Tor Project is resurrecting SecBrowser as Mullvad Browser

JeremyRand · September 5, 2022, 9:08am

Tor Project recently received funding to factor out the security and privacy enhancements of Tor Browser from the Tor-specific enhancements (similar to how Kicksecure factors out security features from Whonix). The factored-out browser is called Base Browser [1]. This is basically the same concept as SecBrowser, which was deprecated by Kicksecure due to insufficient support from upstream Tor Project. There aren’t yet any Nightly builds of Base Browser, but code is already being committed to Git; I’m not sure what the expected release timeline is.

It might be useful for Kicksecure to consider including Base Browser once it’s released (at least as Nightly). I’m guessing the Tor Browser Downloader in Whonix could be trivially adapted for Base Browser.

[1] I was initially not very fond of this name, but it’s grown on me, especially once I realized that it opens the door to entertaining memes such as “In Soviet Russia, all your tracker are belong to Base Browser.”

Patrick · September 5, 2022, 9:29am

I don’t think we said that?

JeremyRand · September 5, 2022, 10:27am

My recollection was that there were severe UX issues with SecBrowser that were primarily caused by the Tor Browser codebase not being compatible with the changes SecBrowser wanted to make, e.g. the window title saying “Tor Browser” still, and that this was why it was deprecated? If that’s correct, I would say the root cause of the deprecation was insufficient support from upstream. Anyway I’ll defer to you on this since you obviously know the history better than I do, so apologies if I misstated the reasons.

Patrick · September 6, 2022, 12:34pm

Yeah. No worries about the history.

Interesting suggestion. Worth monitoring when it materializes.

Disadvantages I see are:

the risk of Tor Project (TPO) abandoning the project (for example in the past great projects such as Vidalia, torbirdy and Tor Messenger were deprecated),
the weird need for a non-APT based installation method,
binary program files in the home folder,
binary program folder mixed with user data.

JeremyRand · April 3, 2023, 12:12pm

Now that the big announcement was made this morning, I can disclose who funded Base Browser. Mullvad contracted Tor Project to make Mullvad Browser, which (like Tor Browser) is a derivative of Base Browser.

Patrick · April 6, 2023, 5:08am

Patrick · April 6, 2023, 5:14am

Does not seem that likely.

no arm64 and other architecture support?

This still equally applies?

Nevertheless, Mullvad Browser could be considered as an alternative to Firefox for installation by default in Kicksecure one day.

A welcome contribution would be adding support to tb-updater for downloading Mullvad Browser (MB) if it’s just about changed download locations, folder names.

moar.secur · April 15, 2023, 3:11am

Would Kicksecure give MB browser the same AppArmor treatment as FF?

Patrick · April 16, 2023, 10:33am

Probably, same AppArmor profile as included in package as apparmor-profile-torbrowser.

Patrick · July 31, 2023, 11:07am

Patrick · November 28, 2023, 4:52am

github.com/Kicksecure/tb-updater

Mullvad Browser support

opened 05:19PM - 27 Nov 23 UTC

fyqwbdzsfjh

Hello! I tried using this script to download and install Mullvad Browser and …at a glance it appears to work with fairly minimal changes (same signers, same structure, possibly the same release process as well). Separate changes will of course need to be made to tb-starter as well. I could be interested in working on a pull request, if that's something there's interest in, though some assistance will likely be necessary. Here are some relevant links - https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main/projects/firefox/config#L91 - https://cdn.mullvad.net/browser/update_responses/update_1/release/downloads.json - - Did not find an onion for this - https://dist.torproject.org/mullvadbrowser

Patrick · December 5, 2023, 4:29pm

github.com/Kicksecure/tb-updater

Add support for Mullvad Browser

Kicksecure:master ← fyqwbdzsfjh:master

opened 08:42PM - 28 Nov 23 UTC

fyqwbdzsfjh

+28 -2

As discussed in https://github.com/Kicksecure/tb-updater/issues/25 Notes: - …Download, verification and installation works (tested only cli). - https://cdn.mullvad.net/browser/update_responses/update_1/alpha/downloads.json reports `13.5a1` as the alpha version, but only `13.5a2` is available at https://dist.torproject.org/mullvadbrowser/ - Wiki page needs to be created - `tb_kill_already_running_tb_maybe` needs to kill `mullvadbrowser.real` - `tb_preparation` has to give an error if $tb_onion = true, as an onion for `TBB_VERSIONS_FILE_LINK` does not seem to exist - Does not start the browser, as tb-starter does not support it yet - `mb` has the possibility to conflict with something else a possible user has. Using the full name would be better in my opinion, but this is consistent with the other scripts. Feel free to ask any changes (I am quite comfortable with bash).

Patrick · December 5, 2023, 4:33pm

stub wiki page created:

Helia · December 5, 2023, 8:58pm

If it matters, Mullvad Browser will soon be available via their own repo:

github.com/mullvad/mullvadvpn-app

Mullvad Repository for apt install mullvad-vpn

opened 11:35PM - 19 Oct 21 UTC

closed 12:32PM - 29 Nov 23 UTC

Danrancan

feature request

## Issue report Operating system: <ubuntu 20.04> App version: <Latest --> … ### Issue description I cannot find a known apt repository to add mullvad to my app repos. I would like to automatically install and update mullvad with the command `apt install mullvadvpn` on ubuntu 20.4, and include that package in my updates when using `apt update`. Is there a repository for mullvad that I can add to automatically download and install the package instead of using gdebi for a manual installation? ![Screenshot_20211019_183318](https://user-images.githubusercontent.com/30222551/138004660-25f9fc61-4ddd-4e27-8943-d1960b76b77b.png)

Patrick · January 6, 2024, 1:49pm

Patrick · March 9, 2024, 2:42pm

github.com/mullvad/mullvad-browser

usability: user confusion whether a VPN is used or not

opened 02:41PM - 09 Mar 24 UTC

adrelanos

Mullvad is well known a a VPN company. The name Mullvad is hard wired to VPN. … Now that there is a Mullvad Browser (MB), users assume that the browser comes with a VPN integrated by default. It's not easy, if possible at all, for the Mullvad brand to maintain a browser privacy focused browser without causing confusion. I am not sure what would be the way to fix this. Mullvad customers will often assume and/or expect, that MB comes with Mullvad VPN by default. That is your heritage for being known a a VPN company. Related issue: * https://github.com/mullvad/mullvad-browser/issues/4 Suggested solutions: * A) separate project, logo * maintain a new brand, * a new, dedicated, separate domain name, * a new logo. * Without reference to Mullvad. * You can mention somewhere something like "Privacy Browser has been created by the same team that created Mullvad VPN." That's useful to leverage your exiting reputation but has to be done careful to avoid causing confusion. * B) two different projects * Mullvad Browser (Mullvad VPN enabled by default) * Privacy Browser (no VPN integration by default) * C) Mullvad extension improvements * by default, a red, crossed out VPN icon for Mullvad extension, * turning green, if Mullvad VPN is enabled * D) A browser first start wizard. * Ask the user if the user wants to use it as Privacy Browser (no VPN integration) or as Mullvad Browser (refusing connections unless Mullvad VPN will be used)

Patrick · March 9, 2024, 2:45pm

related:
Base Browser

github.com/Kicksecure/security-misc

Kicksecure Default Browser Discussion

opened 12:01PM - 21 Jan 24 UTC

monsieuremre

I think it should be considered to move applicaiton specific hardening to its ow…n repository. Even if this happens or not, consider firefox as the default browser. Hardening might seem like a big undertaking, but it's not. There is a more maintainable way to harden mozilla applications, and that is to set policies. This allows more than just setting preferences. There are many useful macros to disable studies and/or telemetry. Ping and crash reports can also be disabled within the policy easily with preferences. To demonstrate the possibility of control and also the ease of maintainability, I want to present the following policy I created for firefox: ``` { "policies": { "Bookmarks": [ { "Title": "Kicksecure", "URL": "https://kicksecure.com", "Favicon": "https://www.kicksecure.com/favicon.ico", "Placement": "toolbar", "Folder": "Kicksecure" } ], "DisableFeedbackCommands": true, "DisableFirefoxAccounts": true, "DisableTelemetry": true, "DisableFirefoxStudies": true, "DisableFormHistory": true, "DisablePocket": true, "DisableSystemAddonUpdate": false, "EncryptedMediaExtensions": { "Enabled": false, "Locked": false }, "ExtensionSettings": { "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" } }, "ExtensionUpdate": true, "FirefoxHome": { "SponsoredTopSites": false, "SponsoredPocket": false, "Locked": true }, "FirefoxSuggest": { "SponsoredSuggestions": false, "ImproveSuggest": false, "Locked": true }, "PasswordManagerEnabled": false, "PDFjs": { "Enabled": false, "EnablePermissions": false }, "Preferences": { "browser.contentblocking.category": { "Value": "strict", "Status": "locked" } }, "PromptForDownloadLocation": true, "SearchEngines": { "Default": "DuckDuckGo", "PreventInstalls": true, "Remove": ["Google", "Amazon"] }, "SearchSuggestEnabled": false, "StartDownloadsInTempDirectory": true, "UserMessaging": { "WhatsNew": false, "ExtensionRecommendations": false, "FeatureRecommendations": false, "UrlbarInterventions": false, "SkipOnboarding": false, "MoreFromMozilla": false, "Locked": true } } } ``` What is done: * Remove all sponsor junk * Remove telemetry * Remove studies * Force install ublock origin and lock it * Enable ETP in strict mode and lock it * Remove mozilla recommending and shilling random stuff * Disable scripting and permissions for pdf viewer * Kicksecure default bookmark * Privacy respectin search engine * Disable drm * And some other stuff, more can be added, possibilities are limitless For this vast amount of settings, I would agree the policy file is very intuitive and human readable and brief and maintainable. It is also very solid, it provides more possibilites than just global preferences for firefox. We can control addons and stuff. A similar policy file can be maintained also for thunderbird. Kicksecure can lock security related settings this way too, like enforcing strong cipher, ssl etc. settings and locking them. Locking settings results in this: the user can't change the setting in the browser, not in settings, not in about:config, nowhere, it is locked. Disabling the policy is the only way to get rid of our defaults, if we wish so. Now, I already have some several suggestions for policies for firefox and thunderbird. I guarantee you they are all human understandable and reasonably brief to maintain. I suggest having a separate repository for ease. I already suggest, we reconsider the default applications Kicksecure ships. My comments: * Thunderbird - Already good, should stay * Firefox - Should be included (doubles as a secure pdf viewer) * Hexchat - Thunderbird has IRC, so why have this. Also, IRC is not common place, shipping a default application seems superfluous. * Bitcoin - Ok, understandable, maybe, niche, but passable * Electron - Superfluous since btc core is already present * Monero - Passable, I guess, but not necessary, like bitcoin * VLC - good, vital component for daily usage, should stay * Some Office - Unsurprisingly, an office suite is probably more seeked by an average user than hexchat

Under consideration as Kicksecure Default Browser see chapter Mullvad Browser.

This was implemented.

Most essential information has been documented.