Konform Browser and other bits and bobs.

  • 2 posts
  • 6 comments
Joined 6 months ago
Cake day: January 18th, 2026
  • If you work for a company or own the company you are still making a self- promotional post for a company, and the rule applies.

    So if the exact same post is posted by a friend instead it’s suddenly accepted? Why is self-promo meaningfully less desired than third-party-promo if they have similar results?

    You seem to be vastly in the minority.

    Might be! That one’s framed as just personal preference and not policy suggestion because I don’t think “allow all things I like and ban everything I don’t” makes for good governance ;)

    So a more restrictive rule?

    More restrictive in one sense (what content and what’s ok to “promote” for) but more allowing in another (you can talk about something even if you are involved or associated).

  • Thank your for replying, this is encouraging and sounds like moderation of this community is shaping up.

    Whichever side the ruling falls I think that feedback channel would be very good. Just having a way for a submitter to ask from mod(s) why the submission was targeted might be the difference between them turning into a great contributor vs either just leaving or starting to play circumvention games (in especially bad cases turning into antagonistic trolls). Speaking from how I’ve seen those dynamics play out in other communities.

  • Thank you for thoughtful engagement!

    I think that becomes even more problematic. Why is it better that I shill for a company I’m getting kickbacks from (some VPN providers excel at this game) rather than one I’m responsible for? Besides, this just lead to submarining (“viral marketing” is an entire industry!) and people pretending to “have just stumbled across this project, what do you guys think?” or being “just a happy customer”… And to some extent t becomes a game of social status, where well-connected people can just ask their friends to post on their behalf.

    Judge the message and topic, not the messenger (as long as they are human acting in good faith and not “written with help by AI”, obv).

    Besides of those issues, my personal preference would be to keep the focus on self-hosting. So talk of hardware or shipped software might be on-topic but not service providers. There are plenty of places to discuss cloud-hosting, VPNs, which PaaS is best, or whatnot.

    And I would actually be much more interested in seeing a post from a founder talking about things their company is doing relevant to self-hosters, vs yet another post of “which provider is best right now and what do you use?” or “Company X currently has a sale/launched product Y”.

    While it might filter out some good stuff, I would be all for a ban of any promotion of commercial or proprietary products and services alltogether but allow for self-hostable and in particular FLOSS stuff (where I guess some carve-out or clever formulation could be made to allow for commercial but self-hostable software - either stance on that one seems fine to me).

  • I would like some clarity on general apparent self-promotion of open source projects as well. As in, points 1-4 don’t apply and 5 depends on your definition of “advertisement”.

    I’m bringing this up because I (once) previously attempted to share a project1 I maintain on here. I did take some effort to include some context and discussion points for selfhosters in order to make it more tailored and stay safe on Rule 3. It was quickly removed by mod. I tried reaching out to one of the mods to try to understand what was wrong. They were friendly and said they weren’t involved and would forward to the relevant people and since then I haven’t heard back. It would be very helpful to be able to get some feedback on why submission was removed so we can learn how future submission attempt could be improved (or abandoned).

    1: FLOSS, no commercial or otherwise proprietary parts or relations, no slop or clank in the process

It’s been a while!

Konform Browser version 140.12.0-100 was recently released and if you aren’t aware it’s time to upgrade! 1

Konform Browser is a free/libre and open-source (FLOSS) fork of Firefox ESR with the primary goals of security, privacy, and user freedom. Shows by example how these three goals don’t have to be at odds but support each other and work in harmony. Runs lean and light with lights off out of the box, while making it convenient to toggle on the features you want. All telemetry removed, none added. Fingerprinting and tracking extras with base defaults on par with (or exceeding) Tor Browser, still keeping common-sense tweaks like dark mode and installation of self-built addons available without making a fuss about it. Graceful degradation for private networks and more granular control for those who want a browser that really conforms.

“ESR” means there’s a major upgrade coming up soon with the expected jump from Firefox ESR version 140 to 153 next month. Work has already been ongoing for a while to prepare Konform Browser v153 to be the most secure Firefox build at release. Early alpha builds based on FF153beta are available for anyone who wants to do early testing or help out with any other contribution.

Current Konform Browser 140.x is production-ready and expected to keep receiving security updates and bugfixes for at least a couple of release cycles after initial v153 release so users can upgrade at their leisure.

If you try it, would love to hear your feedback on the browser - and if you like it, tell your friends!

FAQ

Installation instructions provided for most Linux distros

New: Artix Linux package, Gentoo ebuild

Releases

Mastodon: https://techhub.social/@konform

1 or install 😘

Hi all!

Latest version of Konform Browser just dropped and now I come here to share with y’all about what’s been cooking.

If you are new to Konform Browser, dev writing and previously posted on on this community introducing the project here.

Highlights since last time:

  • Latest security fixes from up to most recent Firefox ESR 140.7.1.
  • A new welcome screen (pictured) where user can quickly choose between how private vs integrated experience they want, from a locked down “Purely Private” all the way to an unleashed “Just Make It Work” (affectionately referred to as “yolo mode”)
    • The “Show detailed information” link leads to a table showing exactly what settings will be impacted by each preset so user can make educated decision and understand impact before choosing.
  • Improvements around privacy and fingerprinting. In particular: Closed a significant vector of identity leaks and fingerprinting from unique IDs sent in Origin headers of HTTP requests by addons. This is a previously known issue (1405971) that has been considered wontfix by upstream for 6 years now.
    • To my knowledge, Konform Browser is the only Firefox derivative which protects against this under defaults and improves over status quo in chromium too. Attempts are being made to reach out and see if the patch can also be of interest and benefit for Tor Browser.
    • New user pref network.http.addonOriginBehavior can be tweaked to further change behavior and work around any breaking addons.
    • A future update might change default to 3 (random), which could make browser choice less fingerprintable. The current default is not set in stone and I’d be very curious about what breaks and what doesn’t if anyone plays around with this.
  • Now also publishing binary packages for easy installation and updates from Alpine Linux and Arch Linux package repos, alongside deb/rpm ones. All builds and releases are produced by Codeberg CI. Building from source is of course still supported.
  • Various improvements and fixes for optional features unlocked by “Just Make It Work” preset

There is also now a more official fedi account on Mastodon where an abbreviated version of this post is already shared with a couple of screenshots of the new onboarding: @konform@techhub.social1.

As always, installation and build instructions can be found from release notes and doors are open on Codeberg for issue reports and merge requests alike.

https://codeberg.org/konform-browser/source/releases

1: Still figuring out how crossposting works or doesn’t across the fedis! In case federation clients botcher the link: https://techhub.social/@konform