GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the GNU version of the Firefox browser. Its main advantage is an ethical one: it is entirely free software. While the Firefox source code from the Mozilla project is free software, they distribute and recommend non-free software as plug-ins and addons.
In addition, GNU IceCat includes some privacy protection features, included in a separate addon:
1. Some sites refer to zero-size images on other hosts to keep track of cookies. When IceCat detects this mechanism it blocks cookies from the site hosting the zero-length image file. (It is possible to re-enable such a site by removing it from the blocked hosts list.)
2. Other sites rewrite the host name in links redirecting the user to another site, mainly to "spy" on clicks. When this behavior is detected, IceCat shows a message alerting the user.
GNU Icecat will be available on Fedora updates-testing repositories for some days. That’s right time to test harshly this new web browser (really it’s not so new considering it’s a fork of Firefox) and leave a positive/negative karma or open a bug.
They're not weasel words. It's the stance that the FSF has always taken in regards to software that makes it easy for people to uninstall non-free software.
Say what you want about their stance, at least they're consistent.
It's only weasel words if you don't read the second half of the sentence. Taken together it's an explicit description of the subtle but significant difference between Firefox and Icecat. Seriously, the comment I'm responding to and its parent made me so angry.
> they [Mozilla] distribute and recommend non-free software as plug-ins and addons
What are the non free plugins distributed? And what are the ones recommended? Afaik you download Firefox without plugins. Is the message "for seeing this video you need Flash player" the recommendation?
Mozilla distributes plenty of nonfree plugins at addons.mozilla.org; they aren't authored by Mozilla, but Mozilla distributes them.
The "Get Add-ons" section of about:addons potentially recommends nonfree plugins; what is displayed there is based on user ratings, freedom isn't considered (though most of them seem to be free). Saying "you need a Flash Player" isn't necessarily a nonfree recommendation (there are other Flash Players), but the button that says "take care of it for me" and automatically picks Adobe Flash Player is.
I really, really don't understand this mentality. I don't understand how someone can place some political concern (the distribution status of a piece of code) over a more practical one like "the user wants to view this content and needs X plugin to do it, so let's take care of that for them".
Even without going full-Stallman, a package following GNU FSDG (their guidelines about making recommendations and things) has value to someone who just cares about free software, but still uses some nonfree software.
It's nice to know that while you can deliberately install nonfree software, doing a simple package or plugin search will only show free software. On the recommended plugins screen, no worrying "looks kinda neat, but I need to check if it's free"; just make the assumption that it is. No "oh, I hit the 'just make it work' button, and it picked the non-free option. The system picks between Gnash and Lightspark. If your thing doesn't work in those, and you actually do need Adobe, then you can consciously install it.
If the user chose IceCat over Firefox, then it seems likely that the user would rather not view the content than have the software automatically download software that contradicts their ethical stance.
Therefore it is doing what the user wants. Just not what you want. But that's okay since you will likely never be forced to use IceCat.
Well, the phrasing implies that Mozilla is being unethical, which is incredibly unfair. There's a huge difference between saying that "X is more in keeping with our ideals than Y" vs. saying that "X is more ethical than Y", particularly when the specific points of contention have little or nothing to do with things that most people even think of as having a moral or ethical dimension.
I mean, it's typical for FSF communications, in the sense that it uses very, very broad terms ("free", "ethical", etc.) to mean very specific things as a way of confusing the reader (how can anyone hate freedom?!?). It's also a rhetorical ploy to emphasize their own certainty as to the correctness of their ideals. It doesn't make it any less cynical of them though (not that they're aware that they're being cynical), and it doesn't make it any less of a way to passive-aggressively throw unfair shade on people or organizations who don't share 100% of their beliefs with equal fervor.
That text used to say something different, because Firefox used to contain proprietary bits in its main distribution: it had a proprietary system to capture and submit crash reports (now replaced with a FOSS solution), and proprietary images as part of theming and branding (not sure if those have all been replaced yet). That was part of the motivation behind the GNU modified build.
Yeah that's the first text on the page. If people can't be bothered to click the link, why literally copy the page here?
Besides, the page requires attribution when copying text, something you didn't do. Not a major issue as it's on the topic of the page, but still you could have mentioned it.
icedove is the unbranded version of thunderbird; you probably meant iceweasel :)
I think Debian's reasons for forking Firefox & Thunderbird is more related to trademarks and licensing issues, while it seems IceCat is more focused on privacy concerns. All in all I'm sure Debian will consider IceCat though.
> All in all I'm sure Debian will consider IceCat though.
Just to clarify, IceCat is around for almost a decade now. Actually, IceCat was called IceWeasel before the Debian project decided to call their own Firefox fork IceWeasel. [1]
So no, I don't believe Debian will consider GNU IceCat.
> Other sites rewrite the host name in links redirecting the user to another site, mainly to "spy" on clicks. When this behavior is detected, IceCat shows a message alerting the user.
Easily one of the most annoying "features" I deal with on a daily basis. I almost wish the a.href property were read-only in the DOM.
In some cases it's not to spy on clicks but to hide data in the URL by obscuring the HTTP referer header, eg. DuckDuckGo does this so sites can't see your search terms.
That's a pretty respectable and legitimate use. It's a shame it can't happen on the browser side, though, by tagging the links with something like rel="noreferer".
IceWeasel was created to work around trademark restrictions; Mozilla Corporation would not allow to Debian to use the trademarked names as long as Debian was distributing the software with unapproved patches. So, Debian created their own branding in order to comply. See http://en.wikipedia.org/wiki/Mozilla_Corporation_software_re... for more details.
Yeah, this page hasn't been updated in awhile. However, IceCat's maintainer (who is also the Trisquel GNU/Linux maintainer) has builds of IceCat 31 (maybe 32 now, not sure) for Trisquel 7. The source tarball should be officially released sometime soon.
I compiled IceCat 17 for 32bit gnewsense some months ago. V24 needs dependencies outside what can be provided on gnewsense 3.1 (based on Debian Squeeze). The maintainer compiles the 64bit binaries against fairly recent libraries.
Firefox put out a generic 32bit binary that will work on linuxen of some vintage when unpacked somewhere like ~/home.
I did spend some time scratching my head and reading their mozconfig files to see how they manage to produce one binary that will work on Centos 5.10 up to Debian Sid. Didn't get anywhere.
Anyone got any ideas? Static build? Anyone got a mozconfig or mozbuild method to share?
> GNUzilla runs its own plugin finder service at gnuzilla.gnu.org. To specify this at runtime, visit the url about:config in your browser, find the pfs.datasource.url attribute, and change the host to gnuzilla.gnu.org. Also change the protocol from https to http, if necessary.
And defend against attacks that trick you into installing a known-vulnerable version of the plugin (which of course has a valid signature, since it was believed to be good at the time of release).
And avoid using error-prone package signature algorithms, like the one Android uses that originates from Java and has had several vulnerabilities.
And don't send any personally-identifiable or private user information to the server when checking for updates.
And... actually, no, just don't distribute software over HTTP, even if signed.
In its current implementation the plugin finder just redirects to the gnash source at ftp.gnu.org (which is signed) or the mozplugger website.
This will be updated to provide a more useful response to the user, in particular it will try to provide a way to install the appropriate package from the repos of the distro the browser is running on.
My two cents for mozilla, and im sure they will be sort of offended by this, but the best strategy, one that should be pursuit years ago, is to get the chrome engine, and replace the webkit/blink layer with the mozilla web rendering engine..
That way, they would have the multi-process architecture, they need badly, but with their core, the web layer intact..
The chrome architecture is good enough, that you can replace the webkit layer without mess with other core parts
Dont know why they are procrastinating with servo instead, and doing the same mistakes netscape did years ago, to rewrite the whole engine, while IE was capable to take the lead in the browser wars back than.. the same mistake!!
Theres a good Joel Spolsky article about this (from 2000):
If you have a nightly desktop build you should see a "New E10s Window" in the menu. This starts up a multiprocess browser window allowing you to test the feature.
Servo is a research project exploring the design space of writing a modern browser from the ground up in a language designed for it. It's not being developed as a Gecko (Firefox internal framework) replacement. So I don't think they are making the mistake of restarting from scratch for their core product. The Servo project is done by a different team and Gecko development continues uninterrupted. No procrastination in that area is going on.
That documentation is pretty old, I'll be updating it pretty soon.
Current .deb development packages can be tested from http://devel.trisquel.info/icecat/
The "toutatis" repo should work on Trisquel 6, Debian Stable and Ubuntu Precise, while the "belenos" one should work on Trisquel 7 (beta), Debian Testing and Ubuntu Trusty.
Main changes from the previous version focus on providing better privacy, in particular protecting the user against fingerprinting. The settings have been tweaked to prevent the browser from leaking information through referrers, cookies, useragent and other methods.
The current version comes with this main extensions enabled:
* LibreJS to check for the freedom of the javascript you run
* HTTPS-Everywhere redirects you to secure versions of the sites you browse
* A customized Adblockplus blocks known privacy trackers, and when in private browsing mode it blocks all third party content.
* A custom homepage lists this and other features with links to documentation and the possibility to disable them quickly if needed.
I'll be publishing a more complete list of features through the bug-gnuzilla mailing list soon, along with a beta release. Stay tuned!
43 comments
[ 3.5 ms ] story [ 101 ms ] threadIn addition, GNU IceCat includes some privacy protection features, included in a separate addon: 1. Some sites refer to zero-size images on other hosts to keep track of cookies. When IceCat detects this mechanism it blocks cookies from the site hosting the zero-length image file. (It is possible to re-enable such a site by removing it from the blocked hosts list.) 2. Other sites rewrite the host name in links redirecting the user to another site, mainly to "spy" on clicks. When this behavior is detected, IceCat shows a message alerting the user.
http://fedoraos.wordpress.com/2014/09/02/gnu-icecat-browser-...
It's entirely free software just like Mozilla's Firefox.
Say what you want about their stance, at least they're consistent.
What are the non free plugins distributed? And what are the ones recommended? Afaik you download Firefox without plugins. Is the message "for seeing this video you need Flash player" the recommendation?
Mozilla distributes plenty of nonfree plugins at addons.mozilla.org; they aren't authored by Mozilla, but Mozilla distributes them.
The "Get Add-ons" section of about:addons potentially recommends nonfree plugins; what is displayed there is based on user ratings, freedom isn't considered (though most of them seem to be free). Saying "you need a Flash Player" isn't necessarily a nonfree recommendation (there are other Flash Players), but the button that says "take care of it for me" and automatically picks Adobe Flash Player is.
It's nice to know that while you can deliberately install nonfree software, doing a simple package or plugin search will only show free software. On the recommended plugins screen, no worrying "looks kinda neat, but I need to check if it's free"; just make the assumption that it is. No "oh, I hit the 'just make it work' button, and it picked the non-free option. The system picks between Gnash and Lightspark. If your thing doesn't work in those, and you actually do need Adobe, then you can consciously install it.
Therefore it is doing what the user wants. Just not what you want. But that's okay since you will likely never be forced to use IceCat.
I mean, it's typical for FSF communications, in the sense that it uses very, very broad terms ("free", "ethical", etc.) to mean very specific things as a way of confusing the reader (how can anyone hate freedom?!?). It's also a rhetorical ploy to emphasize their own certainty as to the correctness of their ideals. It doesn't make it any less cynical of them though (not that they're aware that they're being cynical), and it doesn't make it any less of a way to passive-aggressively throw unfair shade on people or organizations who don't share 100% of their beliefs with equal fervor.
Besides, the page requires attribution when copying text, something you didn't do. Not a major issue as it's on the topic of the page, but still you could have mentioned it.
I think Debian's reasons for forking Firefox & Thunderbird is more related to trademarks and licensing issues, while it seems IceCat is more focused on privacy concerns. All in all I'm sure Debian will consider IceCat though.
Just to clarify, IceCat is around for almost a decade now. Actually, IceCat was called IceWeasel before the Debian project decided to call their own Firefox fork IceWeasel. [1]
So no, I don't believe Debian will consider GNU IceCat.
[1] https://en.wikipedia.org/wiki/GNU_IceCat#Origins_of_the_name
So ... looking forward for thunderbird/icedove's equivalent from GNU :)
Easily one of the most annoying "features" I deal with on a daily basis. I almost wish the a.href property were read-only in the DOM.
http://fedoraos.wordpress.com/2014/09/02/gnu-icecat-browser-...
> Updated: $Date: 2012/08/22 01:51:19 $
I compiled IceCat 17 for 32bit gnewsense some months ago. V24 needs dependencies outside what can be provided on gnewsense 3.1 (based on Debian Squeeze). The maintainer compiles the 64bit binaries against fairly recent libraries.
Firefox put out a generic 32bit binary that will work on linuxen of some vintage when unpacked somewhere like ~/home.
I did spend some time scratching my head and reading their mozconfig files to see how they manage to produce one binary that will work on Centos 5.10 up to Debian Sid. Didn't get anywhere.
Anyone got any ideas? Static build? Anyone got a mozconfig or mozbuild method to share?
I hope they sign packages...
And defend against attacks that trick you into installing a known-vulnerable version of the plugin (which of course has a valid signature, since it was believed to be good at the time of release).
And avoid using error-prone package signature algorithms, like the one Android uses that originates from Java and has had several vulnerabilities.
And don't send any personally-identifiable or private user information to the server when checking for updates.
And... actually, no, just don't distribute software over HTTP, even if signed.
This will be updated to provide a more useful response to the user, in particular it will try to provide a way to install the appropriate package from the repos of the distro the browser is running on.
The note about changing to http comes from the fact that the finder service doesn't work through https://gnuzilla.gnu.org/ but http://gnuzilla.gnu.org/plugins/PluginFinderService.php We would work on this too.
That way, they would have the multi-process architecture, they need badly, but with their core, the web layer intact..
The chrome architecture is good enough, that you can replace the webkit layer without mess with other core parts
Dont know why they are procrastinating with servo instead, and doing the same mistakes netscape did years ago, to rewrite the whole engine, while IE was capable to take the lead in the browser wars back than.. the same mistake!!
Theres a good Joel Spolsky article about this (from 2000):
Things You Should Never Do [http://www.joelonsoftware.com/articles/fog0000000069.html]
That documentation is pretty old, I'll be updating it pretty soon.
Current .deb development packages can be tested from http://devel.trisquel.info/icecat/ The "toutatis" repo should work on Trisquel 6, Debian Stable and Ubuntu Precise, while the "belenos" one should work on Trisquel 7 (beta), Debian Testing and Ubuntu Trusty.
Main changes from the previous version focus on providing better privacy, in particular protecting the user against fingerprinting. The settings have been tweaked to prevent the browser from leaking information through referrers, cookies, useragent and other methods.
The current version comes with this main extensions enabled:
* LibreJS to check for the freedom of the javascript you run * HTTPS-Everywhere redirects you to secure versions of the sites you browse * A customized Adblockplus blocks known privacy trackers, and when in private browsing mode it blocks all third party content. * A custom homepage lists this and other features with links to documentation and the possibility to disable them quickly if needed.
I'll be publishing a more complete list of features through the bug-gnuzilla mailing list soon, along with a beta release. Stay tuned!