Post

CloudFirewall 2.0.0 and what we've done to get there

About one month ago we released the first very big update for our #CloudFirewall #Firefox add-on.
We decided to wait some time with writing this post as many sad things happened with Firefox in recent times and we have to respond to that somehow,more on that later.
The biggest change with the new Cloud Firewall version is that it does now support translations into multiple languages. Very big thanks to @pixelcode@social.tchncs.de for implementing all code needed for supporting translations as well as writing the first translation.
With version 2.0.0 Cloud Firewall already supports the languages English,German and French and we're sure that there will be even more in future versions.
You can help translating Cloud Firewall on our translations platform - If your language isn't available,just contact us anywhere and we'll add it.
The previous Cloud Firewall version unfortunately had some bugs which we didn't notice for a quite long time - That's now all fixed.
It wasn't possible to change the settings in the last version: While the page was displayed correctly,the Javascript event listener which should have listened on user input wasn't setup correctly so no changes were stored and after reloading the page,everything was reset to the default values.
The only thing which could be changed was which cloud providers should be blocked as global default.
Another problematic thing was that predefined rules for well-known sites were ignored.
Normally pages get blocked based on the owner of their IP address which will be detected correctly even if the predefined rules don't work and you'll see no wrong behavior here.
Unfortunately some pages are a special case,for example Discord which rents their origin servers at Google Cloud but proxies every request through CloudFlares network.
So Discord should be blocked for both Google Cloud and CloudFlare as they're using both services.
Unluckily the IP detection code will block it only for CloudFlare as the origin servers are hidden and no Google IP is ever seen but we know that they're using it from their status page.
Similar things happen for example for Instagram: It belongs to the Facebook company but the servers are hosted on Amazon - The IP detection would only block it for Amazon but it should be blocked for Facebook,too.
You see that the missing predefined rules lead to a lot of false-negatives which resulted in less privacy and we're very sorry that that happened.
A non-privacy-related but still annoying bug was that you couldn't set exceptions for pages if they are directly affected and not only their subressources.
I don't have any idea how I should explain the reason as the internal logic of Cloud Firewall is very complicated but it's fixed now.
Let's have a quick look on the next version
Thanks to a contribution by @pixelcode@social.tchncs.de the next version will get a completely new design.
It will work without Bootstrap and therefore reduce the size of the add-on.
Along with that we'll try to heavily improve the structure of the pages to make it easier to understand and look less buggy.
There will be many small optimizations which should lead to a cleaner overall experience.
We don't have any date planned for the next release and it may take some weeks or even a few months as there's much to do in other projects and the current Cloud Firewall version does its job pretty good.
What the hell happened with Mozilla?!?!
Maybe that's what many of you thought when reading about mass layoffs at #Mozilla and no,we don't have a answer to that question,too.
Other alarming developments in the Firefox world are the lack of a working extension support in the new Firefox for #Android and a new big deal with #Google ,the worlds largest threat against privacy.
There are many reasons why we find it important to expand support for Cloud Firewall to other browsers while,of course,still maintaining Firefox support as main priority.
Maybe the current version 2.0.0 will already arrive in some other browsers.
We'll have a look at what needs to be done to support Firefox forks like #Waterfox which already support the modern #WebExtensions and how much we'll have to rewrite to support Firefox forks on a older code base which stick to the old extension format like #PaleMoon or #Basilisk
The latter will be harder to support but if it's not impossible,we'll think about the question if it's worth it as these browsers are a important contributor to diversity in a browser-world where nearly everything runs on top of the same code base written by the worlds biggest privacy threat.
And for those who prefer browsers based on #Chromium we even see a chance of bringing Cloud Firewall to the #Opera add-ons store which would effectively make it available to every user of Opera and #YandexBrowser
This won't be so easy as the API which is responsible for the core functionality of Cloud Firewall is only available on Firefox but maybe we can workaround that somehow by directly throwing HTTPS requests to any DoH (DNS over HTTPS) server but we'll have to see how much of an impact this will have to performance.
My personal guess is that it will be much slower than using the native DNS API in Firefox.
On the other hand,Yandex Browser for Android still has unlimited support for extensions while the new Firefox hasn't so that might be the only chance to continue Cloud Firewall support on the Android platform.
Developing decent support for multiple browsers will be one of the hardest changes that can be done to Cloud Firewall but we feel that it's needed so we'll look what can be done as soon as possible.

September 06, 2020, 19:02 PM

3 likes

:ggc: Niklas
@nipos@social.avareborn.de
Pixelcode
@pixelcode@social.tchncs.de
Privacy Guide 1984
@datenschutzratgeber@mastodon.social

4 boosts

:ggc: Niklas
@nipos@social.avareborn.de
Pixelcode
@pixelcode@social.tchncs.de
Privacy Guide 1984
@datenschutzratgeber@mastodon.social
Bernd
@bernd@troet.cafe