The Wall Street Journal's senior personal tech columnist just published an article urging readers to "quit Chrome. Safari and Edge are just better browsers." It begins with the reporter pretending to break up with Chrome, adding "I'd say I'll remember the good times — your speed, your superb handling of Gmail — but your RAM hoovering, battery draining and privacy disregarding make it easy to not look back.

"This is the year, people. It's the year I challenge you to pack up your bookmarks and wave bye-bye to Google's browser..."

And the article is even accompanied by a video titled "Four ways to stop Chrome from slowing down your computer," where tip #1 is just: "Stop using Chrome..." "Sure, Chrome has far more browser market share [than Firefox, Safari, and Edge]. But all of them have actually gotten quite good over the last number of years. Heck, the new Microsoft Edge browser even uses Chromium, the same underlying technology as Chrome, and the performance is much improved, across Windows PCs, and Macs. Yes, Microsoft's browser is available for Mac, and it's good.

"In my weeks of testing, Edge used 5% less resources than Chrome on Windows. Safari used up to 10% less in some of my tests on my Mac. That meant up to 2 extra hours of battery life in their respective operating systems. Firefox, unfortunately, took up just as much power as Chrome. Google says it's working on some resource-saving improvements that will come in the next few months.

If you can switch to just one of those, go for it, even if just for their better privacy tools."
The video opens with a cartoon depiction of "Chrome-y," who lives inside your computer and eats your RAM and other resouces. "But don't worry. You can put him on a diet and take back your computer with some of these tips." The other tips including uninstalling extensions, and using Chrome's Task Manager to "spot and kill the RAM gobblers."

But throughout the video, "Chrome-y" continues chomping on your RAM...

Apple said last week that it declined to implement 16 new web technologies (Web APIs) in Safari because they posed a threat to user privacy by opening new avenues for user fingerprinting. Technologies that Apple declined to include in Safari because of user fingerprinting concerns include: Web Bluetooth - Allows websites to connect to nearby Bluetooth LE devices.
Web MIDI API - Allows websites to enumerate, manipulate and access MIDI devices.
Magnetometer API - Allows websites to access data about the local magnetic field around a user, as detected by the device's primary magnetometer sensor.
Web NFC API - Allows websites to communicate with NFC tags through a device's NFC reader.
Device Memory API - Allows websites to receive the approximate amount of device memory in gigabytes.
Network Information API - Provides information about the connection a device is using to communicate with the network and provides a means for scripts to be notified if the connection type changes.

Battery Status API - Allows websites to receive information about the battery status of the hosting device. Web Bluetooth Scanning - Allows websites to scan for nearby Bluetooth LE devices.
Ambient Light Sensor - Lets websites get the current light level or illuminance of the ambient light around the hosting device via the device's native sensors.
[...]
The vast majority of these APIs are only implemented in Chromium-based browsers, and very few on Mozilla's platform. Apple claims that the 16 Web APIs above would allow online advertisers and data analytics firms to create scripts that fingerprint users and their devices.

An anonymous reader shares a column: Back when there were rumors of Google building an operating system, I thought "Lol." Then I watched then-PM Sundar Pichai announce Chrome OS. My heart raced. It was perfect. I got my email through Gmail, I wrote documents on Docs, I listened to Pandora, I viewed photos on TheFacebook. Why did I need all of Windows Vista? In 2010, I predicted that by 2020 Chrome OS would be the most popular desktop OS in the world. It was fast, lightweight, and $0. "Every Windows and OS X app will be re-built for the browser!" I thought. Outlook > Gmail. Excel > Sheets. Finder > Dropbox. Photoshop > Figma. Terminal > Repl.it. All of your files would be accessible by whoever you wanted, wherever you wanted, all the time. It was obvious. Revolutionary. I haven't installed MSFT Office on a machine since 2009. Sheets and Docs have been good enough for me. The theoretical unlimited computing power and collaboration features meant Google Docs was better than Office (and free!). Then something happened at Google. I'm not sure what. But they stopped innovating on cloud software.

Docs and Sheets haven't changed in a decade. Google Drive remains impossible to navigate. Sharing is complicated. Sheets freezes up. I can't easily interact with a Sheets API (I've tried!). Docs still shows page breaks by default! WTF! Even though I have an iPhone and a MacBook, I've been married to Google services. I browse Chrome. I use Gmail. I get directions and lookup restaurants on Maps. I'm a YouTube addict. Yet I've been ungluing myself from Google so far this year. Not because of Google-is-reading-my-emails-and-tracking-every-keystroke reasons, but because I like other software so much more that it's worth switching. At WWDC, Apple shared Safari stats for macOS Big Sur. It reminded me how much Chrome makes my machine go WHURRRRRR. [...] I've given up on Google Docs. I can never find the documents Andy shares with me. The formatting is tired and stuck in the you-might-print-this-out paradigm. Notion is a much better place to write and brainstorm with people. The mobile Google results page is so cluttered that I switched my iPhone's default search to DuckDuckGo. The results are a tad worse, but I'm never doing heavy-duty searches on the go. And now I don't have to scroll past 6 ads to get the first result. DuckDuckGo's privacy is an added bonus.

With Safari on iOS 14, MacOS Big Sur and iPadOS 14, you'll be able to log in to websites using Apple's Face ID and Touch ID biometric authentication. That's a powerful endorsement for technology called FIDO -- Fast Identity Online -- that's paving the way to a future without passwords. From a report: Apple disclosed the biometric authentication support in Safari on Wednesday at WWDC, its annual developers conference. "It's both much faster and more secure," Apple Safari programmer Jiewen Tan said during one of the WWDC video sessions Apple offered after the coronavirus pandemic pushed the conference online. The change is a big boost for browser technology called Web Authentication, aka WebAuthn, developed by the FIDO consortium allies. Apple's not the first supporter -- it's already in Mozilla Firefox, Google Chrome and Microsoft Edge, and works with Windows Hello facial recognition and Android fingerprint authentication.

Safari 14, scheduled to be released later this fall with iOS 14 and macOS 11, is a release that is packed choke-full with features. From a report: The biggest and most important of the new additions is support for WebExtensions, a technology for creating browser extensions. What this means for Safari users is that starting this fall, they'll see a huge influx of new Safari extensions as add-on developers are expected to port their existing Chrome and Firefox extensions to work on Apple's browser as well. Apple said that, for now, WebExtensions will only be available for Safari on macOS.

Safari 14 is also an end of an era, as this will be the first version of Safari that won't support Adobe Flash Player content. But while old stuff is being removed, new stuff is also being added. One of the new technologies added to Safari is support for HTTP/3, a new web standard that will make loading websites faster and safer. Another important addition in Safari is support for WebP, a lightweight image format that has been gaining widespread adoption across the internet. The format, created by Google, serves as an alternative to the older JPEG format, and Safari has been the last browser to add support for it. [...] But Safari hasn't been lagging behind other browsers just in terms of HTTP/3 and WebP support. Apple has also added support for another cool feature, namely breach alerts, already present in both Chrome and Firefox. Starting this fall, Apple says that Safari 14 will scan a user's locally-stored passwords and show a prompt if one or more of the user's credentials are present in publicly available lists of breached accounts.

One of the new features available in iOS 14 is the ability to switch default app preferences for the first time. 9to5Mac reports: Details are scarce currently, but one of the slides in the WWDC presentation featured a block that announced users will be able to change their default browser and default email app. This is a long-requested feature, as iOS 13 and prior versions of the operating system will always direct taps on links to Safari, and new emails start in Apple Mail. Default apps will be available with iOS 14 for iPhone and iPadOS 14 for iPad users. Other iOS 14 features include home screen widgets, a new Translate app, contextual Siri and much more.

Apple has unveiled the next version of macOS: Big Sur. From a report: The new operating system brings the biggest redesign since the introduction of macOS 10, according to Apple. Big Sur borrows a number of elements from Apple's iOS, including a customizable Control Center, where you can change brightness and toggle Do Not Disturb, and a new notification center, which groups related notifications together. Both interfaces are translucent, like their iOS counterparts. A number of apps have received streamlined new redesigns, including Mail, Photos, Notes, and iWork. Apple has introduced a new search feature to Messages (which organizes results into links, photos, and matching terms), as well as inline replies for group chats, a new photo-selection interface, and Memoji stickers. There's a new version of Maps for Mac that borrows features from the iOS app, including custom Guides, 360-degree location views, cycling and electric vehicle directions (which you can send directly to an iPhone), and indoor maps. Apple introduced a number of new Catalyst apps as well. Dock buttons have also been redesigned to look more similar to their iOS counterparts, in an effort to "be more consistent with icons across Apple's ecosystem while retaining their Mac personality," according to the company.

Apple also announced the biggest update to Safari since the browser was first introduced. The company claims its browser is 50 percent faster than Chrome and can show more tabs on-screen. Hovering over a tab now gives users a preview of its page, and right-clicking on the tab will give you the option to close all the tabs to its right. The new Safari also has a customizable start page and a built-in automatic translation feature that can interpret entire webpages in seven languages, Apple says. Safari is also getting support for extensions made for other browsers, and a dedicated extension store. (Unlike many other browsers, Safari will allow you to customize which sites your extensions run on). And there are new privacy features, including a Privacy Report that details actions the browser has taken to prevent tracking on the websites you visit.

Earlier this week, Apple told Basecamp, the company that makes the brand new email app called Hey, that it cannot distribute its app on the iPhone unless it makes it possible for users to sign up via Apple's own prescribed methods -- which gives Apple a 30 percent cut. Apple told Basecamp that by avoiding giving an option in its iOS app to sign up and support in-app purchases, it was violating Apple's App Store policy, 3.1.1, which says: If you want to unlock features or functionality within your app, (by way of example: subscriptions, in-game currencies, game levels, access to premium content, or unlocking a full version), you must use in-app purchase. Apps may not use their own mechanisms to unlock content or functionality, such as license keys, augmented reality markers, QR codes, etc. Apps and their metadata may not include buttons, external links, or other calls to action that direct customers to purchasing mechanisms other than in-app purchase. Dieter Bohn, writing for The Verge: The key thing to know is that the text of this policy is not actually the policy. Or rather, as with any law, the text is only one of the things you need to understand. You also need to know how it is enforced and how the enforcers interpret that text. It should not surprise you to know that Apple's interpretation of its text often seems capricious at best and at worst seems like it's motivated by self-dealing. And the enforcement consequently often seems unfair.

The rule states that if you want to sell digital goods, you have to use Apple's payment system. Except that's not how 3.1.1 has been interpreted to date. It has been interpreted as allowing people to access services they paid for elsewhere on their iOS devices, but not allowing those apps to try to get around the Apple payment rules when people sign up on those devices. That's convoluted, but that interpretation is what keeps Netflix from having an account sign-up in its app. It's the policy that has enraged Spotify and keeps you from buying Kindle books on your iPhone without jumping through a million weird Safari hoops. That was already a very bad rule, if you ask me. Now, with this email app, Apple is apparently changing its interpretation to be more strict. David Pierce, in an update to his news report about Hey-Apple debacle: Apple told me that its actual mistake was approving the app in the first place, when it didn't conform to its guidelines. Apple allows these kinds of client apps -- where you can't sign up, only sign in -- for business services but not consumer products. That's why Basecamp, which companies typically pay for, is allowed on the App Store when Hey, which users pay for, isn't. One other distinction: Apple allows "Reader" apps -- things like Netflix and Kindle and Dropbox, where you're using the app to access existing subscriptions -- as long as they don't offer a way to sign up. But email, messaging, etc. don't count as Reader apps. John Gruber, writing at DaringFireball: The lone instance of "consumer" refers to the "Consumer Health Records API". The price that Basecamp pays for not supporting in-app purchase in their iOS app is that they lose whatever number of users would have signed up in-app but won't sign up out-of-app. That's competition. Again, putting aside arguments that Apple should allow apps to use their own payment systems in apps, or be able to link to a website for sign up, or at the very least just tell users how to sign up -- the makers of an app should be able to say "OK, we won't even tell users how to sign up within our app; our app is only for existing customers and we'll obtain all of them outside the app." [...]

Second, how could such a distinction be made in writing? There are some apps that are definitely "business services" and some that are definitely "consumer products" (games for example), but to say that the area in between encompasses many shades of gray is an understatement. The entire mobile era of computing -- an era which Apple itself has inarguably largely defined -- is about the obliteration of distinct lines between business and consumer products. [...] At some level there's a clear distinction here -- Netflix and Kindle are clearly consumption services. But Dropbox? Dropbox is a lot closer to an email or messaging service like Hey than it is to Netflix or Kindle. The stuff in my Dropbox account is every bit as personal as the stuff in my email account. When you put Dropbox in the same bucket with Netflix and Amazon Kindle, it seems to me like the distinction is not so much between what is and isn't a "reader" app or what is or isn't a "business" app, but between companies which are too big for Apple to push around and those they can.

Websites are still capable of detecting when a visitor is using Chrome's incognito (private browsing) mode, despite Google's efforts last year to disrupt the practice. From a report: It is still possible to detect incognito mode in Chrome, and all the other Chromium-based browsers, such as Edge, Opera, Vivaldi, and Brave, all of which share the core of Chrome's codebase. Furthermore, developers have taken the scripts shared last year and have expanded support to non-Chrome browsers, such as Firefox and Safari, allowing sites to block users in incognito mode across the board. Currently, there is no deadline for a new Chrome update to block incognito mode detections, however, today, Google might be interested more than ever in fixing this issue.

wiredmikey writes: An abundance of iOS exploits being submitted to be sold should alarm iPhone/iPad users, according to the CEO of exploit acquisition firm Zerodium. The company announced that it was no longer buying certain types of iOS exploits in the next two to three months [including local privilege escalation, Safari remote code execution, and sandbox escape exploits] due to a surplus. And the company expects prices to drop in the near future.

"iOS Security is fucked," Chaouki Bekrar, CEO of Zerodium said on Twitter, noting that they are already seeing many exploits designed to bypass pointer authentication codes and a few zero-day exploits that can help an attacker achieve persistence on all iPhones and iPads. "Let's hope iOS 14 will be better," he added.

Bekrar said that only pointer authentication codes — which provide protection against unexpected changes to pointers in memory — and the difficulty to achieve persistence "are holding [iOS security] from going to zero."

Apple is working on a new way to offer specific parts of third-party apps across the system without needing to have them installed, 9to5Mac has learned based on an early build of iOS 14. From a report: The feature would allow users to experience parts of an app's functionality by scanning a QR Code. If you open a link or scan a QR code today from an app that you haven't installed on your iPhone or iPad, it will open that link in Safari. Apps can provide universal links, which open the app instead of Safari when the app is installed. But that could change in the near future with a new API internally referred to as "Clips" found on iOS 14 code. As 9to5Mac has analyzed this new API, we can say that it allows developers to offer interactive and dynamic content from their apps even if you haven't installed them. The Clips API is directly related to the QR Code reader in the build we have access to, so the user can scan a code linked to an app and then interact with it directly from a card that will appear on the screen.

Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process. From a report: The standard, proposed by Apple engineers working on the Safari WebKit project, has now reached the status of official Web Platform Incubator Community Group (WICG) specification draft. "We've moved 'Origin-bound one-time codes delivered via SMS' to @wicg_, where we're working on a shared spec with our collaborators at Google. Please take a look! Updated explainer, and specification," wrote Apple's Ricky Mondello. The proposal aims to fix some issues with the current state of SMS 2FA/OTP codes, all of which have different formats, unique per the websites sending the codes.

An anonymous reader quotes a report from Wired: Apple has a well-earned reputation for security, but in recent years its Safari browser has had its share of missteps. This week, a security researcher publicly shared new findings about vulnerabilities that would have allowed an attacker to exploit three Safari bugs in succession and take over a target's webcam and microphone on iOS and macOS devices. Apple patched the vulnerabilities in January and March updates. But before the fixes, all a victim would have needed to do is click one malicious link and an attacker would have been able to spy on them remotely.

The bugs Pickren found all stem from seemingly minor oversights. For example, he discovered that Safari's list of the permissions a user has granted to websites treated all sorts of URL variations as being part of the same site, like https://www.example.com, http://example.com and fake://example.com. By "wiggling around," as Pickren puts it, he was able to generate specially crafted URLs that could work with scripts embedded in a malicious site to launch the bait-and-switch that would trick Safari. A hacker who tricked a victim into clicking their malicious link would be able to quietly launch the target's webcam and microphone to capture video, take photos, or record audio. And the attack would work on iPhones, iPads, and Macs alike. None of the flaws are in Apple's microphone and webcam protections themselves, or even in Safari's defenses that keep malicious sites from accessing the sensors. Instead, the attack surmounts all of these barriers just by generating a convincing disguise.

The former editor-in-chief of the Linux Journal just published an annotated version of Zoom's privacy policy. Searls calls it "creepily chummy with the tracking-based advertising biz (also called adtech). I'll narrow my inquiry down to the "Does Zoom sell Personal Data?" section of the privacy policy, which was last updated on March 18. The section runs two paragraphs, and I'll comment on the second one, starting here:

Zoom does use certain standard advertising tools which require Personal Data ...

What they mean by that is adtech. What they're also saying here is that Zoom is in the advertising business, and in the worst end of it: the one that lives off harvested personal data. What makes this extra creepy is that Zoom is in a position to gather plenty of personal data, some of it very intimate (for example with a shrink talking to a patient) without anyone in the conversation knowing about it. (Unless, of course, they see an ad somewhere that looks like it was informed by a private conversation on Zoom.)

A person whose personal data is being shed on Zoom doesn't know that's happening because Zoom doesn't tell them. There's no red light, like the one you see when a session is being recorded. If you were in a browser instead of an app, an extension such as Privacy Badger could tell you there are trackers sniffing your ass. And, if your browser is one that cares about privacy, such as Brave, Firefox or Safari, there's a good chance it would be blocking trackers as well. But in the Zoom app, you can't tell if or how your personal data is being harvested.

(think, for example, Google Ads and Google Analytics).

There's no need to think about those, because both are widely known for compromising personal privacy. (See here. And here. Also Brett Frischmann and Evan Selinger's Re-Engineering Humanity and Shoshana Zuboff's In the Age of Surveillance Capitalism.)
Zoom claims it needs personal data to "improve" its users "experience" with ads -- though Searls isn't satisfied. ("Nobody goes to Zoom for an 'advertising experience,' personalized or not. And nobody wants ads aimed at their eyeballs elsewhere on the Net by third parties using personal information leaked out through Zoom.") His conclusion?

"What Zoom's current privacy policy says is worse than 'You don't have any privacy here.' It says, 'We expose your virtual necks to data vampires who can do what they will with it.'"

Starting this week, with the release of Safari 13.1 and through updates to the Intelligent Tracking Prevention (ITP) privacy feature, Apple now blocks all third-party cookies in Safari by default. From a report: The company's move means that online advertisers and analytics firms cannot use browser cookie files anymore to track users as they visit different sites across the internet. But Apple says the move isn't actually a big deal, since they were already blocking most third-party cookies used for tracking anyway. "It might seem like a bigger change than it is," said John Wilander, an Apple software engineer. "But we've added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari."

The 2020 spring edition of the Pwn2Own hacking contest has come to a close today. This year's winner is Team Fluoroacetate -- made up of security researchers Amat Cama and Richard Zhu -- who won the contest after accumulating nine points across the two-day competition, which was just enough to extend their dominance and win their fourth tournament in a row. From a report: But this year's edition was a notable event for another reason. While the spring edition of the Pwn2Own hacking contest takes place at the CanSecWest cyber-security conference, held each spring in Vancouver, Canada, this year was different. Due to the ongoing coronavirus (COVID-19) outbreak and travel restrictions imposed in many countries around the globe, many security researchers couldn't attend or weren't willing to travel to Vancouver and potentially put their health at risk. Instead, this year's Pwn2Own edition has become the first-ever hacking contest that has been hosted in a virtual setting. Participants sent exploits to Pwn2Own organizers in advance, who ran the code during a live stream with all participants present. During the competition's two-day schedule, six teams managed to hack apps and operating systems like Windows, macOS, Ubuntu, Safari, Adobe Reader, and Oracle VirtualBox. All bugs exploited during the contest were immediately reported to their respective companies.

"New academic research published last month looked at the phone-home [telemetry] features of six of today's most popular browsers and found that the Brave browser sent the smallest amount of data about its users back to the browser maker's servers," reports ZDNet: The research, conducted by Douglas J. Leith, a professor at Trinity College at the University of Dublin, looked at Google Chrome, Mozilla Firefox, Apple Safari, Brave, Microsoft Edge (the new Chromium-based version), and the Yandex Browser.

"In the first (most private) group lies Brave, in the second Chrome, Firefox, and Safari, and in the third (least private) group lie Edge and Yandex...." [T]he professor found evidence that Chrome, Firefox, and Safari all tagged telemetry data with identifiers that were linked to each browser instance. These identifiers allowed Google, Mozilla, and Apple to track users across browser restarts, but also across browser reinstalls...

[T]he most intrusive phoning-home features were found in the new version of Microsoft Edge and the official Yandex Browser. According to Prof. Leith, both used unique identifiers that were linked to the device's hardware, rather than the browser installation. Tracking users by hardware allows Microsoft and Yandex to follow users across installations and potentially link browser installs with other apps and online identities. The professor said that Edge collected the hardware UUID of the user's computer, an identifier that cannot be easily changed or deleted without altering a computer's hardware. Similarly, Prof. Leith also found that Yandex transmitted a hash of the hardware serial number and MAC address to its backend servers.

"As far as we can tell this behaviour [in Edge and Yandex] cannot be disabled by users," the professor said.
The article also points out that Brave was the only browser that didn't use search autocomplete functionality to collect and send back information on a user's visited web pages. (Even though this can be disabled in Firefox, Chrome, and Safari, it's on by default.)

But Edge and Yandex "also sent back information about visited web pages that did not appear to be related to the search autocomplete feature, suggesting the browsers had other ways to track users' browsing habits."

"Safari will, later this year, no longer accept new HTTPS certificates that expire more than 13 months from their creation date..." writes the Register.

Long-time Slashdot reader nimbius shares their report: The policy was unveiled by the iGiant at a Certification Authority Browser Forum (CA/Browser) meeting on Wednesday. Specifically, according to those present at the confab, from September 1, any new website cert valid for more than 398 days will not be trusted by the Safari browser and instead rejected.

Older certs, issued prior to the deadline, are unaffected by this rule.

By implementing the policy in Safari, Apple will, by extension, enforce it on all iOS and macOS devices. This will put pressure on website admins and developers to make sure their certs meet Apple's requirements — or risk breaking pages on a billion-plus devices and computers... The aim of the move is to improve website security by making sure devs use certs with the latest cryptographic standards, and to reduce the number of old, neglected certificates that could potentially be stolen and re-used for phishing and drive-by malware attacks... We note Let's Encrypt issues free HTTPS certificates that expire after 90 days, and provides tools to automate renewals.

Apple is considering giving rival apps more prominence on iPhones and iPads and opening its HomePod speaker to third-party music services after criticism the company provides an unfair advantage to its in-house products. From a report: The technology giant is discussing whether to let users choose third-party web browser and mail applications as their default options on Apple's mobile devices, replacing the company's Safari browser and Mail app, according to people familiar with the matter. Since launching the App Store in 2008, Apple hasn't allowed users to replace pre-installed apps such as these with third-party services. That has made it difficult for some developers to compete, and has raised concerns from lawmakers probing potential antitrust violations in the technology industry.

The web browser and mail are two of the most-used apps on the iPhone and iPad. To date, rival browsers like Google Chrome and Firefox and mail apps like Gmail and Microsoft Outlook have lacked the status of Apple's products. For instance, if a user clicks a web link sent to them on an iPhone, it will automatically open in Safari. Similarly, if a user taps an email address -- say, from a text message or a website -- they'll be sent to the Apple Mail app with no option to switch to another email program. The Cupertino, California-based company also is considering loosening restrictions on third-party music apps, including its top streaming rival Spotify, on HomePods, said the people, who asked not to be named discussing internal company deliberations.

Waterfox is an open-source web browser for x64, ARM64, and PPC64LE systems, "intended to be speedy and ethical, and maintain support for legacy extensions dropped by Firefox, from which it is forked," according to Wikipedia. (Its tabs also still have angled sides with rounded corners.)

Friday Waterfox's original creator, 24-year-old Alexandros Kontos, announced that the browser "now has funding and a development team, so Waterfox can finally start to grow!" after its acquisition by a company called System1. I started Waterfox when I was 16. It was a way for me to understand how large software projects worked and the Mozilla documentation was a great introduction... I've touted Waterfox as an ethical and privacy friendly browser... I never wanted Waterfox to be a part of the hyper-privacy community. It would just feel like standards that would be impossible to uphold, especially for something such as a web browser on the internet. Throughout the years people have always asked about Waterfox and privacy, and if they've ever wanted more than it can afford, I've always pushed them to use Tor. Waterfox was here for customisations and speed, with a good level of privacy...

I wasn't doing anything with Waterfox except developing it and making some money via search. Why I kept going throughout the years, I'll never know... System1 has been to Waterfox a search syndication partner. Essentially a way to have a search engine partnership (such as Bing) is through them, because companies such as Microsoft are too big and too busy to talk to small players such as Waterfox... It's probably the one easy way a browser can make money without doing anything dodgy, and it's a way I've been happy to do it without having to compromise Waterfox (and will be the same way System1 makes money from Waterfox -- nothing else). People also don't seem to understand what System1 does...
"Now I can finally focus on making Waterfox into a viable alternative to the big browsers," Kontos concludes.

Long-time Slashdot reader Freshly Exhumed contextualized the news with this brief history of the alternate browser ecosystem: As the usage share of web browsers continues to show a lopsideded dominance by Google Chrome, many previously-independent browsers have fallen by the wayside or have been reinvented as Chrome variants (i.e. Opera, Edge, Brave). Apple forges on with its Safari browser while other, smaller projects tend to be quite limited for multi-platform users, such as Dolphin and Bromite.

Mozilla continues independently with Firefox for almost every platform, while variants such as Pale Moon and Sea Monkey have attempted to provide products that avoid drastic and/or controversial changes made by Mozilla but sometimes do not match the multi-platform support of Firefox. Let us not forget Tor, the Firefox-based anonymity-focused browser.

Alex Kontos is a developer who attempted to provide continuity with dropped Firefox capabilities in his multi-platform Waterfox browser, proudly declaring that Firefox's user data sharing and telemetry collection was not included. For that privacy focus a certain popularity of Waterfox occurred. Now Kontos has revealed that his Waterfox project has been sold to System1, a company describing itself as "a consumer internet and applications company with the most powerful audience expansion platform in the industry."