IceCatMobile question

#1

Hello,
I am a new member and I’d like to know if IceCatMobile is still maintained and updated. I also see that F-droid version is 60.5.1 but in the GNU server the last one is only 60.3.0.
Is F-droid changing the version name to adapt Fennec/Firefox?, where do you get the code to release the app, from GNU Icecat?. Is it a mix of Firefox and the newest IceCat?
Thanks!

#2

Hello,
I think we get the code from Mozilla (https://hg.mozilla.org/releases/mozilla-esr60) then apply the IceCat patches (https://gitlab.com/Manizuca/IceCat.git).

1 Like
#3

Thanks for the fast answer, it makes sense :+1:

#4

Hoping F-droid to update this excellent browser :hugs:
If we need a free browser in F-droid, maybe this browser and Privacy Browser from Stoutner.com are almost the only ones.

#5

There is Firefox Lite, DuckDuckGo and several others

#6

They contain trackers and a warning from F-droid too. That’s what I mean with “free”.

1 Like
#7

More info: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ and

Prism-Break: IceCat is based on Firefox 60.3 ESR release, released in October 2018. By this point, it means IceCat users are exposed to 9 critical vulnerabilities, most of which are memory corruption bugs that allow for remote code execution:…

btw, I really lack of time actually and couldn’t check if setting to False https://github.com/mozilla/gecko-dev/blob/master/mobile/android/base/java/org/mozilla/gecko/telemetry/TelemetryConstants.java#L11 could remove Mozilla/telemetry globally. ExodusPrivacy has this tracker in stand-by, but I already had it to ClassyShark3xodus (with a µ sign like fdroid-friendly Acra when opt in/out optioned ). Also I’m not sure how to build an official release, instead of a developer flavor.

Since Firefox/Fennec will enter eol by 2020 due to emerging Fenix , I hope some could test this before F-Droid last release of Fennec ( @Manizuca @nalexander @relan ) ; I also noticed other implementations ot telemetry in code:
https://github.com/mozilla/gecko-dev/blob/master/toolkit/modules/AppConstants.jsm#L105 ,
https://github.com/mozilla/gecko-dev/blob/master/mobile/android/base/java/org/mozilla/gecko/telemetry/TelemetryUploadService.java#L57 ,

1 Like
#8

You are right. I also see Telemetry code in IceCat, but also in Tor Browser and I know they disabled Telemetry, so I think that being GNU they could have removed Telemetry too.
That´s the problem and my thread: wishing this browser to be updated to avoid vulnerabilites.

#9

Icecat hasn’t been updated since Feb. Why not use Fennec? Or just use Firefox with a hardend user.js.

1 Like
#10

Thanks.
Yes, I thought that many times, but it’s always a hard work and maybe I’m wrong about Icecat thinking that GNU is doing something with it yet. If it’s only Firefox with some GNU addons or if it’s something else changed inside the browser to avoid tracking. I don’t see warnings in F-droid about IceCat, but I see it in Fennec, and that’s why I always want this browser to be updated. I don’t know if F-droid has decided to not update it anymore, if that’s the case then I will do what you say. I don’t know if it’s only changing the user-js or if it needs something else to avoid sending information to Firefox servers.

#11

Take a look at the hardened user.js from the fennec telegram channel.

1 Like
#12

Thanks a lot.
I´ll check it.

#13

How do you apply that without root?

#14

I´ll do it manually. In fact, I already changed many preferences in about:config according to privacytools.io guide.
I know, it´s hard.

#15

The hard way about:config.
If you have root decim the person that does the user.js in the telegram group has an app. Let’s you pick from several well know user.js files and different browsers to apply it to.

1 Like
Mastodon