Re: [Trisquel-devel] Abrowser 136 soon available for testing
Luis Guzman writes: > This release has one key change: DNS over HTTPS (DoH) is now disabled > by default starting with version 136. > > This decision is based on the recent Terms of Service (ToS) update by > Mozilla. I'm not a lawyer, but AFAIK, Abrowser is not subject to those > terms, since it is rebranded and recompiled entirely from source, I > believe it’s safer to disable Mozilla-hosted services by default, > including DoH, so there is no future requirement to Abrowser users to > accept some TOS. > > That said, there's a trade-off: while DoH can improve security by > encrypting DNS queries, it may also introduce privacy concerns, as the > DoH provider (often a centralized service) can log and track DNS > requests. > > Users must decide whether they prefer to trust a centralized encrypted > resolver, or continue using their ISP's DNS (typically > unencrypted). Each choice has some level of privacy and security > implications. However, the use of DoH falls outside the scope of > Abrowser or Trisquel support umbrella, so users should made an > informed choice of what's best for them. I think there are three ways approaches to DoH: 1) Disable it. 2) Opportunistically enable DoH when a local resolver supports it. 3) Always enable it and use a centralized service at Mozilla. I agree 3) seems like a bad default for Abrowser. But 2) seems better than 1) to me. Does Firefox support anything like that, or are we out of luck trying to get that to work? /Simon signature.asc Description: PGP signature ___ Trisquel-devel mailing list [email protected] https://listas.trisquel.info/mailman/listinfo/trisquel-devel
Re: [Trisquel-devel] Abrowser 136 soon available for testing
By the way, abrowser 136.0.4 is asking to save passwords, which I thought was disabled by default in a previous release. This is a new abrowser profile on Trisquel mini install iso I am testing from. -- Eric ___ Trisquel-devel mailing list [email protected] https://listas.trisquel.info/mailman/listinfo/trisquel-devel
Re: [Trisquel-devel] Abrowser 136 soon available for testing
En 03/04/25 22:05, Eric escribió: By the way, abrowser 136.0.4 is asking to save passwords, which I thought was disabled by default in a previous release. This is a new abrowser profile on Trisquel mini install iso I am testing from. No it was not, there where users complaining that it should stay, so it stayed the same. -- Eric -- Luis A. Guzmán G. http://ark.switnet.org Capitulo Mexicano de Software Libre - https://cmxsl.org Por tu propio bien, y en solidaridad a todos, elige la libertad. ¡Sé Libre! - https://fsfla.org/selibre/ OpenPGP_0x35AD8DB3BE2C988C.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature ___ Trisquel-devel mailing list [email protected] https://listas.trisquel.info/mailman/listinfo/trisquel-devel
Re: [Trisquel-devel] Abrowser 136 soon available for testing
And the first option, is to use of course the Mozilla DoH one. Would it be better to note to the user this instead of calling it the secure DNS option? Why not have HTTPS-Only Mode enabled by default? Is the Software Protection a Mozilla service too? -- Eric ___ Trisquel-devel mailing list [email protected] https://listas.trisquel.info/mailman/listinfo/trisquel-devel
Re: [Trisquel-devel] Abrowser 136 soon available for testing
En 01/04/25 11:08, David Lecompte escribió: "Abrowser decides when to use secured DNS to protect your privacy This is exactly what it means, that it will decide "when" will it use it, but by default it will make all the queries to determine that. - use secure DNS in regions where it is available - user your default DNS server if there is a problem with the secure DNS provider - user a local provider if possible - deactivate when using VPN, parental control or enterprise strategies - deactivate when a network tells abrowser not to use secure DNS" The next default to to be deactivated, so you set it up as you require. I see above that: "state: deactivated". Does that mean that this "secure DNS" is Mozilla and no other, and that it is not working for me now which is why it is currently not used? I don't recall ever seeing something else than "deactivated" there, but I didn't look at it so Yeah, the top status is more like a current connection basis thing, but the default behavior is what is selected below that. And the first option, is to use of course the Mozilla DoH one. Regards -- Luis A. Guzmán G. http://ark.switnet.org Capitulo Mexicano de Software Libre - https://cmxsl.org Por tu propio bien, y en solidaridad a todos, elige la libertad. ¡Sé Libre! - https://fsfla.org/selibre/ OpenPGP_0x35AD8DB3BE2C988C.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature ___ Trisquel-devel mailing list [email protected] https://listas.trisquel.info/mailman/listinfo/trisquel-devel
