LWN: Comments on "A look at Firefox forks"

Firefox forever

chojrak11 — Thu, 20 Mar 2025 08:24:44 +0000

Firefox is the only browser of the 3 important ones that supports Manifest V2 _and_ is cross-platform. I'm not Apple user so Safari doesn't work for me. Thanks to MV2, excellent extensions such as uBlock Origin still work. And it is only with the help of uBO, Consent-O-Matic, Disconnect, Privacy Badger, NoScript, Don't Track Me Google, Firefox Containers and other useful extensions the web pages are still browsable, with my privacy preserved and being secure from malicious scripts. When I rarely open Chrome to use it for a website that's broken because of my FF setup, I can't imagine people are able to use it for browsing on a daily basis for the most part of the day.

Manifest V2 has been deprecated in Chromium in favor of advertiser-friendly and privacy-invading MV3 that crippled all ad-blockers and other extensions that intercepted network requests. Before I was able to regulate what they know about me by blocking ads and trackers, now I can't.

You better stop and wonder for a minute what Chromium-based browsers do with your data, especially Brave and Opera. Whoever has the browser, rule the data. This is why Microsoft is fighting so much for their Edge fork of Chromium. All these browsers collect and make use of vast amount of user data (and sell it wherever they can, maybe excluding Google and MS who keeps detailed data only for themselves, but still use it to generate revenue).

Mozilla wording change created the global panic and outrage, but it wasn't meant to change what they do with user data. And is very very easy to disable all collection in FF through settings, about:config and extensions, if required - this is what, if fact, Tor Browser does in addition to maybe some more tweaks.

So, many internet users, especially those less privacy-savvy, were just manipulated into false panic-mode thinking and followed the mindless herd of Mozilla haters. I wonder if it was spontaneous or organized campaign.

I do really hope Mozilla won't give up on this effort, because then I'm left with no options.

"Privacy" related forks

GNUtoo — Wed, 19 Mar 2025 10:06:21 +0000

There is also the following browsers that are interesting:
- Tor Browser
- Mullvad Browser (Basically it's the Tor Browser without Tor made in collaboration with the Tor project).

Waterfox was worth a look

lproven — Fri, 14 Mar 2025 20:21:17 +0000

It is my browser of choice on Linux.

It's Firefox ESR, with all the telemetry etc. disabled. So, for instance, it was immune to the "Foxstuck" bug.

https://www.theregister.com/2022/01/18/foxstuck_firefox_b...

It has a built-in vertical tab bar.

And it seamlessly integrates with a global menu bar under Unity, Xfce, and other desktops which support this. In my testing no other modern Firefox derivative still does that.

Distribution patches?

seneca6 — Fri, 14 Mar 2025 17:50:56 +0000

I wonder how much of the "undesired" stuff is patched out by distributions such as Debian, but also F-Droid for the mobile version. I didn't look in detail, as a user of both I just hope "they will take care of the worst".

another FOSS browser

jzb — Fri, 14 Mar 2025 16:25:06 +0000

Thanks for the comment/suggestion. Looking at the site and repository, development seems to be stopped or very slow. The last release shown on GitHub is from February 2022. It would be difficult to recommend that as a project readers should consider -- though the concept is nice. It's possible I was looking in the wrong place - if there's more current/active development I'd be interested in checking it.

another FOSS browser

freem — Fri, 14 Mar 2025 16:16:11 +0000

Since the article mentions "Folks who want to jump ship from Mozilla's ecosystem entirely, while still sticking to open source" and some examples, I think mentioning otter-browser (otter-browser.org/) is not off-topic.
It's intent is to go along the lines of old opera 12. The project have supports for 2 rendering engines: QtWebEngine and QtWebKit, and have several features I really like, such as automatically deleting cookies when you close the session, *easy* way to disable JS and other settings on a per-website basis, mouse gesture...
Sadly, it does not have support for plugin support. It is mostly maintained by a single person, I think.

I think it's an alternative worth mentioning in here.

User syncing NOT using moz

giddy — Thu, 13 Mar 2025 03:26:58 +0000

Are there any forks that implement a user sync NOT using the mozilla backend? I love the p2p approach of Brave but would not use Brave (or any Chrome derivative)

Turning off ad features without switching

dmarti — Wed, 12 Mar 2025 20:05:00 +0000

You can still turn off the ad features while keeping the Firefox browser, by writing a policies.json file in the right place. I made an RPM to do it but anything that can write a config file under /etc/firefox should work.

more notes on this approach: turning off browser ad features from the command line. IMHO it's easier in the long run than digging through settings because it affects all profiles and accounts.

Nyxt

apoelstra — Wed, 12 Mar 2025 13:18:10 +0000

Definitely looking forward to an article on Nyxt! I have been using qutebrowser for many years, but its use of chromium bothers me and it's also not as programmable as I'd like. But since Firefox killed support for vimperator[1] it's been pretty-much the only option.

I tried Nyxt but quickly got lost trying to move the tab bar to the left side, or even how to close a single tab without closing the browser. The documentation was not super helpful other than explaining that "tabs" are now "buffers", that I need to use Lisp, and strongly implying that I needed a bunch of emacs intuition. I asked for help on IRC but got no response. The project seems super promising so I spent several hours on it but I got nowhere.

[1] I am aware that you can install vimperator on firefox today. It will not work on blank pages or about:config or many other pages, apparently for "security reasons", which makes it infuriating to use since you need to randomly switch to non-vim keybindings. (For that matter, treestyletabs also doesn't work properly; you need to manually hide the old tab bar because the extension can't do this anymore ... again because it would be insecure for a user not to use a mouse??)

How does LWN browser share compare to the general split?

daroc — Fri, 07 Mar 2025 12:52:39 +0000

Yes, user agents are definitely a bad way to identify web browsers. But LWN doesn't collect much information about our visitors at all — just the minimum needed to identify malicious bots and weird server issues. We definitely don't have any kind of browser-identifying JavaScript.

So I agree we should definitely not read too much into a quick look at the user agents; it's enough to say that we have a higher proportion of things claiming to be Firefox than the average internet site does, but how many of those things are actually stock Firefox and how many aren't I couldn't begin to guess.

How does LWN browser share compare to the general split?

PastyAndroid — Fri, 07 Mar 2025 01:01:32 +0000

I wouldn't go by user agents, they can be very misleading. For example mine says:
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0

This tells you it's Firefox on Windows 10. That's intentionally false information (not just for LWN, for all websites.). It should say Librewolf on Gentoo, but I don't want it to.

How does LWN browser share compare to the general split?

PastyAndroid — Fri, 07 Mar 2025 00:58:33 +0000

Librewolf user here. I have been for a couple of years. I like it because it's just enough removed features without breaking anything serious. I pair it with manually installed JShelter, LibRedirect and a couple of my own software patches[1].

I have a custom CSS theme too, so visually it looks like Firefox 1.5 (tabs at bottom and not floating, search bar, menubar, no silly big gap between them, got rid of that ridiculously huge url bar when you click it, etc.).

But overall, long story short I'm a Librewolf user and happy enough with it.

[1] I have a really bad habit of: "I don't like application XYZ doing this, that way. I'm going to change that. *Creates patch and compiles with custom patch.*". I don't redistribute those patches though, personal use only. So no worries. :-)

Insightful

Lennie — Fri, 07 Mar 2025 00:50:37 +0000

I can tell you sites that are not trying to hurt you might end up getting hacked and HTML-output is changed to them trying to install malware through your browser.

Having said that, it's less common now. It was especially bad when plugins (like Flash, Java and Acrobat, etc.) were common. But it definitely still happens.

How does LWN browser share compare to the general split?

jajpol — Thu, 06 Mar 2025 14:57:55 +0000

This was intended as a reply to the lynx comment.

How does LWN browser share compare to the general split?

jajpol — Thu, 06 Mar 2025 14:51:13 +0000

Similarly, w3m

SeaMonkey Composer

excors — Thu, 06 Mar 2025 11:38:15 +0000

> it seems to me that it would be a good idea to promote and include an editor to show that editing basic documents with HTML is something that *anyone* can do (remember MySpace? kids used to routinely do it) and doesn't need to be some "service" running on k8s on AWS, or WordPress, but can just be some static files and images that you can manage yourself by hand.

I don't think it really can be that simple, though, assuming you want people to find and read your site. Even for the simplest personal blog, you'll probably need to set it up with Open Graph metadata on every page (description, preview image, etc) so links can be shared nicely on social media, an Atom feed plus a bot that copies it onto your own social media, maybe a sitemap.xml so search engines can find all your content, probably an analytics script so you can tell if anyone is actually visiting and where they're coming from so you can join in their discussions on Reddit or wherever (because discussion is fun, but you certainly don't want to be responsible for moderating a comments section on your own site), etc.

You can't reasonably update the feeds and sitemap by hand, or keep all the scripts etc in sync when you've got dozens of pages or more, so you'll want a static site generator to insert your content into templates. And in my (admittedly very limited) experience, all static site generators are terrible; you'll probably end up having to substantially edit their default templates in their terrible barely-documented templating languages, or just write your own static site generator from scratch.

Then you'll have to pay for a domain name (carefully avoiding the registrars with rip-off prices), and either pay for hosting or rely on the generosity of big companies offering a limited free tier (like GitHub Pages). At that point I'm not sure why you wouldn't just pay for a WordPress hosting platform or similar, and I'm not sure what Mozilla could provide that would be any better than a WordPress hosting platform.

SeaMonkey Composer

PeeWee — Thu, 06 Mar 2025 02:57:30 +0000

So you are basically proposing to undo the split of the original Mozilla Suite. I couldn't disagree more, a browser is a browser is a browser. If you want more, there is Seamonkey which keeps the old Suite paradigm. I, for one, don't want any ballast which is why I have been using Firefox since it was still called Phoenix. I even abandoned Thunderbird for plain old mutt after questioning, for quite some time, the very necessity of a bloated GUI for such a mundane task.

If anything, the FF devs should think more about going back to the roots of the project and refrain from bloat and feature creep. I would even go so far as to suggest that there needs to be another fork by some of the core devs. Call it Lighterpup or something like that; it keeps with the naming tradition and conveys a smaller target size in a nice play on words, if I may say so myself. ;)

SeaMonkey Composer

raven667 — Thu, 06 Mar 2025 02:00:06 +0000

The reference to SeaMonkey Composer made me think of how so much of the browser is about _browsing_, consumption, but aside from the Developer Tools there isn't a lot of _creative_ tooling included. Given that some of the most popular editors like VSCode are built on web technology these days and WYSIWYG editors are a staple of CMS/Wiki software, it seems to me that it would be a good idea to promote and include an editor to show that editing basic documents with HTML is something that *anyone* can do (remember MySpace? kids used to routinely do it) and doesn't need to be some "service" running on k8s on AWS, or WordPress, but can just be some static files and images that you can manage yourself by hand. I think there is a lot of room to innovate in a desktop HTML/CSS publishing tool, by dusting off some of the old attempts before everything became a webapp (or Electron) and including some of the modern tooling UX which has been focused on silos of content management software. Its seems like with some advertising and advocacy that maybe we could rekindle self-hosted (on IPv6 where available) or very simply hosted (static files only) personal web development.

Insightful

raven667 — Thu, 06 Mar 2025 01:49:59 +0000

Thats a reasonable idea, if the leadership of Moz diverges too much from the culture of the workers, the workers can form an independent company and try to wrestle the Google relationship, or some other revenue stream, to continue work, although that depends on the culture of the workers being significantly different than the leadership, which is not something that I have evidence to support beyond anecdotes from individuals, who largely don't work at Mozilla Corp anymore.

history repeating itself?

PeeWee — Thu, 06 Mar 2025 00:47:11 +0000

The [Firefox] project began as an experimental branch of the Mozilla project by Dave Hyatt, Joe Hewitt, and Blake Ross. They believed the commercial requirements of Netscape's sponsorship and developer-driven feature creep compromised the utility of the Mozilla browser. Wikipedia

What was once an unofficial fork got brought in-house.
[emphasis added]

And they seem to be repeating the same mistakes. I cannot help but think about this recent thread. My main takeaway from that discussion is that Mozilla Corp. employs many developers who earn a pretty penny and thus may feel the need to justify their salary, so they come up with new features nobody really asked for, or whose value is rather questionable, at the very least. Nobody brags about, and demands a pay raise for, plain maintenance or, God forbid, consolidation, because that is tantamount to questioning their own place in the workforce.

How does LWN browser share compare to the general split?

mathstuf — Wed, 05 Mar 2025 22:29:52 +0000

FWIW, Firefox anonymization settings also make it report as a Windows browser regardless of platform.

How does LWN browser share compare to the general split?

daroc — Wed, 05 Mar 2025 21:21:37 +0000

... they were supposed to be, but on double-checking I was grepping the wrong file. Oops.

That does indeed cut out most of various requests from feed readers, although some people still made successful requests with newspaper, Tiny Tiny RSS, and others.

It looks like things claiming to be Chrome got more non-200 responses than things claiming to be Firefox, though, so the proportion of Firefox crept up again. There's still a long tail of unique user agents, though.

How does LWN browser share compare to the general split?

KJ7RRV — Wed, 05 Mar 2025 21:04:12 +0000

Are these data filtered to only requests 200 OK responses? It seems strange that so many scrapers would be successfully accessing subscriber-only content, so I'm wondering if all they're getting is the "login required" 403 Forbidden page?

history repeating itself?

dmarti — Wed, 05 Mar 2025 19:19:29 +0000

The [Firefox] project began as an experimental branch of the Mozilla project by Dave Hyatt, Joe Hewitt, and Blake Ross. They believed the commercial requirements of Netscape's sponsorship and developer-driven feature creep compromised the utility of the Mozilla browser. Wikipedia

What was once an unofficial fork got brought in-house. Maybe Mozilla will adopt one of the current forks, or maintain both the current release with advertising features and a release without them, built from the same codebase. (IMHO ad features in browsers are a fad now, but the browsers will eventually get over it)

How does LWN browser share compare to the general split?

daroc — Wed, 05 Mar 2025 19:08:36 +0000

I looked at the same stats for our recent article about guard pages, and did see a noticeably higher percentage of things claiming to be Chrome. That article had around twice as many requests from Chrome as from Firefox — still more Firefox users than the internet average, but fewer than on this article. On the other hand, there was a larger percentage of unique user agents, and newspaper managed to come in with nearly twice as many requests as the next most common user agent. So the data is still pretty noisy, and it probably doesn't make sense to draw too many conclusions from it.

How does LWN browser share compare to the general split?

bwelling — Wed, 05 Mar 2025 18:49:35 +0000

If it's not difficult, would it be possible to run the same analysis on a different article? I suspect that there might be an unusually high percentage of Firefox users reading this article, as it's about Firefox.

How does LWN browser share compare to the general split?

tlamp — Wed, 05 Mar 2025 15:58:02 +0000

> The second most common was "newspaper/0.9.3.1", although I'm not sure what kind of program that is.

For anybody else that got curious: "newspaper/0.9.3.1" seems to be a scraper project one can find on GitHub [0], at least the name and latest released version per CHANGELOG.md would match.

[0]: https://github.com/AndyTheFactory/newspaper4k/tree/master

How does LWN browser share compare to the general split?

daroc — Wed, 05 Mar 2025 15:02:34 +0000

Yeah. That's a perfectly sensible decision, but it also highlights the problems with trying to figure out what clients are in use based purely on user agent. I'm certain some of the lines that matched my searches for "normal" browser user agents also included software just pretending.

How does LWN browser share compare to the general split?

dskoll — Wed, 05 Mar 2025 14:49:43 +0000

FWIW, I have hard-coded my browser's user-agent as Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0 even though I am running Firefox 136.0. The reason is that every time I would upgrade Firefox, my bank would distrust my machine and make me run through extra hoops to log in.

If and when my bank decides that Firefox 131 is too old, I'll update the user-agent.

Insightful

Wol — Wed, 05 Mar 2025 14:32:25 +0000

LWN is okay, they don't have many ads (and text only, I believe), but the problem is *any* site with javascript (and maybe others) ads. If the adserver serves a malicious advert, the reputation of (or how well you know) the site is irrelevant. You've been fed malicious js and you're pwned.

Cheers,
Wol

How does LWN browser share compare to the general split?

daroc — Wed, 05 Mar 2025 13:52:54 +0000

Oh, that's a clever thought! I won't share exact numbers to protect users privacy, but let me go grep through the access logs and see if I can find any useful numbers.

Of the people who have looked at this article in the past day, the most common browser agent reported was "Mozilla/5.0 (X11; Linux x86_64; rv:135.0) Gecko/20100101 Firefox/135.0". The second most common was "newspaper/0.9.3.1", although I'm not sure what kind of program that is. Probably a feed reader of some kind. Then there's a long tail of thousands of other user agents, including some that look like Chrome, Safari, a bunch of feed readers, some robots, and even 52 people who appear to be browsing the site using cURL. A bit more than half of user agents are unique, and only appear once.

Given how mangled user agents are, with everything pretending to be everything else, it's entirely possible that I've messed up my analysis. But of the mainstream browsers, it looks like Firefox has slightly more than half, and Chrome has slightly less than half. But those numbers almost certainly include forks and derivatives that just have similar user agents, plus software that's just pretending to be one of the major browsers.

Still, even with noisy data, it seems likely that LWN readers are significantly more likely to use Firefox than the average internet user. And significantly more likely to be running it on Linux than the average internet user — none of which should really be surprising.

Insightful

felixfix — Wed, 05 Mar 2025 13:50:50 +0000

Good answers, and I should clarify. I don't visit random sights that I know nothing of, but if a site I have been using for a while has a link to some unknown site, such as a news summary pointing to the full news report, I don't take any special precautions. When I get email telling me new insurance documents or monthly statements are available, I never use their bookmarks. I've recently been getting a flood of spam from AAA (auto club), and the first one caught my attention, I checked its email headers, it was spam, and I delete those without opening. I either type it in myself or use my own bookmarks and navigate to wherever they store documents. I use uBlock Origin and seldom see ads; I understand I am undermining what makes sites "free", but if they actually want me to see their ads, they can try text ads, or at least simple static inline pictures instead of depending on javascript distractions. If a site says I need to click here to allow cookies, I close the tab rather than click. I use mutt for most email, and although I do remember someone way back in usenet days crafting a message which confused emacs, that hole was quickly fixed. I do use gmail for some secondary email accounts, and have it set to never show images (too many senders include those 1x1 pixel tracking images). Gmail is sometimes too aggressive in deciding something is spam, and I check once or twice a month, but never open anything I don't recognize.

Insightful

ballombe — Wed, 05 Mar 2025 10:03:42 +0000

I agree in principle, however some malware have been propagating through ads pushed by advertising networks.
One more reason to block them.

Insightful

PeeWee — Wed, 05 Mar 2025 09:39:05 +0000

Not necessarily, if the visited site can be trusted, i.e. I wouldn't expect LWN or my bank to do anything nefarious. As long as one can be sure that the visited sites and are not spoofed version, i.e. by loading them from bookmarks, there is no problem.

Insightful

intelfx — Wed, 05 Mar 2025 06:13:44 +0000

Sitting idle is hardly called “usage”. So if one is actually _using_ a browser, then it’s a reason to hurry.

Insightful

felixfix — Wed, 05 Mar 2025 06:09:49 +0000

They are seldom used, and only for a few common sites. My impression is that browsers are dangerous only when visiting attack sites, by clicking random links. I've never heard of any being attacked when sitting idle.

Insightful

mcon147 — Wed, 05 Mar 2025 05:57:18 +0000

Is that a security concern? Aren't browsers a huge attack surface?

Insightful

felixfix — Wed, 05 Mar 2025 04:06:42 +0000

What hurry? They can't uninstall what I have. If they do anything crazy, there's months and years of time to switch. I have a couple of old laptops running Firefox from years ago which still work fine.

How does LWN browser share compare to the general split?

KJ7RRV — Wed, 05 Mar 2025 00:05:39 +0000

Would it be possible to include only requests for subscriber-only articles? It might work to grep for requests to a defined list of recent articles resulting in 200 OK responses; that should exclude scraper bots, unless the operators are paying for subscriptions and/or cracking user passwords.

Insightful

cesarb — Wed, 05 Mar 2025 00:05:11 +0000

> I will personally stick to FF proper until Mozilla really goes off the deep end and does something crazy.

Even then, it's better to be prepared beforehand, instead of having to find a working alternative in a hurry.