Notices tagged with firefox, page 8

In a post that disappeared, @jwildeboer wrote:

"@rmondello I do note that when I open mondello.com in my browser, I get a placeholder page that is http only, no https. This would be a reason that it *seems* that it is unreachable, because many browsers nowadays refuse to open sites without https."

Unfortunately, that is *not* true. Browsers unnecessarily make the internet LESS SAFE. IT'S CRAZY!

*Some* browsers will try https first when you type http:⧸⧸mondello.com (use // instead of ⧸⧸ I used to prevent Mastodon from showing http://). So far, so good.

However, if an AitM (Attacker in the Middle, such as on public WiFi) blocks traffic from your browser to TCP port 443 (https) on the server, the browser will *silently* try port 80 (http). Pwned.

This may happen in practice, for example on airports (https://www.bleepingcomputer.com/news/security/australian-charged-for-evil-twin-wifi-attack-on-plane/).

Except for iOS and iPadOS, most browsers have an "https only" setting that is *OFF* by default, while it's name is misleading.

*On* means that you can still use http, but you'll have to manually agree (you can still access the http devices on your local network, or on the internet. But you will be WARNED).

However, Chrome appears to remember exceptions FOR EVER (I had to delete all browser data to make the last screenshot below. However, that also clears the browser's HSTS database).

On iOS/iPadOS, from Safari, Edge, Firefox and Chrome, only Chrome has this option. So only Chrome provides *some* protection. People do not type "https://" in front of domain names, and most QR-codes I check are insecure.

To test: open http://http.badssl.com. Instead of immediately seeing a (red) webpage, your browser should protect you by asking whether you want to use an http-connection.

Alternative test-site (non-compliant with the Dutch law):
http://gemeente.amsterdam
(Gemeente translates to municipality).

(Exactly that is why I wrote this, in Dutch: https://infosec.exchange/@ErikvanStraten/113855174617111536 earlier this afternoon).

Note: Firefox on Android seems to forget "http allowed" exceptions when the browser is fully closed (good).

@rmondello

#httpsOnly #HSTS #httpsvshttp #iOS #iPadOS #Safari #Firefox #Edge #Chrome #Insecure #Infosec

Firefox 134.0.1 is here, now with updates to minimize telemetry for an even more private browsing experience. It will be available on our package server in the next few hours. Stay tuned and upgrade soon!

https://mirror.secbsd.org/pub/SecBSD/snapshots/packages/amd64/

https://mirror.laylo.nl/pub/SecBSD/snapshots/packages/amd64/

Artwork by @Banshee

#SecBSD #OpenBSD #OpenSource #privacy #firefox #infosec #telemetry #runBSD #Security

Some cool HDR news today, Martin Stransky who works on Firefox for us at Red Hat, mentioned in his status report today that he got HDR support working in Firefox on his own system. Still more work needed, but hopefully we can have a HDR ready Firefox shipping in the next Fedora Workstation release! #linux #fedora #firefox #hdr #color

I found a peculiar bug with #firefox and #bottles in #flatpak

If you install Firefox from Flatpak, you can use hardware acceleration no problem. However, if you THEN install Bottles from Flatpak, it auto installs ffmpeg-full 24.08.

However - then Firefox is using this ffmpeg-full for hw accel and breaks video players (other than YouTube), so that you cannot revind. That's because ffmpeg-full is an optional dep of Firefox, but the highest it supports is 23.08. So you have to install also that

@gamingonlinux #firefox

O Marreta, quebrador de paywalls do PC do Manual, ganhou uma extensão gratuita para o Firefox para computadores (Linux, macOS e Windows).

https://manualdousuario.net/extensao-marreta-firefox/

#Extensões #Firefox #FOSS #Navegadores #PCDoManual

a project to watch: https://gitlab.com/ironfox-oss/IronFox
it's a #MullBrowser fork

#divestos #mull #fennec #firefox #android

随手记一笔目前 #评测 的几款 Windows #epub #阅读 软件的问题——

(1) #Aquile Reader -- 没法处理 inline picture， 如果脚注符号以行内图片的方式插入，则排版会整个乱掉。弃。

(2) #Freda -- 设置太复杂。UI混乱。弹出式脚注会完全平铺。基本弃。

(3) #eKitabu Reader -- 屏幕适应性太差，只能适应2K屏的一半儿。弃。

(4) #Starrea -- 弹出式脚注会完全平铺。英文排版奇怪。但中文排版效果尚可，目前暂且留用。

(5) #Thorium -- 目前比较满意，排版能力还是不太足。

(6) #Firefox 的 #epubreader 插件 -- 部分 epub 打开报错。弹出式脚注会完全平铺。

Started to use @Vivaldi instead of Firefox and my first impression is really good. Vivaldi feels faster and more responsive. It offers tab groups, vertical tabs, workspaces, user profiles (not as a hidden feature like Firefox) and a lot of customization out of the box.

I wonder what Mozilla has been doing all the past years 🤔

#Vivaldi #Mozilla #Firefox #browser

Ok, what #browser alternatives are out there?

currently I'm using #Firefox (despite Mozilla), but it is slow and seems to go down the AI drain.

#Chrome is out (don't need even worse spyware).

My requirements would be
- (Arch)Linux, Windows is optional
- Fast rendering
- Working AdBlocker!
- No phoning home
- Not run by racist/transphobic assholes!
- Regular security updates

Am I looking for Unobtainium here?

@cstross

I moved on from #Firefox already to #Vivaldi but I’d love to hear what security and #Privacy oriented users are using as well

So OmgUbuntu posted about the Mozilla AI summary extension on Bluesky and hoh boy, the people there do not like it.

If you want a browser that isn't trying to chase the AI money, may I suggest Vivaldi? :blobfox:

#Mozilla #Firefox #Vivaldi

Well put blog post by @mkj "Why I'm Staying With Firefox For Now":

https://michael.kjorling.se/blog/2024/staying-with-firefox-for-now/

"Option 1 is bad, so I'm choosing horrifically worse option 2 because it's not bad option 1" is a terrible argument. Go with the best (even if not good) option, or build something better (hello @servo / #Verso browser!)

Posted from Firefox.

#Chrome #Firefox #Google #Alphabet #Mozilla #FOSS #Privacy #GAFAM #Chromium #Vivaldi #Opera

Some #statistics of blenderdumbass.org this is by looking at the #useragent an estimate of the user's #browser and #operatingsystem

#GNU #Linux #Windows #iOS #Android #macOS #Firefox #Safari #Chrome #Chromium #Webdev #selfhosting

Sorting browsing history by site is easy on Firefox. Learn how 👇

#opensource #firefox

wie exportiert und importiert man denn unter #firefox auf #android seine bookmarks ohne sie in fremde hände zu geben?

#hilfe

@tekguru @uberprutser @Vivaldi I still love #Firefox. And I had given Brave some thought, though I am leery of their interest in crypto / AI. Same with but I think they are trying to take a middle ground. I used to use Firefox primarily but I stopped for a couple of different reasons, mainly that I could not easily add two different Firefox Sync log-ins to my work computer. But it remains my secondary browser. In this outage I tried Librewolf and Zen Browser and was pretty impressed.

I’ve got to say, I’m really impressed with #Firefox so far! 🦊💻 I’ve been using it for the last few hours, and it’s been running like a dream. Right
now, I’ve got 7 tabs open (and at times even more), yet there’s been no slowness or performance issues whatsoever. It’s shaping up to be an excellent browsing
experience—smooth, fast, and reliable!

#Accessibility #Tech #WebBrowsers #OpenSource #Mozilla #BlindTech #DisabilityTech #FirefoxBrowser #Technology #InclusiveTech #DigitalAccessibility

For a friend, I installed the latest version of Linux Debian (12.8) on a machine that is starting to be old: a Compaq 6005 with an AMD Athlon II. The machine is operational and appears to be fast even on the web. As it is 32-bit and Firefox will stop supporting 32-bit in January 2025. Chromium was a good alternative.

#Linux #Debian #Lubuntu #OS #32bits #Compaq #Computers #Firefox #Chromium #VintageComputers #VintageComputing #OldComputers #RetroComputing