Puppy Linux Discussion Forum

darksun wrote: ↑Fri Jul 26, 2024 10:32 pm

I would not trade off security for that reason if I were you.
Furthermore, if Librewolf is a privacy focused browser they should ship it with that thing removed, Firefox is open source.

I still recommend mullvad web browser over Librewolf , that is my opinion.

Well I believe Libre v128 has the checkbox for "keeping the data private" or something like that. So I'm running v127 at the moment.

As far as a firefox clone goes, LibreWolf is pretty secure. Using a NoScript extension makes it somewhat analogus to the Tor Browser without the VPN,

I just downloaded a Mulvad appimage and ran it in KLV-spectr, and it doesn't want to run as root. So I may download the deb package and try it in F96. And I may try logging into Spectr as spot and see if the appimage will run. I tried running it from the terminal using 'run-as-spot' but it still complains about running as root.

geo_c wrote: ↑Sat Jul 27, 2024 2:09 am

Well I believe Libre v128 has the checkbox for "keeping the data private" or something like that. So I'm running v127 at the moment.

As far as a firefox clone goes, LibreWolf is pretty secure. Using a NoScript extension makes it somewhat analogus to the Tor Browser without the VPN,

I just downloaded a Mulvad appimage and ran it in KLV-spectr, and it doesn't want to run as root. So I may download the deb package and try it in F96. And I may try logging into Spectr as spot and see if the appimage will run. I tried running it from the terminal using 'run-as-spot' but it still complains about running as root.

Firefox is open source so I wonder why LibreWolf (which is a fork of FF) includes it. Nevertheless running old version of a software that does not includes security updates/fixes is not a good idea, especially if it is a web browser , especially if you care about security.

If you are looking for a web browser that is as close as the TOR Browser , well, look no further than Mullvad browser, they have even partnered to develop it (and yes, of course, it includes the NoScript extention). Your statement let me wonder if you have read or not the Mullvad browser description at all here. Mullvad web browser is basically TOR Browser without using the TOR network.

There is even a FAQ here directly from the TOR browser official website https://support.torproject.org/mullvad-browser/

As far as I know Mullvad does not provide any appimage, so I am not sure where you found it, maybe you meant you downloaded the tarball, the file with the .tar.xz extension. It is normal you got that alert as the script that launches Mullvad browser has a security protection that alerts and prevents you to run it as root , for obvious security reasons; this is another detail that tell you they are serious about security.

To install Mullvad browser follow the instruction https://mullvad.net/en/download/browser/linux within the "Ubuntu/Debian" section , removing "sudo" from the command lines

# Download the Mullvad signing key
curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc

# Add the Mullvad repository server to apt
echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/mullvad.list

# Install the package
apt update
apt install mullvad-browser

then you launch it with

run-as-spot mullvad-browser

you can also set it up as default web browser within your puppy linux with the same command

run-as-spot mullvad-browser

NOTE: please be aware that it might be a slow process at times, in term of connection and download speed, I do not know why.

darksun wrote: ↑Sat Jul 27, 2024 6:03 am

Your statement let me wonder if you have read or not the Mullvad browser description at all....

....As far as I know Mullvad does not provide any appimage, so I am not sure where you found it,
To install Mullvad browser follow the instruction https://mullvad.net/en/download/browser/linux within the "Ubuntu/Debian" section , removing "sudo" from the command lines

Yes, I read it.

Which is why I tried to run it for a quick demo with an appimage found here: https://www.appimagehub.com/p/2089011

Yes the appimage is a few versions behind, but I wanted a quick demo.

I don't have any OS's running built with apt, but a .deb would possibly work in F96_CE4, so I'll try that also.

geo_c wrote: ↑Sat Jul 27, 2024 11:39 am

darksun wrote: ↑Sat Jul 27, 2024 6:03 am

Your statement let me wonder if you have read or not the Mullvad browser description at all....

....As far as I know Mullvad does not provide any appimage, so I am not sure where you found it,
To install Mullvad browser follow the instruction https://mullvad.net/en/download/browser/linux within the "Ubuntu/Debian" section , removing "sudo" from the command lines

Yes, I read it.

Which is why I tried to run it for a quick demo with an appimage found here: https://www.appimagehub.com/p/2089011

Yes the appimage is a few versions behind, but I wanted a quick demo.

I don't have any OS's running built with apt, but a .deb would possibly work in F96_CE4, so I'll try that also.

What about this link?
https://cdn.mullvad.net/browser/13.5.1/ ... 5.1.tar.xz

darksun wrote: ↑Fri Jul 26, 2024 1:10 pm

Trapster wrote: ↑Fri Jul 26, 2024 12:13 pm

I've always used the word "nameserver"
I've never tried the actual server name.

Here are some popular dns servers

https://www.howtogeek.com/874773/the-be ... -browsing/

If you are looking for secure and private DNS providers a good starting point is not what you posted but I would suggest you to start having a look at those

https://www.privacyguides.org/en/dns/

And a positive note! I don't see google listed anymore in connection with DNS.
In Firefox:
178.255.154.59 dns.nextdns.io. ANEXIA Internetdienstleistungs Prague, Czech Republic

In terminal:

You use 4 DNS servers:
66.185.120.242 [United States of America AS42 Woodynet Inc.]
66.185.120.243 [United States of America AS42 Woodynet Inc.]
66.185.120.244 [United States of America AS42 Woodynet Inc.]
2620:171:e8:f0::3 [Czech Republic AS42 Woodynet Inc.]

I used /etc/resolv.conf.head to append to the config file.

/etc/resolv.conf now contains:

# Generated by dhcpcd from eth0.dhcp, eth0.dhcp6, eth0.ra
# Quad9
nameserver 9.9.9.9
nameserver 149.112.112.112
# Quad9
nameserver 2620:fe::fe
nameserver 2620:fe::9

# adguard
nameserver 94.140.14.14
nameserver 94.140.15.15
# adguard
nameserver 2a10:50c0::ad1:ff
nameserver 2a10:50c0::ad2:ff

domain home
nameserver 8.8.8.8
nameserver 1.1.1.1
nameserver 2001:4860:4860::8888
nameserver 2001:4860:4860::8844
# /etc/resolv.conf.tail can replace this line

@geo_c

darksun wrote: ↑Fri Jul 26, 2024 10:32 pm

I would not trade off security for that reason if I were you.
Furthermore, if Librewolf is a privacy focused browser they should ship it with that thing removed, Firefox is open source.

I still recommend mullvad web browser over Librewolf , that is my opinion.

FWIW:

In bare-bones OOTB browsers (Mullvad and LibreWolf), I opened about:config and compared the two with a search for 'google' in the config file.
The result is nearly identical. the only real differences I could see are:
Both line 12 and 13 are locked in LW, but not in Mullvad.
Line 12: browser.safebrowsing.provider.google4.dataSharing.enabled false is grayed out in LW, and cannot be changed. Not locked in Mullvad.
Line 13: browser.safebrowsing.provider.google4.dataSharingURL is blank and grayed out in LW. Not locked or blank in Mullvad.
Mullvad has this in line 13: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POST

Keep in mind that these line numbers are only referring to my search results and not to the config page.

[Mullvad (OOTB) 20 lines, 40 words, 1918 characters]
browser.safebrowsing.provider.google.advisoryName Google Safe Browsing
browser.safebrowsing.provider.google.advisoryURL https://developers.google.com/safe-browsing/v4/advisory
browser.safebrowsing.provider.google.gethashURL
browser.safebrowsing.provider.google.lists goog-badbinurl-shavar,goog-downloadwhite-digest256,goog-phish-shavar,googpub-phish-shavar,goog-malware-shavar,goog-unwanted-shavar
browser.safebrowsing.provider.google.pver 2.2
browser.safebrowsing.provider.google.reportMalwareMistakeURL https://%LOCALE%.malware-error.mozilla.com/?url=
browser.safebrowsing.provider.google.reportPhishMistakeURL https://%LOCALE%.phish-error.mozilla.com/?url=
browser.safebrowsing.provider.google.reportURL https://safebrowsing.google.com/safebrowsing/diagnostic?site=
browser.safebrowsing.provider.google.updateURL
browser.safebrowsing.provider.google4.advisoryName Google Safe Browsing
browser.safebrowsing.provider.google4.advisoryURL https://developers.google.com/safe-browsing/v4/advisory
browser.safebrowsing.provider.google4.dataSharing.enabled false
browser.safebrowsing.provider.google4.dataSharingURL https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POST
browser.safebrowsing.provider.google4.gethashURL
browser.safebrowsing.provider.google4.lists goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto,goog-harmful-proto,goog-passwordwhite-proto
browser.safebrowsing.provider.google4.pver 4
browser.safebrowsing.provider.google4.reportMalwareMistakeURL https://%LOCALE%.malware-error.mozilla.com/?url=
browser.safebrowsing.provider.google4.reportPhishMistakeURL https://%LOCALE%.phish-error.mozilla.com/?url=
browser.safebrowsing.provider.google4.reportURL https://safebrowsing.google.com/safebrowsing/diagnostic?site=
browser.safebrowsing.provider.google4.updateURL

[LibreWolf (OOTB) 20 lines, 39 words, 1791 characters]
browser.safebrowsing.provider.google.advisoryName Google Safe Browsing
browser.safebrowsing.provider.google.advisoryURL https://developers.google.com/safe-browsing/v4/advisory
browser.safebrowsing.provider.google.gethashURL
browser.safebrowsing.provider.google.lists goog-badbinurl-shavar,goog-downloadwhite-digest256,goog-phish-shavar,googpub-phish-shavar,goog-malware-shavar,goog-unwanted-shavar
browser.safebrowsing.provider.google.pver 2.2
browser.safebrowsing.provider.google.reportMalwareMistakeURL https://%LOCALE%.malware-error.mozilla.com/?url=
browser.safebrowsing.provider.google.reportPhishMistakeURL https://%LOCALE%.phish-error.mozilla.com/?url=
browser.safebrowsing.provider.google.reportURL https://safebrowsing.google.com/safebrowsing/diagnostic?site=
browser.safebrowsing.provider.google.updateURL
browser.safebrowsing.provider.google4.advisoryName Google Safe Browsing
browser.safebrowsing.provider.google4.advisoryURL https://developers.google.com/safe-browsing/v4/advisory
browser.safebrowsing.provider.google4.dataSharing.enabled false
browser.safebrowsing.provider.google4.dataSharingURL
browser.safebrowsing.provider.google4.gethashURL	
browser.safebrowsing.provider.google4.lists goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto,goog-harmful-proto,goog-passwordwhite-proto
browser.safebrowsing.provider.google4.pver 4
browser.safebrowsing.provider.google4.reportMalwareMistakeURL https://%LOCALE%.malware-error.mozilla.com/?url=
browser.safebrowsing.provider.google4.reportPhishMistakeURL https://%LOCALE%.phish-error.mozilla.com/?url=
browser.safebrowsing.provider.google4.reportURL https://safebrowsing.google.com/safebrowsing/diagnostic?site=
browser.safebrowsing.provider.google4.updateURL