+ Reply to Thread
Results 1 to 5 of 5

Thread: Mullvad Browser

  1. #1
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385

    Mullvad Browser

    The Mullvad Browser is a privacy-focused web browser developed in a collaboration between Mullvad VPN and the Tor Project. It's designed to minimize tracking and fingerprinting. You could say it's a Tor Browser to use without the Tor Network. Instead, you can use it with a trustworthy VPN. The idea is to provide one more alternative - beside the Tor Network - to browse the internet with more privacy. To get as many people as possible to fight the big data gathering of today. To free the internet from mass surveillance.
    https://mullvad.net/en/browser

    It looks like they're trying to bring the approach of a browser whose fingerprint is deliberately non-unique and shared to a bigger audience, including those who don't use any sort of anonymizer. That's a good thing in principle, but it should be noted that the effectiveness of such a model is directly proportional to how many people follow it correctly, and this is still a new project.

    The Windows build says "10 or later", but works fine on 7.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  2. Who Said Thanks:

    khangiskhan (01.05.23) , JohnWick (24.04.23)

  3. #2
    Advanced User Renk's Avatar
    Join Date
    17.08.08
    Location
    Elsewhere
    P2P Client
    utorrent
    Posts
    581
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 ssssss581
    I tried it. seems fine. But I wanted to use it to browse i2p, and the problem I constantly had is that Mullvad browser changes every http url in their https counterpart. This doesn't happen with Tor Browser when browsing Tor network (where very few .onion addresses are https), so I think there should be a trick to get rid of the http -> https translation. But my attempts have been unsuccessful. I tried "Don?t enable HTTPS-Only Mode", failed. I added the addon httpz, failed.

    Yet it could be a good browser for i2p.
    Primo Avulso Non Deficit Alter
    Reply With QuoteReply With Quote
    Thanks

  4. #3
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385
    Can't check right now, but setting one or more of these in about:config may fix it.
    • dom.security.https_only_mode=false
    • browser.fixup.fallback-to-https=false
    • dom.security.https_first=false
    • dom.security.https_first_pbm=false
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  5. Who Said Thanks:

    Renk (28.05.23)

  6. #4
    Advanced User Renk's Avatar
    Join Date
    17.08.08
    Location
    Elsewhere
    P2P Client
    utorrent
    Posts
    581
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 ssssss581
    I just realized that the uBlock addon Mullwad Browser comes bundled with has a questionable setting checked: in uBlock settings, "Uncloak canonical names" is checked. But in case of socks proxy usage, this setting causes dns leaks. Although in this case this leak should not be that bad (as the dns provider leaked is Mullvad's), the dns traffic must only be sent through the proxy.

    A workaround consists in using the trick I explained in a previous post.
    Last edited by Renk; 28.05.23 at 02:03.
    Primo Avulso Non Deficit Alter
    Reply With QuoteReply With Quote
    Thanks

  7. #5
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385
    Quote Originally Posted by Renk View Post
    I just realized that the uBlock addon Mullwad Browser comes bundled with has a questionable setting checked: in uBlock settings, "Uncloak canonical names" is checked.
    Considering they recommend using this with a VPN, that's a sensible default. There is no way for CNAME decloaking to work without leaks in your scenario, since you can't get DNS records from a proxy. (Tunneling DoH requests through it won't make a difference, upstream resolvers will still see the same source.)
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

+ Reply to Thread

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •