help-gnuzilla
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: If FOSS isn't your number one concern, why use IceCat?

From: Haniho Dude
Subject: Re: If FOSS isn't your number one concern, why use IceCat?
Date: Sat, 16 Nov 2019 23:36:49 +0000
You make a fair point. All else being equal, FOSS ought to be more secure. For IceCat however, all is not equal. If need be, I can get up the changelog for Firefox ESR. I am confident that if I were to do so, I would find multiple security updates that have not been ported to the latest stable build of IceCat.
From: help-gnuzilla <help-gnuzilla-bounces+hanihodude=address@hidden> on behalf of Narcis Garcia via help-gnuzilla <address@hidden>
Sent: 16 November 2019 21:13
To: address@hidden <address@hidden>
Subject: Re: If FOSS isn't your number one concern, why use IceCat?
 
I don't understand how can somebody prefer secutiry to FOSS.
I's like to prefer electricity to energy.


El 16/11/19 a les 1:16, Haniho Dude ha escrit:
> Hello everyone,
>
> First of all, thanks for your hard work on IceCat. It's one of the few
> good browsers left. I hope that my question doesn't offend you. As much
> as it comes from a place of love, it also comes from a place of concern.
>
> I'll begin by giving some context. FOSS is not my number one concern. I
> like FOSS and prefer it to many other things, but if I have to pick
> between FOSS and security, or FOSS and privacy, I'm not going to pick
> FOSS. Personally, I use IceCat because I find it to be the easiest and
> most trustworthy way to get a privacy-focused browser if you're someone
> who does not have the time to learn about the ins and outs of
> configuring Firefox. To be blunt, it is easier to remove the
> functionality-breaking components of IceCat (e.g. LibreJS) than it is to
> privacy harden Firefox. This bring me to my main point of concern. In
> recent years it has become clear that I can no longer trust IceCat for
> privacy. It has been 6 months since the last build and if my experience
> with the previous build is anything to go by, this means that IceCat
> will be behind Firefox ESR in terms of security updates. *It is
> impossible for any such browser to be secure and therefore I cannot
> believe that IceCat protects my privacy*. This would already be good
> reason to abandon the browser, but it appears that recent privacy
> efforts
> <https://old.reddit.com/r/privacytoolsIO/comments/d3of43/firefox_privacy_guide/>
> have completely superseded IceCat in terms of tweaking Firefox for
> privacy. In this day and age, it appears that one can read a Reddit
> post, copy and paste some text
> <https://zerobin.net/?7ff179a3343f88b4#H7fn13PHvwJLKliegJR2bpLtoMpuHtH3yf4zxDidXwA=>,
> delete a few bits, and soon have a privacy-focused version of Firefox.
> This also skips over the issues that one may find when installing IceCat
> on a distribution that does not have it packaged (e.g. getting it on
> Ubuntu was a pain, but you can't be blamed for that) and will make for
> much faster updates because said updates will not have to be filtered
> through IceCat development.
>
> This finally bring me to my question: Aside from the components that
> exist only to make IceCat FOSS, what does IceCat offer that cannot be
> trivially obtained from a copy and paste job like what I have suggested?
> This page <https://directory.fsf.org/wiki/Gnuzilla> and your settings.js
> <https://git.savannah.gnu.org/cgit/gnuzilla.git/tree/data/settings.js>
> offer some insight, but I want to be sure. Finally, I am aware that
> there exists a script that will make IceCat from any build of Firefox,
> but if I do not prioritise FOSS (or rather, I prefer security to it), is
> there any reason for me to run it on a Firefox that has been modified in
> the ways that we are discussing?
>
> Thank you for your time,
> Philip.

reply via email to
[Prev in Thread] Current Thread [Next in Thread]