by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
Christian Hofmann
@ohfp_gitlab

@dylangerdaly atm, I'm only signing the packages going into https://privacyshark.zero-credibility.net/.
Since everything is built on various runners, it's unfortunately only semi-possible to show things remain untampered; although we could at least calculate and show the checksums of the artifacts after the build, so people can verify they at least got what was build with a specific pipeline/job. those resulting packages could, of course, then be signed again.

@shreyasminocha signing commits would certainly make a lot of sense as well indeed!

Shreyas Minocha
@shreyasminocha
til that we add packages to https://privacyshark.zero-credibility.net :o
Christian Hofmann
@ohfp_gitlab
heh, it's mostly an aarch64-focused repo (I have a Pinebook Pro and wanted to have some things on it, and at some point someone from "the" community there suggested I might as well provide the binaries as well), originally only set up to provide ungoogled-chromium ('caidao') and LibreWolf :)
Shreyas Minocha
@shreyasminocha
nice
Christian Hofmann
@ohfp_gitlab
https://gitlab.com/ohfp/pinebookpro-things <-- if you feel like staring at the other PKGBUILDs :D
Christian Hofmann
@ohfp_gitlab
Interesting: it might be possible to provide reproducible builds at some point: https://glandium.org/blog/?p=3923
(that article focuses on the official Mozilla builds, but it implies that it might be doable for LibreWolf builds as well)
Dylanger Daly
@dylangerdaly

@ohfp_gitlab

I have a Pinebook Pro

Do they give you access to EL3_SCR?

Christian Hofmann
@ohfp_gitlab
Honestly: no idea. I'm still trying to find some time to actually dig ino ARM boot processes, ATF etc.
There's an rk3399 in there, so may that might be a starting point for research.
Dylanger Daly
@dylangerdaly
There should be a boot stub in there
I assume it's dropping you into EL2
Then the kernel sets up KVM, drops to EL1
and continues
Dylanger Daly
@dylangerdaly

I don't think we sign releases, but we most definitely should

How can we start this process?

Dylanger Daly
@dylangerdaly
Hey guys, what about Firefox's Mobile Browser? Firefox Preview, or I think it's called Fennix or something, is this something that can be hardened?
Christian Hofmann
@ohfp_gitlab
@dylangerdaly: I've just opened an issue to discuss signing procedures.
About Firefox on mobile devices: That is a very tough thing to answer. Right now I'd say it would be somewhat out of scope anyway, but it also seems to be the case that (on Android at least) Firefox lags behind Chromium a bit with regards to security and sandboxing, so although it might be nice to use from a plugin / de-googling perspective, I'm not sure I could recommend its usage without digging much further into it all (as in: my knowledge about this is waaay to limited). For now, an alternative (on mobile devices) would probably be https://github.com/GrapheneOS/Vanadium (GrapheneOS is the actual continuation of CopperheadOS (with the latter being continued by a less then honest and less capable person) and the AndroidHardening project by Daniel Micay – but that is a whole other can of worms to open, so I'll just keep it at that:) or https://github.com/bromite/bromite.
Shreyas Minocha
@shreyasminocha
Do you want to make a record of our signing keys on the website or elsewhere? @ohfp_gitlab
Shreyas Minocha
@shreyasminocha
I think a page on the website, with a link from the repo's readme perhaps, should suffice
Christian Hofmann
@ohfp_gitlab
Yeah, sounds good to me :)
Luca De Falco
@deffo89_gitlab
Im having a tough time figuring out how to install the browser
Anyone have any tips on that?
I use kubuntu 19.10 currently
I downloaded the tar.xz file
Luca De Falco
@deffo89_gitlab
I figured it out, now when i start the app this is the output
XPCOMGlueLoad error for file /usr/lib/librewolf/libxul.so:
/lib/x86_64-linux-gnu/libnss3.so: version `NSS_3.47' not found (required by /usr/lib/librewolf/libxul.so)
Couldn't load XPCOM.
Christian Hofmann
@ohfp_gitlab
At the moment, the pkg.tar.xz is provided as a release intended for Arch Linux. On other distros, with the current releases, the AppImage or Flatpak release would probably be your best choice. The AppImage release would probably be the easiest to run, if you don't have any experience with Flatpaks – just download it and run it (might need to chmod +x it).
(the Arch release is built with --with-system-nss, which is probably why it doesn't work on your system)
Luca De Falco
@deffo89_gitlab
thank you Christian, I will try
Luca De Falco
@deffo89_gitlab

It's ok with AppImage but it runs like a portable app, I tried to install the flatpack release but the install command ouput me this:
luca@luca-ubuntu:~/Scaricati$ flatpak install LibreWolf-75.0-1.x86_64.flatpak

Note that the directories

'/var/lib/flatpak/exports/share'
'/home/luca/.local/share/flatpak/exports/share'

are not in the search path set by the XDG_DATA_DIRS environment variable, so
applications installed by Flatpak may not appear on your desktop until the
session is restarted.

error: The application io.gitlab.LibreWolf/x86_64/master requires the runtime org.gnome.Platform/x86_64/3.36 which was not found
Is gnome required? Im on KDE Plasma

Christian Hofmann
@ohfp_gitlab
not a full gnome, just the runtime for the flatpak (don't worry: this won't mean that a whole gnome needs to be installed).
it's strange, though, that it did not get automatically pulled in by flatpak install – I'll need to investigate this at some point.
you might get it working by installing the flatpak-gnome-runtime manually; should be possible via flatpak --user remote-add --from flathub https://flathub.org/repo/flathub.flatpakrepoand flatpak --user install flathub org.gnome.Platform//3.36 (or without the --user option for both commands if you want to install things system wide).
Sorry for your troubles, by the way – and thanks for providing feedback! I hope we'll get this all a bit smoother in the future :)
Luca De Falco
@deffo89_gitlab
thank you it worked very well. Another question, is possible to restore the browser session after the close?
Now I run librewolf with "flatpak run io.gitlab.LibreWolf". I created a desktop shortcut and worked well, the only "problem" I found is when I reopen the software and it keeps all the tabs closed. I cheked to restore from the previous session but seems useless. Do you have a solution? (sry for my bad english) and thanks again for your help
Christian Hofmann
@ohfp_gitlab

Good to hear :)

Hm, that should work; there are probably two reasons why this might still happen: it's either an issue with the Flatpak (although if it stores configuration changes you made, that would indicate that access to your local storage / home directory works – it worked for me at least when I tried it), or it might be caused by the somewhat restrictive default settings LibreWolf is shipped with (intentionally). If you feel like it, you can see if some of the other settings with regards to history and session management might be the issue – but I'll try to check it myself as well and get back to you :)

Christian Hofmann
@ohfp_gitlab
Ah, yes: it seems like "Remember browsing and download history" needs to remain enabled for session restoring to work (and automatic history deletion on close needs to disabled).
(should you want to keep the history disabled while still having sessions saved, you might have to resort to using an additional extension like Session Boss or something like it)
Dylanger Daly
@dylangerdaly
Has Librewolf changed how Remote Settings works at all?
It's how Mozilla push out blacklisted plugins
CRLs
It updates their little URL detection malware thing as well
Christian Hofmann
@ohfp_gitlab
@shreyasminocha just btw: thanks for all the work you are doing atm! I was somewhat swamped the past few days, but I'm positive I'll get back to working on improving LibreWolf again very soon as well :)
Shreyas Minocha
@shreyasminocha
oh thanks. and no worries :D
i'm on vacation so i'm fairly unoccupied lol
sillyrat
@sillyrat
Hey, has there been any discussion within the LibreWolf community of the "megabar" controversy? There appears to be a significant overlap between the folks who dislike telemetry/pocket/etc. and those who find the unwanted behaviors of the new megabar (and Mozilla's unrelenting insistence on removing all ways to disable them) to be completely infuriating. People are looking for somewhere to go to escape this "improvement" without having to use a browser that relies on older technology that may not be secure and/or doesn't always work reliably (Pale Moon, Basilisk). I'm betting that you'd quickly attract additional developers to your project if you were to take on reining-in the megabar's excesses as one of LibreWolf's features.
Shreyas Minocha
@shreyasminocha
@sillyrat oh thanks for sharing this
certainly worth working on
i personally hadn't heard of this, but I've created librewolf-community/settings#23 to track progress
Christian Hofmann
@ohfp_gitlab
Can you share a bit more about the controversy about it? (besides the annoying pop-up-enlargement effect – but that one, at least, can seemingly still be disabled by setting browser.urlbar.update1 to false)
Shreyas Minocha
@shreyasminocha
apparently they plan on removing that setting soon
Christian Hofmann
@ohfp_gitlab

Sounds like it, yeah. Unless that's "all" about those issues, it might be relatively simple to disable even further down the road when building from source (ie. modifying the included css-files which define the styles for it) – but if there's "more to it" (does it include any new, problematic behaviour, eg. sending your typing somewhere), it might get more complicated ^^

I'll look into it ^^

Shreyas Minocha
@shreyasminocha
sending your typing somewhere
it gives something they call "rich results"