top | item 46016592

(no title)

lilsoso | 3 months ago

Thanks for the browser recommendations.

I switched to the Mullvad browser. The other recommendation, LibreWolf, provides the following warning on install which scared me away: "Warning: librewolf has been deprecated because it does not pass the macOS Gatekeeper check! It will be disabled on 2026-09-01."

discuss

armadyl|3 months ago

FYI I wouldn’t say that the Mullvad browser is any better at anti-fingerprinting than Librewolf. I always point people to http://fingerprint.com/ so they can see how difficult it is to beat even JS based tracking and this doesn’t even get into the server-side methods (i.e. just fetching a stylesheet) of tracking users.

That’s not to say you shouldn’t use a browser that blocks ads etc but I don’t think people should immediately think that they’re not fingerprintable because they’re running these. There definitely needs to be more discussion on the reality of how much these browsers can “protect” you.

mike_d|3 months ago

The article rants about how turning off JavaScript is actually harmful because it makes you more fingerprintable, then in the same breath recommend switching to an obscure browser nobody else uses?

If you want to avoid being uniquely identifiable stick to Chrome, signed into a Google account, running on a PC from Best Buy.

undeveloper|3 months ago

tldr -- it's fine. MacOS Gatekeeper will create warnings about products that are not signed via the apple developer program, which is $99/year librewolf is an open source product, that is very strictly a "community" libre / FOSS project. naturally, having an individual take up notarization assumedly, you are using brew -- brew recently decided to stop supporting / deprecate all casks that does not pass gatekeeper checks, for some reason I cannot fully determine.

cruffle_duffle|3 months ago

Why would I trust any software that doesn’t pass the gatekeeper test? Even if it claims to be “open source” with links to some code repo there is no guarantee the binary blob you are running was built using only that code and nothing else.

Sure even with the gatekeeper test you can’t be sure it’s built against only the claimed code but it does guarantee:

1) the binary hasn’t been modified since it was signed 2) the binary was signed by somebody in possession of the private key 3) there is some measure of identification via Apple on who or what signed the binary 4) somebody was willing to fork over $99 to sign the binary

It’s not perfect security by any means but it is something. Otherwise the binary you are running might as well have come from some sketchy email attachment. And fuck that. Why would I want that on my machine?

I get that the $99 might be a hurdle for “non-organized open source” (ie most open source… doesn’t have a non-profit entity to take up the expense and credential management, etc…)… and there are probably ways apple could make it easier for such “collectives”… but ultimately I’d argue that signed binaries are good for everybody. While imperfect, they provide some form of traceability and accountability.

obviously it’s not a 100% guarantee of being fuckery-free. The private key might have been compromised, the appleid might have been hijacked and the developer program might have been enrolled with stolen credit cards… but it’s still a hurdle to filter out a large swath of low effort nonsense.

Y_Y|3 months ago

Sounds like you need to switch OS