/tech/ - Technology★

wow firefug sending your data to cuckflare for no reason.

wow new "security features" of the week which are obviously bullshit just from reading the names of them

wow DNS over HTTPS so now you can pretend to have confidentiality and integrity while getting some retarded error about the DNS server having a bad cert probably with no way to accept the "bad cert"

I'd normally be infuriated, but firefug is basically just some irrelevant phone app at this point.

>>951560

>install a pile of bloat designed to give you alternate ads

>instead of just turning off JS or using an ad blocker

no

Here's an explanation of why they're doing this: https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/

Here's a tutorial on how to configure or disable it: https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/

For now Mozilla only offers to route traffic through Cloudflare or Google. They signed a contract with both of them and those companies in regards to the Study which prevents them from keeping records or selling/transferring the data to third-parties. Even then, if you don't trust them, you can easily disable this new experiment.

From a Mozilla employee:

>We are in early days of testing TRR and DoH and getting feedback from users, so it’s not clear whether this will be turned on by default, or what the roll-out would look like if we do

From OP's blog post:

>We wrote in a previous version that "the next Mozilla patch in September" will enable DoH by default. We corrected that part as it is not clearly stated on Mozilla's blog, as can be seen in the screenshot below.

So, again, it's fucking nothing.

I was going to mention how HTTPS everywhere addon works properly in the spyware watchdog thread by making their SSL observatory feature an opt-in option and lets you send requests over tor for better privacy. You're still sharing your with a third party but they're doing in the best way they can and the user has to enable it.

I've been putting off making my own DNS server for years now but this might be the thing that pushes me over the edge.

>>951565

Creating a fetching DNS server is easy as fuck.

You can even use a shitty SBC or a VM for that.

>>951577

what is this autism?

also, to clarify >>951575 , the default setting is "David"

>>951583

>includes Pocket integration by default

Why in the fuck is this cancer seeping in to every fucking browser?

>>951563

>Here's an explanation of why they're doing this:

<Threats to users’ privacy and security are growing. At Mozilla, we closely track these threats. We believe we have a duty to do everything we can to protect Firefox users and their data.

The template webscale opening paragraph already indicates that this is going to be a shit article. tl;dr.

There was no need to increase "privacy" or "security" in DNS.

You can't get any extra privacy with DNS since no matter how you slice it, you're calling someone and asking them for the IP. The best thing right now is use a proxy like Tor (noone can see what IPs you access nor what DNS requests you make).

You can't get any more security in DNS no matter how slice it because you simply use HTTPS for the website anyway so if you got the wrong IP it wouldn't matter.

>For now Mozilla only offers to route traffic through Cloudflare or Google. They signed a contract with both of them and those companies in regards to the Study which prevents them from keeping records or selling/transferring the data to third-parties.

<For now they do these worst shit possible for no reason, but lol they said they wont leak your dataz!

Are you a faggot?

>Even then, if you don't trust them, you can easily disable this new experiment.

Why would you even have firefug installed in the first place after the year 2010???

>>We are in early days of testing TRR and DoH and getting feedback from users, so it’s not clear whether this will be turned on by default, or what the roll-out would look like if we do

What the fuck is there to test? Whether people catch on to how retarded this is? Fuck all these soyboys who think everything is matter of being "tested".

>So, again, it's fucking nothing.

You are correct, because nobody should be using firefux in the last 10 years.

>>951575

What part of bloated did you not get? The product is focused on ads and shit instead of browsing, and is based on an existing bloated engine. Even if you can turn off some of this shit, it's still bloated and will just go to buggy code paths since you're not using it in the mainstream way. If you want a real web browser you need to make your own engine. All the existing ones are shit. Your stupid fucking picture just proves how bloated Brave is. There shouldn't be any code to fuck with ads period, much less to ---->deliver<---- (!?!?!?!?!) ads. This is the job of an optional ad blocker, which you wouldn't even need if you turned off JS.

How in the fuck can Firefox bypass my network configured DNS? Why in the fuck does a client application get to just ignore what the gateway tells it to use for DNS?

>>951588

It can only do so when you browse. Instead of sending a normal DNS request to a DNS server, Firefox will pack it and send it through HTTPS to cloudflare. You'll still need a local DNS for other non Firefox applications (ssh, ...). Unless this turns out to be a kernel module/service that's required for Firefox to run.

Shitstorm!

>>951575

>FUD

killyourself rustfag

>>951585

Because it is legit pretty useful to sync bookmarks between devices, even if they don't have a Pocket app or the same browser installed. As long as the device has a browser and an Internet connection all those bookmarks are available.

>>951586

In other words, you refuse to read the post, you refuse to even attempt to consider their position. You already formulated your own opinion and refuse to consider others.

>There was no need to increase "privacy" or "security" in DNS

rtfbp

>You can't get any extra privacy with DNS

>You can't get any more security in DNS

That's the entire point of this experiment you mongrel. They designed DNS over HTTPS so less data is leaked to third parties. For now they're using Cloudflare and Google because they don't have the resources, and frankly it would be overkill, to roll out servers for this.

>Are you a faggot?

Stay on topic.

>What the fuck is there to test?

The performance gains or loss of implementing it, if users want the feature or not, if it's a practical and viable solution, how many servers would be needed to do this, how much data is leaked, etc.

>You are correct, because nobody should be using firefux in the last 10 years.

Your loss mate.

>>951590

And while we're at it, cloudflare's 1.1.1.1 regular DNS service is complete dogshit already. Let's hook up our client application to an even more convoluted method using the same dogshit provider, surely NOTHING can go wrong!

Name one other DNS provider that provides HTTPS.

>>951557 (OP)

after what update will this take effect?

its currently already in the config (61.0.1) but disabled by default

>>951602

Nobody knows. They're just testing this feature in Nightly.

>>951593

Agree. But I guess one must be cautious. Firefox code is still open and anybody can build their own if not happy with what's available.

For my part, I use VLC for Youtube or web video and the rest of the web, I'm not interested in or I use Lynx (like I'm doing right now).

>>951611

I mean I don't use Firefox either, but that's because they've consistently astounded me with catastrophic decision after catastrophic decision for the last few years. This cloudflare nonsense is just one more catastrophic decision and like the others I'm beside myself that anybody involved could have thought this was a good idea.

>>951557 (OP)

>>951561

in countries where you can't trust ISP, anything other than plain old DNS is a benefit to security.

stop with that FUD dude.

>>951583

>stop shilling brave

>proceeds to shill flrefox

really makes ya think

>>951613

This is an era for "going crazy", not steadiness.

I mean, if people were aware of the extent of what Snowden and Wikileaks - to only cite those - revealed the world should have been on fire.

I kinda like came to certain realizations:

1 - People make a huge deal out of projections

2 - People have no idea how powerful they are when aware

3 - Let the sheep go through their own suffering, it will reach an unbearable limit and something will happen

4 - Whatever happens, never panic.

5 - Smoke weed and enjoy life away from this BS. A week off technology grounds one back and one finds much joy and energy coming back to it to play, not work or fight.

6 - Make the best toys you can.

>>951623

Is this a bot?

>>951625

I am what you wish for me to be!

>>951560

Fucking this.

>>951631

>>951623

This is a bot.

>>951581

Autism

>>951634

Maybe it's a simplistic Human life without BS.

>>951600

There are a bunch of small ones.

>>951592

>they're using Cloudflare and Google because they don't have the resources

False. There are other DNS out there, jewgle and cloudberg are the worst, might as well redirect it all to dns.cia.gov. Mozilla used these two specifically either for money or because they're cucks who get off on being owned by jewgle, possibly both. Also Mozilla has a lot of resources, they blow millions on pet niggers alone.

hahah

thank god ive been using Opera for like 3 years already

Mozilla has astroturfing efforts that are almost but not quite as good as Microsoft. Fucking nobody should be using shitfox after all of what they have pulled through the years with pocket, whatever shit they are doing with Rust (Look at some of the key people in Rust and if you don't get why Rust is a joke then there is no hope for you, the whole language could collapse at any time one of the trannies or personality disorder sufferers either checks out or gets checked in), and that stupid promotional shit where they installed a fucking pretend spyware extension universally to promote a TV show.

>>951709

https://spyware.neocities.org/articles/opera.html

>>951560

>>951583

absolutely nigger tier

>>951689

>Is Ungoogled Chromium any good?

Yes. Better then Iridium.

Pale Muthafuk'n Moon muthafukkaz sheeit

>>951590

>Unless this turns out to be a kernel module/service that's required for Firefox to run.

systemd integration coming in 3... 2... 1...

>>951592

>rtfbp

no fuckboy, i've read about 20000 of these garbage tech hipster blogposts already and i can already predict what they weill say. maybe if you want to keep apologising over modern browsers' utter retarded shit, you'd be better off with your kind at reddit or HN

>The performance gains or loss of implementing it

no, this is a trivial change with and a known application with known performance characteristics assuming a competent initial implementation. you sound like a fucking retard (aka "senior enterprise engineer") for claiming this is a thing that needs to be tested as if it's some kind of new experimental technology. it's opening a fucking HTTPS connection to ask for 100 bytes of text

>if users want the feature or not,

yeah, let's test if they're dumb enough to want this. much science

>if it's a practical and viable solution,

already known.

>how much data is leaked, etc.

already known

>>951696

> Also Mozilla has a lot of resources, they blow millions on pet niggers alone.

So they don't have a lot of resources once they were blown on niggers, no?

>>951583

>has to start with criticizing merchandise

Mozilla employees are fucking gay.

>People don't know how to setup a different DNS

>Better route everything by default to our （（（trusted））） DNS rather than tell them about opennic or whatever

>>951801

>I want all my DNS to go through an unencrypted botnet default instead of an encrypted tunnel and every person should have to manually configure their DNS because normies are totally going to do that when even most of /tech/ does not.

>>951820

That isn't at all what he said. Mozilla used (((cloudberg))) instead of opennic/etc for a reason. Why do you you think that is?

>>951820

oh okay, better send half the world's DNS requests through cuckflare then

>>951821

>>951825

>better send half the world's DNS requests through cuckflare then

OpenNIC sure as fuck cant process them all. You know how slow it already is?

>Mozilla used (((cloudberg))) instead of opennic/etc for a reason

Because it's fast as fuck.

You idiots seem to think projects with words like "community" and "democracy" are used where random fucks run nodes is gonna stop the boggiemen.

>>951560

Lunatic

Leave

>>951826

u fucking wot m8. i tunnel my DNS through tor like a white man. the 3 times per year when I use clearnet I just use whatever DNS my router gave me. routing everything through cuckflare literally solves no problem and just creates a potential problem since now one guy can see everyone's traffic in the world

>>951845

I can't even tell where the sarcasm ends anymore. It _is_ better to use your ISP's DNS than to route it to cuckflare, objectively. What the fuck does this have to do with le conspiracy theories and boogeyman? If someone wants to MITM 9 million people, he will have a much easier time when all traffic is routed through cuckflare's dumbass shit.

>>951853

>He trusts (((verizon))) and (((at&t))) and (((timewarner))) with unencrypted DNS that is trivial to mitm

Look man its all fucked and this solution is considerably less fucked and will make the internet more secure and faster for hundreds of millions of people.

>>951826

Projects with "CLOUD" and "US" are the bogeyman. The three-horned agency filters everything in & out of the US. Check out Snowden's revelations:

"... NSA's "Upstream" operations, which use fiberoptic intercepts to filter through vast quantities of raw internet traffic. Such dragnet operations often involve the complicity of telecommunications companies, as evidenced in 2006 when Mark Klein, a former network engineer, revealed that the NSA had installed equipment at an AT&T switching facility which diverted internet traffic into government databanks."

Now, if Firefox uses Cloudflare, a US based company, and directs all the users DNS requests through them, your browsing traffic will cross the US, and you're fucked!

That's how Google and Facebook and all Data Mining Corp. fucked everybody over. Moving your data from one server to another, it will most likely end up crossing the US and get filtered. Wherever you are on this planet.

Also why is the US the main operator of Root Name Servers (https://en.wikipedia.org/wiki/Root_name_server).

Add to this the Speck joke in the 4.17 Linux Kernel pushed by a Google dude ...

This is a Co(s)mic show ... Hahahahahaha!

>>951857

Yeah DNS resolvers are so much safer in the hands of at&t where they lack even basic encryption or authentication.

>>951696

They're not using Cloudflare's DNS. They're still using your PC's DNS, but the requests are encripted with https and routed through Cloudflare servers.

>>951853

>MITM

>https

Anon...

>>951731

>I refuse to read anything because I'm right because I decided I'm right

OK.

A relevant post from a Mozilla employee. Once again, this board spreads FUD.

>>951560

Why, because donating to some anti-gay cause suddenly makes the inventor of javashit and the guy under whose watch Mozilla was already going to ruin somehow exonerated?

>>951900

>le FUD about baste Mozilla

Fuck off cuck. This board is for Brave missiles

>>951856

No, I don't trust them you illiterate fuck. And I don't trust cuckflare either. Do the math. If 1 billion users used cuckflare and it was MITMd, 1 billion people would be MITMd. If they were split across 1000 different DNS services and 100 DNS services were MITMed, 100 million people would be MITMd. 100 million is less than 1 billion. Which is why this cuckflare DNS thing is fucking stupid.

>>951861

You're one of those dickfucks that can only reason in terms of DNS and has no idea how computers work. DNS doesn't need to be encrypted, you insufferable fuck. Go back to /g/. You learn literally nothing by watching someone's DNS requests, since you already know 99% of what he's doing because you'd also have access to all his traffic and what IPs he connects to.

>>951900

Yes, I agree, this should just be a "test" and never make it to a real release.

>picture of some phone app with no link

>>951557 (OP)

firefox was fucked once they kicked out his guy >>951560

>>951563

Here is a list of just few of the anti user things that firefox does by default:

Sends unique hash of all downloaded files to Google

Sends certificate to OCSP servers, effectively disclosing which sites you visit and at what time

Everytime you start the browser it consults a shitload of big cloud provider servers

Sends crash reports with private data (probably through some amazon/azure/etc. servers again)

Includes DRM support, effectively normalizing DRM on the web

Engages in advertising campaigns that are directly integrated into the browsers, they cash in millions with these campaigns and use it to pay themselves hefty salaries despite constantly begging for donations. (eg. installing extensions without user permission to just advertise some tv show called mr. robot)

Includes Google analytics in default pages

Enables firefox studies by default (this will turn into another data mining cash grab scheme, just wait)

There is a lot more things, and there will be a lot more as long as people keep defending and tolerating mozilla's anti user mentality. Face it buddy. Mozilla is corrupt and no longer respects its users. They see users just as cash cows.

It's almost as if there was a way of anonymously making DNS requests.

https://www.torproject.org/docs/tor-manual.html.en#DNSPort

>>951942

Go read Mozilla's blog post on why they're doing this it's solid.

Firefox is NOT changing the DNS to Cloudflare's, they're using Cloudflare as a DNS over HTTPS resolver. DNS over HTTPS would be a new standard that makes it harder for third parties to MITM DNS requests, and any server could be used as a resolver.

For now Mozilla is testing this feature and using Cloudflare as a resolver. They don't know when and if they are going to ship this feature in stable and even if they did, they most likely wouldn't use Cloudflare as a resolver but their own infraestructure. Calm your tits.

>>952018

>Sends unique hash of all downloaded files to Google

>Sends certificate to OCSP servers, effectively disclosing which sites you visit and at what time

So those security features are somehow an avail plot against users? Don't use them if you don't trust them, but to claim there's some kinda conspiracy is beyond retarded. Those are standard features in every web browser.

>Everytime you start the browser it consults a shitload of big cloud provider servers

It makes connections to the websites added to the homescreen to update the favicon and thumbnails.

>Sends crash reports with private data

Yes, and?

>(probably through some amazon/azure/etc. servers again)

No, it doesn't.

>Includes DRM support, effectively normalizing DRM on the web

DRM is already normalized you imbecile. It was added by the W3C as a standard. Whether or not you agree with it is irrelevant since the DRM support in FF is easily disabled.

>Engages in advertising campaigns that are directly integrated into the browsers, they cash in millions with these campaigns

Source?

>and use it to pay themselves hefty salaries despite constantly begging for donations. (eg. installing extensions without user permission to just advertise some tv show called mr. robot)

You're being exaggerated.

>Includes Google analytics in default pages

Enable Do Not Track.

>Enables firefox studies by default (this will turn into another data mining cash grab scheme, just wait)

<it's a conspiracy!

WARNING

This thread is just a domestic fuds who are mad because they won't be able to snoop on our DNS queries.

Probably the same ones who said don't use self-signed HTTPS because the NSA can spy on your OCSP queries.

Ps:

>Users can configure Firefox to use whichever DoH-supporting recursive resolver they want.

>>951591

The term FUD is probably older than you, faggot.

>>951623

>smoke weed

>>>/g/

>>951981

Fucking this. Eich has made Brave into a viable, competitive browser within two years of its inception. What can any of us here say about our lives? Lmfao

>>952192

>fud

>default-insecure config that ships your data off to a third party without your prior consent

Chosoe one.

>>952219

Firefox when you have Pocket enabled?

>>952275

That too. Point is, Firefox sold out long ago and is just marketing to normies who they think won't figure out they're being sold a line of bullshit.

>>952289

Cloudflare using that data, not exposing it, is what I'm more worried about. So those "guarantees" are bunk.

Also, hooray more centralization of critical internet services!

Also also, this is out of Firefox's wheelhouse. The system has a DNS resolver for a reason. This is more stupid bullshit that's going to have to be troubleshot when a user is on Firefox.

>>952292

>not exposing it,

Incorrectly implying thats the only part of the agreement

>I want millions of people to use unencrypted unauthenticated DNS from at&t instead of fast encrypted and authenticated dns from cloudflare

you are really retarded

>>952295

I don't want the web browser making decisions about where to send DNS queries. That is literally not its fucking job!

>>952295

Know how I know you don't have to deal with browser problems for a living?

This is yet one more layer in front of what should be a very simple DNS lookup. We already have to deal with multiple layers of caching, including TTLs on upstream servers, local servers, proxies, and of course the os.

Now the Goddamn browser has to get in on the game too! Leave it to SV fuckheads to over-complicate literally everything.

>>952295

>>I want millions of people to use unencrypted unauthenticated DNS from at&t instead of fast encrypted and authenticated dns from cloudflare

>good goy, centralizing DNS could never result in a failure in any way! it's safer this way

>>952295

>>I want millions of people to use unencrypted unauthenticated DNS from at&t instead of fast encrypted and authenticated dns from cloudflare

>I want millions of people to send every single network request they make to a single centralized authority that's renowned for infesting the web with censorship and extorting small businesses with DDoS protection, because they pinky promised they're going to protect privacy this time (behind closed doors, no way to verify it, but, we promise!)

are you actually this fuckin out of your depth or are you paid to tardpost

>>951584

>dashboard style anti-tracking metrics because you are a web savvy millennial :^)

>meanwhile here are shortcuts to all your favorite botnets 8^)

>Firefox shills battling Brave shills

It's all so tiresome.

>>952328

>>952343

>>952324

nice one samefag

>hurr durr cloudflare is bad everyone should just keep using their at&t time warner google dns

Look faggot you may use gloriously resolve all your DNS through tor or something like that but 99% of idiots don't even know what DNS is and are going to be stuck with their ISP getting unencrypted unauthenticated responses from an entity that IS selling data vs an organization that is providing encrypted and authenticated dns that has legal agreements saying they WONT sell data.

>>951722

Did you mean

better 'one is/proceeding to (then->)' Iridium

or

better 'than' Iridium (worse than UGC)

>>952350

>everyone disagreeing with me must be the same person

>>951801

I could get behind their decision if they (provide an option to) randomly switch between encrypted OpenNIC DNS servers outside of your country (bonus points for servers outside Fourteen Eyes).

>>952429

I falsely assumed they were using DNSCrypt but you get the point.

>>952292

DNS over HTTPS is a new web protocol. Mozilla is the only one who is trying to add it to the browser, and for the time being they're using Cloudflare. You can use any resolver you want.

>>952488

Congratulations on successfully describing the situation everyone in this thread is talking about, although next time I would skip the bizarre attempt to minimize the issue where Mozilla is sending all of your network requests to Cloudflare.

>>952490

They are not. This is still a beta function and it is not enabled by default. Just to test how much of a flaming faggot you are I actually downloaded the Nightly and took a look at about:config, and turns out, you WERE a flaming faggot, as pretty much as everyone else in this thread.

FYI, Firefox Studies page states that they will explicitly inform you if they start sharing your data with a third party, IF said third party does not conform to their privacy policy. Also, this whole Firefox Studies thing can be turned off by unticking "Allow Nightly to install and run studies" under Privacy and Security tab in Firefox settings. Now fuck off.

>>952497

They share some shit with Google by default, and I don't remember it being opt-in. See https://github.com/mozilla/addons-frontend/issues/2785. Faggot.

>>952497

> IF said third party does not conform to their privacy policy

thanks for confirming you're one of the delusional millenial fucktards who thinks corporations love you and law matters

>>952289

>muh encryption

That only guarantees only Kikeflare, CIA and NSA are spying on you and messing with the contents. I bet you think https://www.fakebank.com is safe too because it's encrypted.

>>952500

I stand corrected and am a faggot as well. Thanks for sharing. The question is now what browser should we trust that is up to date with web standards. Maybe I'll make a thread about it sometime.

>>952511

Law matters and you can sue them. Refer to the GitHub discussion in previous post I'm replying, someone is talking about taking legal action against Mozilla. Of course it has to be a class action lawsuit because no individual can fund a legal action against Mozilla's lawyers but technically you can sue them for doing shady things.

>>952513

Chances are the web pages you are browsing use Cloudflare to some extend and CIA/NSA probably has even your sleep schedule in one of their databases. Your concerns belong to a completely different threat model.

>>952520

>Chances are the web pages you are browsing use Cloudflare

>so be a good goy, walk into their office and let them fuck your ass

Or I could not use Firefags, my big-nosed friend.

>>952525

lrn2 read. read the whole post it isn't even that long.

>>952500

Enable Do Not Track and it won't track you.

>>952486

>you keep repeating this what the fuck does that even mean

If you don't even know what it means why the fuck are you attempting to discuss about it?

>also you point out that there are other viable alternatives for securing DNS that mojira could have chosen, but they didn't. They could have chosen OpenNIC or started funding a decentralized effort

They couldn't because currently there isn't anyone else offering DNS over HTTPS.

>They could have done an infinite number of things. Instead, they chose to override the user's explicit settings and centralize DNS with Cloudflare

This is not what's happening. They're not overriding DNS settings, they're sending encrypted DNS requests through Cloudflare, which means Cloudflare, and no third party, can ever read those requests. The only one who knows what the request has is your DNS server itself.

>because they've been taken over by delusional millenial fuckwads who think corporations love you and laws matter in CY+4.

More buzzwords, please.

>>952150

to claim the web or any modern web browser is secure or acceptable in any meaningful way is beyond retarded. now fuck off and shut the fuck up. the rest of your post is retarded as fuck and not even worth replying to

>>952203

yes, a wrapper around geckokitwebwhateverthefuck, everyone and their dog made such a "viable alternative", and they're all shit

>>952537

>Enable Do Not Track and it won't track you.

is this an unironic comment?

>>952546

>consider Cloudflare to be a respectable guardian of everyone's private information

Lol no. It's that cloudflare that does have legally binding agreements, a only small history of censorship, is providing encryption and authentication, is better in literally every way compared to at&t or time warner.

>>952546

>I want everyone to use unencrypted and unauthenticated dns from cumcast for all their browsing

okay retard

>>952719

>>952719

>I am so retarded that the only DNS I know is the one my ISP gives me

>I'm so short sighted I can't find a different solution other than delegating my responsabilities to a faceless corporation.

>>952725

Indeed. Everyone on /tech/ should already be using dnscrypt with OpenNIC servers.

>>952725

>>952727

FFS faggots I and everyone else here are not the beneficiaries for this. I resolve my DNS through tor for example. This is for the 99% of people who have never even heard of DNS and are using their totally worthless ISP DNS.

>>951583

>includes nonfree extensions by default to manage passwords

You don't have to use this. They have their own password managing.

>includes Pocket integration by default

Turned off by default.

>includes Flash by default which is proprietary, unsafe and used to implement DRM

False. If you don't have flash installed on your OS then Brave won't have it. Therefore, Brave doesn't have flash at all. If you see Brave having flash then it's your fault for ever downloading and installing that trash in the first place.

>includes HTTPS Everywhere by default

It's not malicious

>the New Tab includes YouTube, Facebook, Twitter and Google Play links by default

Irrelevant. Those are top visited websites, if you'll include anything then these are an obvious choice.

>New Tab page makes connections to a third-party server

This is the only genuine concern here. Along with BAT.

ive had this shit uninstalled for years, whats a good alternative linx/droid browser with ublock?

>>952798

Firefox

im sticking with mozilla because of all the great shit they've produced

mozilla:

-firefox

-thunderbird

-rust

jewgle:

-chrome

-gmail

-go fuck yourself

-shitty online solutions

>>952760

btfo'd

>>952819

>Thunderbird

>Good

>>952874

i use mutt for my email but thunderbird isnt bad

>>951583

I'm not defending brave (nor do I use it) but just to clear these up:

>>includes HTTPS Everywhere by default (a bunch of you retards won't shut up about it being a "le jewsih botnte" because it's made by the EFF)

Autism, it just downloads a list of sites which definitely use HTTPS so you can't get MITM'd when you type "reddit.com" in the address bar, it's still shit and can fail if the address is not in EFF's list, but it's alternative SMART HTTPS is also shit and can fail, more importantly, a man in the middle can make it fail on purpose (literally just don't respond for 3 seconds).

>>by default uses the same Google lists as Mozilla to protect users from phishing and malware sites (a bunch of you retards won't shut up about how these lists, somehow, send all your history to Google and are a le botnet)

This is not that bad if they only use the lists, but full (((safe browsing))) sends files you download to jewgle to check for le virus.

>>952925

>it's still shit and can fail if the address is not in EFF's list

The rule of thumb is that you should force HTTPS and assume that a website is shit if it doesn't support HTTPS at all.

>>952992

>The choice isn't between Cloudflare and AT&T

Yes it is

>Mozilla could have chosen to do any of a million different things

Like what? OpenNIC? You think that piece of shit infra can handle anything? LOL.

>>953218

Mozilla could pull a Letsencrypt and spend some of the money they're going to waste on this retarded initiative on setting up a decent DNS provider.

Perhaps redirect money from the "teach wymyn to code" initiatives.

>>953242

>on setting up a decent DNS provider.

Ah yes (((mozilla))) should just make their own shitty centralized sjw DNS provider

use Cyberfox

>>951557 (OP)

>dns over https

>implying https doesn't have any problems since the let's encrypt movement

>>953242

It's not necessary because they're just testing the feature.

>DNS resolver

It's not a DNS reaolver. Cloudflare doesn't get anything except encrypted requests. They cannot read the requests, it's useless data for them.

>>952669

>>953241

Yes, it is. Mozilla honours DNT on it's websites and it doesn't load any tracking scripts if it's enabled.

>>951560

>trackers in the browser

>trackers on the home page

>flawed tor support

>not 1.0 yet

>>953403

Just like disabling canvas, geocoder, WebGL, spoofing the User Agent, etcetera; yet you retards keep saying those are good practices. As for DNT, I've found several websites that default to not save cookies, in their GDPR compliance checkmarks.

>>953416

>Spoofing the user agent to a common one instead of a unique one gives them more information.

Nigger what?

>>953431

It is very simple to guess the real user agent of a browser based, among other things, on the HTML5 compatibility thingy, the area where the website can be rendered vs the total area of the screen, the platform, installed fonts, available codecs etc.

Firefox' privacy.resist.finferprinting setting used to automatically spoof the user agent to Windows 7 x64 in non-Windows systems but after testing the guys at Mozilla realized that not only it's pretty easy for websites to guess the real user agent, but also a Firefox 60 install in Linux x64 claiming to be Firefox 55 in Windows 7 x64 is more rare, and therefore easier to track, than a Firefox ESR in Linux. So now they only spoof the ESR part and don't claim to use a different OS.

>>953416

>Just like disabling canvas, geocoder, WebGL, spoofing the User Agent, etcetera; yet you retards keep saying those are good practices.

It's great practice if you just use tor browser where you then look like every other tor browser user.

>using sjwfox

If you're still using this Google bootlicker by this point you chose this future is the one you chose.

>>953487

what should I use then? don't shill anything chrom* based because they are all equally as bad if not even worse.

>>951560

>chromium reskin

>>951584

>hey guis we kno u dont like being tracked

>so we included your favorite botnet social sites

Hehe

>>953662

What is Chromium doing? It's open source, so please point to the file and line number of where the botnet touched you.

>>953704

>please point to the file and line number of where the botnet touched you

shit like this happened in the past

https://archive.is/4VijY

also

>Chromium (which Iridium is based on) is a very secure browser, yes. But it does call home to Google and we did even more to enhance security to the maximum extent possible.

t. iridium website

I will never run software made by google, no matter if open source or not.

cloudflare's dns is independently verified by an auditing firm as not having IP logging, it literally says in their announcement, the average user will be better off, fucking non-issue.

retards

>>951557 (OP)

>DoH/TRR

Easily disabled in `about:config`.

>>953800

it's software numbnuts they can change it whenever they want

>>954036

Why would they?

Keep in mind that their entire schtick is that they don't log it, and that if it were to come out that they did (It would come out) then they would be in massive legal trouble, as well as have their reputation ruined with any customer they might have had.

The twofold path to enlightenment:

1) Palemoon with uMatrix

2) elinks with gay homebrew lua scripts

>>953704

i can point to the folder containing the source code of chrome and tell you how bloated it is

>>953437

>Firefox' privacy.resist.finferprinting setting used to automatically spoof the user agent to Windows 7 x64 in non-Windows systems but after testing the guys at Mozilla realized that not only it's pretty easy for websites to guess the real user agent, but also a Firefox 60 install in Linux x64 claiming to be Firefox 55 in Windows 7 x64 is more rare, and therefore easier to track, than a Firefox ESR in Linux. So now they only spoof the ESR part and don't claim to use a different OS.

After testing they realized they're fucking retards and 15 years behind what everyone else already knew, as usual. fingerprinting will never be remotely solved in the web

>>953392

are you a fucking ass? DNT is retarded and if you don't understand why you shouldn't even be on this board.

>>952717

Cuckflare isn't any more trustworthy than any other company you fuck. It's far better to have random default DNS than to route it all through cuckflare. in other words, we should have just left the bullshit how it is already, instead of digging their shit browser even deeper into the ground

>>952719

>XDD I heard on leddit that comcast is a bad company XDDDD

>so let's make everyone in the world use cloudflare for all DNS ever, including the small portion of users that are using comcast

> XDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD

>>952760

>>includes HTTPS Everywhere by default

>It's not malicious

ironically, you stupid fucks who install 30 "security"/"privacy" plugins for your browser are indeed getting malware from this practice

>>the New Tab includes YouTube, Facebook, Twitter and Google Play links by default

>Irrelevant. Those are top visited websites, if you'll include anything then these are an obvious choice.

not irrelevant, now I know what kind of corporate dipshits are behind that browser. no sane person would make a product and put some dumbass corporate portal that shows up every time you open a new window

>>New Tab page makes connections to a third-party server

>This is the only genuine concern here. Along with BAT.

>genuine concern

no, it means the software is dogshit and you should steer far clear of it

>>953800

that means absolutely nothing you dick sucking faggot, and even if it was true it doesn't change the fact that a federated service is being replaced with centralized

>>954045

Pale moon is even more cucked than Firefox.

>>954306

>if it was true it doesn't change the fact that a federated service

Yeah federated is amazing my neighbour can get his DNS from the FBI. I can get mine from the CIA, someone in another town can get it from the NSA.

>>954431

>all they receive is a fucking encrypted packet

Encrypted to them. Of course they can read it, you send it directly to them.

>>954431

>If DNT is so retarded then why are many websites, including Mozilla's, honoring it

"They trust me... dumb fucks"

>>954431

personally I turn off JS because otherwise the browser freezes for 10-60 seconds each time you open a web page. also less attack surface. i'm not very much concerned with reducing my fingerprint and there's no real way to do this on the web aside from having a giant piece of software to emulate modern browsers (which is what tor browser does, except without the emulation part - instead it's unironically a modern web browser but with modified code). my fingerprint is still far less than most retards though, and also it doesn't matter very much since I've used tor for all my browsing for 10 years, don't go on social media or money bullshit on the web, etc

>If DNT is so retarded then why are many websites, including Mozilla's, honoring it?

Why would you ask such as retarded question instead of thinking for a minute about the implications of DNT?

>No they don't because all they receive is a fucking encrypted packet. They cannot read it's contents which is why they agreed to not log or use them: they are completely useless for Cloudflare or anyone that isn't the DNS server.

Even if cuckflare couldn't read the traffic this would still be complete shit. But I'm going to stop here because I don't give a fuck about your special snowflake DNS crap of the day works.

>ANYONE could make their own trr server the same way ANYONE can make their own DNS server.

and now we have two dumbass name resolution (an invalid concept in the first place) protocols instead of 1

>>954414

>cuckflare is trustworthy

anyone who unironically uses WAF should be shot and nothing they build should ever be trusted again. refer to the cloudbleed vulnerability which EXACTLY illustrated my point

>at&t and comcast alone are almost all of the usa.

and nobody gives a fuck about the usa

>Ah you mean unencrypted unauthenticated dns from an ISP that DOES sell data vs encrypted and authenticated dns from a company that has legal agreements to the contrary.

Yes, it was literally better that way than any idiotic proposal for a "fix". The fix is to use something like Tor.

>You really are retarded XD

_You_ really are retarded you cocksucking dickfuck.

Repeat this 10 times: Regulation changes nothing

Going to some good guy server via some snakeoil encryption changes nothing. Even if cuckflare aren't malicious like you so proudly believe, they will simply be pwned and then 90% of the internet will go with it. Which still wont affect me. The reason I hate cuckflare is because they add new WAFs and other hurdles to basic internet usage. For example we now have to emulate Firefox to do a GET to 50% of the web.

If DNS was such a big issue like you niggerfaggots believe, we could just visit a website directly by IP and never touch DNS in the first place. It would save roundtrips too, and be 100% "secure" because nobody ever gets your DNS requests. Of course there's the question of where you would obtain this mapping from, but you idiots don't understand that this concept exists anyway and think cuckflare or whatever meme service you use just gives you the "correct" IP every time.

>>954507

>Why would you ask such as retarded question instead of thinking for a minute about the implications of DNT?

Your browser asks websites to not be tracked. Good websites don't, shit websites ignore it. That's it.

>But I'm going to stop here because I don't give a fuck about your special snowflake DNS crap of the day works

So, again, you don't know how it works and you don't care how it works; why the fuck are you even attempting to discuss about it?

>but you idiots don't understand that this concept exists anyway and think cuckflare or whatever meme service you use just gives you the "correct" IP every time.

That's the entire fucking point of DoH and TRR.

>and now we have two dumbass name resolution

It's the same. You're still using a resolver(s), except right now your DNS request can be read or MITM by your ISP, your DNS, the network you're in and/or the resolver. With DoH and TRR the attack surface is far smaller.

>>954549

>Your browser asks websites to not be tracked. Good websites don't, shit websites ignore it. That's it.

No you fucking retard, good websites don't try to track you in the first place.

Greaaaat. One more layer on top of DNS that I have to look into when a user has a problem.

Why is the browser making decisions about where to send DNS requests again? Isn't that the OS's job?

>now

Nigger pls. It already shares it with George Soros and pals why would this be a surprise?

>>954612

Linux is moving to a reinvent the wheel "design" philosophy. Now you have DNS configured by resolv.conf, which in turn is configured by resolvconf.conf, SystemDNS, Mozilla DNS, ...

>>954608

>No you fucking retard, good websites don't try to track you in the first place.

Well anon then 99.9% of websites are not good and you should just never go to them :). Now fuck off 8chan a site that tracks users.

>>954507

>anyone who unironically uses WAF

<DNS IS WAF

retard

>cuckflare is trustworthy

more than at&t and cumcast

>>954549

>That's the entire fucking point of DoH and TRR.

and the entire point flew right over your head, i suggest you stop posting.

>With DoH and TRR the attack surface is far smaller.

no it isn't you fucking muppet

>>954608

it's not a question of websites since 99.999999999999...% of websites mindlessly include all kinds of third party scripts (which in turn do the same) in their sites. the entire "tracking debate" is completely inane in the first place. just turn off JS and cookies. you'll still be fingerprintable but that's the best practical thing you can and ever will be able to do. people have been "debating" about tracking for literally 30 years and it's never going to change because the web is fundamentally trash. once we move to something that serves pure static documents instead this will no longer be an issue

>>954661

><DNS IS WAF

>retard

oh yeah, you sure got me. no, cuckflare puts a WAF in front of every website they do CDN for, which is why you get the ATTENTION REQUIRED ONE MORE STEP page. which you should know about if you trust them as a company

Basically, tldr is stick with Firefox 52 ESR forever or you're gonna get pozzed with cyber-AIDS.

>>954850

>cuckflare puts a WAF

Which has nothing to do with DNS :^)

>>954850

NOTICE:

This poster is a shill for cumcast and at&t. They both want all your DNS data so that they can sell. Firefox is trying to change that.

>>954966

And give it to cuckflare instead, a company who puts politics first.

>>954966

Why can't your ISP just look at the IP address you're connected to?

Whether or not you use their DNS they still know who you're connecting to. On the other hand, if you use Cloudflare's DNS, they AND your ISP will BOTH know.

There is no scenario where it makes sense to use cloudflare as your DNS.

>>951560

Brendan Eich is like a hero tbh.

why hasn't anybody mentioned qutebrowser?

>vim binds for maximal autism

>none of that sjwzilla shit

>config is literally a python script

need i say more?

There's a reason why George Soros bought Firefox years ago.

>>954966

The router itself uses the WAN DNS provided by the ISP and even if you change your OS's DNS your requests would still just overridden by the one on router out of some bug or intentional mishandling of the router DNS prioritizing the DHCP DNS over your operating system's Static DNS.

>>955225

not to mention that most modern routers these days come with smart botnets that would do a request even without anything connected in its network. You'd see a data forwarded in the router logs and it could continue doing so even if you have some "Kali Linux" tier firewall encryption ft. Tor "Debiru" browser installed.

>>955215

Zero plugin support, nigga.

>>955225

Which is exactly what this new firefox feature solves.

>>954967

>a company who puts politics first.

Yeah cuckflare banned 1 website. This is orders of magnitude better than everything at&t has done.

>>954969

>Why can't your ISP just look at the IP address you're connected to?

Well luckily with a service like cloudflare they will only see me connecting to them. For example when I connect to 8chan here my ISP has no idea what site I am on.

>>954969

what about using opennic/opendns if your ISPs DNS is shit?

>>955271

Yeah a system where anyone can run a DNS server and record everything you do without your knowledge is a lot better than an entity you know that has legal agreements in your favour.

>>955265

>trusting cloudflare over your isp

>every site you connect to is cloudflare

>>955319

I sure as fuck trust cloudflare for this more than my ISP.

>>955342

Why? Cloudflare's pozzed.

>>955626

>one has active history of selling user data

>one literally housed NSA fiber splitters

and the other has auditing, legal agreements in favor of privacy, with the worst thing they did being banning an edgy site.

You have to be fucking retarded to not see the order of magnitude difference in pozz here.

>>955724

There are few targets that are more attractive for the NSA than Cloudflare.

I'm 100% sure my ISP doesn't hand over DNS data to anyone because it's outside of burgerland and I operate my ISP's DNS server where all queries get mixed with those of almost a thousand of other customers.

>>955728

>and I operate my ISP's DNS server

Well anon that's great and all but that has nothing to do with the hundreds of millions of other people this will help.

>>955732

Don't live in burgerland. There are plenty of countries where ISPs don't give a fuck about what the US government wants. Or elect a government that doesn't spy on you.

>>955735

Well duh anon it's easy as fuck to move to another country instead of encrypting everything and tunneling all of your connections through Tor for better measure.

>elect a government that doesn't spy on you

Problem is that the unelected government spies on you, not Trump administration.

>>955735

>There are plenty of countries where ISPs don't give a fuck about what the US

Well shit now we only have to put up with the Australian government, the British government, the French government, the German government, the ...

>>954612

>Isn't that the OS's job?

No, it's systemD's job.

>>955735

OK fine, use this new Cloudflare DNS service then. Where's Cloudflare located? Are they responsive to court orders or national security letters?

This is a big ass corporate to government dragnet. I'd trust some half-baked p2p "coin" based DNS bullshit over this obvious con.

>>954966

shut the fuck up faggot

>>955264

this isn't a question of at&t vs cuckflare, you fucking brainlet

>>955265

more like each cuckflare IP only has N websites, and some simple traffic analysis can reveal what website you're on. but then again if you cared about hiding what you're visiting you'd use tor or equivalent instead of utterly retarded half-assed attempts like what you just mentioned

>>955278

it literally is you monkey fuck

>>955724

legal agreements mean fuck all you dick sucking faggot. go take your shit argument to reddit. i couldn't give a fuck about what some company in some country i don't even care about claimed to do. cuckflare is an adversary to privacy as they've proved by blocking tor for around 5-7 years, and they're also an adversary to common sense, and a millenail tech hipster sesspool, just like mozilla

BUT:

once again, why would I install some software with some new special snowflake protocol to offer me some vague improvement on security/privacy? even if it was slightly better it would not be worth it