Kicksecure Default Browser - Development Considerations
Exploring the ideal default browser for Kicksecure with a focus on security and privacy, Firefox vs Chromium, browser hardening, considering user freedom, maintainability, security, privacy, no phone home.
Kicksecure Default Browser Considerations[edit]
Introduction[edit]
Kicksecure is primarily a security focused Linux distribution. Preferring security over privacy if such a decision is unavoidable. However, Kicksecure will never implement outrageous privacy violations. It will even provider slightly better privacy than most other Linux distributions (such as no popularity contest installed), but otherwise no huge efforts to optimize privacy such as in Whonix™. (And yet, Kicksecure would be a suitable host for Kicksecure until Whonix-Host materializes. No contradiction here since Kicksecure works fine on top of any secure Linux distribution that does not implement outrageous privacy violations.)
Chromium is more secure than Firefox. [1] Therefore would be the natural choice as default browser for Kicksecure.
very hard to notice Phishing Scam - Firefox / Tor Browser URL not showing real Domain Name - Homograph attack (Punycode)
Even if Firefox would provide better privacy than Chromium, this would still not speak in favor of choosing Firefox as the only browser installed by default in Kicksecure because as elaborated in the first paragraph in this chapter, Kicksecure is primarily a security focused Linux distribution.
Other browsers not available from packages.debian.org are not considered (at least not in initial versions) because Kicksecure will have a default application policy policy similar to Whonix default application policy .
However, Firefox should be preferred for reasons other than security and privacy, see threats to user freedom thorough market share domination. In future, Firefox might have better advertisement blocking capabilities?
See also these Chromium considerations.
Therefore the decision which browser to install by default in Kicksecure is a difficult one.
To not let the perfect be the enemy of the good,
Nowadays Firefox is installed by default due to Chromium Debian Package Security.
The decision is based on practicality, available resources, achievable initial goals. It is a significant development effort to create a dedicated website for Kicksecure and to create a new Linux distribution. Kicksecure doesn't have to find solutions to the difficult mostly globally unaddressed Miscellaneous Threats to User Freedom right from the start.
See also #Potential Future Solutions which might be implemented in later stages of the development.
Disregarded Solutions[edit]
no browser installed by default[edit]
- That would be a terrible user experience, specifically for Live ISO / USB users, waiting until all browser related packages are downloaded and installed using APT. Users want ready to go solution. The fact that they already have to invest time to get a new operating system is already a barrier. Asking them to wait till a browser downloads is too much.
install both firefox-esr and chromium by default[edit]
- a waste of disk space
- longer update times as both packages are downloaded in the future
- not a strong stance against chromium
Potential Future Solutions[edit]
Might be implemented in a later version but not in the initial versions.
Browser Choice Dialog[edit]
Similar to this:
https://upload.wikimedia.org/wikipedia/en/e/e2/BrowserChoice.gif
During the build process of Kicksecure download (cache) both packages, firefox-esr and chormium but don't install these. This is to avoid avoid APT traffic and time wasted on network download. In more technical terms, similar to this:
sudo apt update sudo apt install --download-only firefox-esr sudo apt install --download-only chromium
The packages will then be cached but didn't actually install the packages. These downloaded packages files will reside in folder /var/cache/apt/archives
and otherwise do nothing. Would be cleaned up once the user runs sudo apt clean
.
That would work well for ISO release but not for installation from repository. The latter not sure how important long term, perhaps for servers (server vendors won't offer Kicksecure pre-install very soon) but then for servers no browser is required.
Not sure yet this can work with the ISO build process.
Also after first boot there is a technical issue. Suppose users would run sudo apt update
followed by sudo apt full-upgrade
before ever starting a browser, which is recommended and good security practice. Then when running the browser choice dialog (through clicking browser icon in start menu)...
At this point the user most likely the browser choice tool cannot run sudo apt install firefox-esr
or sudo apt install chromium
on behalf of the user without network traffic. This is because dependencies, package versions changed meanwhile. (User run sudo apt update
would have noticed that.) This decreases usability. Thereby the browser choice tool would be changed from offline install previously downloaded browser package
to network dependent download and install of browser
.
To keep the browser choice tool offline install previously downloaded browser package
should the browser choice be a popup at first boot?
There might be technical solutions for all of this but this makes the default browser choice a major development task.
draft text for browser choice dialog[edit]
Not relevant yet since the browser choice dialog will not be implemented soon.
Kicksecure supports any Debian compatible browser, but defaults to two major choices: Chromium and Firefox.
- Firefox - Pros: Keeps the web open and free as we know it. Less secure.
- Chromium - Pros: More secure. Cons: Increases Google's influence, which may harm user freedom and choice in the future.
Please make a selection:
[x] Firefox
[ ] Chromium
[ ] Do not install any browser at this time
[ ] Do not ask again
[ ] Quit
Domain name will change go kicksecure.com.
Comparison of Browsers[edit]
Original Firefox[edit]
Trademark Disclaimer: Kicksecure is not officially associated with Mozilla Firefox. See Disclaimer.
advantages:
keeping the firefox branding and improving upon it might be more user friendly than shipping unpopular brand browsers.
issues:
- trademark issues:
- With Debian: Past trademark nonsense by Mozilla, see Debian–Mozilla trademark dispute. Was resolved and hopefully will not happen again.
- With LibreFox: What happened? See LibreFox.
- Future: Firefox Potential Legal Risk
disadvantages:
- Promotes non-freedom software: Easily downloads the non-freedom DRM plugin from Google. Related: avoid non-freedom software
- Needs hardening: Not as hardened by default (lower attack surface, disabled telemetry) as it could be creating demand for a hardened Firefox fork or Firefox settings project such as arkenfox.
Enabling non-freedom DRM is just 1 click away:
You must enable DRM to play some audio or video on this page. Learn more
[Enable DRM]
Firefox when visiting a DRM test website
TODO:
- As part of taming Firefox, a Firefox settings project such as arkenfox or Firefox might make it harder to accidentally enable DRM?
Firefox directly from Upstream Mozilla using Flatpak[edit]
advantages:
- Fast stable Firefox upgrades directly from upstream, Mozilla.
issues:
- Most likely ignores
/etc/firefox
settings folder. It is most likely possible to add a workaround for that.
See also:
Firefox directly from Upstream Mozilla using packages.mozilla.org[edit]
advantages:
- Fast stable Firefox upgrades directly from upstream, Mozilla.
potential issues:
- TODO: Does it honor
/etc/firefox
settings folder? It might not as this might only be a feature by Debian's firefox-esr package.
disadvantages:
- Same as in above wiki chapter.
- Foreign Sources
Firefox from packages.debian.org[edit]
Also when using Debian's Firefox package, enabling non-freedom software DRM is just 1 click away.
Disclaimer[edit]
There are two different entities.
- A) Mozilla: Developer of the Mozilla Firefox browser. Versus,
- B) Kicksecure: An independent Linux distribution.
Kicksecure is not officially associated with Mozilla Firefox. The Mozilla Firefox logo is trademarked by Mozilla.
Why this disclaimer? See Firefox Potential Legal Risk.
Firefox Potential Legal Risk[edit]
Background story: Debian–Mozilla trademark dispute (resolved in 2017)
Quote:
= About the Debian specific patches =
Mozilla recognizes that patches applied to Iceweasel/Firefox don't impact the quality of the product. Patches which should be reported upstream to improve the product always have been forward upstream by the Debian packagers. Mozilla agrees about specific patches to facilitate the support of Iceweasel on architecture supported by Debian or Debian-specific patches.
More generally, Mozilla trusts the Debian packagers to use their best judgment to achieve the same quality as the official Firefox binaries.
In case of derivatives of Debian, Firefox branding can be used as long as the patches applied are in the same category as described above. Ubuntu having a different packaging, this does not apply to that distribution.
Debian issue tracker, Renaming Iceweasel to Firefox
Opinion by a non-lawyer:
The phrasing can be used as long as the patches applied are in the same category as described above
could be interpreted as in a patch which disables all telemetry, tracking and phone-home as much as possible would be in a different category and hence might in the viewpoint of Mozillla violate their trademark.
Mozilla vs portapps.io from 2019
Following a trademark violation report (#11) from Mozilla, Firefox portable has been named Phyrox portable on Portapps. Nothing changes except its name.
But even modest changes to preferences (such as whether "Know Your Rights" information is displayed to users) are sufficient to violate our policy against distributing modified versions of Mozilla software with our trademarks. Of course, end-users may choose to change preferences and settings in Firefox. But we don't allow others to distribute unofficial versions of "Firefox" with modified configurations or preferences.
Does this apply to Linux distributions that is not really primarily about distributing Firefox? Probably yes, since Mozilla had also a past conflict with Debian.
Changes requiring Mozilla’s prior written permission include (but are not limited to):
- Changing the default home page or adding bookmarks,
Potentially also Mozilla vs LibreFox had a trademark conflict.
Correspondence with Mozilla about its Trademark[edit]
15 February 2024[edit]
From:
adrelanos
To:
trademark-permissions@mozilla.com
subject:
Kicksecure Default Browser Configuration Trademark Question
body:
I am the lead developer of the Kicksecure project, a Linux distribution focused on security and based on Debian. Kicksecure is developed by the same team as Whonix, which is somewhat more well-known. Our hardened defaults extend to the default user applications on the system, including a daily drivable web browser. We are currently in the process of reviewing and considering potential candidates to be the default web browser on Kicksecure. With good intentions, various Kicksecure contributors have suggested shipping Mozilla Firefox as the default browser. However, some contributors, including myself, are concerned about the modifications to Firefox's default settings we intend to make, versus Mozilla's Trademark Policy. We have no intention of rebranding or changing the compilation options of Firefox binaries. In fact, we prefer to keep the Mozilla trademarked names for the products to provide our users with a sense of familiarity. We would acquire unaltered binaries from one of the following sources: - Debian's official packages.debian.org repository - Mozilla's official packages.mozilla.org repository - Mozilla's official Firefox Flathub repository Ideally, we would use Mozilla sources. Here is a trademark-respecting list of things we are aware of and want to avoid for understandable reasons: * Not using Mozilla trademarks in the name of our business, product, service, app, domain name, publication, or other offering. * Not using marks, logos, company names, slogans, domain names, or designs that are confusingly similar to Mozilla trademarks. * Not using Mozilla trademarks in a way that incorrectly implies affiliation with, or sponsorship, endorsement, or approval by Mozilla of our products or services. * Not displaying Mozilla trademarks more prominently than our product, service, or company name. * Not using Mozilla trademarks on merchandise for sale (e.g., selling t-shirts, mugs, etc.) * Not using Mozilla trademarks for any other form of commercial use (e.g., offering technical support services), unless such use is limited to a truthful and descriptive reference (e.g., “Independent technical support for Mozilla’s Firefox browser”). * Not modifying Mozilla’s trademarks, abbreviating them, or combining them with any other symbols, words, or images, or incorporating them into a tagline or slogan. And here is a list of things that we would like to do. Our primary intention is to have a default policy (or employ other means if more appropriate) to do the following: * Use unaltered binaries. * Disable all Telemetry, Studies, Reports, and non-essential implicit outgoing connections. * Force install the addon "uBlock Origin" by Raymond Hill. * Set and lock hardened SSL/TLS-related settings, including, but not limited to, setting HTTPS-only mode as the default, blocking mixed content, not trusting unsafe negotiations, disabling unencrypted background requests, etc. * Disable sponsored components, like bookmarks and suggestions. * Set and lock strict mode for ETP. * Change the default homepage. * Disable the default display of the "Know Your Rights" information page. As an illustrative point of how specifically we plan to apply these changes: - Our intended changes would be made by providing a separate package (for example, named "hardened-browser-config"). - This package would install config file(s) in folder(s) such as /etc/firefox or /etc/firefox-esr. - The package would be installed by default. We are willing to elaborate on the details and consider making modifications upon request by Mozilla. We are not asking for any special permission that does not extend to derivatives. As stated on the Debian issue tracker: > In case of derivatives of Debian, Firefox branding can be used as long > as the patches applied are in the same category as described above. This is related to the Debian Free Software Guidelines (DFSG) (item 8): > License must not be specific to Debian > > The rights attached to the program must not depend on the program's being part of a Debian system. If the program is extracted from Debian and used or distributed without Debian but otherwise within the terms of the program's license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the Debian system. We would like to be able to state similarly: > In case of derivatives of Kicksecure, Firefox branding can be used as long as the patches applied are in the same category as described above. We are asking for your opinion on whether this would be in conflict with Mozilla's Trademark Policy. We intend to publish our correspondence for the sake of transparency. Our communications and your responses will be publicized in full, verbatim, without modifications.
06 March 2024[edit]
Patrick, Thanks for your email. Unfortunately the changes you would like to make do not comply with our distribution policy <https://www.mozilla.org/foundation/trademarks/distribution-policy/>, including the following: You may not add to, remove, or change any part of the software, including the Mozilla trademarks themselves. For example, you may not add any extensions to Firefox, change default settings, or alter search codes. If you would like to distribute Firefox unmodified, you can use our .deb. You can, of course, make any modifications you wish to Firefox’s open source software if you distribute a browser without Mozilla and Firefox trademarks. Based on your requirements, the Tor Browser might also be an option you could consider. Mike Kaply Technical Partner Lead Mozilla Corporation
For the full e-mail including headers see footnote. [2]
arkenfox[edit]
https://github.com/arkenfox/user.js
A settings file improving Firefox security and privacy.
todo
advantages:
- disabled telemetry by default
issues:
- Phone home. Does not do anything about Firefox phone home. Feature Request: Radio Silence by Default for Browser Startup and Background Connections aka "Disable Phone Home" got instantly closed, rejected and locked for further discussion.
non-issues:
- https://github.com/arkenfox/user.js/issues/1795
- Telemetry. Ticket https://github.com/arkenfox/user.js/issues/1660 is confusing but it's not about enabling telemetry. Only about moving it to its own section in the config file. Which is more like a textual, stylistic change.
- using
pref(
instead ofuser_pref(
is not an issue as per https://github.com/Kicksecure/security-misc/pull/183#issuecomment-1895948795
That could easily be handeld during the package build process with something like this:
search='pref("' replace='user_pref("' file_name='user.js' str_replace "$search" "$replace" "$file_name"
The diff
would be reasonably simple.
deskapps-harden[edit]
https://github.com/monsieuremre/deskapps-harden
A settings file improving Firefox security and privacy.
todo:
- discuss if settings locking is really neccessary: https://github.com/Kicksecure/security-misc/issues/192#issuecomment-1905981518
advantages:
- responsive upstream
- founded by Kicksecure contributor
- clean, small, policy, single 1 file
disadvantages:
- new project
- few users, bug reports, feature requests yet, hence difficult to judge the merits of the project
- no known third-party reviews yet
- project name might be too limiting to gain lots of non-Kicksecure users using the same, which would be an advantage to get more users (fingerprint shared by moer users and hopefully more review, suggestions)
LibreWolf[edit]
Lags behind Firefox a few days up to 1 week.
Regarding Librewolf’s slow updates, I think this issue has been very greatly exaggerated, having used it as one of my browsers for almost over 30 months, I personally do not recall it ever really being more than one week behind Firefox, usually it is only a couple working days at worst.
LibreWolf feature request: Radio Silence by Default for Browser Startup and Background Connections aka "Disable Phone Home" #1779
Bugs reported to only be reproducible in LibreWolf but not in Firefox:
Bugs maybe specific to LibreWolf only but not Firefox:
LibreFox[edit]
https://github.com/intika/Librefox is dead as per https://github.com/intika/Librefox/issues/141
https://librewolf-community.gitlab.io/ is active.
LibreFox had a potential legal issue with Mozilla:
- https://github.com/intika/Librefox/commit/45a4d3ce647b8c896e81ce3e5ac5ddc95ff045e0 mentions legal issues.
- question about it: https://github.com/intika/Librefox/issues/125#issuecomment-1913347606
intika, the developer of Librefox disappeared. The website linuxhacks.org is still online so one could assume that someone is still paying the bills. Still active on stackexchange.
Mullvad Browser[edit]
https://mullvad.net/en/browser
Kicksecure user documentation: Mullvad Browser (MB)
Advantages:
- anti-browser fingerprinting
- It seems unlikely that the project will be deprecated because Mullvad exists as a company already for a long time.
- VPN
- Does not enforce using a VPN by default.
- Security slider
- tb-updater and tb-starter already support MB (as mentioned in Kicksecure user documentation)
Disadvantages:
- VPN
- Could confuse users to believe they are using a VPN by default they are not. When using a Mullvad Browser it seems reasonable to assume that a browser developed by VPN provider Mullvad would use Mullvad VPN by default. Elaborated in the user documentation wiki chapter Mullvad VPN.
- Based on Firefox ESR (extended support release).
- Not vendor neutral.
- Comes with Mullvad specific branding.
- Default browser homepage:
MULLVAD BROWSER
Developed in collaboration between the Tor Project and Mullvad VPN
- Comes with Mullvad Browser extension by default.
Disable Mullvad DoH (encrypted DNS)
- Default browser homepage:
- Comes with Mullvad specific branding.
- DNS
- DoH (DNS over HTTPS) enabled by default
- Uses Mullvad for DNS by default.
- Could be controversial.
- If Kicksecure was to change the system DNS settings by default it should consistently for the whole system which includes the browser. MB using separate DNS settings would complicate that and make the browser use different DNS than system default DNS.
- See also the related wiki page on DNS Security and forum discussion Use DNSCrypt by default in Kicksecure? (not Whonix).
Other:
- comes with uBlock Origin by default
- but not enabled by default
Packaging Mullvad Browser (MB):
- https://github.com/mullvad/mullvad-browser/issues/133
Getting deb/rpm package for Mullvad Browser is firmly in the plans for this year.
- https://github.com/mullvad/mullvad-browser/issues/201
related:
Tor Browser[edit]
Not an option by default in Kicksecure because it is torified, hence slow. For that use case it would be better to use Whonix. See also Privacy Goals and Non-Goals of Kicksecure.
However, easily installable, opt-in for users of Kicksecure, see Tor Browser.
Base Browser[edit]
Both, Mullvad Browser (MB) and Tor Browser (TB) are based on Base Browser (BB). However, BB only exists as a source code repository. There are no binary builds available. It is not separately maintained as a standalone project by any upstream. Not suitable for the same reasons as documented in chapter Unbranded or Rebranded Browser.
Unbranded or Rebranded Browser[edit]
Not an option because difficult, time consuming to unbrand for example Mullvad Browser, compile it. High maintenance effort. Not justified with the current available project resources.
Waterfox[edit]
TODO: ?
ffprofile.com[edit]
https://github.com/allo-/ffprofile
TODO: ?
GNUzilla[edit]
TODO: ?
pyllyukko user.js[edit]
https://github.com/pyllyukko/user.js
no phone home feature request: https://github.com/pyllyukko/user.js/issues/509#issuecomment-1947855378
More[edit]
- https://codeberg.org/rusty-snake/firefox-config
- https://github.com/crssi/Firefox
- https://github.com/yokoffing/Betterfox
TODO: ?
Criteria[edit]
Primary importance for Kicksecure must be security. Anti-fingerprinting is nice but secondary. Disabled telemetry can be considered a security feature since it lowers attack surface and a privacy feature.
See also Privacy Goals and Non-Goals of Kicksecure.
Discussions[edit]
- https://forums.whonix.org/t/chromium-browser-for-kicksecure-discussions-not-whonix/10388
- https://github.com/Kicksecure/security-misc/issues/192
See Also[edit]
Related[edit]
- Chrome
- Chromium
- Dev/Chromium
- Dev/Default Browser
- Google Chrome Repository Insecurity
- https://forums.whonix.org/t/chromium-browser-for-kicksecure-discussions-not-whonix/10388
Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!
- ↑ Dev/Chromium#Firefox_and_Chromium_Security
- ↑
From - Wed Mar 6 09:46:50 2024 X-Account-Key: account17 X-UIDL: 000007a4614cbb3b X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-Path: <mkaply@mozilla.com> X-Original-To: adrelanos@kicksecure.com Delivered-To: adrelanos@kicksecure.com DMARC-Filter: OpenDMARC Filter v1.4.2 kicksecure.com 434B3360215 Authentication-Results: OpenDMARC; dmarc=pass (p=none dis=none) header.from=mozilla.com Authentication-Results: kicksecure.com; dkim=pass (1024-bit key; unprotected) header.d=mozilla.com header.i=@mozilla.com header.a=rsa-sha256 header.s=google header.b=KO0pwwTC; dkim-atps=neutral Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=209.85.128.41; helo=mail-wm1-f41.google.com; envelope-from=mkaply@mozilla.com; receiver=kicksecure.com Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by kicksecure.com (Postfix) with ESMTPS id 434B3360215 for <adrelanos@kicksecure.com>; Mon, 4 Mar 2024 21:53:55 +0000 (UTC) Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-412ecbe4b57so5235e9.3 for <adrelanos@kicksecure.com>; Mon, 04 Mar 2024 13:53:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mozilla.com; s=google; t=1709589235; x=1710194035; darn=kicksecure.com; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=XP05dmdJPTeHoyDZnAH+TBrLnk5Pk9nN86hupFmiynM=; b=KO0pwwTCrnXP5ndCK8Idwaw02FaGISaHDio7cvLHI5kUVEftpDvfZqIwVUiUlf+ejo Vwza2tyLTSXsXargMX/r6DweuvcaXr/ORbStaNFj6/5FIdggVHnuFWRt3z7YpaiUX55u Bg5c4HLAlo22WBp/GbDgA5CPz1NLOfBnLH+a0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709589235; x=1710194035; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=XP05dmdJPTeHoyDZnAH+TBrLnk5Pk9nN86hupFmiynM=; b=Bcwyyj+W6zE5/e+hllNZwdi+utLxDjBq+Km8vDpIZ4hqd7yTkgfmxGJwMgJlKjV9Su 5kSnHn+9cHaDYqj97VgHiMojtHCdfR+AuXAj8R3eKcd82BPYLuD/o0FPz22KviwxyOOi gH7VMuTkeYh1bDu60PdHKj4Qf5ihieIK+ZzH4a0+Uty0IiqdsE1sIfa8Li6HWkspd8pK wtWM9+ba+KZE6AlE7YlmkB24QzI8U/JCRvKbRBIC2nJgk8a/G7IRAC5VRSeeuWS9PAqY hGOAcimCEzLwge2yYe9wBLzlCuw132yGwb9lku72aDxDhM7BGzLac3lmH97qKLrOfLEl o2pg== X-Gm-Message-State: AOJu0YxpDPXGivRK0mFs4G9dtgoxCoyTfJ/mX6t7leiFUBLyQI2wez40 IQvQ4VkXhchvSNDMu9PEn2ZPA32/fuMZtTXo1/Y2nHnm6iCosmb7zOT9bxH4jmL+J2qyDibpTbB XbXJvmbMkTV+18tIkP72ZCCabFHBunQ2vdgQGK/UAGc8VC/HydA== X-Google-Smtp-Source: AGHT+IEGi33bUA1HhC2dlhFxFORD6YygNB0bn9HZl9i8sVjS5DMuaQWavGTA9U6pafzoOu4Qw7iQzV6Y/MLCJ+h7FPc= X-Received: by 2002:a05:600c:3581:b0:412:c29d:a3d7 with SMTP id p1-20020a05600c358100b00412c29da3d7mr7819910wmq.16.1709589235005; Mon, 04 Mar 2024 13:53:55 -0800 (PST) MIME-Version: 1.0 References: <0cff8095-6714-43e2-abcc-effba6bd1ba9@kicksecure.com> <CABrFwTKbdhb9Dso46ywiVW1KOoLzF1PmEEM7z0cYAMMWXr2XuA@mail.gmail.com> In-Reply-To: <CABrFwTKbdhb9Dso46ywiVW1KOoLzF1PmEEM7z0cYAMMWXr2XuA@mail.gmail.com> From: Mike Kaply <mkaply@mozilla.com> Date: Mon, 4 Mar 2024 16:53:43 -0500 Message-ID: <CAHueOzDskb_3-oCNwja0D6ea2TMnOHTqJ==xV0bn-5VcBJv-Wg@mail.gmail.com> Subject: Fwd: Kicksecure Default Browser Configuration Trademark Question To: adrelanos@kicksecure.com Content-Type: multipart/alternative; boundary="000000000000109e5d0612dcc396" X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=ham autolearn_force=no version=4.0.0 X-Spam-Report: * -1.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) * [209.85.128.41 listed in wl.mailspike.net] * 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. * See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block * for more information. * [URI: mozilla.org] * 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily * valid * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature * -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from * envelope-from domain * -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's * domain * 0.0 HTML_MESSAGE BODY: HTML included in message X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on kicksecure.com --000000000000109e5d0612dcc396 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Patrick, Thanks for your email. Unfortunately the changes you would like to make do not comply with our distribution policy <https://www.mozilla.org/foundation/trademarks/distribution-policy/>, including the following: You may not add to, remove, or change any part of the software, including the Mozilla trademarks themselves. For example, you may not add any extensions to Firefox, change default settings, or alter search codes. If you would like to distribute Firefox unmodified, you can use our .deb. You can, of course, make any modifications you wish to Firefox=E2=80=99s op= en source software if you distribute a browser without Mozilla and Firefox trademarks. Based on your requirements, the Tor Browser might also be an option you could consider. Mike Kaply Technical Partner Lead Mozilla Corporation On Thu, Feb 15, 2024 at 12:32=E2=80=AFAM 'Patrick Schleizer' via trademark permissions <trademark-permissions@mozilla.com> wrote: > I am the lead developer of the Kicksecure project, a Linux distribution > focused on security and based on Debian. Kicksecure is developed by the > same team as Whonix, which is somewhat more well-known. > > Our hardened defaults extend to the default user applications on the > system, including a daily drivable web browser. > > We are currently in the process of reviewing and considering potential > candidates to be the default web browser on Kicksecure. > > With good intentions, various Kicksecure contributors have suggested > shipping Mozilla Firefox as the default browser. However, some > contributors, including myself, are concerned about the modifications to > Firefox's default settings we intend to make, versus Mozilla's Trademark > Policy. We have no intention of rebranding or changing the compilation > options of Firefox binaries. In fact, we prefer to keep the Mozilla > trademarked names for the products to provide our users with a sense of > familiarity. > > We would acquire unaltered binaries from one of the following sources: > > - Debian's official packages.debian.org repository > - Mozilla's official packages.mozilla.org repository > - Mozilla's official Firefox Flathub repository > > Ideally, we would use Mozilla sources. > > Here is a trademark-respecting list of things we are aware of and want > to avoid for understandable reasons: > > * Not using Mozilla trademarks in the name of our business, product, > service, app, domain name, publication, or other offering. > * Not using marks, logos, company names, slogans, domain names, or > designs that are confusingly similar to Mozilla trademarks. > * Not using Mozilla trademarks in a way that incorrectly implies > affiliation with, or sponsorship, endorsement, or approval by Mozilla of > our products or services. > * Not displaying Mozilla trademarks more prominently than our product, > service, or company name. > * Not using Mozilla trademarks on merchandise for sale (e.g., selling > t-shirts, mugs, etc.) > * Not using Mozilla trademarks for any other form of commercial use > (e.g., offering technical support services), unless such use is limited > to a truthful and descriptive reference (e.g., =E2=80=9CIndependent techn= ical > support for Mozilla=E2=80=99s Firefox browser=E2=80=9D). > * Not modifying Mozilla=E2=80=99s trademarks, abbreviating them, or combi= ning > them with any other symbols, words, or images, or incorporating them > into a tagline or slogan. > > And here is a list of things that we would like to do. Our primary > intention is to have a default policy (or employ other means if more > appropriate) to do the following: > > * Use unaltered binaries. > * Disable all Telemetry, Studies, Reports, and non-essential implicit > outgoing connections. > * Force install the addon "uBlock Origin" by Raymond Hill. > * Set and lock hardened SSL/TLS-related settings, including, but not > limited to, setting HTTPS-only mode as the default, blocking mixed > content, not trusting unsafe negotiations, disabling unencrypted > background requests, etc. > * Disable sponsored components, like bookmarks and suggestions. > * Set and lock strict mode for ETP. > * Change the default homepage. > * Disable the default display of the "Know Your Rights" information page. > > As an illustrative point of how specifically we plan to apply these > changes: > > - Our intended changes would be made by providing a separate package > (for example, named "hardened-browser-config"). > - This package would install config file(s) in folder(s) such as > /etc/firefox or /etc/firefox-esr. > - The package would be installed by default. > > We are willing to elaborate on the details and consider making > modifications upon request by Mozilla. > > We are not asking for any special permission that does not extend to > derivatives. As stated on the Debian issue tracker: > > > In case of derivatives of Debian, Firefox branding can be used as long > > as the patches applied are in the same category as described above. > > This is related to the Debian Free Software Guidelines (DFSG) (item 8): > > > License must not be specific to Debian > > > > The rights attached to the program must not depend on the program's > being part of a Debian system. If the program is extracted from Debian > and used or distributed without Debian but otherwise within the terms of > the program's license, all parties to whom the program is redistributed > should have the same rights as those that are granted in conjunction > with the Debian system. > > We would like to be able to state similarly: > > > In case of derivatives of Kicksecure, Firefox branding can be used as > long as the patches applied are in the same category as described above. > > We are asking for your opinion on whether this would be in conflict with > Mozilla's Trademark Policy. > > We intend to publish our correspondence for the sake of transparency. > Our communications and your responses will be publicized in full, > verbatim, without modifications. > > -- > You received this message because you are subscribed to the Google Groups > "trademark permissions" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to trademark-permissions+unsubscribe@mozilla.com. > --000000000000109e5d0612dcc396 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>Patrick,</div><div><br></div><div>Thanks for your ema= il.<br></div><div><br></div><div>Unfortunately the changes you would like t= o make do not comply with our<a href=3D"https://www.mozilla.org/foundation/= trademarks/distribution-policy/"> distribution policy</a>, including the fo= llowing:</div><br><div style=3D"margin-left:40px">You may not add to, remov= e, or change any part of the software, including the Mozilla trademarks the= mselves. For example, you may not add any extensions to Firefox, change def= ault settings, or alter search codes.<br></div><br>If you would like to dis= tribute Firefox unmodified, you can use our .deb.<br><br>You can, of course= , make any modifications you wish to Firefox=E2=80=99s open source software= if you distribute a browser without Mozilla and Firefox trademarks. Based = on your requirements, the Tor Browser might also be an option you could con= sider.<br><div><br></div><div>Mike Kaply</div><div>Technical Partner Lead</= div><div>Mozilla Corporation<br></div><div class=3D"gmail_quote"><br><div c= lass=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, Feb 15, = 2024 at 12:32=E2=80=AFAM 'Patrick Schleizer' via trademark permissi= ons <<a href=3D"mailto:trademark-permissions@mozilla.com" target=3D"_bla= nk">trademark-permissions@mozilla.com</a>> wrote:<br></div><blockquote c= lass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px soli= d rgb(204,204,204);padding-left:1ex">I am the lead developer of the Kicksec= ure project, a Linux distribution <br> focused on security and based on Debian. Kicksecure is developed by the <br= > same team as Whonix, which is somewhat more well-known.<br> <br> Our hardened defaults extend to the default user applications on the <br> system, including a daily drivable web browser.<br> <br> We are currently in the process of reviewing and considering potential <br> candidates to be the default web browser on Kicksecure.<br> <br> With good intentions, various Kicksecure contributors have suggested <br> shipping Mozilla Firefox as the default browser. However, some <br> contributors, including myself, are concerned about the modifications to <b= r> Firefox's default settings we intend to make, versus Mozilla's Trad= emark <br> Policy. We have no intention of rebranding or changing the compilation <br> options of Firefox binaries. In fact, we prefer to keep the Mozilla <br> trademarked names for the products to provide our users with a sense of <br= > familiarity.<br> <br> We would acquire unaltered binaries from one of the following sources:<br> <br> - Debian's official <a href=3D"http://packages.debian.org" rel=3D"noref= errer" target=3D"_blank">packages.debian.org</a> repository<br> - Mozilla's official <a href=3D"http://packages.mozilla.org" rel=3D"nor= eferrer" target=3D"_blank">packages.mozilla.org</a> repository<br> - Mozilla's official Firefox Flathub repository<br> <br> Ideally, we would use Mozilla sources.<br> <br> Here is a trademark-respecting list of things we are aware of and want <br> to avoid for understandable reasons:<br> <br> * Not using Mozilla trademarks in the name of our business, product, <br> service, app, domain name, publication, or other offering.<br> * Not using marks, logos, company names, slogans, domain names, or <br> designs that are confusingly similar to Mozilla trademarks.<br> * Not using Mozilla trademarks in a way that incorrectly implies <br> affiliation with, or sponsorship, endorsement, or approval by Mozilla of <b= r> our products or services.<br> * Not displaying Mozilla trademarks more prominently than our product, <br> service, or company name.<br> * Not using Mozilla trademarks on merchandise for sale (e.g., selling <br> t-shirts, mugs, etc.)<br> * Not using Mozilla trademarks for any other form of commercial use <br> (e.g., offering technical support services), unless such use is limited <br= > to a truthful and descriptive reference (e.g., =E2=80=9CIndependent technic= al <br> support for Mozilla=E2=80=99s Firefox browser=E2=80=9D).<br> * Not modifying Mozilla=E2=80=99s trademarks, abbreviating them, or combini= ng <br> them with any other symbols, words, or images, or incorporating them <br> into a tagline or slogan.<br> <br> And here is a list of things that we would like to do. Our primary <br> intention is to have a default policy (or employ other means if more <br> appropriate) to do the following:<br> <br> * Use unaltered binaries.<br> * Disable all Telemetry, Studies, Reports, and non-essential implicit <br> outgoing connections.<br> * Force install the addon "uBlock Origin" by Raymond Hill.<br> * Set and lock hardened SSL/TLS-related settings, including, but not <br> limited to, setting HTTPS-only mode as the default, blocking mixed <br> content, not trusting unsafe negotiations, disabling unencrypted <br> background requests, etc.<br> * Disable sponsored components, like bookmarks and suggestions.<br> * Set and lock strict mode for ETP.<br> * Change the default homepage.<br> * Disable the default display of the "Know Your Rights" informati= on page.<br> <br> As an illustrative point of how specifically we plan to apply these changes= :<br> <br> - Our intended changes would be made by providing a separate package <br> (for example, named "hardened-browser-config").<br> - This package would install config file(s) in folder(s) such as <br> /etc/firefox or /etc/firefox-esr.<br> - The package would be installed by default.<br> <br> We are willing to elaborate on the details and consider making <br> modifications upon request by Mozilla.<br> <br> We are not asking for any special permission that does not extend to <br> derivatives. As stated on the Debian issue tracker:<br> <br> =C2=A0> In case of derivatives of Debian, Firefox branding can be used a= s long<br> =C2=A0> as the patches applied are in the same category as described abo= ve.<br> <br> This is related to the Debian Free Software Guidelines (DFSG) (item 8):<br> <br> =C2=A0> License must not be specific to Debian<br> =C2=A0><br> =C2=A0> The rights attached to the program must not depend on the progra= m's <br> being part of a Debian system. If the program is extracted from Debian <br> and used or distributed without Debian but otherwise within the terms of <b= r> the program's license, all parties to whom the program is redistributed= <br> should have the same rights as those that are granted in conjunction <br> with the Debian system.<br> <br> We would like to be able to state similarly:<br> <br> =C2=A0> In case of derivatives of Kicksecure, Firefox branding can be us= ed as <br> long as the patches applied are in the same category as described above.<br= > <br> We are asking for your opinion on whether this would be in conflict with <b= r> Mozilla's Trademark Policy.<br> <br> We intend to publish our correspondence for the sake of transparency. <br> Our communications and your responses will be publicized in full, <br> verbatim, without modifications.<br> <br> -- <br> You received this message because you are subscribed to the Google Groups &= quot;trademark permissions" group.<br> To unsubscribe from this group and stop receiving emails from it, send an e= mail to <a href=3D"mailto:trademark-permissions%2Bunsubscribe@mozilla.com" = target=3D"_blank">trademark-permissions+unsubscribe@mozilla.com</a>.<br> </blockquote></div><div dir=3D"ltr"><div><div dir=3D"ltr"><div><br><span><s= pan></span></span></div></div></div></div> </div></div> --000000000000109e5d0612dcc396--