SecBrowser on Whonix

How i can install and run SecBrowser inside Whonix-Workstation ?
sudo apt install secbrowser, installed, but i can’t run it. Or i’m doing something wrong ?

Whonix forces everything over Tor. SecBrowser is intended for use outside of Tor i.e. benefiting from a reduced attack surface that provides better protection than default Firefox.

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/SecBrowser

SecBrowser ™ is a derivative of the Tor Browser Bundle (which itself is a derivative of Mozilla Firefox) but without Tor. This means unlike Tor Browser, SecBrowser ™ does not route traffic over the Tor network, which in common parlance is referred to as “clearnet” traffic.

Another option for a better Firefox default for clearnet browsing (outside of Tor network) is the ghacks user.js profile. See here for further information:

• GitHub - arkenfox/user.js: Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
• Home · arkenfox/user.js Wiki · GitHub

It’s unsupported.

anon-apps-config hides secbrowser in Whonix.

Too many configuration combinations. Too confusing.

SecBrowser is a “hack”. A “flavor” on top of Tor Browser. A “bundle” optimized for clearnet and “normal” internet use including browsing history. SecBrowser will always prioritize usability/security over anonymity/privacy.

“The cleanness of the implementation is low.” It would be better to fork Firefox and then add whatever is useful from Tor Browser, minus the stuff for Tor enforcement. But that is economically infeasible, nobody has time for that. Instead SecBrowser takes Tor Browser and then reconfigures it to use clearnet. Even the browser title / branding is still saying “Tor Browser” while it ought to say “SecBrowser” to avoid confusing one browser for another. It’s not a “ready-made, stable, rock-solid, professional made clearnet browser ready to be reconfigured to do anything”.

Due to the way SecBrowser is technically implemented the possibilities to sanely re-configure to do yet other things is limited. Whatever you’re adamant about trying to accomplish: start with Tor Browser and then add your own “flavor” (configuration settings) on top. I.e

• do use: Tor Browser + your configs
• do not use: Tor Browser + SecBrowser configs + your configs. That is too complex.

Unless you understand how SecBrowser is technically implemented but I guess in that case you wouldn’t ask.

Trying to use SecBrowser in Whonix for purpose of proxies, VPNs will only lead to confusion and unexpected behavior.

For example in order to reach the primary goal of SecBrowser (which is just described above) it must set user_pref("network.proxy.socks_remote_dns", false); which would result when using proxies to resolve DNS using Tor without proxy and connecting to websites with proxy. I.e. DNS leak using Tor instead of proxy.

https://gitlab.com/whonix/tb-starter/-/blob/master/usr/share/secbrowser/user.js#L21

When using Tor Browser in Whonix and needing to re-configure it for some purpose, that’s all already documented.