bug#52236: PRIVACY: Integrate arkenfox for icecat configuration

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#52236: PRIVACY: Integrate arkenfox for icecat configuration

From:	Maxime Devos
Subject:	bug#52236: PRIVACY: Integrate arkenfox for icecat configuration
Date:	Thu, 02 Dec 2021 15:50:05 +0000
User-agent:	Evolution 3.38.3-1

Jacob Hrbek schreef op do 02-12-2021 om 03:58 [+0000]:
> Arkenfox <https://github.com/arkenfox/user.js> is a community
> maintained user.js file used for browser hardening. 
> 
> Proposing to implement it's configuration in GNU Guix's IceCat
> mainly: [...]

These things might be useful, but wouldn't IceCat's mailing lists be
more appropriate for suggesting different configuration defaults?
(See https://www.gnu.org/software/gnuzilla/ for the mailing lists of
IceCat and other GNUzilla software.)

> Additional configuration should be defined in guix-home with sane
> default [...]

I don't think guix home is necessary for this, wouldn't some kind of
parametrised packages be sufficient? E.g., something like:

(packages->manifest
  ;; This creates a wrapper around ticecat instructing the firefox
  ;; derivative to use the supplied user.js instead of wherever firefox
  ;; normally goes looking for things. (I don't know how to do that,
  ;; but should be possible?)
  (icecat-with-configuration ; (defined in gnu packages gnuzilla)
    #:user.js arkenfox ; defined in (gnu packages gnuzilla)
    #:package the-base-icecat-package)) ; by default icecat, but any
firefox derivative will do 
  emacs other-packages ...)

That could be useful for both "guix shell --manifest=manifest.scm" and
guix home users.

> [...] so that the browser can be a sufficient replacement for Tor
> Browser Bundle.

The Tor project advised against using anything but their Tor Browser,
to avoid fingerprinting. It also advised against customisation, for the
same reasons. I cannot find the web page explaining the details, but
<https://support.torproject.org/tbb/tbb-14/> comes close. Tor makes
modifications to the browser, so simply modifying some settings isn't
sufficient.

Also, from the arkenfox/user.js README:

‘Note that we do not recommend connecting over Tor on Firefox. Use the
Tor Browser if your threat model calls for it, or for accessing hidden
services.’

Greetings,
Maxime.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Jacob Hrbek, 2021/12/02
- bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Maxime Devos <=
  - bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Mark H Weaver, 2021/12/02
  - bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Jacob Hrbek, 2021/12/03
    - bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Liliana Marie Prikler, 2021/12/03
  - bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Maxim Cournoyer, 2021/12/17
- bug#52236: PRIVACY: Integrate arkenfox for icecat configuration, Mark H Weaver, 2021/12/02

Prev by Date: bug#51145: Cuirass should tag the Javascript it uses as free
Next by Date: bug#52044: Various Program Settings not Saving and Icons not Recognized
Previous by thread: bug#52236: PRIVACY: Integrate arkenfox for icecat configuration
Next by thread: bug#52236: PRIVACY: Integrate arkenfox for icecat configuration
Index(es):
- Date
- Thread