Judging by the commit logs, the main two maintainers are one anonymous guy (nothing linking his profile to a real person) and some Chinese guy (is he a Chinese national or not?)
Although these may be perfectly well-meaning people, we can't just trust them to maintain something so critical as a web browser.
I fully respect peoples' right to anonymity, but such projects need at least one core maintainer to be an identifiable person, imo. Just to establish trust and accountability in case anything does happen.
I hope this is not taken the wrong way and that you understand what I'm getting at here.
If "being a Chinese national" is an argument for "not trustworthy", I'm sorry but "being an American national" also becomes an argument for "not trustworthy". By about 400% more (and I'm being nice).
I didn't see any others. I'm not quite clear where you're getting this idea that either of these people are PRC nationals either, or why that would really matter. The PRC is huge in the FOSS space, and it's not like I'm a huge fan of the country (I live in Taiwan) but credit where it's due.
I've been to Celenity's homepage and he seems like a privacy-conscious guy, and that's more than fine. From a user's perspective, the dilemma remains though.
When it comes to Chinese nationals, you can't expect them to be held accountable if they were to do something malicious. China hosts a lot of cyber crimimals who have had free reign for some 2 decades to target people online. Also, we don't even know who this guy really is, let alone his nationality, was Jia Tan a real name? Who knows.
Don't Americans get away with cybercrimes as well? For example, probably hacking Iranian nuclear power facilities, or American companies stealing lots of data of global users to sell, or American AI companies freely scanning copyrighted materials to train their models?
The US does espionage more overtly where they offer you some value before they take your data. That's the gambit being played to avoid diplomatic issues.
They also lobby politicians to betray their own nations in favour of US (corporate) interests.
Not to blame the victim here, but many times it's other countries fault for allowing themselves to be put in this predicament.
When it comes to China or Russia, those have already strained relationships with the US and the rest of the Western world and do not mind dirty tactics. There is nothing really holding them back from engaging in covert cyber warfare.
It's different types of threats that need to be dealt with differently.
Social accountability, for one. Never underestimate shame as a motivating factor for humans. I'm generally in favor of protecting anonymity, so I'm not fully in agreement that this should be a hard requirement for a software project, but I can at least see the appeal of the idea.
Web browsers are also a rare class of software with high complexity and also high privilege (considering the data that typically passes through them), so perhaps higher scrutiny of this class of software is warranted.
Imagine that you have a choice between two pieces of software. The developer of one of those pieces of software is Linus Torvalds. The developer of the other piece of software is Mikhail Vasiliev.
The one that puts the source code online and it compiles on my computer.
And if both do that, have same features, work the same, etc., no other difference, then I'll take the smaller one - because the larger one most probably includes something I don't want, even if it's just bloat or inefficient code.
For me, he lost his credibility, when, with childish "historical" arguments, he choose to ban russian developers from the linux kernel.
Can we still trust him to not insert a backdoor in the kernel, "to fight the russians" ?
An anonymous individual might also have multiple anonymous accounts, for example. Without that anonymity, other projects might ban their contributions, and users might not use their software.
Many of the browsers you mentioned above are basically Firefox reskins with better settings out of the box.
I downloaded WebLibre out of curiosity and can say it's different from those other browsers. I've never seen a mobile browser that lets you run Tor-enabled private tabs, or mobile-friendly multi-account containers. The UI also bears nearly no semblance to Firefox (besides the rendering engine, only the extension management area reminds me of it).
Is it? They say it’s using Gecko + Mozilla Android Components. Which would probably make it similar to FF in many ways, but not a fork. I didn’t look further into it though (as I want FF, especially Mozilla sync)
Interesting. Just one hour ago, I was removing the Amazon & co links that Firefox imposes to users on the home page.
I was recommending Firefox to my friend to avoid a weather app's ads. Turns out he got ads on Firefox too. Removing them is easy in the settings but not for the general public.
The question though is : where will the funds of WebLibre come ? Implementing a browser is hard. If Firefox continues to drift, who will pay for the development of the engine ?
The .eu in the domain lets me think this is a european project, but I wasn't able to find a "about us" page.
Note that UG (haftungsbeschränkt) is a mandatorily for-profit type of company. It is required to retain one quarter of earnings until it reaches 25000€ - the minimum capitalization for a GmbH - and then it may apply to convert to a GmbH.
There's maybe a couple dozen forks of FireFox or other Chromium-based browsers out there. Probably more, but certainly enough that this headline made me give a slight eyeroll, thinking "another one, huh? OK, so what's actually different here?"
Who pays for it? Many are FOSS projects, specially where privacy is concerned. Plain old FireFox still tracks telemetry, which is more than some people like. People hate being tracked and having their every thought examined for its advertising potential to the point that people build privacy-focused browsers for free as a public good.
Sometimes donations work as well, like how the Tor project works. But Tor is running servers, so their financial needs are much heavier.
My first association with -libre in product names is LibreOffice. And that has managed to look old and ugly for as long as I can remember, with little to no improvement
It was ugly when it was called StarOffice, and also ugly when it was called OpenOffice. So calling it LibreOffice should have been obvious from the start!
odd that you say this, libreoffice is the first of those high quality products i had in mind. it looks clean, friendly, and everything just works. whenever i am forced to use msoffice it's a cringeworthy experience.
is this opinion based on recent experiences of the libreoffice suite?
Blender is testament against that and the only free software that has made huge inroads into creative work and it only happened after serious UI/UX work
You are conflating design with bloat. It's not the designers fault that click tracker SDKs and 15 microservices with eventual consistency is running in the background. They didn't make the mobile app 300MB.
Obviously designers can destroy products too, but we got much bigger problems than that in 2025. Most of the garbage today come from business decisions and technical fads.
I agree that applications, especially ones using web interfaces, gain significant bloat with each iteration, but I don't see how that has anything to do with what I'm complaining about.
If all that changed was that everything ran slower and took more battery power and increased the liklihood of closing when backgrounded, that's all I would be complaining about, but what I'm conplaining about here is that updates lead to reduced feature sets, buttons and links that are impossible to differentiate from inactive elements, and icons that vaguely hint at a skuemorphic past, but look more like hamburgers, kebabs, and petifores than what they're actually supposed to respresent.
What's the point of not using words on the buttons that open menus, when the menu's contents are entirely words?
Fair points. I agree the flat monochrome design of today have issues. The example you linked is atrocious.
> What's the point of not using words on the buttons that open menus, when the menu's contents are entirely words?
The truth is that real estate became incredibly constrained with mobile, and hover also disappeared. Imo the hamburgers and triple dots are close to how good you can get on mobile. There's little point in adding the word "menu" or "options". Basically any text you add on mobile would take full screen width to be safe in all languages. And thats pretty much what open menus look like - they take over the whole screen.
Due to mobile being the primary target, a lot of devs reuse those GUIs for much bigger screens, which is unfortunate.
I guess that would be preferable to Google Map's current interface of showing a blue line, for the path I should follow, as opposed to a different blue line, for the other roads that I shouldn't follow.
I've given up on it, and just use a list of turns and distances, because that way I miss the turns far less often.
Don't mind the "Libre" too much tbh, because I use some quality products that use it ... but yes, it's only a matter of time before marketing nerds ruin an already unappealing term
I agree. It's lame, difficult to pronounce, and clearly identifies the project as something that only RMS-level uber-nerds would care about. Terrible name.
Definitely not. RMS-level uber-nerds are easy to dismiss because they have genuinely crazy views, and also because they tend to be super weird people.
We may agree with RMS that we should be free to own our computers and run whatever we want on them. But he says that commercial software should not exist. That's clearly insane, which makes it easy to dismiss everything he says as insane, even if a lot of it isn't.
Similarly, the man himself is extremely weird and creepy. It's easy to dismiss him on those grounds too even if they don't directly relate to tech things.
What we definitely need is more normal people with normal view that support normal software freedoms without going to crazy extremes.
Well, it is difficult to pronounce if you don't speak spanish, portuguese, italian, and probably others. For me, as native Spanish speaker is super easy to say.
The difficulty is that it doesn't follow unambiguous English pronunciation heuristics.
For example, I have no problem pronouncing "ender" because it has no elements that have unambiguous pronunciation. I also have no problem pronouncing "centre", because it's a well known word with well known pronunciation. But libre is not an existing English word, and "-bre" does not have an unambiguous pronunciation heuristics, so it's unclear how it is intended to be pronounced.
Not an issue in Spanish because it is (apparently) a word in Spanish.
Another example of a bad naming is Forgejo. Terrible. I'm sure it has very clear pronunciation if you speak Esperanto.
Is there any effective way to signal to the users who care that your product is committed to Free/Libre Open source principles without also making it sound lame?
I tried to watch WWF in Puerto Rico the 90s but just didn't understand why all my friends liked it. I still don't. I did play the games back then though, those were more fun than watching the show. I never even bothered with Lucha Libre tbh.
It only changed in the mid to late nineties because they lost a lawsuit to the panda.
I still wonder what would have happened if they instead settled to keep the acronym in return for giving massive PR to the World Wildlife folks. As in like, having positive pro-ecological messages and characters in perpetuity. We could all be watching the World Wrestling Foundation to see the title match between (insert name of actual wrestler here) and a wrestler named The Tree Sloth or something...
That's funny I actually prefer boxing and MMA because there's a lot more at stake than most other sports. I respect that they have to train to be as optimal as possible to do those sports where you risk much more.
I don't go out of my way to watch them, but if a friend wants to invite me over to watch a match, I wont be as bored as if it was sportball.
I can't set Google as my auto complete provider. It's not on the list.
I was able to set Google as default search engine but had to go to a separate blank search page and type it out.
It would've been nice if Google was in the main list.
Runs a local AI model for suggesting tab and container names. It supports tab containers.
Suggests you to install ublock origin on first step itself.
There's tor, tree view tabs and duck duck go styled bangs synced from a number of repos.
I admit that was definitely tongue in cheek.
But brave is on the front page. Maybe they're better.
I would like to keep my data from bad actors with illegal ops or malware, but willing to sacrifice some to a legitimate corporation with data protection rules set up for a better personalized experience. I guess chrome with ublock origin lite is all I need.
Is this browser exclusively for the .1% that will not even load a google web page?
I doubt even 0.1% manage to avoid loading a google page or script while browsing the web, but there is a lot of momentum behind the (apparently herculean) effort to reduce the presence of google in one's life to the greatest practical degree.
Future generations will look us in disbelief. Google made incredibly good products, search, gmail, maps, youtube, a mobile os platform. I won't fault them one bit.
It's we the people who took a private company's product as public infrastructure, integrated into our lives, replaced any processes we can with a Google one. Entire economies, businesses, governments depend on gmail and google sheets.
What we really need is to declare Chrome public utility and national security critical. Then have a steering committee and open transparent development that benefits users first. This goes in hand with Chrome being taken away from Google, as have been recently announced.
To the contrary, the better a browser is at avoiding tracking, the more likely you are to be banned from the get go.
I primarily use Pale Moon, and CloudFlare blocks me from a bunch of websites, because I don't provide enough tracking data to convince them I'm not a bot.
How current is this still? Asking as a complete noob. I don't expect Firefox's architecture to have changed much, but it's been 3 years, so it could have improved a lot since this was written, and there are things I know about that are outdated in this document.
For instance, the two mentioned Linux sandbox escapes [1] involve two things that have disappeared in many setups: X11 and pulseaudio. We now have Wayland and pipewire, which should both be better in this aspect IIUC. The mentioned bug related to X11 was also closed 3 years ago.
Firefox Development is essentially dead. Mozilla fucked us over collectively.
Sure this particular bug has been fixed but Firefox Security is nothing compared to the Millions Google is paying to ensure security. Just the amount of paid, full time eyeballs on chromium security alone makes a huge difference.
Maybe all of this is true, but it's a different threat model than I'm concerned with. I'm not that worried about malware exploits, I'm far more worried about software behaving "correctly" in a user-hostile manner.
Another privacy browser enters the market. The challenge isn't building a privacy-focused browser - it's getting people to actually switch from Chrome.
Most users say they care about privacy but aren't willing to deal with the friction of changing browsers, syncing bookmarks, re-entering passwords, etc.
The browsers that succeed are the ones that make the migration process effortless. Privacy is important, but convenience usually wins.
Not really sure what the point of this is. As others have said, there is already an abundance of privacy focused Firefox forks on Android. I think Ladybird is where the future of user respecting web browsing is at.
It is added to the growing list of Firefox forks on Android
- Iceraven
- Fennec
- Waterfox
- Tor
- IronFox
- Firefox Focus (By Mozilla itself)
Any others?