Skip Navigation
Privacy @lemmy.dbzer0.com
ken @discuss.tchncs.de

Konform Browser v140.7.1-100 released

codeberg.org

140.7.1-100 - konform-browser/source

Hi all!

Latest version of Konform Browser just dropped and now I come here to share with y'all about what's been cooking.

If you are new to Konform Browser, dev here and previously posted on this community introducing the project here.

Highlights since last time:

  • Latest security fixes from up to most recent Firefox ESR 140.7.1.
  • A new welcome screen (pictured) where user can quickly choose between how private vs integrated experience they want, from a locked down "Purely Private" all the way to an unleashed "Just Make It Work" (affectionately referred to as "yolo mode")
    • The "Show detailed information" link leads to a table showing exactly what settings will be impacted by each preset so user can make educated decision and understand impact before choosing.
  • Improvements around privacy and fingerprinting. In particular: Closed a significant vector of identity leaks and fingerprinting from unique IDs sent in Origin headers of HTTP requests by addons. This is a previously known issue (1405971) that has been considered wontfix by upstream for 6 years now.
    • To my knowledge, Konform Browser is the only Firefox derivative which protects against this under defaults and improves over status quo in chromium too. Attempts are being made to reach out and see if the patch can also be of interest and benefit for Tor Browser.
    • New user pref network.http.addonOriginBehavior can be tweaked to further change behavior and work around any breaking addons.
    • A future update might change default to 3 (random), which could make browser choice less fingerprintable. The current default is not set in stone and I'd be very curious about what breaks and what doesn't if anyone plays around with this.
  • Now also publishing binary packages for easy installation and updates from Alpine Linux and Arch Linux package repos, alongside existing deb/rpm ones. Building from source is of course still supported.
  • Various improvements and fixes for optional features unlocked by "Just Make It Work" preset

There is also now a more official fedi account on Mastodon where an abbreviated version of this post is already shared with a couple of screenshots of the new onboarding: @konform@techhub.social1. Since I couldn't figure out how to crosspost Mastodon -> Lemmy you get me rambling here instead 😘

As always, installation and build instructions can be found from release notes and doors are open on Codeberg for issue reports and merge requests alike.

https://codeberg.org/konform-browser/source/releases

1: In case federation clients botcher the link: https://techhub.social/@konform

Comments

2