Aral Balkan (

Aral Balkan @aral

@privacylab @mozilla Hey Mozilla, here's my entry:

I had a recent invasive experience with a browser called Firefox. The default search engine was Google, a surveillance capitalist. So I was being tracked every time I wrote into the address bar. (Apparently, the browser maker receives billions from Google.) Then I saw that third-party cookies were on by default and tracking protection was off. Finally, I realised I'd been sharing data and was enrolled in "studies" with the browser maker.

@robert @aral @privacylab I find that using Firefox Sync means new installs don't need me to manually change search engines and browser settings to fix those problems.

I am kind of annoyed by the opt-out marketing add-ons though. That's made me very tempted to switch to Brave.

@bobstechsite @aral @privacylab Brave is chrome based? Isn’t ad supported?

@robert @privacylab On Linux (as of last week, my primary dev machine), I use (and love) Gnome Web. On macOS/iOS, I use Safari.

@KeaW @aral @mozilla Purism has taken browser privacy very seriously, both forking Firefox into a more privacy-respecting version and having Tor Browser Bundle available by default. But we're not sure what's default on the Librem line, or the new PureOS.

We'll ask around; one of our people has a conversation with Purism on Friday.

@privacylab @KeaW @mozilla Purism are solid; they're doing things for the right reasons. So I'm not surprised they aren't taking stock surveillance-ridden Firefox by surveillance capitalist Mozilla but customising it to make it private by default. CC @todd

@privacylab @aral @KeaW @mozilla @todd it sounds like the Librem 5 will use Epiphany (GNOME Web) as the browser, as they're shipping GNOME apps and have done work to make it more responsive to smaller display sizes. And the latest development QEMU image I've tried also had it as one of the few apps preinstalled.

@privacylab @aral @KeaW @mozilla @todd it sounds like the Librem 5 will use Epiphany (GNOME Web) as the browser, as they're shipping GNOME apps and have done work to make it more responsive to smaller display sizes. And the latest development QEMU image I've tried also had it as one of the few apps preinstalled.

@cassidyjames @privacylab @aral @KeaW @mozilla @todd hrm... I dunno. I think it's unlikely they move away from a Firefox base because:

a) Ffx has many good privacy addons and it's easy to ship a distro with them pre-installed

b) privacy tweaks for TBB are making their way upstream to Ffx (e.g. canvas fingerprinting blocker)

c) PureBrowser once had Tor in private tabs... borrowing TBB code (or mirroring their implementation choices) might avoid current issues with packaging TBB separately.

@KeaW @diggity @cassidyjames @privacylab @aral
Correct, we have a long(er) term plan of combining the FSF approved benefits of PureBrowser with some upstream changes and add-on to increase privacy to Epiphany (Web), the Librem 5 will be the first step toward that browser consolidation and (longer term) PureBrowser deprecation.

Could you have accomplished the goal you were aiming for using the Firefox-based Tor Browser instead?

@privacylab @aral

@h @aral @privacylab I don't think I had much of a goal. There was a lot of talk about browsers being too bloated, so I was investigating whether I could just remove anything I didn't really need, including things like anything related to DRM.

I actually use a Tor browser most of the time, but it doesn't support WebRTC which is needed for PeerTube.

It's probably not impossible to find (or self-build) Tor Browser builds that have most security and privacy-sensitive settings as usual, with WebRTC built-in. Most likely a subject that has been explored in the Tor Project mail list. Just an idea.

@privacylab @aral

@bob @h @aral @privacylab WebRTC doesn't seem to be strictly needed for PeerTube.

Because I can still use PeerTube, but WebKit's GTK port doesn't support it yet.

@bob @h @aral @privacylab Also I think that if we want to make browsers less bloated, it may get us some of the way to just drop support for various standards like EME and WebAudio that low cohesian with the rest of the browser.

But really to get anywhere with this I think we need to fork a browser engine and play with replacing JavaScript. Servo looks easiest for this.

@alcinnz That would be great. Or better, a system that replaces all bloat functionality with empty stubs and only loads the code when and if it's effectively needed, controlled by a separate application that manages the browser's settings. Having a GUI settings panel/manager included in the browser application is part of the problem too.

@privacylab @aral @bob

@bob @aral @privacylab @alcinnz

At least for now, as a temporary hack meanwhile we keep working on the problem to replace the web as we know it with something better.

@h @bob @aral @privacylab @alcinnz I guess I shouldn't be surprised that this basically became a thread for development suggestions :P

An admin control panel outside of Web browsers that controls whether or not WebRTC etc. is downloaded/installed/turned on is a good idea, but I would worry that it would lead to unnecessary layers of complexity. I could see this turning into yet-another bloated package manager UI quickly.

Imagine nobody ever thought any solutions for the actually existing problems because people always complained that non-bloated solutions that some other people actually know how to design, and it's actually their trade, and what they dedicate their lives to could potentially become a problem.

I think I agree that this sort of discussion always devolve into something else entirely.

@alcinnz @privacylab @aral @bob

@diggity @h @bob @aral @privacylab @alcinnz

I am the less qualiifed person to comment on browser developement

yet I want to chime in

If separation of javascript and of the options panel are things to consider, then I can't avoid thinking of GuixSD

You could have some system services runing webtorrent, DAT, synchthing, GNUnet or whatever that keep a local data storage in synch

and then you could have a options panel app and a browsing app and maybe more apps

all properly packaged

@Shufei This page shows the information that the WebRTC implementation of your browser makes accessible to potential middlemen.

Other than the IP address (which you conceivably need for any p2p system to work) there doesn't seem to be much of serious interest there.
The audio and video device IDs can potentially be problematic in combination of other data and used to track you by unethical websites, but it's otherwise random data to your peers.

@privacylab @aral @bob

@bob @aral @privacylab @Shufei

The problem with Device IDs is explained at the bottom of that page under
"How persistent and trackable are these Device ID's?"

Device ID data could be randomised to make WebRTC more secure without needing to sacrifice its use. In combination with a VPN, that could make WebRTC a little less ill-conceived.

@bob @aral @privacylab As for me I've read more than enough browser code between Servo and WebKit.

I don't know much about Gecko.