Spoiler: Features Updated browser: because this project is not a fork, it is kept updated with the latest Firefox version. Extensions firewall: limit internet access for extensions (firewall-test-feature) IJWY (I Just Want You To Shut Up): embedded server links and other calling home functions are removed (zero unauthorized connection by default). User settings updates: gHacks/pyllyukko base is kept up to date. Settings protection: important settings are enforced/locked within mozilla.cfg and policies.json, those settings cannot be changed by addons/updates/Firefox or unwanted/accidental manipulation; To change those settings you can easily do it by editing mozilla.cfg and policies.json. Librefox-addons: set of optional Librefox extensions Statistics disabled: telemetry and similar functions are disabled Tested settings: settings are performance aware ESR and Tor version (Librefox TBB Beta) Tor Librefox-addons: adapted Librefox extensions for TBB Multi-platform (Windows/Linux/Mac/and soon Android) Dark theme (classic and advanced) Recommended and code reviewed addons list Community-Driven And much more... Librefox v2.1 Released (December 21, 2018) Website Releases (Windows/Linux/Mac) Spoiler: Changelog v2.1 v2.1 : Project renamed to Librefox Reorganizing settings Adding section "Extensions Firewall" (block internet for extensions) Only requested domain with permission are allowed This is an alpha test feature Adding section "IJWY To Shut Up" (I Want You To Shut Up) Objective, zero unauthorized connection (ping/telemetry/mozilla/google...) Fix debugger disabled Added more documentations Defaulting moved to mozilla.cfg Update safebrowsing list Add ESR60x support and section Remove duplicates Update referer settings Update gHacks v63.0.3 08.12.2018 Update gHacks v64.0.0 17.12.2018 Lock tracking feature Remove false search engine Fix firefox bug not locking safesearch settings Fix and adapt history settings Fix sites settings not saved Update disabled sync services Fix certificate button Fix security device button Fix dark theme history dialog Fixing twitter and some extensions not working Defaulting offline website data on clear dialog Defaulting HW Settings instead of enforcing them Improve HD Video playback Gathering infos/code for firewalling extensions Correct some grammar mistakes, thanks to @mikroskeem Update to firefox v64 Adding extension firewall feature Fix referer blocking twitter and many other sites Adding IJWY v64 settings Moving some debug notes from mozilla.cfg to debug-check-todo.log Fix incompatibility with Compare-UserJS.ps1 Cleanning with Compare-UserJS.ps1 Adding 15 differents releases Adding release x32/x64 linux Adding release x32/x64 esr linux Adding release x32/x64 tor linux Adding release x32/x64 windows Adding release x32/x64 esr windows Adding release x32/x64 tor windows Adding release x64 mac Adding release x64 esr mac Adding release x64 esr mac Add tor compatibility & patches Grammar mistakes, thanks to @brainscar
I am surprised by the lack of comments by the "superior security experts" here at Wilders . I see not to many (experts) here anymore! Works fine here. No news is good news, I guess?
@Circuit i think most here like to have their ff tailored by themselves so's to know what's been modified and changed under the hood, like myself, you know? it's a one-man project, right?
True or false (about:config) right? Not much ether way, most is fluff that really can't be changed. Just a feel good solution to make the user feel he/she has control. One-man means nothing. Most great software came from one man right?
nah, actually i use js files, not a:c. and it's not a trust issue, it's about tailoring it to one's liking.
Glad you cleared that up. Think it is good for people just looking for a secure browser "all taken care for in the privacy dept.", of course everyone will have to let some guard down to get to their favorite sites. Off topic; If I cant get to a site because of privacy setting I will skip that site, it's to their loss not mine.
I think the value of this class of initiative is precisely for people with less time or expertise. If it represents good practice, then that seems worthwhile to me - of course it won't be perfect because that's not possible in the circumstances!
I think I give it a try... Frankly, Im getting extremenly sick of always doing the whole security-privacy dance (going throught all the possibly changed and maybe new telemetry settings in each FF release). About it being one-man project...it doesn't matter. Often one-man projects can be equal or superior to anything produced by bunch of highly paid lazy SW-engineers, be it corporate greedy ******** (a la Google) or supposedly non-profit organization (a la Mozilla). The only serious disadvantage is that if something happens to that one-man what will happen to project?
Stefan, that's actually less troublesome than you think. If you're using the GHacks user.js (which I recommend as its the best maintained, most comprehensive and best documented one) you can easily update it with a script once a new FF version is out. And if you created a user-overrides.js for your specific exceptions that updater script takes that into consideration. Pretty simple, IMO.
Well, dang... I did not know that there was this kind of stuff out there. Thanks and Happy New Year !
