Here is what is new and changed in Firefox 87.0
Mozilla plans to release released Firefox 87.0 Stable and Firefox 78.9 ESR to the public on March 23, 2021. The new versions of Firefox are available as automatic updates but also as direct downloads from Mozilla's main website and third-party sites as well.
All development versions of Firefox are released around the same time. Firefox Beta and Firefox Developer are updated to Firefox 88, Firefox Nightly is updated to version 89, and Firefox for Android will also be updated to version 87.0 eventually (the release was delayed somewhat recently).
Check out our Firefox 86.0 release overview in case you missed it.
Executive Summary
- Firefox 87 introduces SmartBlock, a feature to reduce website breakage when using private browsing or strict enhanced tracking protection.
- The default HTTP Referrer policy will trim the path so that only the domain name is submitted for cross-origin requests.
- Firefox 87 includes security fixes, the highest severity rating of these is "high", the second highest rating.
Firefox 87.0 download and update
Firefox 87.0 and Firefox ESR 78.9 are available via the browser's automatic update feature after the official release later on March 23, 2021. You can verify the installed version by selecting Menu > Help > About Firefox; this will also run a check for updates.
Manual downloads are also available. The following pages list direct downloads for supported Firefox channels.
- Firefox Stable download
- Firefox Beta download
- Nightly download
- Firefox ESR download
- Firefox for Android on Google Play
New features and improvements
Less website breakage
Firefox users who use the browser's private browsing mode or have set Enhanced Tracking Protection to Strict, benefit from a new feature that Mozilla calls SmartBlock.
SmartBlock is designed to reduce breakage on websites by using stand-in scripts on sites so that these load properly. These scripts are included with Firefox and simulate the "real" script enough to make the website believe that it is loaded. No tracking code is loaded or included in these scripts.
Mozilla published a blog post with information on the new feature.
HTTP Referrer is trimmed
Starting in Firefox 87, the browser will trim the HTTP Referrer for all cross-origin requests, e.g. when a site loads a third-party resource such as an image or a stylesheet.
Instead of revealing the full path of the webpage the user is on, only the domain name will be revealed.
Check out our coverage of the feature here: Firefox 87 to limit the referrer for all cross-origin requests
Other changes
- Highlight All of the Find in Page feature displays marks on the scrollbar that correspond to matches on the page.
- Built-in support for he Mac OS built-in screen reader, VoiceOver.
- Support for the Silesian locale.
- Several accessibility related fixes.
- The Backspace key is now disabled as a navigation shortcut in order to prevent data loss when filling out forms. The shortcut Alt-Left-Arrow or Command-Left-Arrow may be used instead. Firefox users who want to restore the functionality may set browser.backspace_action to 0 on about:config.
- The menu items Synced tabs, Recent highlights and Pocket list were removed from the Library menu.
- The Help menu has been simplified.
Firefox for Android
Coming once it is released.
Developer Changes
- Starting March 15, 2021, all extension developers must enable two-factor authentication to better protect their accounts.
- The Page Inspector tool supports the simulation of prefers-color-scheme media queries and options to toggle the :target pseudo class for the currently selected element.
- Other Page Inspector improvements include that table-layout and scroll-padding properties are marked as inactive for non-table elements or non-scrollable elements.
- The <link> element is no longer matched by :link, :visited, or :any-link.
- Several Firefox-specific theme-related media features, including moz-windows-classic, moz-scrollbar-end-forward, or -moz-menubar-drag, have been disabled for use in webpages.
- Users of enterprise authentication services that require that TLS client certificates are sent in CORS preflight requests may enable network.cors_preflight.allow_client_cert to allow that.
- The policies.json file is no longer ignored if policies are specified on Windows (GPO) or Mac OS (configuration profiles).
Known Issues
- The release notes list no known issues.
Security updates / fixes
Security updates are revealed after the official release of the web browser. You find the information published here after release.
Outlook
Firefox 88.0 will be released on March 23, 2021 according to the Firefox release schedule.
Recently Reviewed Firefox extensions
- Get more control over how links open in Firefox with Right Links WE
- Move tabs between windows, detach tabs, save your browsing session with the SplitUP extension for Firefox and Chrome
- Manage container tabs efficiently from a side panel with the Container Tabs Sidebar extension for Firefox
- Load new tabs in the same container as the first one with the Sticky Window Containers extension for Firefox
- Tile Tabs WE makes it easier to display tabs side-by-side in Firefox and Chrome
- Brook is a simple RSS Feed management extension for Firefox
Recent Firefox news and tips
Additional information / sources
- Firefox 87 release notes
- Firefox 87 for Developers
- Firefox for Enterprise 87 - release notes
- Firefox Security Advisories
- Firefox Release Schedule
So Firefox in strict blocks too much potentially breaking web sites, so they have to add a Smart Blocker feature to fix the sites Firefox breaks?? Anyone else see how this looks like a company chasing its tail? Brave browser has similar issues where you have to adjust its aggressive privacy settings for some web sites. If the cure is worse then the problem I think there is an issue with that.
I think I fixed the intermittent connections problem with Firefox 87 that I mentioned above. The problem is with DoH resolving, Firefox 87 silently set network.trr.mode to 3 which for the most part works fine, but sometimes it’ll make all sites stop loading every 10 minutes on the dot until I restart the browser.
Set network.trr.mode in about:config to 2 (which is what I had it set as in Firefox 86 and earlier), so that if DoH fails for any reason it’ll fallback to not using it instead of crapping out. This seems to have fixed the problem for me.
Is it me, or is the about:config the same as chrome://global/content/aboutconfig/aboutconfig.html?
How to use something similar to chrome://global/content/config.xhtml?
Thanks=D
Audit your web browser against unwanted connections.
If you use Linux, close your browser, open a new console window, and do:
sudo tcpdump -t -n -p -Q out port 53
Now open the browser again and see the amount of unwanted connections it opens.
You can also use Wireshark (www.wireshark.org) and set the filter to show only DNS queries (it should be something like: udp.dstport==53)
These auto-connections may violate user’s privacy by accessing your local data they are not supposed to, and sending it to their remote servers. Any web browser, OS, or hardware (eg. processors, BIOSes…) that open remote connections and do not allow the user to disable it a SPYWARE, not matter which function they claim to be: autoupdates, security, privacy, performance… all of them should provide an option for the user to choose to disable, because they are not necessary for the system in question to do its job.
Spread the word if you agree with this!
Waterfox
Version G3.2.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0 Waterfox/78.9.0
https://www.waterfox.net/blog/waterfox-G3.2.0/?update
Waterfox G3.2.0 – Decennial Release
March 22, 2021
I’ve had nothing but problems since Firefox updated to version 87, for some reason everything stops loading like the internet connection has dropped roughly every ten minutes or so and it’s only fixed by reloading the browser. No idea what’s happening but it’s only with Firefox, everything else works fine.
I use Waterfox classic as my main browser, because it supports both XUL and most webextensions. I run it in Sandboxie just in case, since it’s technically an old browser with best effort security patches by the Waterfox devs. Also adguard, ublock, umatrix, privacy possum, cookie auto delete, etc. I feel like this offers the best balance of hardened security, privacy, compatibility, and productive XUL extensions that can’t be found elsewhere.
I also have installs of librefox and ungoogled chromium In case of compatibility issues.
On android I have Bromite, Kiwi, and Fennec.
Sensible. Seems the best way to shield from the malice churned out on mainline browsers.
@Anon7
I used to read his comments with a smile on my face.But now i know this dude has issues.If you say something positive about Firefox,expect to be bombarded with those anti-FF links.Which have easily been refuted time and time again on here.He’s blocked and he forever will be until he changes his name and i have to block him again.
What fuels this person is our responses. He’s a fanatic on a mission. The more people fight his bullshit, the more his sense of self-importance grows. What you say is irrelevant because arguments are just lines for him. He’s obsessive and has plenty of time on his hands.
What he does has nothing to do with criticism. He sabotages this comment section to prevent any meaningful discussion about Firefox, with Ghacks benevolence. It’s very weird, actually. What kind of person would do that for months and months? Just stop giving him attention.
> “Just stop giving him attention.”
That’s what I’ve been doing ever since I realized what you describe perfectly.
I don’t response to his comments and he does the same to mine. Remains the fact those comments do take a lot of screen space most of the time which forces the user to quickly scroll in order to bypass those essays. You get used to a desert preacher.
Just leave the guy (gal) alone, forget him (her).
The hateful replies look even more fanatic, when it’s just twin adware browsers by the same person.
Did that Brave shill really respond to me even knowing i have blocked him and can’t see his responses? There’s something wrong with that guy.In real life i’m not gonna stand around either when some doofus starts wasting my time with clueless facts and propaganda.It reminds me of those guys standing on the corner of a street holding a sign saying “The end is near”.
@Tony
Lol
> Did that Brave shill really respond to me even knowing i have blocked him and can’t see his responses?
Yes he did. I find this IH dude to be hilarious, he probably has about 20 different anti-FF links at the ready anytime some firefox article comes up, spamming the crap out of them and spreading heaps of FUD all over them. I don’t know what his problem is, but he seems rather obsessive in his antics. He will crap on a FF article just for the sake of it. He has an obsession in telling everyone how insecure FF is, which is just blatant FUD.
Now we need a uBlock filter to block replies to ‘@Iron Heart’ as well. hint hint wink wink
Hell yeah!
No, you actually don’t. The filter already covers that.
All that is needed now is that you fanboys become actually CONSEQUENT in blocking me, i.e. you should actually no longer annoy me with your replies because you no longer see my comments. Just do it and no longer reply.
@IH
Its more fun to expose your * [Editor: removed] and spreading of FUD than to block your comments.
If there was a vote system thumps up thumbs down system on GHacks, your stupidity around Firefox would be more easy to observe.
You would not last 2 minutes on Reddit or other tech sites.
@Iron Heart: “Fanboys” say you you Brave slave.
You seriously don’t have any kind of self-reflection, huh.
@Unknown person
You may call me a fanboy, doesn’t make my statement false for your own case. If I was, you still wouldn’t be any better and would be a hypocrite (lol). * [Editor: removed]
Thanks for that, I have been coming here less and less because of them, it will be a pleasure to read the comments again.
I block him too.
For those who don’t know how, paste this on my filters section of uBlock Origin:
ghacks.net##.comment-item:has-text(Iron Heart said)
Uh oh.
The more ignorants hide my comments, the better. Means that I no longer have to deal with their asinine replies. Ignorants, please go ahead! I endorse this, don‘t delay.
so the ad-hominem and “bla bla angry cancel cancel” replies to informative Iron Heart posts want to self-cancel? Hurrah!
wait, is that how its supposed to work? nvm continue.
Makes debunking misinformation from the cancelcircus easier.
@sure
Informative posts from IH
You must be joking. When people are talking about how you can harden Firefox on desktop, this “IH troll (repeatedly on every FF article) starts spamming links to mobile operating systems and how it relates to FIrefox.
Two completely different platforms but he throws it all in together in attempts to denigrate the FF browser on desktop. Always the ingenious little FUD spammer is our IH.
He makes the Brave browser out to be this super secure browser which is far from the truth, the tor breakage is a serious stain on them, it shows they are putting bug ridden options in their browser, there is also no guarantee to stop web rtc leaks 100% on the chromium engine, thats very insecure for a browser that claims to be privacy focused, that combined with the in-built ads, lots of thing to criticise.
The more i hear that troll arguing for use of google chromium brave over FF, the more i’m convinced that Firefox and the gecko engine are so much greater as regards privacy and security.
Hardened Gecko > Hardened Chromium.
That fact makes IH obsessed with trying to denigrate FF. He is on a failed crusade trying to convince FF users to switch to bitcoin ad central and google (chromium) central.
Issues recur because main browser makers dont seem to want to correct their ways.
If the mobile version is so embarrasing maybe they should try to correct it?
If various other actions are so obviously malicious maybe they should stop?
Deflecting and attempting to minimise only allows this behaviour, is this on purpose?
Dirision and cancelcultish trolling just looks bad, its quite transparent you know.
@IronHeart
Your crusade of crapping on Firefox and its users is very pathetic, you are not convincing anyone with your FUD, you’re not not getting any FF Users to switch over to your garbage browser of choice Brave with its google crap chromium and in-built ads, the stoppage of web rtc leaks are not even guaranteed in chromium. Its garbage! That tor windows breakage was more than enough for ANYONE TO NEVER EVER TRUST such inferior devs AGAIN!
Brave is a running ad joke at this stage and you’re its mascot.
@Anon7
> FF Users to switch over to your garbage browser of choice Brave with its google crap chromium
No, Mozilla does:
https://old.reddit.com/r/brave_browser/comments/ku6828/after_the_mozilla_statement_the_need_of_more_than/
> and in-built ads,
Uh oh. Look, it’s opt-in privacy-respecting ads! Oh no! Better survive off handouts from google than letting users get a share of the ad money…
Also, Firefox’s Pocket Stories are based on the very same principle which Brave uses (local algorithm analyzing your browsing) and are enabled by default, dear hypocrite.
> the stoppage of web rtc leaks are not even guaranteed in chromium.
Provably false. Take the WebRTC IP leak setting in uBlock Origin for Chromium, for example. Works 100%, all of the time. Do you think people like @gorhill are idiots offering unworkable settings? LOL.
Care to provide a source that the WebRTC IP leakage can’t be stopped in Chromium?
> such inferior devs
Better performance, better stability, better security. In case of Brave, also better privacy. Yeah, clearly inferior. Also demonstrable via market share.
@IH and his FUD
> Firefox’s Pocket Stories are based on the very same principle which Brave uses (local algorithm analyzing your browsing) and are enabled by default, dear hypocrite.
No its not, Firefox uses no advertising capability that they would profit with through sh1tcoin.
Pocket is also easily neutered in about:config.
> Provably false. Take the WebRTC IP leak setting in uBlock Origin for Chromium, for example. Works 100%, all of the time. Do you think people like @gorhill are idiots offering unworkable settings? LOL.
>Care to provide a source that the WebRTC IP leakage can’t be stopped in Chromium?
“Google chrome has terrible anti web rtc leak protection” so does chromium in theory. Gorhill knows that UBO works a lot better in Gecko than in chromiumn engines. Your claim that Brave can consistently stop web rtc leaks is PR bluff and fluff.
Brave had serious DNS problems with those tor windows. They are not browser engine developers, only browser developers and sloppy ones to boot.
Trust Brave devs to protect from WEB rtc leakage 100%? just lulz.
Just block that “IronHeart” fella.I did with uBlock Origin,and it’s a breath of fresh air not seeing his usually propaganda for a far inferior browser with ads on a Firefox article.
Firefox too has ads, at many different places. Firefox too is pioneering ways to crush human rights by monetizing sensitive private data for user manipulation through paid advertising without consent. Firefox is funded by Google and a minority of other ad deals. But keep spreading disinformation and censoring and harassing activists for great $$$$ surveillance dystopia leeches.
@Tony
Question No.1: If you blocked me, why did you react? Isn’t that against your intended goal?
Question No.2: Far inferior browser… Better security, better privacy, better stability. So objectively not true. Why are you spreading lies and misinformation?
BTW. Is this still your latest?
https://www.ghacks.net/2020/11/17/brave-browser-gets-cname-based-adblocking-support/#comment-4480402
I try to keep a bookmark to your latest one incase I need it. I am still trying to decide whether I should download Brave or Vivaldi to try out. Brave seem to be attracting new users to their user base much quicker than Vivaldi in general, which I think is good for the browser. And I guess that at least as long as they keep Brendan as CEO there’s no reason to worry about that the Brave management will start behaving like the Mozilla equivalent, which I can’t stand.
And yes, I wish Brave would consider providing a less bloated version to download, a slim edition, one without all the e.g crypto/bitcoin etc etc stuff that I have no use for and would not need to disable all of that.
@Karl (still a Firefox user)
> Brave seem to be attracting new users to their user base much quicker than Vivaldi in general, which I think is good for the browser.
Well, it’s because Vivaldi is a browser for a very niche audience. It caters to a specific group of users (those into UI customization) more than any other browser in the market, I think. Vivaldi’s slower growth doesn’t mean that it’s a bad browser. It just means that comparatively few people care about UI customization (count me among them). Brave has major growth on Android because it’s an easy way to get adblocking (Chrome on Android has no adblocker support).
> And I guess that at least as long as they keep Brendan as CEO there’s no reason to worry about that the Brave management will start behaving like the Mozilla equivalent, which I can’t stand.
Well, I would prefer the browser to stay apolitical (it is apolitical currently). Suffice to say that I, ahem, disagree with Brendan Eich on several issues. However, contrary to many people these days, I am able to separate the art and the artist. So, as long as Brendan doesn’t directly interact with me (read: as long as he doesn’t directly push his views on me… like some other browsers… https://www.ghacks.net/2020/07/25/mozilla-used-firefoxs-notification-system-to-push-the-facebook-boycott/ ), I think the person Eich is neither an argument for or against Brave.
> And yes, I wish Brave would consider providing a less bloated version to download, a slim edition, one without all the e.g crypto/bitcoin etc etc stuff that I have no use for and would not need to disable all of that.
Have you considered Ungoogled Chromium (or Bromite on Android)? It’s the most “bloat-free” browser in existence, I think. After you found your method to install and update extensions, it’s decent to use. That being said, I don’t use it because it is weaker than Brave in several areas:
– Weaker (almost non-existent) fingerprinting defenses in UGC.
– No CNAME uncloaking in UGC (Brave’s internal adblocker can do that).
– UGC will have no real adblocker once Manifest V3 hits (Brave’s internal adblocker is not an extension and will continue to work).
Those are my reasons for not using it, I’d rather disable the crypto stuff in Brave so far. But yes, you are right, it would be good if Brave Software released a stripped down version of Brave, but I deem it unlikely because Brave Rewards help fund the browser (their investors are interested in the success of BAT and they receive a small commission whenever a Brave user donates BAT).
* [Editor: removed]
@Iron Heart. Thanks for the answers and discussion!
> Well, it’s because Vivaldi is a browser for a very niche audience.
Yes, and it is very rich in features too. I do like to be able to tweak how the menu looks, tabs location etc, I used CTR while it was alive. But since Mozilla made it harder and harder to tweak, I gave up and simply just installed Firefox and let it be alone “as is”/default. And no, I do not think Vivaldi is a bad browser either. But one of the reasons behind Braves quicker growth, I thought, would be connected to the crypto/reward stuff in some way, as I often see users in comments here and there that seem to see a way to “make money” over some months time by using it. But maybe that’s not the main attraction and instead it is the Android version with it’s different capabilities that attracts the majority of new users like you say. I have not research that much. I also tried to find info regarding how Vivaldi devs will handle Manifest V3, as that too would be a deal breaker of course, if they make the wrong choice.
> Well, I would prefer the browser to stay apolitical (it is apolitical currently)
Yes. 100% agree.
> Suffice to say that I, ahem, disagree with Brendan Eich on several issues.
Yes. Same here actually. But those are minor compromises compared to how the whole Mozilla management are operating at the moment and their perspective on many things.
> I think the person Eich is neither an argument for or against Brave.
No. Not at the moment. But if he goes all in like the Mozilla CEO then that would become an argument.
> Have you considered Ungoogled Chromium (or Bromite on Android)?
I think I looked at UGC a quickie (reading about it, not installing it), but came to the conclusion that it might be a bit too much bare bones after all. Especially since I do like for example all those feature that you mention that comes with Brave. I will keep Bromite in mind for when I need a browser for a phone, currently do not use a smartphone :P
Regarding any possible slim version. I see, useful info concering the small commissions. And I guess it shouldn’t come as a surprise as this crypto/BAT stuff is one of those things that, from Braves perspective, makes the whole browser stand out from the crowed in a way. But fingers crossed a slim version will come at some point in the future, I think quite many Brave users are actually interested in the crypto/BAT stuff, so if the user base keeps on growing it might not have a big impact (become a problem) on the commissions as the user base actually using that stuff would still be significant, and those who pick the slim version would do that due to the reasons you and I are interested in it, and less features to disable is always prefered as it also means less unnecessary code in the software itself.
Thanks again. /K
>So, as long as Brendan doesn’t directly interact with me (read: as long as he doesn’t directly push his views on me…
Nice:) Most likely an important part of a car or a part of a certain tobacco product.
@Iron Heart
“– UGC will have no real adblocker once Manifest V3 hits (Brave’s internal adblocker is not an extension and will continue to work).”
When does this go into effect?
Also, @Karl (Still a Firefox User) asked:
“BTW. Is this still your latest?
https://www.ghacks.net/2020/11/17/brave-browser-gets-cname-based-adblocking-support/#comment-4480402”
Is it still the latest?
Thanks
It’s great that you do not allow yourself to be silenced by these people. It’s good and natural that people disagree, people do not allow themselves to agree to disagree enough these days, Internet users need to do that much more to help cool down the debate climate, debating keeps the comments sections alive and not full of people only agreeing with each other like a sick sect in a closed bubble.
Firefox 87 is definitely a major break-through, love Firefox 4eva, Washed King, Great Comebacks
@IronHeart T
Quality over quantity.
Google CONTROLium is a substandard browser engine.
Gecko is the browser of choice for super-geeks.
Warning: You have been triggered by this fact.
Solution: Take a deep breath, everything is ok, it is understandable how intimidated you feel in the midst of Gecko superiority.
Gecko is insecure shit and those issues haven’t been fixed yet:
https://madaidans-insecurities.github.io/firefox-chromium.html
Performance is worse, stability is also worse. Hence why nobody uses it (and almost everybody switched), even though Firefox can be downloaded for free.
When anyone challenges “IH” about his spreading of FUD about Firefox, he immediately starts spamming links to this mad aidan dude as if we should all take what he says as gospel.
If you read the crap madaidan says he comes off as nothing but a troll, constantly talks crap about Linux kernel devs (craps on purism devs) and makes linux out to be insecure (completely untrue), doesn’t open his mouth about how insecure windows is and is an obvious chromium fanboy like “IH”. By using windows you are automatically more insecure because most exploits are for windows, its an actively targeted OS in the wild by criminals because its so popular. The source code is also hidden, so again hidden vulnerabilities unlike Linux. mad aidan is a clown.
The troll mad aidan never mentions virtual box either, virtualbox is very insecure.
As for whonix, its ridiculously stupid for what its meant to be intended for. Tails is completely superior, its portable, its amnesiac capability is far more practical and functional, will practically work on any PC its put on to, unlike whonix which takes a long time to set it up and is a total resource hog. Even kodachi is probably better than that crap whonix.
Never let “IH” ‘s fud around Firefox and technology go unchallenged. He hasn’t a clue what he is talking about half the time.
@Iron Heart
No, it’s not simple. Chrome was very aggresively marketed few years ago, reccommended/bundled with lots of software (eg with adobe flash) – and that was because google paid for that. Then smartphones came up, and android was good enough to get a grip on that field and well – win. At the masses just use what they get on smartphone, chrome that is. User gets to like it, probably has it on desktop anyway, so they use it, feel no urge to change browser if it works. Some (and from my subjective observation – a lot) users don’t even know they could change it, see no reason, are not aware about privacy, security aspects of a browser.
Chrome on smartphone was the only option, on desktop it was showeled in your mouth with no delicacy at all. Chrome works, can sync, has familiar ecosystem, fits perfectly into google services, so there is really no reason to look for alternatives, is there?
A consious, informed choice of browser – Brave in your case, or FF in mine – is a minority I guess. You will not turn FF user to Brave or Chromium with your rants, because after all your whining FF is a good browser. You could change a Chrome user to other blink based browser with your privacy rants, but you ve selected the only real alternative to google crap to shit on every possible case. With your knowledge (and as Pants and others have proved – lack of it) you could do so much to at least wake up some ppl from this lunacy of google monopolism.
@m3city
I always laugh when FF users point to bundle installations and Android as the reasons for Chrome’s success. First, bundle installations don’t make a browser the most used one in the world, I would be surprised if that accounts for more than 1% of all Chrome installations. Chrome’s success predates Android’s success and it was never the default browser on any desktop, so people went out and specifically downloaded it. Why? Because the competition were horrible Internet Explorer and slow and clunky Firefox at the time. It was much better than both of these.
> You will not turn FF user to Brave or Chromium with your rants, because after all your whining FF is a good browser.
First, I don’t intent to turn anyone into anything here. It’s also not like I sit right next to you and hit the install buttons on your PC, lol.
However, I believe that I am entitled to my own choices for MYSELF and that I can EXPRESS them without getting attacked. However, this is impossible due to aggressive Mozillian tribalism here. You trust Censorzilla, uhm I mean “Mozilla” of course? Fine, I don’t. And I have a track record of theirs I can point to, you know.
> the only real alternative to google crap
Do you mean Safari? Firefox is built on Google money and wouldn’t exist without its handouts.
* [Editor: removed]
> https://old.reddit.com/r/GrapheneOS/comments/ciizae/vanadium_and_bromium_privacy/ev6m2ot/
My fav quote:
“Sure, but I don’t do privacy / security theatre. Each feature needs to have a clear threat model and a rigorous approach. Firefox is entirely focused on theatre / branding / marketing.”
> https://madaidans-insecurities.github.io/browser-tracking.html#configuring-the-browser
My fav quote:
“You cannot configure your browser to prevent tracking either. Everyone will configure their browser differently so when you change a bunch of about:config settings such as privacy.resistFingerprinting and pile on browser extensions like Privacy Badger, you’re making yourself stand out and are effectively reducing privacy.”
@IH and its FUD.
> Firefox is built on Google money
Again more FUD from IH
The Gecko engine is vintage, its creation predates any google sponsoring of the mozilla foundation.
On the otther hand the Brave browsers core chromium is built on google. What a hypocrite lulz.
> Whonix project (you know, the project on which dissidents rely for their anonymity on a daily basis)
Lulz, whonix is nowhere near as practical and portable as Tails is for any theoretical scenario where it would be needed by journalists afraid of oppressive regimes. whonix requires a powerful PC in order to be run, not fully amnesiac and cant be used on a computer as easily as Tails. Tails on other hand will run on practically any computer easily and efficiently whilst also having superior amnesiac function.
Try harder IH.
> Sure, but I don’t do privacy / security theatre. Each feature needs to have a clear threat model and a rigorous approach. Firefox is entirely focused on theatre / branding / marketing.â€
A chromium fanboy, he also sounds like he uses Graphene OS on google pixelphones with no hardware switches and in built proprietary chips. This mad aidan clown is hilarious. Always good for a laugh like our IH lol.
Much better browser than Chrome,Brave and Edge.But Vivaldi is gaining on Firefox with their huge amounts of customization settings.But i think the upcoming Proton design in Firefox isn’t going to gain many users.They should have left that alone.
And about ublock origin doing for ages the equivalent of smartblock, surrogate scripts: Mozilla even impeded it by forbidding it to update its scripts between extension updates.
Sites routinely run malicious code in our browser and the needed answer to that is streamlined replacement of this malicious code. Google understood that long term threat and killed it in the egg.
“Firefox users who use the browser’s private browsing mode or have set Enhanced Tracking Protection to Strict,”
Firefox is still not blocking trackers like Google Analytics by default. Of course.
“benefit from a new feature that Mozilla calls SmartBlock.”
Ublock origin has done that for ages (and by default), and it’s one guy developing it without even taking donations. Where do the billions that Google gives to Mozilla in exchange for user data go ?
“Privacy is hard”
https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/
No, privacy is easy for a browser company when it actually wants privacy instead of just what Google tells it to do.
LibreWolf has also been updated.
Version 87 removed view image info from right click menu…
It was redundant. you can get to it from Page Info (Ctrl+i)
Oh great… just what we all need is more clicks and scroll through potentially hundreds of images to get to the one single image that we wanted to view separately. Sounds logical and redundant to me… NOT!
~”In the dictionary redundant says see redundant”
The “View Image” option is still there…
when i right click the only option anymore is open image in a new tab
There is a problem in Firefox android version 86, YouTube remembers searches even when
browsing history is deleted. I wonder if it is still the same in version 87.
Theres more problems than that, like not being able to stop it sending downloads and websurfing data to google. FF android is really bad. If you still want to tollerate all that then gl.
I figured it out, there is delete history & delete browsing data. I had to do that second option. YouTube searches cleared now.
LOL
New Ghacks home page is horrible. Please change it.
very true
As @Yuliya said in some posts ago, https://www.ghacks.net/?s
Thanks mate. This works. Ill just bookmark this url.
Actually Firefox is pretty cool, using Nightly and so far no issues.
Switched from Chrome & derivatives after Manifest 3 was leaked. The main thrust behind this is restricting content blocking. Everything else is fluff.
The web is way too dangerous of a place to just randomly click on ads, more so because of the hooks they use to get attention.
Add personalized tracking and it can evolve into outright stalking & harassment.
We’ll wait & see if Mozilla follows along with that nonsense.
Firefox needs a Right Click Paste Unformatted Text right click modal dialog option under Linux OS FF versions so as to be assured of getting only what Text was actually cut/copied(text only sans any formatting) that can be pasted into a Disqus forum “Text” Box.
I find that if I copy an Anandtech Article title that on pasting that into Disqus that some of the text appears colored blue before the entire pasted text disappears for whatever reason to remove whatever non text formatting. So for any Anandtech article citations in the Disqus “Text” Box I’m using on Linux Mint the Xed Editor, set to text only mode, as and intermediary to scrub the non text formatting from that website’s copied text so I can properly compose an article citation and article link and cut/copy that into the Disqus forum “Text” box of whatever page I’m visiting and commenting on for whatever technical/other discussion reasons!
old layout of about:config is gone! i was using chrome://global/content/config.xhtml and now this doesnt work. someone know if its possible to restore old layout?
The new link for the “good” about:config is:
chrome://global/content/aboutconfig/aboutconfig.html
Ever feel like we’re playing #MozillaWhackaMole?
How do you go to a specific flag (e.g. chrome://global/content/config.xhtml?filter=privacy.resistFingerprinting in the old config)? Because otherwise this is pretty useless.
I cant find any info- smartblock is it on by default, and there’s nothing you need to do, is there a switch somewhere?
Very happy to hear about SmartBlock. Thanks as always, Martin.
Of course, only real-world testing will tell whether it works as well as we hope.
A version of SmartBlock already exists in uBlock Origin and NoScript, but it’s good to have this feature natively in the browser for those that don’t use extensions.
I am not liking the new layout. highly distracting and overwhelming.
Firefox 87 is so far great, thanks for the release info.
EVERYTHING IS AWESOME … FIREFOX IS AWESOME :)
Loving Firefox more and more. Significant and major oxidation with rust components continues, lightning speed with warp improving, rapid webrendering now almost enabled for all devices, best-ever most-excellent truly-comprehensive network partitioning kicks ass, HTTPS only mode rocks, TOTAL COOKIE PROTECTION in strict mode is now available in custom mode, container origin attributes allows multiple simultaneous logins, and lots more. Fission and non-native themes are now enabled in Nightly. It just keeps getting better and faster and sexier every release. Can’t wait for photon, dark context menus, and a unified look. I’m so excited you guys.
Now trimming HTTP referrers
– https://blog.mozilla.org/security/2021/03/22/firefox-87-trims-http-referrers-by-default-to-protect-user-privacy/
And SmartBlock for Private Browsing
https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/
Absolutely the best browser ever. SO AWESOME :)
Hey people,
After using the newish feature of the picture in picture feature, circa 87.0, it just reinforces my belief that Firefox is an excellent browser.
UblockOrigin and cookie Autodelete for free…it’s hard to beat.
lol
Firefox is the undisputed champion of browsers. The king of all browsers. All else is sub-par in comparison.
If anyone replies to this truth with berating, you are clearly triggered by the superiority of Gecko Firefox.
> Firefox is the undisputed champion of browsers. The king of all browsers. All else is sub-par in comparison.
Market share should tell you otherwise.
@Iron Heart
Measuring “goodness” by market share can be misleading. Let’s talk about flies (lat. Diptera). They flock in millions to a cow pie and horse shit. Why aren’t they attracted to lets say – a freshly baked bread. They can’t be wrong, can they?
Joking aside, chrome and clones are comparable to ff. But popularity of chrome in terms of market share says little. Or not everything at least.
And regarding yours comment:
@noname
Call me again the moment I write a comment such as the one of @Emmet_Brickowski.
Well, at least that guy is hyper/over positive, just “awesome”. You are one of the worst naysayer I’ve met on internet, and I’ve seen it for almost 25 years. You are so negative that even magnets would not stick to your, Iron Heart.
And I agree – seriously – that FF is the king. Well, maybe a forgotten king, that went on crusade and lost what made him the king, but still. There are some honourable knigts out there, but generally speaking – the land is overtaken by little, deceiptive creatures like the chromish one.
@m3city
You make it out like Mozilla is an honorable fighter for the free Internet. They are not (despit their own propaganda, lol). Mozilla Corp. is a Google-sponsored for-profit operating under the disguise of a non-profit. They are pro-centralized power structures, pro-censorship, and pro-“whatever Google proposes at the W3C”… That’s about it. They are not an opposition to anything, they are serving Google as controlled opposition.
Why should I be positive about such an organization? Just for the sake of it? Sorry, but nope.
@IH and his FUD
> They are pro-centralized power structures
Says the one recommending a browser who has no other engine but googles chromium. No other engine to fall back on only googles. Too funny!
We should all expect to see Brave browser to be a buggy ridden mess going forward as it constantly attempts to apply a band aid to chromium and things start breaking all over the place.
It is a complete dichotomy to call yourself a privacy browser and use a google made product for the root and core of your inferior product.
* [Editor: removed]
@Anon7
> Says the one recommending a browser who has no other engine but googles chromium. No other engine to fall back on only googles.
Open source makes it possible that Brave can modify Chromium as they see fit. That is not an argument at all.
You can also finally stop playing hypocrite now and acknowledge that Mozilla only exists because of Google handouts. They are following Google’s lead at the W3C, too. Their own engine doesn’t automatically make them (more) trustworthy. That’s a non-sequitur, Google being untrustworthy = Mozilla being trustworthy is an illogical conclusion to draw. You need to substantiate the latter separately, because it is not a conclusion of the former… will be hard to do.
> We should all expect to see Brave browser to be a buggy ridden mess going forward as it constantly attempts to apply a band aid to chromium and things start breaking all over the place.
LOL, first, Brave is not more buggy than other browsers. You can show me several bugs here, and I can show you several bugs of FF. Doesn’t prove anything. They went with Chromium because they don’t have the intention to commit planned suicide by picking the dying engine Gecko.
> It is a complete dichotomy to call yourself a privacy browser and use a google made product for the root and core of your inferior product.
I tell you a secret: In order to meet their intended privacy standards, they would have had to modify Firefox in much the same way they had to modify Chromium. Because, well, Firefox is not very privacy-respecting by default, either. Plus inferior web compatibility, inferior performance, inferior security, inferior stability, inferior prospects of long term survival. Just yay! I can see why they wouldn’t pick that.
@IH
> Open source makes it possible that Brave can modify Chromium as they see fit. That is not an argument at all.
Google are not open source advocates in reality. Google are the anithesis of what FOSS is meant to be. I would never ever trust chromium.
Chromium is a trojan horse in regards to the FOSS community. Chromium is a terribly insecure engine, web rtc leaks galore!
> You can also finally stop playing hypocrite now and acknowledge that Mozilla only exists because of Google handouts.
They existed before any google money, they will exist after google handouts and possibly after they reject google engine as default and reach another deal contract, like they did with YAHOO. They have options like their new VPN service. What options do brave have by being completely reliant on the crumbs from google? NONE!
> LOL, first, Brave is not more buggy than other browsers.
Finally you admit that Brave is buggy. You would have everyone believe its bug free. ITS NOT!
>They went with Chromium
They went with a google made product the same as Vivaldi, they look after themselves and the bottom line $$$$$, not viable alternatives that pulls back from google control and monopoly over the browser market.
> inferior web compatibility, inferior performance, inferior security, inferior stability,
It is chromium that has the inferior security with their half assed WEB rtc leak protection.
Plus chromium comes from google, which automatically delegitamizes it as something to be respected privacy wise. Google does to chromium whatever the hell it likes.
google chromium and open source is a dichotomy, it is deception for the FOSS community. Trust google chromium at your peril as regarding privacy.
Kings and kingdoms don’t give a damn of market share.
Also, Mahatma Gandhi when he wrote that “Truth does not wait for the number of votes”
Democracy has never been a springboard for intelligence, only a mean to share mistakes.
@Daddy Cool
Firefox can be downloaded for free, if it was that good, it would be more popular than it is. Fact is, people see no reason to use it over Chromium.
Is Mozilla this desperate?
Negative comments on everything Mozilla related surely doesn’t make you look desperate…
We get it, you don’t like them, now you can go away and DO something with your life, instead of just stalking Mozilla related articles to complain.
@noname
Call me again the moment I write a comment such as the one of @Emmet_Brickowski.
My goodness Mozilla are no saints as that Emmet person states(marketing copy really that appears) and really I’m afflicted with Dyslexia and Aphasia and struggling with Firefox’s default spelling service that just can not get many of my misspellings if the Aphasia is bad that day. And so bad that is that on occasions for me that I have to resort to using Google Search and so many attempts to get the Spelling and Definition properly vetted when my perspicacity tanks! So with the Aphasia my Googling patterns are strange and Google Search now has me classified as some Bot and I have to solve a reCAPTCHA to use Google search and DuckDuckGo’s Spelling AI is not as good and really my misspelling totally stumps FF’s spell checker and DuckDuckGo’s as well to a lesser degree.
Google’s the better spelling AI but even there I need 3 or 4 attempts and all that is looking quite unnatural if done over and over again but I need Context Sensitive Spell checking and some spelling/dictionary assistance to even get the word/definition vetted when my Aphasia is bad to be able to spell and use the proper wording. It’s so bad that when doing a search the Spell Checker needs to work before any search engine sends the search in to its AI for searching the definition.
But all Browsers need better spell checking for the disabled as the default and that includes quick definitions for proper vetting for folks with disabilities and really the ARM’s race with the privacy and tracking folks and UI re-engineering is taking away some resources that could be better spent fixing the spelling/dictionary assistance for folks with disabilities.
@Iron Heart
Reminds me of the Legos movie guy “Everything is Awesome”
A little off-topic, someone recommended SRWARE Iron Browser. Do you know anything about this? How does it compare to Brave, say?
@Anonymous
> SRWARE Iron Browser
Scam- and spyware, would recommend to uninstall*:
https://spyware.neocities.org/articles/iron.html
*Please note that this website also makes some asinine assertions about browsers, for example, he calls automatic updates (which are necessary for security) “spyware” because the browser has to contact the update server to get the update file. This is obviously stupid, however, the author of the website raises a good point about SRWare Iron.
OK to use Chromium-based browsers include Vivaldi, Brave, Ungoogled Chromium, and Bromite (on Android), in my book. IMHO, avoid Chrome, Edge, Opera for privacy reasons and totally rule out such scams as SRWare Iron.
If you have any questions left, fell free to ask.
@Iron Heart
Thanks for your thoughts on SRWare Iron. What are your thoughts on the points the spyware.neocities.org states about Brave?
Thanks
@Anonymous
Part of it is already in my reply above.
– Brave didn’t “whitelist” Facebook and Twitter trackers. What they did was to whitelist select libraries without which those websites would BREAK, i.e. they wouldn’t work at all. That’s not the same as the fake news this website spreads. You can disable the whitelist under brave://settings/socialBlocking (note that this will break several functions of Facebook and Twitter)
– Brave doesn’t connect to the Brave Rewards-related domains unless you enable Brave Rewards. That’s outdated info on that website.
– Automatic updates are necessary for security reasons. Not a privacy issue.
– Google is not always the default search engine of Brave. In most European regions, it’s DuckDuckGo. Anyway, you can switch to whatever search engine meets your needs under brave://settings/search
– Telemetry being enabled by default is not great, but they do not collect any personal data there. You can opt out under brave://settings/privacy … Be aware that Brave’s telemetry is mild compared to what other browsers collect (e.g. Firefox), it’s also noteworthy that there is no hidden telemetry in Brave.
– Brave Today: Set a blank New Tab Page under brave://settings/newTab
– Google SafeBrowsing: It’s a tradeoff between security and privacy here. SafeBrowsing objectively enhances your security but lowers your privacy. I turn it off because I am convinced that my OS’s antivirus (and keeping my sytem up to date) is enough. Please note that Brave proxies SafeBrowsing requests, meaning that the browser does no directly connect to Google here and anonymizes the request via proxy: https://github.com/brave/brave-core/pull/108 … Anyway, you can disable SafeBrowsing completely under brave://settings/security in case you don’t want it.
I hope I have addressed all of the points of the article here, some of which I believe are fairly nonsensical.
@IH
“Please note that Brave proxies SafeBrowsing requests, meaning that the browser does no directly connect to Google here and anonymizes the request via proxy: https://github.com/brave/brave-core/pull/108 … Anyway, you can disable SafeBrowsing completely under brave://settings/security in case you don’t want it.”
if I disable SB is proxy still there? tx.
@Anonymous
If you disable SafeBrowsing, no connection related to SafeBrowsing will be established. If you allow SafeBrowsing, a proxied (anonymized) connection to Google servers related to SafeBrowsing will be established.
Thanks
https://spyware.neocities.org/articles/brave.html
Hey look, someone mentioned the Brave article. I knew it would happen. I will only react to the points that aren’t total bullshit:
> Brave whitelisted Facebook and Twitter trackers
Nope, they didn’t:
https://nakedsecurity.sophos.com/2019/02/12/privacy-browser-braves-user-concern-over-facebook-whitelist/
> Brave connects to domains related to Brave Rewards without Brave Rewards being enabled
Was a bug that has since been fixed, outdated info. Here is a current overview of the connections Brave establishes:
https://brave.com/popular-browsers-first-run/
This article talks about “strict” mode for Enhanced Tracking Protection. How does one enable that? I don’t see a “strict” option.
https://imgur.com/UTzuq3C
At the end of your article under “OUTLOOK”, you have a March 23 release date for Firefox 88. Should that not be April 23?