Thank you for kind words!

Ah, then the hope is that this curiosity will trigger you to dig into it yourself (for example using the provided tool or taking inspiration from it) so that it starts making sense! I know it’s an unconventional format to refrain from laying out my own opinions and analysis but that’s my thing today. So much “everyone knows” and vapid third-hand takes flying around these days that I think we would do well to actually verify (and pick up related knowledge in the process) rather than take forum comments and blog posts for gospel.

OK, all right, I can try. I guess I can point at one thing in the Mozilla telemetry at the very end, doesn’t that look very fine-grained if you look at the URLs (addresses) listed?

We can tell that many of the actions I took were communicated to the mothership for analysis and product improvement. Is this data really anonymized (or anonymizable)? Is it a reasonable amount for a user that has not opted in? My professional and personal opinion is: It is not.

But! That’s just one isolated example. And an extremely limited view. What about Zen? Chrome, Edge and Safari weren’t included here at all. And it’s not at all looking at what happens for a user who probably cares about this: when you go to settings and disable all the telemetry. See I just said that one thing about Mozilla Telemetry and now I’m going to have to run some new tests and write reports about them for days just to set that record straight!

Maybe I’m odd but I think it’s many (100?) times easier and quicker to gain understanding of the kinds of stuff we’re looking at here by getting hands-on than to communicate it verbally. And I’m concerned with this limited attention span so many people are afflicted with these days, and look at how long this comment is already, no we’re done with me tell you how it is, let’s wrap this one up and get onto the juicy stuff.

There’s an expandable section Basic test environment usage under Testing procedure but I realize now that might be easy to miss…

Anyway, to start it: Install podman, docker-compose (v2) and MITM_BROWSER=firefox-esr podman compose up --build. That should be it.

Then the browser pops up (hopefully), you do your thing, and after you Ctrl+C in the console, it will quit and the proxy will dump the recorded .har file which contains all HTTP and websocket traffic that went through the proxy in cleartext, in JSON format. There’re tools online that can help visualize I think but nothing I can recommend off the bat. Simply cating it to the terminal or opening it in a text editor can be educative. Also playing around with variations of the jq snippets and see if you can come up with questions of your own to answer. Or if anything in my numbers make you scratch your head or say “wait a minute” dig there.

In case you want to take al look at what the thing does before running it (trust me bro), these are the files involved when you run that compose up command:

• entrypoint compose.yml
• imported compose/proxy.compose.yml for mitmproxy
• The browser Containerfile (aka Dockerfile)

Available browser images

What about gwenview?

The author seems to think Mozilla should have protected our privacy by having someone act as the proxy for the request.

On the proxy part, they actually already have that and using it for some other parts:

https://support.mozilla.org/en-US/kb/ohttp-explained

TL;DR: Imagine an HTTPS-over-HTTPS proxy. Try to explain it like something groundbreaking without referencing existing tech. Now you have OHTTP.

https://firefox-source-docs.mozilla.org/browser/components/mozcachedohttp/docs/index.html

https://www.fastly.com/blog/firefox-fastly-take-another-step-toward-security-upgrade

It makes me scratch my head a bit why I’ve never see it enabled for DNS-over-HTTP in default stock Firefox config despite it being supported for years - the endpoints are just not configured. You have to know about it and configure the barely documented URL in about:config for that. Unlike for newtabpage and the FF shopping feature where OHTTP is used by default. Infra costs?

Yes?

Hi, I’m new here, first time posting to this community, was hoping this could be well-received here.

I see this starting to attract downvotes - is this considered breaking any rule, are cross-posts frowned upon in general, is the content too basic for you 1337 h4xx0rz, title not serious enough, or some other issue with the post? Feedback appreciated.

senpai noticed me *^^*

Cheers and thank you for the work!

Red Hat’s out for us I tell you. Hide your display servers and hide your CPU architectures because they be deprecating e’rybody out here.

I’m not the actual theme maintainer but I’m sure they would be receptive of PRs.

I guess the easiest would be using Kvantum to port the existing GTK theme if anyone is up for it.

https://github.com/tsujan/Kvantum/

https://raw.githubusercontent.com/tsujan/Kvantum/refs/heads/master/Kvantum/doc/Theme-Making.pdf

Sorry, that’s totally off topic (rule 1) and none of your business I’m afraid.

Feels like you’re meming on some uncharitable stereotype at the expense of myself, QubesOS, and room for more interesting convos in this thread. Comments like this might make other users with less hard skin afraid to post their own setup if stuff like this is all they get back. It leads to less diversity and real talk, more low-effort memes and the sameish sway-with-a-fancy-background-and-fastfetch.

As this little community grows I think it would be sweet to try not to actively reproduce the bad aspects of Reddit.

(Yes, I’m a blast at parties)

This theme is the one used in my recent unixporn screenshot.

Getting a lot of benefits from it. I’m a happy user!

If I mostly talk about downsides in order to keep this brief:

It can work fine to just install and start using out of the box as it is, even for Linux noobs. You can get pretty far without having to dig super deep. But to really customize it you get into things like Salt management (or figuring out an alternative) and building your own templates. This can take a lot of time and effort. Consider it “playing on hard mode”. For me it’s fine since I enjoy these things and you can take it bit by bit. Lots of helpful stuff shared in the community like the repo I linked.

It’s not 100% jank-free. More niche things like ZFS integration, GPU passthrough and sys-gui qubes take some tweaking or even patching depending on your hardware and use and I have run into bugs with all of those. Chaining Tor and DNS on some IPv6 networks is still not all there but looked like WIP last I checked in. If you stay on well-throdden path things are a lot more stable.

Would love if they manage to migrate away from github.com…

That said, things are indeed steadily improving and people generally seem helpful and constructive when I look at the issue tracker¹. I think it’s worth giving it another chance now that 4.3 is out.

¹: Example: Didn’t have to report those bugs myself as someone beat me to it. And fixes for most did come in.

A tangent but in response to something I see around here and the webs recently:

People who say Wayland is ready for everyone and that X11 is no longer of relevance - that distros and projects like KDE dropping and deprecating it is A Good Thing: How do I replicate this in Wayland without having to loosen security boundaries or lose out on core features? Or at all?

Not shown in screenshot but sometimes I also run GUI apps or a nested WM (to get the “classic” VM experience with a windowed or fullscreened isolated desktop) in containers. Also obviously need things like remote screen sharing without having to run such apps in dom0 and Input Method integration for non-latin typing. Even with people working on some parts of that already and some ad-hoc early-stage solutions existing, I don’t see it happening this decade… My setup works great for now and I’d hate to have integral parts of it getting fully abandoned or dropped from upstream distros like Fedora or Arch if no drop-in replacements exist. Why the push for deprecation? :/

Next time you see someone saying that Wayland isn’t ready for them, maybe take their word for it instead of downvoting and demanding justification? Think about how much I had to expose myself above just to be able to try to make a point. When we’re in the long tail of remaining use-cases, they get detailed enough that you can’t explain them without getting personal and very profileable.