info-gnu
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IceCat 31.2.0 release


From: Rubén Rodríguez
Subject: IceCat 31.2.0 release
Date: Tue, 21 Oct 2014 17:14:00 +0200

GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the
GNU version of the Firefox browser. Its main advantage is an ethical
one: it is entirely free software. While the Firefox source code from
the Mozilla project is free software, they distribute and recommend
non-free software as plug-ins and addons. Also their trademark license
restricts distribution in several ways incompatible with freedom 0.
https://www.gnu.org/software/gnuzilla/

Source tarballs, binaries for generic GNU/Linux systems and translations
are available at http://ftp.gnu.org/gnu/gnuzilla/31.2.0/
New gpg key ID:D7E04784 GNU IceCat releases
Fingerprint: A573 69A8 BABC 2542 B5A0  368C 3C76 EED7 D7E0 4784

This is a new iteration of the IceCat project, based on new build
scripts and with an extra focus on privacy.
The new maintainer is Ruben Rodriguez.

IceCat will continue to stick to the ESR (Extended Support Release)
cycle (https://www.mozilla.org/en-US/firefox/organizations/faq/) because
it provides security updates over a stable base. That will also allow to
port privacy features from TorBrowser, which is now following v31ESR.

 == Changes since v24 ==

 * Javascript can be disabled through the configuration interface.
 * Third party cookies are disabled.
 * Referrers are spoofed (to the same server where the file lives).
 * The user is not asked to install plugins (such as flash or java).
 * Only free software gets offered by IceCat.
 * Installed plugins (flash, java) require per-site activation.
 * DuckDuckGO as default search engine, through https and without JS.
 * DoNotTrack header enabled.
 * Reporting features disabled (Avoids send data to mozilla's partners 
   about crashes or security related events).
 * Disabled "Social API" that brings integration with Facebook.
 * Disabled "Safe browsing", which asks Google if websites are safe 
   before browsing them.
 * Disabled access to the clipboard from JS.
 * Don't recommend online services for IRC.

Preinstalled add-ons:

 * LibreJS 6.0.1 checks for the freedom of the javascript you run
 * HttpsEverywhere 4.0.2 redirects requests through https when possible.
 * Spyblock, custom made and based on AdblockPlus, provides:
   - A blacklist of trackers that is used in any browsing mode.
     Self-served, privacy-friendly advertising is preserved.
   - A filter for all third-party requests while in private browsing.
   - A filter for javascript data retrieval while in private browsing.
   - Autoupdate for filter lists is optional.
 * A custom homepage lists this and other features with links to 
   documentation and the possibility to disable them quickly if needed.

Fingerprinting:

 * Spoofing the useragent to:
   - Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0
 * Fonts can be listed with this methods:
   - Plugins like java or flash: these are disabled by default in
   IceCat, requiring the user to enable them in a per-site basis. Also 
   Gnash doesn't work for fingerprinting.
   - JS probing: the custom homepage allows to disable custom fonts.
 * Plugins: IceCat no longer discloses the list of installed plugins.
 * Extra spoofing: appname, appversion, buildID, oscpu and platform.
 * Request pages in english by default.
   
To Do:

 * Add the needed documentation at libreplanet (volunteers welcome!):
   - http://libreplanet.org/wiki/Group:IceCat/
   - http://libreplanet.org/wiki/Group:IceCat/icecat-help
   - http://libreplanet.org/wiki/Group:IceCat/Tour
   - http://libreplanet.org/wiki/Group:IceCat/keyboard-shortcuts
 * Incorporate patches from TorBrowser 4.0
 * Build binaries for Windows and MacOS





reply via email to

[Prev in Thread] Current Thread [Next in Thread]