💾 Archived View for gemini.circumlunar.space › users › laur%C3%AB › browser › waterfox.gmi captured on 2024-08-18 at 18:12:23. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-12-28)
-=-=-=-=-=-=-
UPDATE July 2023: retested. First of all, Waterfox's site is now behind Cloudflare. Even then, the download links are still on Github, so at least you can download this browser without dealing with the great MitM. Or so it would seem, but Github is doesn't work properly in Pale Moon, so you're limited to the download of the beta version (which doesn't even run on my machine). I had to use a third party AppImage to test this; a total incompetence on the devs' part. The downloads should be hosted locally and Cloudflare should be ditched! But okay, I've grabbed the AppImage. What happens next?
Last time I used Waterfox, it made 100+ requests at launch. You'd think that after 4 (?) years the devs would have learned something, since they use privacy as a selling point:
What you do within your browser stays with you. We don't need to know. Telemetry is disabled within the browser - and only limited data collection is used to keep your browser up to date and secure.
And yet - at launch - Waterfox has immediately connected to:
Then - when I thought it's all over - Waterfox started making hundreds of requests to https://firefox-settings-attachments.cdn.mozilla.net/security-state-staging/intermediates/[randomstring.pem]. When it reached 700 I knew it's going to go on forever (and crash my mitmproxy eventually), so I had to shut the browser down. It seems that disabling OCSP kills the requests, so I was able to resume testing after relaunching. How does this kind of crap get past the testing phase, if this browser even had one?
Bing is the default search engine, which is quite the embarassment for a browser advertising privacy. And they even submit every typed letter to it separately for suggestions, by default...ugh. This doesn't seem like a privacy-based browser. Hey, I even disabled everything I found suspicious in the Settings menu, and yet, Waterfox keeps connecting to crap. Yeah, I could probably kill that in the dumpster known as about:config, but your mom won't be able to. And if a browser markets itself as privacy-based, it needs to be such for everyone - not only tech enthusiasts. To me, Waterfox isn't even a little bit privacy based, unless just being an improvement over Firefox is enough to qualify for that category. Its Sync functionality even parasites on Mozilla's service, which is quite pathetic and of course will share your data with them, again. Remember how they claimed only "limited data collection" is done? Well, they can't control that since they depend on Mozilla for so much functionality. They do not even have their own Addons store, so they have to hope that their overlords Google and Mozilla won't eventually just start deleting undesirable addons.
I really do not see the point to this browser. All it does is change a few settings of Firefox to become slightly less violating. But it can't even disassociate itself from Mozilla, what with being integrated with Firefox Accounts, using Mozilla for location, push, codec downloads, etc. And all that means massive amounts of data collection that Moz is famous for. Hey, you have a few more options in the Settings menu...you can put your tabs at the bottom. Who really cares, there are surely extensions for this. You can auto-hide the bookmarks bar and the back / forward buttons, which appear to be the only useful new options. Waterfox even uses up more RAM than FF itself, clocking at 300mb. Never knew what's the big deal about this browser, and I still don't all these years later. They seem to have done nothing but to include a few more cosmetic options in the UI, most of which (like the Square ones), are barely noticable; and more spyware compared to the 16 requests that a tester reported to me a few years back. Ignore the shilling and avoid.