So, now I have a suggestion about including GNU IceCat into Whonix-Workstation repository.
Q: Why do we need it?
A: Because some websites blocks Tor Exit Nodes and therefore you need to use an additional Proxy/VPN after Tor (User -> Tor > VPN/Proxy) in order to get Tor-unfriendly sites work. But if you install VPN addons right into your Tor Browser, you can be fingerprinted so it is strongly recommended to use some kind of other browser for Tor-banned sites. We can use Firefox-ESR but it still has many suspicious features like Pocket, Firefox Accounts, Screenshots and so on. In order to get privacy-oriented, “Non-Tor” browser in Whonix-Workstation, we can use GNU IceCat
Q: What is the difference between Firefox ESR and GNU IceCat?
- Encrypted Media Extensions (EME) is not implemented: Whereas Firefox are being created such that they support Digital Restrictions Management (DRM) systems through their implementation of the Encrypted Media Extension (EME), GNU IceCat doesn’t include an EME implementation as it opposes efforts to popularize and ease the dissemination of DRM technology.
Widevine Content Decryption Module provided by Google Inc. is not installed in about:addons > Plugins
- The Play DRM-controlled content option (used to download and enable Widevine Content Decryption Module provided by Google Inc.) has been removed from about:preferences > Content
- “Accept third-party cookies: Never”
- WebRTC is enabled like in Firefox but prevent leaking the LAN ip. (Test WebRTC)
- The proprietary web chat IRC client Mibbit has been removed.
- Telemetry is disabled.
- DuckDuckGo is the default search engine, which means that you can run “!Bangs” keywords in the location bar to use any search engine.
Privacy protection features
Https-Everywhere: Extension that encrypts your communications with many major websites, making your browsing more secure.
SpyBlock: Blocks privacy trackers while in normal browsing mode, and all third party requests when in private browsing mode. Based on Adblock Plus.
AboutIceCat: Adds a custom “about:icecat” homepage with links to information about the free software and privacy features in IceCat, and checkboxes to enable and disable the ones more prone to break websites.
Fingerprinting countermeasures: Fingerprinting is a series of techniques allowing to uniquely identify a browser based on specific characterisics of that particular instance (like what fonts are available in that machine). Unlike cookies, the user cannot opt-out of being tracked this way; so the browser has to avoid giving away these kinds of hints.
You can either download prebuilt binaries (tar.gz) from:
Or build it from sources: