.cfg so you can literally just drop your existing LibreWolf overrides file into ~/.konform and it should pick it up. Figured this would make it smoother for people migrating from LW or switching between the two.

Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de -1 points 1 day ago* (last edited 1 day ago)

Not personally daily-driving or actively recommending it but I've had to look closely at Brave as part of browser security work.

Most of the posts, articles and videos I've seen that don't apply approximately equally to the other big names are mostly backed by arguments like "I don't approve of BE behavior and BE made Brave therefore Brave bad", "crypto scammers bad therefore crypto bad and Brave uses crypto therefore Brave bad" or "it's being promoted by bad people and therefore bad". I think such arguments are in themselves without merit, should be dismissed and are not sufficient to tell others they shouldn't use it. Tribalism isn't healthy. An opinion being widely shared doesn't make it true. Your trusted influencer being upset doesn't mean you need to be.

Valid criticisms of Brave and valid reasons for not using the browser exist but that's rare to see written out but buried deep under the bulk of FUD, groupthink and uninformed meme-takes we find all over the stuff shared on socials. On the privacy and security sides it's very much a mixed bag. Scrolling through Brave flags I note more than one thing I think we can take inspiration from. For people locked into corpware and limited to what's on the major app stores, you can certainly do worse. Yet I see little concern-blogging over ~~Copilot 365 .NET Live~~ Edge or Samsung Internet Browser, for example.

Of course I'd personally love if you used Konform Browser (or any other non-chromium browser) instead but I mostly see people bashing Brave for completely confused reasons. Yes there's bloat and ads and telemetry and problematic trust and outbound networking going on out of the box. Yes they inject their own monetization into the user experience if you blindly click "Next, Next, I agree, Next" and run with defaults. All just like for Firefox these days. And just like Firefox, user configuration exists to improve on much of that while the software license and open source code afford fixing the rest for the willing. The differences I've seen when it comes to the browsers are mostly in degrees, not fundamental. Maybe we should have a Brave fork too.

I hope I'm not canceling myself, here...

Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de 6 points 1 day ago* (last edited 1 day ago)

IronFox: Exists. Currently mostly due to hard thankless work of one or two individuals.

somerandomperson: OK they got this; everyone else stop trying and go home now

I don't think dismissing the issue so quickly is fair to either the IronFox maintainer, the state of Android web security, or browser diversity. It is also discouraging for anyone else considering exploring this and sharing their work in public. We need more people working on an open and free mobile browser ecosystem, not less.

Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
[–] ken@discuss.tchncs.de 3 points 1 day ago* (last edited 1 day ago) (2 children)

I mean technically Android is still somehow Linux so ^^. But it does feel funny when the first (and only?) follow-up comment on the Linux community of this Linux software is about needing an Android version instead :p

The more interested people we have checking it out and poking at the code, the higher chance we can ship Android builds Soon^tm^. Feel free to swing by and stay tuned ;)

Konform Browser - Taking privacy, security and freedom to the next level in c/linux@lemmy.world
54
Konform Browser - Taking privacy, security and freedom to the next level (codeberg.org)
submitted 1 day ago* (last edited 1 day ago) by ken@discuss.tchncs.de to c/linux@lemmy.world
18 comments fedilink
 

Good time-of-day, Linux users! I hope you will take kindly^1^ to coming here to tell you about Konform Browser and what it is. And also ask you to try it out in case this is your cup of tea :)

In short, Konform Browser is a web browser with the goal of promoting user freedom and access to the rights of security, privacy and anonymity. It is intended as a general-purpose browser fit both for daily online surfing as well as targeted deployments in secure or untrusted environments. It is fundamentally a patched build and custom configuration of Mozilla FireFox ESR. It started as a fork of LibreWolf and now stands on its own four feet.

Some highlights to give an idea to those familiar with LibreWolf or other FF fork:

  • Security: Konform is based on Firefox ESR instead of Rapid Release. This means a more stable base without missing out on the latest security updates, in exchange for longer time waiting for the newest features from Firefox. It also enables shorter lead times to backport upstream updates.
    • In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.
  • Freedom: Konform allows a higher level of customization. It gives the user control and trusts you with that responsibility. Some examples:
    • Allows enabling dark mode and following system theming even when Resist Fingerprinting is enabled
    • Allows installing your own self-built unsigned add-ons
    • "Spoof referer source" user configuration option
  • Privacy and security: Disables all browser features relying on external network connections.
    • "RemoteSettings" is completely disabled^2^.
    • No cloud "AI" integrations. You can run Konform on a disconnected network and not notice any reduced functionality.
    • All telemetry, metrics, and ads from the browser disabled.
    • OCSP turned off (but we have CRLite).
    • tcpdump and see the difference!

I should add that even if we contrast with LibreWolf above, this is not at all meant as a dig or criticism. I think they have done and continue to do great contributions for the benefit of all of us. That we chose it as upstream and that it's the easiest to compare with is a testament both to how closely aligned we are and that Konform has a lot to thank Librewolf and the wider Firefox customization community for. Like they built from Librefox and Arkenfox to bring private browsing to a wider audience, so are we but the next to try help widen and deepen the browser ecosystem.

The recommended installation method is building from source but there are also binary packages for x86_64 and arm64 built by Codeberg CI. Currently Linux only, considering Android next and could use some assistance with that.

Doors open for users, testers and contributors. Looking forward to hear what you think and if there's anything missing!

^1^: Disclosure: Am dev. This is a rewritten crosspost.

^2^: This means that local full-page translation is also unavailable even if in principle it should be possible to bundle and run translations fully locally. It's just the way Mozilla built it. Patches towards allowing users to enable fully offline translations would be very welcome.

Sources: https://codeberg.org/konform-browser

Deb / RPM / Tarball / Container image

See releases for details.

Arch User Repo package

Arch User Repo binary package

Screenshot

Trustworthy websites with recommendations, reviews, discussions about VPN, DNS, and similar? in c/privacy@lemmy.dbzer0.com
[–] ken@discuss.tchncs.de 1 points 1 day ago* (last edited 1 day ago)

You were literally asking for "trustworthy websites with recommendations". GP is telling you to stop looking or even believing in such things existing. I'd agree.

The harder you search for just that, the more targeted you will be be scammers and cybercriminals. Whatever is a credible resource today may turn bad next month and public perception taking years to catch up. It's not like that'd be a first.

That said, lots of good stuff and leads in codeberg.org/pluja/awesome-privacy. And +1 on EFF.

List of public DoT/DoH providers

Just the Browser: tools to remove AI and other bloatware from Chrome, Edge and Firefox in c/technology@lemmy.world
[–] ken@discuss.tchncs.de 1 points 1 day ago* (last edited 1 day ago)

Grumpy ken thinks "Just use Foo" meming is promoting mindless use and I think should therefore be discouraged. Even in jest I think this affects us subconsciously to feel more comfortable with not thinking deeper for ourselves. Even if X is the right one. "Use Foo already!" is nicer~!

If I may illustrate:

Use Konform Browser^1^ already!

^1^: Disclosures: Am dev; is LibreWolf fork

Question on your feelings about accounts in c/privacy@lemmy.dbzer0.com
[–] ken@discuss.tchncs.de 1 points 1 day ago* (last edited 1 day ago)

DM me if you'd like to discuss further consulting on this project. I do think I could help you. However, reaching a proper design for this that is actually appropriate for your situation is non-trivial, goes beyond the scope of lemmy thread and would likely be paid.

I would also like these things to be easier and just be able to point you to something existing but the reality is they currently aren't and such solution isn't. But if you do push ahead and are open to sharing (potential security tradeoffs there too), maybe you're in a position to be part of improving that situation.

A little help with GnuPG in c/privacy@lemmy.dbzer0.com
[–] ken@discuss.tchncs.de 2 points 3 days ago* (last edited 3 days ago) (1 children)

Because it's not something people commonly do. Because the GPG authors wanted to design for and encourage what they consider appropriate use and discourage and make difficult (but not impossible) what they consider inappropriate use. Removing a footgun for people not fully understanding the trust model of PGP or just slipping up doing that and then ending up in situations they didn't account for. In general I could have a lot of criticism of the UI/UX of GPG but in this case I can see where they're coming from and find this thread supporting it as working as intended so far.

That you need to have deep knowledge of obscure GPG internals to pull this off is by design. It's not considered part of intended use. Similar thinking to why in Chromium you don't have a button to bypass HSTS validation error but need to type in the cheat code "thisisunsafe". It nudges users to stop and think more consciously about what's going on.

66
Konform Browser - Taking privacy, security and freedom to the next level (codeberg.org)
submitted 6 days ago* (last edited 4 days ago) by ken@discuss.tchncs.de to c/privacy@lemmy.dbzer0.com
9 comments fedilink
 

There is a new Firefox fork in town: Konform Browser. Its focus is privacy, security and user freedom. Yes, I know this sounds familiar - but hear me out, I do think we have something to bring to the table!

The project started as a fork of LibreWolf and now stands on its own four feet.

Some highlights to give an idea to those familiar with LibreWolf or other FF fork:

  • Security: Konform is based on Firefox ESR. This means a more stable base without missing out on the latest security updates, in exchange for longer time waiting for the newest features from Firefox. It also enables shorter lead times to backport upstream updates.
    • In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.
  • Freedom: Konform allows a higher level of customization. It gives the user control and trusts you with that responsibility. Some examples:
    • Allows enabling dark mode and following system theming even when Resist Fingerprinting is enabled.
    • Allows installing your own self-built unsigned add-ons
    • "Spoof referer source" user configuration option
  • Privacy and security: Disables all browser features relying on external network connections.
    • "RemoteSettings" is completely disabled^1^.
    • No cloud "AI" integrations. You can run Konform on a disconnected network and not notice any reduced functionality.
    • All telemetry, metrics, and ads from the browser disabled.
    • OCSP turned off (but we have CRLite).
    • tcpdump and see the difference

I should add that even if we contrast with LibreWolf above, this is not at all meant as a dig or criticism. That we chose it as base and that it's the easiest to compare with is a testament both to how closely aligned we are and that Konform has a lot to thank Librewolf and the wider Firefox customization community for. Like they built from Librefox and Arkenfox to bring private browsing to a wider audience, so are we but the next to try help widen and deepen the browser ecosystem.

The recommended installation method is building from source but there are also binary packages for x86_64 and arm64 built by Codeberg CI. Currently Linux only, considering Android next and could use some assistance with that.

Doors open for users, testers and contributors. Looking forward to hear what you think and if there's anything missing.

^1^: This means that local full-page translation is also unavailable even if in principle it should be possible to bundle and run translations fully locally. It's just the way Mozilla built it. Patches towards allowing users to enable fully offline translations would be very welcome.

Sources: https://codeberg.org/konform-browser

Arch User Repo package

Deb / RPM / Tarball

See releases for details.

Screenshot

13
LPT: Redmond97-SE theme pack is kicking and now on AUR (aur.archlinux.org)
submitted 1 week ago* (last edited 1 week ago) by ken@discuss.tchncs.de to c/unixporn@lemmy.world
6 comments fedilink
 

Redmond97-SE is a living continuation of the now unmaintained Redmond 97.

"Redmond" style themes for GTK, Xfce, Metacity, WINE.

Includes both old-school retro variants to emulate Win9x/2000/XP, plus more modern darks for the productivity-focused desktop.

AUR packaging for Arch Linux just dropped.

43
[QubesOS] [Xfce] [Xmonad] Back to root (infosec.pub)
submitted 1 week ago* (last edited 1 week ago) by ken@discuss.tchncs.de to c/unixporn@lemmy.world
7 comments fedilink
 
  • Distribution: QubesOS 4.3
  • Desktop Environment: Xfce
  • Theme: Redmond97-SE
  • Window Manager: Xmonad
  • Terminal: xterm + tmux
  • Launcher: Rofi^1^
  • Bar: xfce4-panel

Windows

Top-left to bottom right:

  1. neovim "IDE" with integrated terminal editing dotfiles (Debian)
  2. dom0 admin terminal (Fedora)
  3. Qubes Manager looking at some templates (Fedora)
  4. Thunar File manager about to move a file between qubes (Whonix)
  5. Konform Browser browsing codeberg (Arch Linux)

Each app and window can belong to a separate qube (Xen VM), visually discriminated by differing color schemes.

Thanks to Ben Grandes qusal which was very helpful as base for setting things up.

This is a setup optimized for productivity and efficiency, which is reflected in the lack of eye-candy and gratuitous margins.

^1^: Not pictured - I figured the screenshot was busy enough. If y'all want to see more LMK.

13
Konform Browser - Taking privacy, security and freedom to the next level (codeberg.org)
submitted 1 week ago* (last edited 1 week ago) by ken@discuss.tchncs.de to c/arch@programming.dev
3 comments fedilink
 

For those of you still not satisfied with the Firefox fork ecosystem, we propose to you Konform Browser. Yes, it's another one about privacy and security with a canine logo. But I do think we have something to bring to the table.

This started as a fork of LibreWolf and now stands on its own four feet.

Some highlights to give an idea to those having used LibreWolf or another FF fork:

  • Security: Konform is based on Firefox ESR. This means a more stable base without missing out on the latest security updates, in exchange for longer time waiting for the newest features from Firefox.
    • In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.
  • Freedom: Konform allows a higher level of customization. It gives the user control and trusts you with that responsibility. Some examples:
    • Allows enabling dark mode and following system theming even when Resist Fingerprinting is enabled.
    • Allows installing your own self-built unsigned add-ons
    • "Spoof referer source" user configuration option
  • Privacy and security: Disables all browser features relying on external network connections^1^.
    • "RemoteSettings" is completely disabled^2^.
    • No cloud "AI" integrations. You can run Konform on a disconnected network and not notice any reduced functionality.
    • All telemetry, metrics, and ads from the browser disabled.
    • OCSP turned off.
    • tcpdump and see the difference

Oh, and it actually builds on Arch, in contrast to IceCat^3^. In fact, currently the only supported distribution channels are source on Codeberg and AUR.

While it's not entirely newborn, it's still early days so we won't say "trust me bro" here - this is currently not ready for a non-technical audience but rather looking to engage with people who might already be building their own Firefox or Chromium forks. Continuing work on what we consider a production-ready browser while not rushing to ship a single binary is intentional.

I should add that even if we contrast with LibreWolf above, this is not at all meant as a dig or criticism. That we chose it as base and that it's the easiest to compare with is a testament both to how closely aligned we are and that Konform has a lot to thank Librewolf and the wider Firefox customization community for. Like they built from Librefox and Arkenfox to bring private browsing to a wider audience, so are we but the next to try help widen and deepen the browser ecosystem.

Doors open for users, testers and contributors. Looking forward to hear what you think and if there's anything missing.

^1^: One notable exception is allowing the bundled uBlock origin to perform filter lists updates.

^2^: This means that local full-page translation is also unavailable even if in principle it should be possible to bundle and run translations fully locally. It's just the way Mozilla built it. Patches towards allowing users to enable fully offline translations would be very welcome.

^3^: For now; I'm sure they will fix it too. Lots of respect for the GNUZilla/IceCat people.

https://codeberg.org/konform-browser

https://aur.archlinux.org/packages/konform-browser

Screenshot

8
Konform Browser - Taking privacy, security and freedom to the next level (codeberg.org)
submitted 1 week ago* (last edited 1 week ago) by ken@discuss.tchncs.de to c/archlinux@discuss.tchncs.de
1 comments fedilink
 

For those of you still not satisfied with the Firefox fork ecosystem, we propose to you Konform Browser. Yes, it's another one about privacy and security with a canine logo. But I do think we have something to bring to the table.

This started as a fork of LibreWolf and now stands on its own four feet.

Some highlights to give an idea to those having used LibreWolf or another FF fork:

  • Security: Konform is based on Firefox ESR. This means a more stable base without missing out on the latest security updates, in exchange for longer time waiting for the newest features from Firefox.
    • In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.
  • Freedom: Konform allows a higher level of customization. It gives the user control and trusts you with that responsibility. Some examples:
    • Allows enabling dark mode and following system theming even when Resist Fingerprinting is enabled.
    • Allows installing your own self-built unsigned add-ons
    • "Spoof referer source" user configuration option
  • Privacy and security: Disables all browser features relying on external network connections^1^.
    • "RemoteSettings" is completely disabled^2^.
    • No cloud "AI" integrations. You can run Konform on a disconnected network and not notice any reduced functionality.
    • All telemetry, metrics, and ads from the browser disabled.
    • OCSP turned off.
    • tcpdump and see the difference

Oh, and it actually builds on Arch, in contrast to IceCat^3^. In fact, currently the only supported distribution channels are source on Codeberg and AUR.

While it's not entirely newborn, it's still early days so we won't say "trust me bro" here - this is currently not ready for a non-technical audience but rather looking to engage with people who might already be building their own Firefox or Chromium forks. Continuing work on what we consider a production-ready browser while not rushing to ship a single binary is intentional.

I should add that even if we contrast with LibreWolf above, this is not at all meant as a dig or criticism. That we chose it as base and that it's the easiest to compare with is a testament both to how closely aligned we are and that Konform has a lot to thank Librewolf and the wider Firefox customization community for. Like they built from Librefox and Arkenfox to bring private browsing to a wider audience, so are we but the next to try help widen and deepen the browser ecosystem.

Doors open for users, testers and contributors. Looking forward to hear what you think and if there's anything missing.

^1^: One notable exception is allowing the bundled uBlock origin to perform filter lists updates.

^2^: This means that local full-page translation is also unavailable even if in principle it should be possible to bundle and run translations fully locally. It's just the way Mozilla built it. Patches towards allowing users to enable fully offline translations would be very welcome.

^3^: For now; I'm sure they will fix it too. Lots of respect for the GNUZilla/IceCat people.

https://codeberg.org/konform-browser

https://aur.archlinux.org/packages/konform-browser

Screenshot

view more: next ›