LibreWolf

LibreWolf 122.0

Windows
Installer | librewolf-122.0.1-2-windows-x86_64-setup.exe | 128.22 MB | VirusTotal Scan report
Portable | librewolf-122.0.1-2-windows-x86_64-portable.zip | 104.39 MB | VirusTotal Scan report
Mac
librewolf-122.0.1-2-macos-x86_64-package.dmg | 93.52 MB | VirusTotal Scan report
Linux
LibreWolf.x86_64.AppImage | 107.19 MB | VirusTotal Scan report
CenaBezmaksas
Versija122.0
Izdošanas datumsFebruary 23, 2024
IzdevējsLibreWolf - https://librewolf.net
Izdevēja apraksts

What is LibreWolf?

This project is a custom and independent version of Firefox, with the primary goals of privacy, security and user freedom.

LibreWolf is designed to increase protection against tracking and fingerprinting techniques, while also including a few security improvements. This is achieved through our privacy and security oriented settings and patches. LibreWolf also aims to remove all the telemetry, data collection and annoyances, as well as disabling anti-freedom features like DRM.

Privacy

  • Delete cookies and website data on close.
  • Include only privacy respecting search engines like DuckDuckGo and Searx.
  • Include uBlockOrigin with custom default filter lists, and Tracking Protection in strict mode, to block trackers and ads.
  • Strip tracking elements from URLs, both natively and through uBO.
  • Enable dFPI, also known as Total Cookie Protection.
  • Enable RFP which is part of the Tor Uplift project. RFP is considered the best in class anti-fingerprinting solution, and its goal is to make users look the same and cover as many metrics as possible, in an effort to block fingerprinting techniques.
  • Always display user language as en-US to websites, in order to protect the language used in the browser and in the OS.
  • Disable WebGL, as it is a strong fingerprinting vector.
  • Prevent access to the location services of the OS, and use Mozilla's location API instead of Google's API.
  • Limit ICE candidates generation to a single interface when sharing video or audio during a videoconference.
  • Force DNS and WebRTC inside the proxy, when one is being used.
  • Trim cross-origin referrers, so that they don't include the full URI.
  • Disable search and form history.
  • Disable form autofill.
  • Disable link prefetching and speculative connections.
  • Disable disk cache and clear temporary files on close.
  • Use CRL as the default certificate revocation mechanism, as it is faster and privacy oriented. For security and usability reasons, the browser might fall back to OCSP in some instances: when that happens, OCSP will be stapled to preserve privacy.

Security

  • Stay up to date with upstream Firefox releases, in order to timely apply security patches.
  • Enable HTTPS-only mode.
  • Enable stricter negotiation rules for TLS/SSL.
  • Always force user interaction when deciding the download location of a file.
  • Disable scripting in the built in pdf reader.
  • Protect against IDN homograph attack.
  • Implement optional extension firewall, which can be enabled manually.
  • Revert user-triggered TLS downgrades at the end of each session.
  • Set OCSP to hard-fail in case a certain CA cannot be reached.

Annoyances

  • Prevent window resizing from scripts.
  • Disable autoplay of media.
  • Disable search suggestions and ads in the urlbar.
  • Remove all the distracting and sponsored content from the home page.
  • Remove the Pocket extension at compile time.
  • Remove Mozilla VPN ads.
  • Disable Firefox Sync, unless explicitly enabled by the user.
  • Disable extension recommendations.

Others

  • Completely open source and community driven.
  • Easy and Docker-based build process, so that everyone can build from source in few steps and without local dependencies.
  • LibreWolf specific UI that exposes the most important privacy and security settings, to allow you to easily control them.
  • Completely disable telemetry, including crash report, normandy, studies and personalized recommendations.
  • No data collection of any kind. In fact, as stated in our privacy policy, we wouldn't even have the infrastructure to do that, making it impossible from a technical standpoint.
  • Disable Google Safe Browsing, over censorship concerns, and in an effort to prevent Google from controlling another aspect of the internet. This would also make a developer key a requirement to build from source, which is something we are not comfortable with.
  • Disable DRM, as it is a limitation to user freedom.
  • Avoid making unnecessary changes that increase the fingerprint without giving any privacy gain.
  • Only allow outgoing connections that are not privacy invading.
  • Disable built-in password manager and suggest more robust options.