Picking a web browser

=Disclaimer: Blog post=
You've been warned.
I can't properly ask a question without explaining the whole backstory. That's my form of autism, I guess.

Okay, Holla Forums, lately, after reinstalling my OS, I've been struck by a very hard decision: What web browser should I use?
My conclusion is that all browsers in $CURRENT_YEAR suck, but that's nothing new. I just need to pick one if I want to keep browsing the net.

I've been using qutebrowser for way too long (maybe a few months, but that's long enough to not to want to let it go). It's very insecure, being based on a deprecated version of WebKit, and barely has any protection against any form of tracking, besides a shitty hosts-based adblock. It is very comfy however, and I'd be sad to lose it. It is being ported to Blink, but right now it's unfinished and works like shit, and I seriously distrust google with this shit.

Pretty much all other browsers I've tried are not as comfy. So, the only reasonable thing to go after, if it's not comfyness, is maximum privacy. For this I'd either pick Firefox or Palemoon. Now, I like Palemoon better than Firefox, and it's 26 releases were great. PM 27 has broken a lot of shit so it's hard to work with it, but I'm pretty sure the same can be achieved in either browser. Firefox takes security issues more seriously (being a company and all), but I don't trust them with the future of Firefox.

Now, I need to pick one. And I've been musing about it all week, even going as far as trying to install an unofficial, more up-to-date QtWebKit version, which sadly broke the PyQt build.
I need to find the balance between maximum comfy and maximum privacy.

For maximum comfy, I want:
* Minimal, does what it's supposed to, preferably scriptable in a non-shit language (a.k.a. not javascript)
* Vim-style keybinds
* Being able to completely ignore tabs and use my window manager for that, bonus points for setting the title icon properly.

For maximum privacy, I want:
* Proper ad, script, and resources in general blocker, like uBlock, NoScript, uMatrix, etc.
* Something like HTTPS-everywhere
* Something like self-destructing cookies.
* Advanced privacy settings, so I can browse the net as anonymously as possible, in general.
* The engine is kept up to date and security issues are fixed regularly.

Tor is cool, but I just want to be able to browse the web without extreme lag. My connection is already slow.

Now, the questions I'm asking are:
What browser do you use? What's comfy about it? What do you use to maximize your privacy (any user scripts, plugins, about:config)?
Do you have any recommendations as to what I could pick, with a healthy balance between comfyness and privacy?

Other urls found in this thread:

|https://|'
forum.palemoon.org/viewtopic.php?p=100768
github.com/henrypp/chrlauncher/
twitter.com/SFWRedditVideos

The browser you want doesn't exist, the closest one is Palemoon. It doesn't have vim hotkeys and if you want your windows manager to manage your tabs, you'd probably have to open a new window for every website.

I'm in a similar situation, although I'm still comfortable with qutebrowser.

My replacement for HTTPS Everywhere is a keybinding to switch a site to HTTPS. Not as nice as an extension to do it automatically, but it makes it much more bearable. I have this script in ~/.local/share/qutebrowser/userscripts/, as a script called "urlsed":
#!/bin/shurl="$(printf '%s\n' "$QUTE_URL" | sed "$@")"printf 'open %s\n' "$url" > "$QUTE_FIFO"
And I have ,h bound to
spawn -u urlsed 's|^|https://|'
I used the same script for a keybinding for toggling mod.php on and off:
spawn -u urlsed -e 's|://sys.8ch.net/mod.php?|://8ch.not|' -e 's|://8ch.net|://sys.8ch.net/mod.php?|' -e 's|://8ch.not|://8ch.net|'

That's what I suspected. If I decide to settle on palemoon because autism, I will miss the comfy features of qutebrowser greatly. Is there something like decentraleyes for palemoon? It looks really interesting.


That's really neat, but it doesn't force https on the resource urls inside that page (such as scripts, images, etc), since most pages fetch that kind of stuff from CDNs nowadays, making it mostly useless.

Pick a Firefox fork you nigger and you can hit all those points. Shit, even with all the addons that are predicted to stop working when the switch to WebExtensions is complete you'll still be able to get all that.

Does anyone know what's going to happen to support for old addons after Firefox shoves WebExtensions down everyone's throats? Will developers keep supporting the old versions for forks of Firefox that didn't go to WebExtensions or will it just be the end of the line?

OP maybe you should try the w3m interface with Emacs:
* I don't think you can get more minimal than a text browser (besides edbrowse)
* evil-mode is vim inside emacs (or you can try spacemacs)
* Opening a new tab means opening a new buffer, and emacs has its own window manager (and it can even become a proper one using EXWM)

Unfortunately there is not a fine-grained control over requests like with uMatrix, so you can't really control what comes and goes from your browser, but you can force https and other things through some simple Elisp


Useful extensions with plenty of users will either switch to WebExtensions or, if that's not possible, migrate to Pale Moon, taking their users with them

Nope, I'd be lacking two major points in the "maximum comfy" area, and even vim-style keybinds are nonexistent in Palemoon as of version 27 (pentadactyl broke).
What other fork do you recommend, GNU Icecat? That actually doesn't sound so bad, at least for the privacy points. They will go with whatever Mozilla throws at them however.

Well, the old extensions will most likely die, as has happened with XUL. The Pale Moon developer has announced he will keep supporting them, however: forum.palemoon.org/viewtopic.php?p=100768


I've been wanting to dip my toes in Spacemacs, but it's got all the disadvantages of Qutebrowser, as well as a steep learning curve (I have never touched anything emacs or lisp) and a shitty engine.

Mozilla and scraping all the old add-ons in January.

qutebrowser master with qt-5.7 works with qtwebengine (blink) currently. One of the only things that doesn't work that I would use is PDF.js, which is insecure shit anyway.

I've been using qutebrowser for the past half a year now, and while I'm not contributing, I've ported all of its dependencies to musl successfully on Gentoo, so I suppose I've one-upped you in the autism realm.

Well, it's just autism in a different area, I guess.
I wasn't aware qutebrowser master worked fine with webengine, I only tried stable 0.8.4 iirc.
Is there a way to disable things like WebRTC, safe browsing, and link prefetching with webengine? Or is that just a chromium-specific thing? I could try patching it with ungoogled-chromium, but I'd rather just configure it, if possible.
Mostly all the bullshit surrounding chrom* is what is keeping me away from just using webengine.

I did some testing with strace.

WebEngine doesn't make any network connections when only about:blank is opened.

When opening example.org it only makes a DNS request and a request to example.org's IP address.

It seems safe.

WebEngine support is very new, so you definitely need to run on master for it.

What about Vivaldi? It's a de-googled Chromium with a bunch of nice features from the old devs of Opera.

Woah, okay, I wasn't aware that was possible with strace. I really hope that those features aren't enabled in webengine, because the source for them is there (they have a literal entire branch of chromium in the qtwebengine source, CODE_OF_CONDUCT.md and all). Are you sure it doesn't do any kind of prefetching from iana.org (the only link available in example.org)?
If that's true, I will probably go for qutebrowser, and try to script my way around cookies and https-everywhere and such. It'll be fun.
My only gripe with qtwebengine then is that contributing to blink is hard if not impossible, but that's not something I'm too bothered about, personally. Contributing to huge projects is a PITA regardless.


Literal botnet. For maximum privacy that's a no-go.
Also,
Sorry for shitting all over your favorite browser, I just dislike it and it's community with a passion

I'm new to strace, and I might have done it wrong the first time. It looks like Webengine actually did send requests to iana.org, but I also see it in the logs when I run it with the Webkit backend.

I'm going to look into less confusing options for checking which connections a process makes.

Enjoy.

I'd look at something like wireshark if you know how it works, or zed attack proxy, provided webengine honors the proxy settings.

All browsers, every single one, are shit. The least shit one, which is still fucking awful, is Foxfire. We will never go back to the late 90's/early 2000's when Foxfire was the best browser, no question about it. Unfortunately, we will never go back to a time when the internet itself wasn't shit, full of normalfaggots.

hooray for web 2.0, guys : )

The problem with Wireshark is that it captures everything happening on my system, which is a lot besides that particular qutebrowser instance. I might try it later tonight after shutting down all other programs, before shutting down my computer.

so so sad
One would think that given the fact that they all are absolute shit, someone would go and make a good one, right? proves that the thesis is wrong.
It is said that making a web browser is even harder than making an OS (I don't know to what extent this is valid, but it makes a point). And as you said, we will not go back to the pre-normie web.
The web is dying anyway. And also the whole field. The web is full of javascript, ads, and google tracking shit.
Software is dominated by microsoft, apple, and now systemd. An OS, just like a browser, can only hope to survive if it implements a bloatload of FEATUREZ for hipsters and tech-illiterate selfieposters. If that wasn't bad enough, the rest of software development is filled with dudebros, enterprise buzzwords like "TEH CLOUD", hipster-level languages, and worst of all, SJWs every-fucking-where.
So sad.

Links 2.14 was released a few times ago. Still a good browser.

github.com/henrypp/chrlauncher/
use dev-codecs-nosync or stable-codecs-nosync

I can link you that faq here on Holla Forums about chromium, but I think we all know by now it's got a bunch of seriously privacy-invading features. Also, that launcher is for windows.

What does this mean when they say Firefox has "real ad blocking addons"? Don't those exist for Chrome/Chromium as well? Also, why is "fast" listed as a con for Chromium?

That image is mostly bait, so it should be taken with a boulder of salt. There is probably no reason "fast" is listed as a con. It's listed as a pro as well. It's up to you to decide what you think it is. "Real and blocking addons" probably refers to the fact that firefox addons have the freedom to modify pretty much anything in the browser, such as most of the UI, while chrom* addons are more limited.

As already said, the closed to what you want and most balanced one is Palemoon without a question. But it's not as you say "comfy", although it cover everything you mentioned in privacy section (all of this works on v27): uBlock Origin, Encrypted Web, Crush Those Cookies. And you can just edit about:config for extra privacy, pic related. The only thing v27 broken for me was CleanLinks add-on but i can live without that. Another reason i went with Palemoon is that it work well with both Linux and Windows, i use that encrypted sync a lot and would be lost without it.

uBlock Origin is already ported to WebExtensions

Don't be a retard and use Firefox. Literally the only reason not to use it is if you're a fucking retard that spews buzzwords like "SJW" whenever a company decides not to act like a Holla Forumsfaggot.

What if the reason I don't use it is just that I prefer another browser?

[citation needed]

Use Pale Moon and ignore this SJW faggot.

it's dying in the hands of pajeet kumar and all the selfieposters, buried under pounds of javascript frameworks and libraries

the fuck does that even mean???? browsers have had a "delete cookies on exit" feature for decades
so... you want privacy but you wont do anything to obtain it other than install meme plugins? how do you even expect to have any privacy if all your traffic comes from a single IP address that only you and maybe 2 or 3 other people use? tor has been usable for general browsing for almost a decade now - unless you're browsing some bullshit marketing website that has to make 30 round trips sequentially before displaying a paragraph of text. as for bandwidth, I get around my max bandwidth - 2MB/s over tor. If you even used tor at all before, you'd know the real problem is websites behind cuckflare which make you fill out a captcha to view them - but most of those sites are garbage anyway.


wow kill yourself faggot. I don't even visit pol and I find the social justice themed PR bullshit Mozilla does laughable. Firefox is a slow buggy piece of shit. Palemoon seems a lot faster but it's gotten slower in recent updates.

to further explain why you are a faggot, nobody who knows a single thing or two would continue to have any confidence in open source software once the company behind it starts acting like a corporation (e.g doing massive PR bullshit). yes there is no alternative, but firefox is still complete shit. I just use palemoon for now because it seems slightly less shit than the other alternatives

I don't think firefox does. In any case, yeah, I meant "delete cookies on exit".
By that standard, you could call Tor a meme as well.
Look, I know it does a lot to anonimyze you, but I seriously think it's overkill to use for day-to-day browsing.
What I think helps a lot in avoiding tracking is: Blocking analytics services and other such sites, controlling what 3rd party sites you load things from, to not to spread your HTTP headers and cookies further than required, remove cookies which can be used to track you, enforce https, disable browser features that query 3rd party servers.
If all they have is your IP, and no referrer or other headers that might identify you, they only know you have an IP, how often you visit, and what you do on their site. They can't track your habits across sites, preferences or identify you in other ways than what you ask for on their site. This should, IMO, have been the status quo right now. It's not perfect, but it's about as much anonymity as you have when you walk in a grocery store and pay in cash.

Lynx automatically deletes cookies on exit. You have to manually copy the cookies you want to save into a persistent cookie file.

OP here.
I've looked into qutebrowser's qtwebengine more carefully, and it seems like no requests are being made for things like safebrowsing, so that's a relief.
I just came accross dwb, and just looking through the feature list it looks like exactly what I need. Most of the privacy features (selective cookie cleaning, proper ad blocking, selective javascript blocking) exist by default, and it looks like it has extensions, though I'm not sure yet in what language they're written. It doesn't look like it's being actively maintained anymore, however.
Does anyone have any experience with dwb? How is it?

I'm currently leaning towards Pale Moon. Rip comfy, but I want to try making my browser as non-fingerprintable as possible. Doing so with qutebrowser would be hellish, especially since, even though it's very stable, it still lacks a lot of things.

qutebrowser is a dwb clone. dwb is (practically) unmaintained, segfaults a lot, and has a webkit that's at least as dangerous as qutebrowser's. I recently tried to run it to study its behavior for a contribution to qutebrowser, but I had trouble compiling it and it segfaults immediately whenever I try running it in a Wheezy container.

I used to use dwb, and I liked it, but it's not a good option any more. dwb is going to keep getting worse and qutebrowser is going to keep getting better.

It's still worth taking a look, but you have been warned.

There was a shitstorm of ad blockers for chrome that turned out to not actually block ads after requests from said ad companies to not do so. So ad companies paid ad blockers money to not block ads.
In the drama that ensued, Firefox was the only browser to have alternatives to ABP while Chrome only had ABP for a long time.

Chrome/Chromium is fast, which makes every other browser slow. If you use chrome you might enjoy it's speed so much that you switch to it, which makes every other browser slow in comparison.

I work with websites daily and I'm surprised by how fast Chromium can get pages done compared to Waterfox, a x64 client fork of Firefox that is slow as shit.

In the coming years, I might have to jump ship from Firefox after they constantly shoot themselves in the foot and try to be SJW hip friendly.

Servo is pretty good though. If failfox devs decide to switch engines then it might actually be good again. I'm guessing the change in plugins support in failfox might have something to do with the coming migration.

I would almost say what you want is Conkeror, but it's influenced more by Emacs and not Vim.

Source? They delay things a lot.

I'm surprised whoever made that image covered all the new challengers but managed to include some very irrelevant ones in the Honorable Mentions section.

Chrome/Chromium has shitty extensions in part because it's for normies so everything is style over substance. The other reason is the browser's designed so they can't hook into it as deeply as with Firefox, hence gorhill needed to make a companion Websocket extension for uBO.

Okay, thanks for all your help.
After musing about it for a few days, I've decided to settle upon Pale Moon.
This is because while I value having a comfy browser, web pages just aren't made for browsing with the keyboard, and I end up almost exclusively using the mouse anyway. I can live with that, and it doesn't bother me as much, after using pale moon again for a day.

Btw, Is there a way to block canvas fingerprinting in Pale Moon?

shit b8

Get onboard with the WOWser.

what's in store for us in the year 2019? Mandatory Red Hat themed IoT anal plugs that report statistics to them?

Thoughts on Cyberfox? I switched from Firefox recently and I'm liking it a bit better (basically is the same browser but less buggy and slow, I find).

Have you tried starting from a blank Firefox profile?

Yep. I still find it slower than Cyberfox (and I've only been using this with all of my Firefox stuff [add-ons, bookmarks, etc.] carried over) even when blank. I also have a problem with Holla Forums on Firefox (even with a blank profile) where upon opening this site it will cause the browser to freeze up - I rarely get this on Cyberfox even with the add-ons installed though (at least so far).

Somebody explain this shit.