Update: Latest release now has updated preferences pane. Took the opportunity to include some other small changes in that area from the backlog while at it. Improved thanks to your feedback ^^

All good!

Well, you did help with identifying at least one bug: The hints on Konform preferences pane still contained confusing and misleading wording leftover from LibreWolf and I can totally see how it would lead you to believe that enabling that option was a good idea. It was also a bit hectic with all the hints being “warnings” when several of them are more informational. Sorry for the confusion and thanks for mentioning it. Did some changes there today so the pref pane should be calmer and more helpful from next release.

On the CF part, one thing I missed in my previous reply is that they do have reporting channel for users. If you are OK with the data sharing that comes along with that, it could be helpful.

https://developers.cloudflare.com/cloudflare-challenges/troubleshooting/challenge-solve-issues/

If none of the above resolves your issue, contact the website administrator with the error code and Ray ID or submit a feedback report through the Turnstile widget by selecting Submit Feedback.

Glad you figured it out and hope it keeps working without hitches from now on! I’m curious what error you got (feel free to DM) as I do installation in trixie with copy-pasting repo from the package registry instructions as part of testing process and I didn’t catch any issue with that. The format in the instruction is an older one than the one you list (yours is correct and preferred in any case) but works on my trixie installs so far.

I am aware of issue with RPM repo instructions not working, though. Should be fixed in next Forgejo update. These should work.

Thank you for kind feedback! I’m glad you dig and that it fills a spot! Internal network management is very much one of a few use-case categories that’s been motivating this.

I have a question. I’ve read that you position Konform closer to GNU IceCat than to LibreWolf, which makes me worry: does Konform provide at least the same level of fingerprinting resistance as Librewolf does, , if I 1) revert “Allow non-default theme” and 2) re-enable “Enforce OCSP hard-fail” in settings?

I don’t understand the IceCat reference. Anyway, I would argue that Konform Browser has stronger privacy defaults (including less leaks for fingerprinting) and the focus is a natural part of the projects privacy goal. Reverting “allow non-default theme” makes sense but I’m wondering about your motivations for OCSP? I don’t think it should do either for or against vs sites, and if anything making the situation worse vs service provider(s).

See:

• https://youtu.be/Htms5rNy7B8?list=PLeeS-3Ml-rpovBDh6do693We_CP3KTnHU&t=2359
• https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/

I believe what you probably want instead is CRLite? Will be enabled and receive updates for presets other than Purely Private.

And my first bug report:

Hm, that’s unfortunate. But it’s also not clear to me if this is a bug in Konform Browser or not. Only Cloudflare would really know. Possibilities:

• False flag or misclassification from Cloudflare¹ (ie the bug is @ Cloudflare)
• Legitimate block at Cloudflare. For example, previously they might have been able to categorize with decent certainty in a “LW users on Linux on Tor” bucket but you are fuzzier and get treated like “sus” as you’re not distinguishable enough from skillfully deployed spambot anymore. Should be resolvable on case-by-case-basis by site operator, still. This is unfortunate situation and not really something we can address without more specific information²
• If you get consistently blocked with Konform but not with Tor Browser / FF ESR over Tor, that’s an indication Konform might be distinguishable and treated differently and if so, that could be a bug in Konform Browser. If you can pinpoint what makes the difference, that would be very useful to know. “Cloudflare is blocking me at this site” is unfortunately not really actionable but if a behavioral difference can be identified, it’s possible that it can resolved by change in Konform.

In case it’s not as straightforward, and a workaround would involve something like selective UA-spoofing³, I don’t think that’s something we would work on or implement. If the site has a selective allowlist of UAs, that’s either “working as intended” or a bug on their end, not something I think of as a bug in Konform. Resistance against censorship is of course not undesired - but privacy and security are still the higher priorities.

Still, Konform Browser does bundle WebCompat system addon just like FF. So the third path for fix, if only site-specific workaround can be identified, and the issue can be reproduced in FF ESR (maybe by applying KB userprefs), I think it could be to addressable by reporting and adding such workaround.

Does Cloudflare reliably distinguish between users of LW/FF RR, and KB/TB/FF ESR, etc as part of this turnstile page and does that contribute to the difference outcome you see? If so, how exactly is it done and how exactly does it contribute? Is it explicit or emergent? We don’t know. Assuming answers to first two are yes and yes, the difference could even be explained simply by difference in user numbers. Best we can really do is striking a balance between closing the gap and closing leaks of entropy.

If nothing else, it might just work itself out over time due to unrelated changes on either side. If not before, I expect the ESR bump in a few months could “magically” sort these kinds of things out.

¹: Cloudflare only provides support to their customers; not mere mortals like you and I. Resolution path: User (eg you) reaches out to site (ie NexusMods) who can then either 1) change their CF configuration or 2) contact Cloudflare who may or may not fix the issue.

²: DM me if you actually want to dig into this!

³: Konform is as vague and static as possible while conforming to FF ESR/TB format

It does! While existing userprefs should work for enabling the feature and setting your own syncserver endpoints as expected, Konform Browser also has basic UI for convenient configuration of custom sync URLs under about:preferences -> Konform Browser. Please report if any issue with that <3

Cool. But…, could you name those explicitly?

Thanks for checking out! Not in the readme, because it would be a PITA to keep that up to date over time, especially when rewriting for new context each time. They are already covered in release notes and commit log¹ for the curious. You can also look under patches/kon in the source git repo.

This comes to mind.

Could you please explain why anyone should consider Konform Browser over it?

Am engineer not a salesperson or influencer. I guess that means at this early stage it’s primarily targeting the audience who are able/willing to make sense of and contextualize the given material themselves, or willing to take a leap of faith. The pros/cons vs other browsers is something I hope to leave to other users to talk about and share around. Would be cool to hear your thoughts, for example! Maybe this is relevant for some, though.

Also, pull requests attempting to improve the documentation are very much welcome. Would be great to get more contributors involved and one doesn’t have to be deeply technical to write good docs.

¹: Can click the commit hash for a release under /releases and then xxx commits to list commits for specific release

What an atrocious comment choice.

Update: Readme has been updated to be less out of date and that diff list is now more closely resembling current state of differences. In particular, local full-page translations is supported feature in Konform Browser, unlike the readme previously stated.

It would certainly be nice to be able to pre-download language pair models without selecting to and from and then actually initiating a translation using the model i don’t have yet.

Agreed that would be nice. Closest you get conveniently from inside browser today is to switch temporarily to “Basic Features” preset for model downloads (then maybe restart for good measure) and switch back to “Core Security” preset for actual use.

re: getting uBlock externally, i also see the attraction of that approach but unfortunately Debian’s package was last updated in October (from 1.62 to 1.67) while AMO has a release from January (1.69) :/

I don’t think it will be directly bundled due to the list updates and some users will not want it so it should remain optional. That being said, will already be looking at packaging for NoScript so when that happens I think should be reasonable to do the same with up-to-date uBO.

are there plans to distribute Konform via flathub?

Answered this here.

Officially can’t/won’t due to Github being both unreasonable and a supply-chain risk. Anyone is free to do so independently, however. If done in responsible and reasonable way (don’t introduce breaking patches or leave users hanging weeks without security updates plz) could be supportive of such initiative whether done indepently or via Konform Codeberg.

Oh, thanks for bringing that up - that’s out of date and no longer true so I guess the readme does need an update¹. While you are correct, the offline translations feature wouldn’t actually work when blocking its access to RemoteSettings server. There was also a bug (still present in LW) which prevented locally cached results from being used. As Konform Browser does have a strict policy of not initiating connections to “trusted” servers on its own by default and without explicit user consent, it made more sense to remove it than leaving UI for a completely broken feature until it could be done properly.

Since that was written:

• Bugs fixed in Konform so translations do work fully offline now
• An about:welcome “onboarding” screen was introduced where user has 4 presets to choose from. 3 of them (all but Purely Private 🔒️) allow translations feature and 2 (✳️Basic Functionality and 🦊Just Make It Work) makes it default and enable the automatic downloads of models from Mozilla server like in FF.
• about:translations unhidden and can be used for direct translations of direct input

So in reality I would say offline local translations actually work better in Konform than in FF and other forks.

In the future hoping to improve this further by redistributing the models as packages for separate installation on system. Then you can use them without needing the browser itself to download anything at all. Similarly to how it’s already done for spelling dictionaries and uBlock Origin.

¹: EDIT: Readme has been updated to be less out of date more closely resembling current state of differences.

Care to comment on the actual content of post or the topic of the project rather than aesthetics of the thumbnail icon? It’s a web browser, not a lifestyle brand, and this isn’t c/logodesign 🙄

While that section in readme is not entirely up to date, combining that with release notes should hopefully give decent idea. Let me know if you have remaining questions after returning from those! You could also try it out and see for yourself.

Some day, someone is going to have to explain this one…

There is actually a third visual reference in the logo that may be a bit less obvious.

I am an exclusive flatpak user (as much as possible at least)

In that case I will certainly encourage you to get more comfortable with the flatpackaging side and getting that local build env up for yourself! Having self-hosted repo for self-built packages¹ in whatever format you use is one of the most liberating things one can set up IMO. Looking forward to seeing you around on the issue tracker ;)

¹: Ideally with sensible lifecycle 🤭

Ah, sorry you’re having issue! Re video playback¹:

• Do you have a URL not working for you I can reproduce your issue with (you can DM me if not want to share public)?
• Media Codec installed and available? about:support and look Media -> Codec Support Information. Are you on Arch perchance?
• Tried the “Basic Functionality” preset? about:welcome should show on first launch, can also be reused later.
• It’s not likely but still possible that some preference set in your old LW profile interferes. Different result in fresh profile?
• Same result without addons? (“Troubleshoot Mode” under about:support)
• Left-hand side of address bar, there should be a shield and couple of icons. You can click those to temporarily or permanently unlock protections for current site.
• In a fresh profile, you could try “Just Make It Work” preset - does it work there? That will, among other things, enable DRM modules and allow the browser to silently download and execute binaries from Cisco and Google in background, just like vanilla FF. This behavior is disabled under the other presets for security reasons and I don’t recommend it much beyond testing and troubleshooting.
• Sometimes, sites blocking you will yield CORS errors in console. If that’s the case you should also see HTTP responses with 4XX status codes under Devtools Network tab. or 5XX if legit server error.

¹: Should work; I’m streaming 4k fine.

Not highly prioritized since:

1. We’d need someone with a Github account (ie not us) to step up as maintainer for that in order to be on flathub.
2. Arguably problematic security tradeoffs for browser (yes flatpak has its own sandboxing but that disables the one of browser)
3. Users run into frustrating and confusing edge-cases with not working devices, directories, addon integrations, etc, and not grokking the security model. Flatseal is a bit obscure still.
4. Container option exists for advanced users who want containerization

That said, there is a starting point - if anyone feels inclined to pick it up shows up on the forge, would be happy to collaborate towards that. You can also just go ahead and package it up independently from us if you wish (free software and all that).

Are you on some dist existing package repos aren’t covering? Or just a matter of preference?

Ah, glad it worked out! Somehow this earlier reply only came in here after posting the same suggestion ;^^

Looking forward to hearing your thoughts and impressions!

Backup / restore is windows only

Ah right, I forgot that part - exposing that feature on Linux is a Konform thing.

Actually, there is one more thing you can try which I should have thought of first and might work better:

Do the original approach of copying the profile dir in place, but start Konform Browser with the --allow-downgrade flag: konform --allow-downgrade

After it has (hopefully successfully) completed the import, it can then use it like normally when started without the flag afterwards. I just tried it with a recent LibreWolf profile and seems to migrate everything fine.

yah. neomutt and aerc still going strong.

Thanks for trying! Hmm, so I haven’t performed such a profile migration myself recently.

Previously, it was enough to just drop the directory over (which I guess is what you did?) but as Konform and LibreWolf are tracking different FF branches, this kind of things is not unexpected. “Touching tips” is a ~yearly happening and next time is currently many months away - such long time to wait!

Now, I am thinking of two options (in any case: separate backup first!):

• Profile Backup / Restore https://support.mozilla.org/en-US/kb/firefox-backup under about:preferences
• Use a Sync Server (either Firefox Sync or self-hosted syncserver) and sign in with same account in both to sync over.

If you have a librewolf.overrides.cfg, that should still be possible to just copy into your ~/.konform dir or corresponding system path regardless of rest of profile.