Hello.
First of all, thank you for bringing this important project to life. I always dreamed of a sane midpoint between Mullvad and Librewolf browsers that would combine best practices from both approaches.
Librewolf isn’t based on ESR, and Mullvad has no support for cookies allowlist which kills a plenora of use cases by itself.
And as if it were not enough to ask you also implemented offline mode which I always lacked when sandboxing separate browser instance specifically for LAN-only application to access it’s web-gui. Not forcing users into any extensions and automatic network request does also feel very sane for me.
And the improvement over Librewolf that I enjoy most is font spoofing support.
I have a question. I’ve read that you position Konform closer to GNU IceCat than to LibreWolf, which makes me worry: does Konform provide at least the same level of fingerprinting resistance as Librewolf does, if I 1) revert “Allow non-default theme” and 2) re-enable “Enforce OCSP hard-fail” in settings? I would guess ‘yes’ since it’s a fork of it. Right? Or there is more to it under-the-hood? Use case is try to avoid [advanced] deanonymization technics (yes, I’m aware about Tor and I do use it).
I’ll be very grateful to receive your answer.
And my first bug report:
Konforn, unlike Librewolf, fails Cloudflare verification with error code 600010 consistently across different websites login pages. It occurs in clean profile, all settings stock, with no extensions installed. I tried to select even “Just make it work” settings preset on first startup onboarding screen. It does not resolve the issue. In my tests Librewolf and Konforn are on the same device/network/IP address. Yet Librewolf passes the test even with uBlock Origin and other extensions active. Easy way to reproduce would be to go to NexusMods login page and click “Verify you are human” box.
All my reply were a bit mess. My apologies for confusion.
I was referencing your words from another post here. I read it too fastly and memorized this part out-of-context. Nothing bad intended, sorry for the bad phrasing.
“In this sense (and a few others), Konform Browser is closer to IceCat/GNUZilla than it is to Librewolf.”
Now that I re-read whole message together I think I understand what you meant (timely security updates), and it’s a good thing. I just misintrepreted this part on first read.
Thank you for linking that CRLite article. It helped me understand better. I’m not a developer but just a regular user. I wasn’t sure what exactly OCSP is, except for it’s ties to certificates. My impression were based purely on “This increases security …” comment in browser’s settings. The only reason I listed it nearby brower theme override is because those are two things that differ in this regard from Librewolf according to Konform’ readme.
My Tor mention were purely disclaimer in case someone else would feel the urge to comment on that I shouldn’t seek “advanced deanonymization technics” protection from anything other then Tor Browser. I meant that I aware about it’s existence and actively use it whenever I need it. It didn’t imply that I used Konform over Tor during Cloudflare verification fails - no, I used it over just a regular VPN instead, same one VPN that passess those checks in both Librewolf and Mullvad, from the same machine, simultaneously.
My whole blury “I have a question” paragraph should have been written as “Am I right to assume that Konform provides at least same protections as Librewolf does?”. Now I know that answer is “Yes, and much more”, and I’m happy with it.
Please allow me some more time to re-read part of your reply considering Cloudflare so that I can understand it better and give a more appropriate answer. Thanks again for your patience & work.