ken

@[email protected]

Konform Browser and other bits and bobs.

This profile is from a federated server and may be incomplete. View on remote instance

ken ,

A util to make it easier to work with large firefox and thunderbird prefs files https://codeberg.org/konform-browser/diffprefs

It's Thursday as I reply but I guess it's Wednesday somewhere in the world (:

ken ,

Find out for yourself!

https://codeberg.org/dialhome-study/browser-network-insights

Usage details for running locally under "Testing procedure" -> "Basic test environment usage"

Previously posted on this community here: https://lemmy.ca/post/59519788

ken ,
ken , (edited )

The screenshot in the post is from IronFox.

It's not, though? Let me guess, it's from some tool or page doing static analysis on the APK and reporting results? Please include a link or reference to actual source when reporting in the future.

So, Firefox contains a library that can be used for reporting telemetry to Mozilla. When you download Firefox from Mozilla, this is enabled and pointing to Mozilla servers. After reading Privacy Notice shouldn't be a surprise.

When you install one of the fork that disables telemetry (IronFox, LibreWolf, Konform Browser at least do it this way), they will configure the build such that the endpoints are never called. Mozilla are actually reasonable enough that this is supported, documented, and reasonably straightforward for those bothering to build FF from source.

So yes, when you download IronFox it contains a library that could be used for Mozilla Telemetry. It's just that it's never used to do so (assuming no bugs).

Why not rip it out completely? Because completely ripping it out is more work, has its own risk of introducing bugs, and could introduce more work for maintainer with patching ~whenever they pull updates from Mozilla - increasing the time users have to wait for getting the monthly security fixes for their fork.

ProtonMail vs Tutamail vs Posteo

I've been subscribed to Proton Unlimited for a little while now and enjoying the services, but I also want to know what made other people choose Tutanota or Posteo over Proton. Was it cost? Transparency/security stuff? Location data is held? I'm exploring a lot of things in the privacy space and seeing what else is out there. ...

ken , (edited )

Food for thought: By consistently following a strategy optimizing and picking the optimal product/service based on cost/benefit, you will end up on the same one as everyone else doing the same thing. From a practical perspective this leads to winner-takes-all and centralization. Whoever is the underdog today becomes the Google or Cloudflare of tomorrow and we're back at square one. From a philosophical perspective, did you really make a choice? Or did "the market" (of which you are also part) decide on your behalf? A healthy market needs at least thousands of mail providers, not 5 or 10.

Obviously same thing goes for basing your pick on brand perception, picking the most popular or recommended one, but without the benefit of knowing you'll actually get the better service.

Can free will exist among economically rational participants in a market? There can be some power in knowing you chose whatever you did based on factors other than cost-performance or popularity. Sometimes the optimal choice can be suboptimal.

And why not self-hosting your inbox? Hard to beat from privacy standpoint. It really doesn't have to be as hard as they say. Even if you don't go full homelab right away: Some providers are accommodating and make it easy to gradually or partially self-host by offering open standard protocols. Others make it really tricky and steer you hard into their app ecosystem. So how straightforward it is to use your own local third-party mail client is a good consideration even if you don't intend to self-host anything else anytime soon.

ken , (edited )

One thing to keep in mind as new is that "VPN" is a technical term with pretty clear meaning among the technical people but it has a very fuzzy meaning in marketing and branding. Referring here to "VPN apps" that may just be a local DNS relay (ie: it will only tunnel and filter your DNS requests; all your actual traffic still goes through your normal connection as clear as always). Oftentimes, it's what we would call a proxy. Android has not at all helped here.

In either case, yes, you can usually chain things. What if any benefits you get from that depends on both technical specifics (which protocols) and your circumstances and threat model.

For example, if we consider only Wireguard (one of the VPN protocols Mullvad offers).

No VPN/proxy: Your ISP sees everything

1 proxy: ISP sees that you are connecting to proxy but not what servers you're actually talking to. VPN provider now sees everything instead.

2 proxies: Proxy A sees your encrypted traffic to Proxy B. Proxy B sees all your traffic but doesn't know where you are.

3 proxies: Congratulations, you have manually built a shitty onion circuit (Tor works like this)

Mullvad has their own "multi-hop" feature which chains two Mullvad nodes but i have to question using that strictly for privacy reasons, considering it's by the same provider and the ports make it predictable from the ISP.

ken ,

In case it swings your judgement either way, Njalla is run by one of the three Piratebay founders.

ken ,

Centralization and monoculture is a mistake.

ken , (edited )

What isn't free software..?

I think you should make it clear if you are talking about VPN services or client-side apps here. If they provide normal standard protocols like Wireguard and OpenVPN, they can be used without having to install any provider-specific apps.

Regardless of provider it's generally preferred to use third-party software to connect. VPN providers that don't even have their own apps don't qualify as good for you either?

Demanding the whole stack be FLOSS is a bit silly in this context. None of the ones you mentioned open-source most of their backend systems either AFAIK.

I think you should do your homework better before you speak so widely and absolutely dismissively with such claim of authority. It is not helpful.

ken , (edited )

What piece of software are you talking about ?

Azire in particular.

Azire what? They're a Wireguard VPN provider with a web portal.

I guess same confusion as here: ken : What isn't free software..?... answered It isn't Free Software from what I took a look at. by @msokiovt@lemmy.today avatar msokiovt in Privacy

You give the impression that you are talking about the VPNs when you are actually talking about smartphone apps..?

ken OP , (edited )

Thank you for kind words!

Ah, then the hope is that this curiosity will trigger you to dig into it yourself (for example using the provided tool or taking inspiration from it) so that it starts making sense! I know it's an unconventional format to refrain from laying out my own opinions and analysis but that's my thing today. So much "everyone knows" and vapid third-hand takes flying around these days that I think we would do well to actually verify (and pick up related knowledge in the process) rather than take forum comments and blog posts for gospel.

OK, all right, I can try. I guess I can point at one thing in the Mozilla telemetry at the very end, doesn't that look very fine-grained if you look at the URLs (addresses) listed?

We can tell that many of the actions I took were communicated to the mothership for analysis and product improvement. Is this data really anonymized (or anonymizable)? Is it a reasonable amount for a user that has not opted in? My professional and personal opinion is: It is not.

But! That's just one isolated example. And an extremely limited view. What about Zen? Chrome, Edge and Safari weren't included here at all. And it's not at all looking at what happens for a user who probably cares about this: when you go to settings and disable all the telemetry. See I just said that one thing about Mozilla Telemetry and now I'm going to have to run some new tests and write reports about them for days just to set that record straight!

Maybe I'm odd but I think it's many (100?) times easier and quicker to gain understanding of the kinds of stuff we're looking at here by getting hands-on than to communicate it verbally. And I'm concerned with this limited attention span so many people are afflicted with these days, and look at how long this comment is already, no we're done with me telling you how it is, let's wrap this one up and get on to the juicy stuff.

There's an expandable section Basic test environment usage under Testing procedure but I realize now that might be easy to miss...

Anyway, to start it: Install podman, docker-compose (v2) and MITM_BROWSER=firefox-esr podman compose up --build. That should be it.

Then the browser pops up (hopefully), you do your thing, and after you Ctrl+C in the console, it will quit and the proxy will dump the recorded .har file which contains all HTTP and websocket traffic that went through the proxy in cleartext, in JSON format. There're tools online that can help visualize I think but nothing I can recommend off the bat. Simply cating it to the terminal or opening it in a text editor can be educative. Also playing around with variations of the jq snippets and see if you can come up with questions of your own to answer. Or if anything in my numbers make you scratch your head or say "wait a minute" dig there.

In case you want to take a look at what the thing does before running it (trust me bro), these are the files involved when you run that compose up command:

Available browser images

ken ,

No experience with Migadu but yeah, I think 1 account = 1 login is the intended meaning in their FAQ.

At $19/year couldn't just gifting a separate micro sub to your SO might be a option if you adminning her email feels weird to either of you?

Am I missing something else?

You don't mention how you'll be accessing your emails so maybe this is something you already solved for: Regularly syncing down all mail locally means you won't have to rely on the mail provider as a single-point-of-failure for keeping your emails safe, secure, private and available. This could consist of anything from a simple offlineimap cronjob to a full-blown "offline" separate mail server.

ken ,

good point for the offlineimap cronjob, I’ll take note of that.

I might as well go as far as suggesting to start there with your current mail provider if the local/offline-first flow is something that could work for you (and assuming it's not something you already do, in which case carry on). Once you've adapted to a local-first mail reading flow with any client that's separate from the "app" or webmail tethered to your mail service, then rest of migrations should be smoother and hopefully feel less daunting. Doesn't mean you have to keep doing it that way only forever but establishing the infra and habit once for a while can help with both resilience and confidence in everything that follows.

If you're roaming between devices and places enough that local-first feels untenable then the "syncbox" could be a little SBC or whatever; it could be the machine you also use read and write mail from but doesn't have to be.

NP and good luck!

ken ,

Yes?

ken ,

Maybe. But be careful about putting in that PIN or connecting it to your network when you get home, in case you get it back after...

dialhome-study/browser-network-insights: they have played us for absolute fools ( codeberg.org )

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible. ...

ken OP , (edited )

Hi, I'm new here, first time posting to this community, was hoping this could be well-received here.

I see this starting to attract downvotes - is this considered breaking any rule, are cross-posts frowned upon in general, is the content too basic for you 1337 h4xx0rz, title not serious enough, or some other issue with the post? Feedback appreciated.

ken ,

What about gwenview?

dialhome-study/browser-network-insights: they have played us for absolute fools ( codeberg.org )

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible. ...

ken , (edited )

Thanks! Adding Floorp should be straightforward if you feel like tackling it yourself as it's "just another FF fork". Adding a new browser consists of adding a new Containerfile for it. I guess Floorp might be most similar to Mozilla firefox out of the existing ones. PRs much appreciated for new browsers as well as any interesting queries to get more insight into data I can run on existing dumps and add to Report section.

They have official PPA: https://ppa.floorp.app/

For Brave got it running but didn't yet figure out why it crashes as soon as I try to proceed with the onboarding. Judging by the probably unrelated error noise in the console, it might be trying something weird with a graphics driver or hardware sensor and not gracefully handling not having access to whatever it is 🤷 But didn't even ldd or strace it properly yet so maybe just a missing library.

There's a lot that could be done but had to wrap up and publish somewhere.

dialhome-study/browser-network-insights: they have played us for absolute fools ( codeberg.org )

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible. ...

ken OP , (edited )

Daily-driving it now. I think it's great. If you're somewhat familiar with the landscape otherwise I think readme explains how it's different and why. If you don't mind losing out on some "safety"^1^ and latest upstream features^2^ for the sake of a more stable and predictable base, not having reliance on proprietary integrations or even internet, and really removing all non-essential network integrations, then definitely worth a try!

^1^: A surprising amount of people think (or at least write online) that a browser that doesn't block user requests completely aligned with the Google SafeBrowsing blocklists is unsafe and that doing those syncs is an essential feature. If you think this is the only safe default option in 2026 I'm sorry but please consider uBlock Origin. See how opinions on who to trust can affect what "most secure" means. Konform Browser removes many assumptions of trust. But not all; Everyone still comes with an assumed PKI after all and there exists a default for DNS.

^2^: Since it's ESR base it means new feature updates from Mozilla ~yearly instead of ~monthly. Still receiving security updates on the rapid schedule. No AI features out of the box.

ken OP , (edited )

Disclaimer: Am konform dev so shouldn't be a surprise that it's working well for ourselves I guess. Eager to hear to what extent it's overfitted for our usage or really as great as I think it is ;)

BTW if you, dear reader, think queries in report of results are cherry-picked in a way that favors it (I don't think they are but hey, fair), I'm also eagerly accepting input and especially PRs for queries (still have the raw dumps so I can add this quickly) or steps to test procedure (this means I have to rerun all of them so might take longer to update) that could illustrate different tradeoffs and show a more complete picture. Bring it on <3

ken OP ,

Assuming you mean the Mullvad extension (which is installed by default in MB) and not the Mullvad VPN app (which also exists but never came close to these machines) :)

That will indeed likely make a difference on Mullvad Browser numbers. However for now I'm not changing the "keep addons at stock defaults" invariant or the test matrix might get really out of hand.. Should we disable uBlock Origin in LibreWolf? How about uBO or NoSccript in Mullvad then? Konform Browser loads uBO but only if its apt package is installed; should we do that? What happens when we try to explicitly opt out of everything under Preferences in Firefox? I guess the last one is something to actually consider but for now not touching the addons.

(Would be super cool if anyone else tries this out and reports back though! The compose should hopefully be straight forward and easy to get started with if you are on Linux and have podman available. The report mentions it TL;DR we had to work around the oBO install in LW not properly utilizing the proxy (?) like this and I think same approach could be used to Uninstall Mullvad extension from Mullvad Browser and prevent it from even loading)

ken OP , (edited )

Oh, thanks for reminding me of Trivalent, I realize now I've come across it before but totally slipped my mind. If/when testing for chromium in place I think this can be interesting to sample next.

ken OP ,

What are you curious about with Dillo And Netsurf? Isn't it safe to assume at this point they will both be 0 across the board for all the queries in the report?

I think we need a different testing protocol for them to be interesting to include. AFAIK they don't have add-ons that could be interesting to test either? Do you have any suggestion for step(s) you think could be added to the test in order to make those meaningful to include? Or is my assumption about Dillo and Netsurf out of date?

ken OP ,

Would be cool to hear how it goes if you do!

dialhome-study/browser-network-insights: they have played us for absolute fools ( codeberg.org )

Set up a framework to fully man-in-the-middle my own browsers' networking and see what they're up to beyond just looking at their DNS queries and encrypted tcp packets. We force the browser to trust our mitmproxy cacert so we can peek inside cleartext traffic and made it conveniently reproducible and extensible. ...

ken OP , (edited )

I don't think the data supports that. I'm curious what makes you single it out. Mullvad is in the top-tier but it is not alone (or clearly #1 - like the post gets into - it gets nuanced and I think any attempt at general objective "top 5 ranking" will be reductive to the point of being misleading or plain wrong. So I'm not trying that here). Read again? :)

For example of nuance displayed in results:

### Number of requests
119 firefox
81 firefox-esr
0 konform
7 librewolf
30 mullvad-browser
62 zen-browser
ken OP , (edited )

At least in most cases, the data is being leaked back to the developer and not third parties.

What is this based on? Why not see if that assumption is true^1^? There's quite a big difference in nature and quality here between them. This doesn't really come through in the data aggregation put on display in the post but I hope more people will try to run this on their own. Zen and Mozilla are the only ones with significant (and it is significant) telemetry of their own at all between these while LibreWolf and Konform have 0 data going to the devs, for one.

The whole idea here is to be able to achieve more nuanced and accurate understanding so more educated decisions can be made and enlightening conversation be had. Not just keep rehashing the same memes we based on vibes and hearsay.

Was hoping more for answering questions or getting new input than shooting down uninformed takes 😅

^1^: Well, staying inside the system we can't prove that no sharing with third-parties is going on if we only see one domain involved. But that is not the case everywhere here. We can easily see when separate servers operated by multiple parties are involved by looking at the URLs and looking up the domain names. And then we can go look at what's being sent to where.

ken OP , (edited )

There can still be winners, the good, the bad, and the ugly. It's just that we have to engage a bit deeper than a quick scroll and a oneliner to figure it out^1^ than that.

they’re all doing differently privacy impacting things, but there are no “winners”.

The difference matters. Looking into the raw URLs and bodies involved is enlightening. Apart from that, which other queries can we run with jq (or other tools) can we add to the post to add more useful dimensions?

^1^: The answer might be different for each of us and depend on what we're doing at the moment. Different situations might call for different browsers.

ken OP , (edited )

In case you want to try this for yourself, adding container and running test for Waterfox should be about same as for Floorp that I wrote about here. Then you can really see what's going on and reason about the difference when you see the URLs and stuff.

BTW the purpose of the report section here isn't "look at my numbers and take my word for it" but "here's some examples of things we can look at with this". Please keep in mind both the Limitations section and that it's intended as showing one way to easily and independently compare browsers yourself. Just reproducing the examples shown and then scrolling through the .har files JSON is a great start. Of course, me and I assume others would be very happy if you want to share anything that comes out of that so that we can bring people up together. I'm sure there's a lot more useful insights to derive even with a small and scoped testing protocol like the one in article and wouldn't mind input of any nuggets other people come up with :)

ken ,

Do you suddenly need to stop hitting your wife?

ken OP , (edited )

Not personally daily-driving or actively recommending it but I've had to look closely at Brave as part of browser security work.

Most of the posts, articles and videos I've seen that don't apply approximately equally to the other big names are mostly backed by arguments like "I don't approve of BE behavior and BE made Brave therefore Brave bad", "crypto scammers bad therefore crypto bad and Brave uses crypto therefore Brave bad" or "it's being promoted by bad people and therefore bad". I think such arguments are in themselves without merit, should be dismissed and are not sufficient to tell others they shouldn't use it. Tribalism isn't healthy. An opinion being widely shared doesn't make it true. Your trusted influencer being upset doesn't mean you need to be.

Valid criticisms of Brave and valid reasons for not using the browser exist but that's rare to see written out but buried deep under the bulk of FUD, groupthink and uninformed meme-takes we find all over the stuff shared on socials. On the privacy and security sides it's very much a mixed bag. Scrolling through Brave flags I note more than one thing I think we can take inspiration from. For people locked into corpware and limited to what's on the major app stores, you can certainly do worse. Yet I see little concern-blogging over Copilot 365 .NET Live Edge or Samsung Internet Browser, for example.

Of course I'd personally love if you used Konform Browser (or any other non-chromium browser) instead but I mostly see people bashing Brave for completely confused reasons. Yes there's bloat and ads and telemetry and problematic trust and outbound networking going on out of the box. Yes they inject their own monetization into the user experience if you blindly click "Next, Next, I agree, Next" and run with defaults. All just like for Firefox these days. And just like Firefox, user configuration exists to improve on much of that while the software license and open source code afford fixing the rest for the willing. The differences I've seen when it comes to the browsers are mostly in degrees, not fundamental. Maybe we should have a Brave fork too.

I hope I'm not canceling myself, here...

ken OP , (edited )

Yes! In fact while the browser otherwise has its own branding, it does recognize override config as librewolf.overrides.cfg so you can literally just drop your existing LibreWolf overrides file into ~/.konform and it should pick it up. Figured this would make it smoother for people migrating from LW or switching between the two.

ken OP ,

Low-effort snark.

ken OP ,

Nice, I hope it lives up to expectations!

Oh and one more thing on the overrides: There are a couple of prefs flags that exist in one of Konform/LibreWolf but not the other mostly due to being based on different FF versions - so in case you have some particular override not being effective, I'd first check that it's not just a case of differences between FF versions 140-147. Not expecting that to come up in practice and setting non-recognized prefs should be harmless, but knowing this might save some head scratching in case you have an extensive overrides config with recent additions.

Looking forward to any feedback you may have <3

ken OP , (edited )

Someone asked me about donations. There is no way to directly fund the project today (TBD) but if you have cash to spare then:

  • Codeberg e.V. providing supportive and enabling infra and a point of collaboration for growing part of FLOSS ecosystem. This isn't free.
  • EFF hopefully doesn't need an intro here
  • noyb.eu
  • Tor Project
  • The maintainer of some other FLOSS software you care about
ken OP , (edited )

Thanks for checking in! Did you try importing the Release PGP Key listed under the release already? ^^ Maybe it's a bit easy to overlook in the release notes but it's right above the debian installation. There should be a pinned comment on that on the AUR package pages already.

If you save key to file on disk:

$ gpg --import ./konform-cb-ci.pgp

Then it should show up with that Key fingerprint when doing gpg -k after.

Please let me know still having issues

ken OP , (edited )

Oh and I forgot to mention, we have an Arch repo now with prebuilt bin package too. If you add the repo and pacman -Sy konform-browser-bin, then it will upgrade for you on future pacman -Syu when there are new versions published.

For trying out such a new project I guess you might still want to do the more manual route in the beginning but if/when you feel it's earned your trust now you know <3

ken OP , (edited )

You know, I think we should do at least something about those scrollbars^1^ too. Not sure how close this is to what you prefer but hopefully a more sane default with more traditional fixed-width scrollbars should be part of next release. In general aiming to keep subjective and aesthetic UI tweaking to a minimum but I think the usability argument supports this one at least until anyone voices a different opinion.

So ty for that suggestion and also thank you for the warm feedback you left on the repo! :3

^1^: Not only are they thin; they change the width dynamically when hovered and overlay on top of content. The potential for misclicks is not great.

ken OP , (edited )

Appreciate the links!

And the option "Always show scrollbars" enabled because I have not found the preference to do it through the configuration file.

The labeling makes it less obvious but that maps to widget.gtk.overlay-scrollbars.enabled=false so also part of Konform upcoming update :) In general I find the quickest way to identify the mapping of a UI configuration and the about:config key is to:

  • launch a clean profile
  • open about:config
  • click Show only modified preferences
  • open about:preferences
  • change the thing
  • tab back. what's new?

BTW, widget.non-native-theme.enabled is a no-op since the direct GTK integration was removed a while back: https://bugzilla.mozilla.org/show_bug.cgi?id=1726283#c4

ken OP , (edited )

Dev here! Thanks for your interest!

Aw. On Artix, it wants to pull in wayland. No thanks.

Hm, I guess you're just running text mode browser on that machine..?
On Arch the wayland package is pulled in as transitive dependency of the gtk3 package. I don't believe it will actually be loaded at runtime. However, I think that gtk3 might not be a hard dependency at all anymore (it used to be for Firefox in the past so this might be a leftover that konform inherited).

If you're comfortable with makepkg I could suggest trying the konform-browser-bin AUR package and simply remove gtk3 as dependency from the PKGBUILD, run makepkg -si and fingers crossed that might work. More details in konform-browser/Arch repo, where contributions are also welcome. If you go the source route, see the note about profiling without wayland.

EDIT: OK I took a look and unless Artix is repackaging some core packages, I don't see a way to make it work on Arch at least: xorg-server depends on libglvnd depends on mesa depends on wayland. Among others. Are you actually able to run an X server at all without having the wayland package installed? Or is thsi for headless use without any graphical environment...? Curious about the use-case! You can also try the binary tarball or just tar -xfing the arch package and invoke the konform binary directly.

Aw. https://gpo.zugaina.org/Search?search=konform no ebuilds on any listed overlays for Gentoo yet.

FWIW, it's not planned at the moment but here's the issue currently tracking Gentoo packaging: https://codeberg.org/konform-browser/source/issues/9

Trustworthy websites with recommendations, reviews, discussions about VPN, DNS, and similar?

On matters like VPN providers, DNS providers, and similar topics, often one would like to find websites with recommendations and reviews from other people, especially testers or "experts". But it's SO difficult to find trustworthy websites! The vast majority appearing on searchers are clearly built by untrustworthy parties, or ...

ken , (edited )

You were literally asking for "trustworthy websites with recommendations". GP is telling you to stop looking or even believing in such things existing. I'd agree.

The harder you search for just that, the more targeted you will be be scammers and cybercriminals. Whatever is a credible resource today may turn bad next month and public perception taking years to catch up. It's not like that'd be a first.

That said, lots of good stuff and leads in codeberg.org/pluja/awesome-privacy. And +1 on EFF.

List of public DoT/DoH providers

ken OP ,

Thanks, would be cool to hear how it goes :)

This is probably a good start https://codeberg.org/konform-browser/arch

There's another contributor helping out with arch packaging. Expecting an update shortly there which makes it more idiomatic for arch (fetching and verifying firefox sources directly with makepkg instead of inside the build script). Nothing that we expect to cause any snags for you but just FYI!

Architecting Consent for AI: Deceptive Patterns in Firefox Link Previews ( www.quippd.com )

TL;DR: Mozilla has a new CEO and a new mission: transform Firefox into an AI browser. That has run into some snags, as Firefox users don’t seem that interested in AI. Mozilla is forging ahead, utilizing deceptive patterns (previously known as dark patterns) to nag and annoy people into enabling AI features. You can see this in ...

ken , (edited )

The author seems to think Mozilla should have protected our privacy by having someone act as the proxy for the request.

On the proxy part, they actually already have that and using it for some other parts:

https://support.mozilla.org/en-US/kb/ohttp-explained

TL;DR: Imagine an HTTPS-over-HTTPS proxy. Try to explain it like something groundbreaking without referencing existing tech. Now you have OHTTP.

https://firefox-source-docs.mozilla.org/browser/components/mozcachedohttp/docs/index.html

https://www.fastly.com/blog/firefox-fastly-take-another-step-toward-security-upgrade

It makes me scratch my head a bit why I've never see it enabled for DNS-over-HTTP in default stock Firefox config despite it being supported for years - the endpoints are just not configured. You have to know about it and configure the barely documented URL in about:config for that. Unlike for newtabpage and the FF shopping feature where OHTTP is used by default. Infra costs?

ken ,

That is interesting!

BTW in case you're not aware, direct links to fedia.io like the one you posted just lead to a loginwall so you probably don't want to share those publicly. This one via beehaw.org works for everyone, though: https://beehaw.org/post/24563411