Fifth Browser Questions

[thane]

I've tried the Fifth browser on a couple machines (both several years old, don't know if that's a factor). Seems like about half the time going between websites, I get the "Security risk: certificate changed" screen and have to type the special message to move on. These are all legit sites (including TC) I've visited often with other browsers e.g. Firefox and AFAIK haven't had issues. So (as the warning suggests) am I constantly being subjected to "man-in-the-middle attacks", is there some setting I should change, or is this just a "feature" I'll have to live with?

[curaga]

Google in particular changes their certificates several times a week, which is really bad practice - you can't be sure if the new certs are valid or MITM attacks. This is something the existing browsers do not check for. TC domains don't offer https though?

The check itself can only be disabled at compile-time, otherwise some malware could disable it without the user knowing. You'd comment out the wk_set_ssl_func line. This will leave you less secure, but if you use it for regular browsing on an old machine (no banking, etc), it would be fine.

edit: Fifth is pretty fast to build, when you use the existing webkitfltk-dev extension. Should be no longer than a minute even on an old machine.

[hiro]

Yes, this is also an example why i find the letsencrypt initiative highly dubious. Now their certificates are used by many websites, explicitly forcing everyone to change their certificate every few months.

[thane]

Thanks for the replies!

I have no experience compiling programs in TC (or Linux generally). However I have written/compiled Java, COBOL, and C programs on AIX, which may be in-the-ballpark similar. I'll look into it.

Thane

[Juanito]

see http://repo.tinycorelinux.net/6.x/x86/tcz/src/fifth/compile_fifth