This post was originally published on 8 AUG 2021. It has since been revised and updated.
When configured properly, Mozilla Firefox offers great privacy and security.
However, achieving a higher level of privacy and security in Mozilla Firefox requires many tweaks across all levels. Some users may not be too comfortable with this and may prefer an out-of-the-box solution that isn't Chromium dependent.
Enter Librewolf - which aims to be user privacy and security focused straight from first launch.
Librewolf is an independent fork of Firefox that puts "user privacy, security, and user freedom first."
Librewolf is also the community run successfor to another defunct Firefox fork known as Librefox.
Librewolf is very similar to Ungoogled Chromium in the sense that Librewolf has removed Mozilla dependencies, services and telemetry from the browser.
For example, Librewolf does not come with Pocket integration like regular Mozilla Firefox. Librewolf also removes:
- Google Location Services
- Google as 1) the default search provider and 2) a search option
- Mozilla telemetry, to include crash reporting and anonymous statistic collection
What's more is that one of the biggest draws to Librewolf is that it comes with a ton of already tweaked/configured settings that enhance user privacy and security. Some of these include:
- Various privacy and security tweaks that overlap with various Firefox hardening guides - including the one published here on avoidthehack!. This makes Librewolf more out-of-the-box privacy friendly for the average user.
- uBlock Origin pre-installed
- Extension firewall - extensions are limited in initiating their own connections
- No "phoning home" or telemetry
- Forced HTTPS on all websites (Read more about the importance of HTTPS)
- Privacy friendly search engines (ex: DuckDuckGo, MetaGer, Qwant, and others)
- Disables the saving of login information
- Resists common fingerprinting techniques
Please note that Librewolf is not at all affiliated with Mozilla. Again, it is an independent and community-run fork of the Firefox source code. It is licensed under the Mozilla Public License 2.0.
It's important to understand that Librewolf is the continuation of a previous Firefox fork, LibreFox. Due to it being a continuation of a previous fork, be aware that Librewolf is not without its faults.
These notable faults might compromise the general user experience and include:
- Maintained by a small group of developers - however, it is a relatively "newer" project that has the capability to continuously pick up speed over time
- Support is not evenly distributed amongst different operating systems
- No signs of mobile support
- Patches come out a bit slower than regular Firefox - however, the developers have done a good job keeping up with releases so far.
This is specific to Windows 10. I'm also going with the assumption that you're not willing to build Librewolf yourself.
With a Windows OS, we've got three options for downloading and installing the Librewolf browser:
Relying on the setup.exe releases
We will go over all three methods.
Admittedly, this is probably the easiest and most familiar way of installing Librewolf for many Windows users out there. We're just going to download and install an already built
.exe binary. Please note, by using this method, we're placing a lot of trust in the compilers of this binary.
Additionally, binaries appear to only be available for 64-bit systems. If you're running a 32-bit version of Windows, you won't be able to execute these and will run into errors attempting to do so.
- Navigate to the Windows Releases page: Download Librewolf
- Look for the most recent stable release. For me, at the time of writing this, it is version 90.0.2-3:
- Download the
.exe. Referencing the screenshot above, you can see it's the librewolf-90.0.2.en-US.win64-setup.exe file for me.
- OPTIONAL: Verifying the
It's usually wise to verify files that you download from the internet - especially binaries such as this one. Proper verification gives us reasonable confidence that the file we downloaded is safe(ish) to install.
At the very least, even if the file isn't safe to install, verifying the downloaded files lets us confirm whether we got the same copy found on the server (or not.)
- On the Librewolf Windows Releases page, open the file sha256sums.txt like so:
- Navigate to the folder where you downloaded the
.exe file. Rename it to something simpler. For example, I renamed mine to librewolf:
- Click on the search bar in the start menu. Type cmd.exe. Press Enter.
certUtil -hashfile (PATH TO FILE) SHA256 and press Enter. Example:
- The hash the command line return should match the hash for the setup.exe found in the
.txt file we first opened!
- Now we can proceed to installing Librewolf... Double click on the
.exe file we previously downloaded. Click Install.
- Librewolf should install. You can then open the application from the wizard or by accessing it via the Windows Start Menu.
Alternatively, we can use Chocolatey, a package handler for Windows, to download and install Librewolf. The good thing about this method is that you can download updates to Librewolf automatically, as opposed to manually updating it.
- First, we'll have to download and install Chocolatey: Install Chocolatey
- Open the command line. An easy way to do this is to type cmd.exe in the search bar of the Windows task bar. Right click the result, Run as administrator.
- A command line window should pop up. Type
choco install librewolf into the command line and press Enter. The install process should begin.
Later builds of Windows 10 have support for Microsoft's
winget tool. This is another package handler for Windows. It's relatively experimental but largely functions just fine. Like Chocolatey, the winget tool allows you to update Librewolf from the command line.
- winget isn't native to most installations of Windows 10. This means we'll have to download and install it: Install Winget
Hint: The easiest way to install winget is to go to its official releases page on GitHub and then download the latest
- Open the command line (cmd.exe). Be sure to run it as an administrator.
- Let's search for librewolf. Type
winget search librewolf. You should get a return like so:
- Now, it's time to install Librewolf. Type
winget install librewolf. Your install should begin:
- Your installation should complete after a few minutes. Later on, you can also use winget to update librewolf as well.
If your Linux distribution cannot use Flatpak or appimages, then odds are you'll have to build Librewolf from the source code.
Most Linux distributions have two viable options for installing/using the Librewolf browser:
For this section, I am using Linux Mint. However, following the steps I've outlined here should work for most common distros out there equipped with Flatpak support.
First, if you don't have Flatpak installed and configured, you can quickly download and install it: Download FlatPak
Please note that some distributions such as Fedora, Linux Mint, and Pop! OS come with FlatPak already installed!
- Open a Terminal window
- Type the command:
flatpak install flathub io.gitlab.librewolf-community and press Enter:
- Terminal should get a hit and then ask if you want to install. Press Y on your keyboard.
- Terminal will now inform you of what it's downloading and any required permissions. Press Y on your keyboard.
- Your system should begin downloading and installing Librewolf. This may take a few minutes.
- Librewolf should be installed and ready for use!
I'm using Linux Mint for this section. Appimages should be universal for most Linux distributions and flavors, so this detail shouldn't be a problem for most users.
A kind redditor, u/Unredditer, created a bash script to check for and download the latest Librewolf appimage. (Source)
To make it easier for everyone, this script is published under the MIT license over in one of avoidthehack's GitHub repos. Previously, this script was directly hosted on our scripts.avoidthehack.com subdomain, but that subdomain has been retired.
There are a couple of ways to take advantage of this.
The absolute quickest way to get the appimage is piping to bash straight from where we have the script hosted on GitHub, which is not advised because it does not allow you to read the code about to be executed by your system.:
- Open a Terminal window
- Type the command
curl -sSL https://raw.githubusercontent.com/avoidthehack/LWScript/main/librewolf.sh | bash
- There will be a pause while your system fetches and executes the script.
- The script generally saves the appimage to your user home folder. As you can see, my system has fetched and executed the bash script. It then stored the appimage in my user Applications folder:
Now, a much safer way to get this appimage is to just fetch the script, "saving" it before we execute it. This gives you a chance to at least review it (https://raw.githubusercontent.com/avoidthehack/LWScript/main/librewolf.sh) before running anything on your system:
- Open a Terminal window
- Type the command
- Because I didn't specify where to save it, my system saved it to my user Home folder:
- Once you're ready, it's time to execute the downloaded script. Navigate back to your Terminal window.
- The script will run and download the latest Librewolf appimage.
- Again, my system downloaded the app image to my Applications folder. Double clicking it launches Librewolf, like so:
Librewolf already seems to have good support for systems running Arch as the Arch User Repository (AUR) has
librewolf packages ready to go.
For Arch, assuming you're using the YAY helper just run:
yay -S librewolf
Alternatively, you can just build your Librewolf package from source. However, this is only advisable for users who are comfortable completing such a task. You know who you are.
To get started, you'll need to visit the appropriate repository and read the respective README.md.
Depending on how to go about installing Librewolf, you may have to install future updates manually.
This seems to hold true if you use the setup.exe for Windows.
Installing updates manually typically means you must uninstall the old version of Librewolf and then download and install the new release. This must be completed each time a new version of Librewolf is released.
Additionally, you'll have to check for releases manually.
Fortunately, most methods found here should enable you to install updates without having to go through the process of manually doing it.
For example, if you used Flatpak to install Librewolf then you can simply run the command
flatpak update io.gitlab.librewolf-community to grab updates for Librewolf.
If you used Chocolatey for Windows, then from a command prompt type
choco upgrade librewolf.
If you used the Microsoft winget tool, then from a command prompt type
winget upgrade librewolf.
Librewolf is an ambitious Firefox fork that has so far held its own - in terms of keeping up with stable Firefox patches and aiming to provide better privacy and security for the end user.
Being stripped of the "bloat" found in Mozilla Firefox means that Librewolf is fast. Additionally, it's also shares the same add-on compatibility as Firefox.
For those who wish to tweak Librewolf a bit further, or are looking for addons to install you can check out avoidthehack's guide to hardening Firefox.
Hopefully this guide has helped you with downloading and installing Librewolf.
If you require more support, then we encourage you to check out the Librewolf subreddit (r/Librewolf). Bug reports should be made on the official Librewolf GitLab.
Special thanks goes out to redditor u/Unredditer for their script contribution for the appimage.
Stay safe out there!