💾 Archived View for bbs.geminispace.org › s › SmallWeb › 17240 captured on 2024-08-18 at 19:29:40. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-07-09)
-=-=-=-=-=-=-
Hello folks, I am currently using LibreWolf but unfortunately it is still Firefox.
I tested other alternative browsers and the best one I found has been: Surf; however it didn't match all my needs, which are:
Usually lightweight browsers, like Dillo, does not support JavaScript therefore it is very hard to find one…
I look forward for your recommendations 🙏
May 25 · 3 months ago · 👍 norayr, decant
😎 flipperzero · May 25 at 01:17:
you should look into falkon as it's supported across most platforms or source code available
I had hope for webkitfltk/fifth, but the project seems to have died. neosurf from cobaltbsd looks cool, have not tried it. Full feature browser wise, you have ungoogled-chromium and librewolf, so yeah, there is no browser that is both lightweight and full featured.
The web is a wasp nest, and going there with anything less than Torbrowser or at least Librewolf with PrivacyBadger, Ghostery and uBlock is just foolish. Any half-assed, I mean small browser, is completely leaking information left and right. I haven't even addressed being able to deal with all the standards and sites out there.
I think Ladybird fits the bill perfectly:
It’s fully independent, built from the ground up, not relying on WebKit / Gecko / anything, really nimble.
(Tho personally I use Orion)
❄ freezr [OP] · May 25 at 15:15:
Never heard about ladybird, thanks... 🙏
❄ freezr [OP] · May 25 at 15:31:
@stack modern web is garbage that's why we love Gemini, despite its many limitations, many modern websites rely on JavaScript and do not offer html-only alternative. When you disable JS you won't find this crap anymore but then you cannot navigate 90% of the WWW.
JavaScript is now everywhere even on the desktop, GNOME relies on JavaScript too...
Simple browsers like Dillo, NertSurf, etc... have JS disabled and this makes them safe, but also unable to navigate the WWW.
Unfortunately on the WWW JavaScript is required, Surf by Suckless Tools supports JS but to disable ADS or trackers it relies on modifying /etc/hosts which is a very poor implementation.
The situation is critical... 😩
There are many different things to worry about on the web. Obviously executing malicious code, having cookies hijacked, or being faked into giving up passwords... I am more concerned with tracking, fingerprinting, and third parties collecting data.
If you are using a weird browser, you stand out like a sore thumb -- you are completely unique. Never mind blocking cookies or JavaScript, every tracker out there will know exactly who you are.
If you are doing it to save a hundred meg of RAM and just don't care about anything else, sure. If you are doing it to take a moral stand, the joke's on you!
@stack For web browsing i use LibreWolf with the addons you mentioned, but honestly it's a band-aid and still crappy. Qutebrowser not an option now that it uses chromium/qtwebengine. TorBrowser is too slow and unreliable most of the time.
the problem is that we say 'smallweb' but we don't have the html subset defined for it.
so maybe we can do the opposite? call smallweb whatever is possible to open in netsurf? otherwise it's not small web, but big fat complicated web?
When you disable JS you won't find this crap anymore but then you cannot navigate 90% of the WWW.
exactly, those 90% aren't small web.
i guess more than 90, alas.
The only thing I personally miss in gemtext is boldface and tables, and I am constantly wrangling with the fixed-font tables!
❄ freezr [OP] · May 26 at 01:38:
@stack I would like to have a simple browser to open Mastodon, Diaspora, a couple of fora (Devuan, FreeBSD), Phoronix and an Italian newspaper... The fact is 90% of my internet browsing is made through an SBC and the browser is the Achilles' heel...
— omg.pebcak.club/~freezr/gemlog/2023-12-06-stealthbox-with-devuan-and-libre-computer-renegade.gmi
For anything else I would use LibreWolf... 😉
@freezr LibreWolf run through flatpak is not too bad. With Ghostery, UBlock, Privacy Badger, Dark Reader, DNS over HTTPS ...
If you can offload the computing required for adblocking to eg a local PiHole or to NextDNS or an adblocking VPN then you can significantly speed up your browsing experience on the SBC.
☕️ tenno-seremel · May 26 at 09:35:
@freezr I don’t think “simple” is enough for Mastodon. It’s JS‐heavy. You don’t even have a basic HTML version if you don’t have JS enabled (there was in the past, but alas). Your best bet is a dedicated client, IMO.
requiem, thank you for mentioning ladybird. i didn't know about it.
requiem, i made some research and i think ladybird is based on chrome. it's not a completely newly written browser, as i first thought and was a bit inspired by it.
freezr, i hope one day i will write the gemlog, on how to install an oberon system to an arm board, and how to use gemini on it.
techno-seremel, i am quite sure i have saw js free mastodon frontend, but alas, i lost the link, so i cannot link to it. :/
https://gitlab.com/brutaldon/brutaldon
❄ freezr [OP] · May 26 at 13:02:
@gemalaya the problem is the hardware I use to run LW, I would need something lighter...
Hmmm; I looked through the GitHub repo and their blog and I see no use of Chrome. What brought you to that conclusion?
❄ freezr [OP] · May 26 at 14:04:
@requiem I may try this route but my internet comes from Android USB tethering... 🤔
❄ freezr [OP] · May 26 at 14:07:
@tenno-seremel now my main client for the Fediverse is Friendica, and I don't believe it exists any desktop client... 🤷♂️
NextDNS / an adblocking VPN should work; if you set the server or enable the connection on your Android phone and tether that then you are gold.
When I was younger, I went through a phrase where I would seek out every single web browser, configure, run and test them. There is of course, EFF’s coveryourtrack and various tools you can use to look for automatic outbound connections made by the browser.
I think firefox is overall, best platform for umatrix, but for the love of virgin mary, I can’t disable all the automatic outbound connections. So for a while, I firewalled all known Mozilla domains.
Ungoogled-chromium makes no automatic connection at all, but being made by google, it is some what ḥarām in my book.
1/2
Around this time, I test drived probably 90% of all browsers available, I went a bit insane. Then the virus with a crown rolls around, I discovered gemini. I’ve been roaming the geminispace ever since. For http only blogs I like, there is always the stargate.
It is comforting knowing that the gemini philosophy is constructed to be the antithesis of the whole http experiment.
@decant I wrote this for web & rss => gemini
— https://gitlab.com/cipres/levior
requiem, maybe i am wrong, i got the 'chrome' engine impression from this developer video, exactly here:
i looked further, it it looks like ladybird is indeed written from scratch. sorry for confusion.
❄ freezr [OP] · May 27 at 14:47:
I forgot to mention the good old SeaMonkey and its stepbrother PaleMoon...
But I remembered how I failed to compile both for aarch64... 😞
@blah_blah_blah, the worst part of that is that the very important sites such as banks require me to turn off most of my security features! It's a bad joke -- I browse useless internet sites with full armor, but places that need most security and are most vulnerable to attack insist that you use most-insecure settings!
❄ freezr [OP] · May 27 at 21:10:
@stack I would enjoy a desktop app, not electron, to connect to my bank... For instance I hate that to request vacation I have to use my the app on my phone because the website is pure garbage...
The whole situation really sucks... 🤬
@gemalaya I would like to run an instance locally. What kind of fingerprint would this http>gemini coverter leave from the perspective of the web server?
qubeos have this concept of pdf VM where a fresh VM would spin up and parse a pdf and provide output in the form of bitmap. Should the pdf try to exploid the parser, all you get is some scrambled images. I think webpage, with java enabled deserve the same if not more containment.
@decant levior makes web requests using the aiohttp library. You can also define a socks5 proxy, so it's possible to use it with Tor. You can change the HTTP user agent. So in terms of fingerprinting it's quite minimal i'd say.
❄ freezr [OP] · May 28 at 17:06:
I did a quick round with Basilisk aarch64 and it did not get a good outcome. With only a couple of tabs opened it was struggling to scroll a page (in reading mode) up and down...
LibreWolf with a lot of tabs opened or suspended performs way more better... 🤔
🤷
@gemalaya would you try amiunique.org? I am curious as to how unique your requests really are...
@stack Do you mean, requesting https://amiunique.org through levior to run the fingerprint test ? Their test requires Javascript, therefore you'd have to enable levior's JS rendering, which will make browser fingerprinting very easy. Making levior's requests less identifiable is something i plan on improving.
@gemalaya I don't think they require JS or at least they didn't! With JS off, BTW, you are probably unique within a city block or so. The problem is that the smaller your 'fingerprint', the more unique you are! The best strategy is using the same signature as Tor browser, it is fairly unique but all for users share it. And make sure there are no typos or extra spaces -- that would obviously make you very unique..
This is maybe the only situation where obscurity (by looking as every tor user) is as close to anonymity as you can get.
Modern surveillance equipment used by corporations that extract huge profits from extracting, packaging and selling data is very sophisticated. Even when you think you have no footprint, you are leaking information based on timing, pattern of browsing (you don't browse randomly), minor variations in requests, etc.
Don't forget about forward security -- Even when they don't know who you are, they will build an extensive dossier with your history. One day you may slip up and log into gmail, or leak enough info, and years of hiding goes up in smoke.
@stack Tried it without JS and it says:
"Almost! Only browsers out of the observed browsers have exactly the same fingerprint as yours (NaN %)."
@gemalaya You are unique. That is bad.
@stack Almost :) Indeed. Thanks for the insights, i'll work on it.