Package Details: mullvad-browser-bin 14.0.3-2

Git Clone URL: https://aur.archlinux.org/mullvad-browser-bin.git (read-only, click to copy)
Package Base: mullvad-browser-bin
Description: Privacy-focused web browser developed by Mullvad VPN and the Tor Project
Upstream URL: https://mullvad.net/en/browser
Keywords: browser firefox mullvad privacy private
Licenses: MPL-2.0, GPL-3.0-or-later
Conflicts: mullvad-browser
Provides: mullvad-browser
Submitter: tarball
Maintainer: tarball
Last Packager: tarball
Votes: 47
Popularity: 6.74
First Submitted: 2023-04-03 14:58 (UTC)
Last Updated: 2024-12-02 22:03 (UTC)

Pinned Comments

tarball commented on 2024-06-26 08:35 (UTC)

Make sure to fetch the developers' signing key before building the package.

The official instructions are here. The link is also mentioned in the PKGBUILD.

If the site is blocked in your region, you'll have to work around it or trust me that this is what it says:

% gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

which (as of 2024-06-26) should also show this fingerprint:

EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290

If your gpg says otherwise, you may have been fed garbage.

Latest Comments

1 2 3 4 Next › Last »

lvgr commented on 2024-11-30 14:26 (UTC)

Hello, I think the maintainer could add pipewire-pulse as an optional dependency for having working audio if one is using PipeWire and not PulseAudio. Recently I've had this problem that no audio stream would play, but I've fixed it by installing that package, so I think adding it to the list of optional dependencies could be useful for other people.

Reference: https://github.com/mullvad/mullvad-browser/issues/334

tarball commented on 2024-09-06 22:08 (UTC)

I try to avoid changing more configuration than is absolutely necessary, especially in a browser that's built around the idea of sharing the same fingerprint for all users.

Automatic updates can also be disabled by letting the browser know that it's managed by an external package manager. 13.5 added some checks for it, and IIUC it was also supposed to introduce a check for @/system-install (which has been created by this package from the beginning because it's needed for some other things), but it looks like nothing came of it.

Instead, they added a check for @/is-packaged-app. If you're feeling adventurous, run:

# touch /opt/mullvad-browser/is-packaged-app

and see if it helps. It works for me, so I'll test it for a couple more days and then push an update if nothing else breaks.

tarball commented on 2024-09-04 12:38 (UTC)

Yes, it didn't work, at least a couple of months ago.

https://aur.archlinux.org/packages/mullvad-browser-bin?O=10#comment-967529

roaldclark commented on 2024-08-31 18:38 (UTC)

Have you considered placing a policies.json file in $pkgdir/opt/mullvad-browser/distribution/ to disable the browser's update check? The content of policies.json would be:

{
  "policies": {
    "DisableAppUpdate": true
  }
}

https://mozilla.github.io/policy-templates/#disableappupdate

tarball commented on 2024-06-28 21:43 (UTC)

Thanks for the research. The browser does indeed look up libavcodec.so with sonames version 53 through 60, and the latest ffmpeg only provides version 61.

Here is a test video; installing ffmpeg4.4 fixes it. I updated the package.

underuse_storage commented on 2024-06-28 21:10 (UTC) (edited on 2024-06-28 21:16 (UTC) by underuse_storage)

I recently was unable to reproduce H264 videos and AAC audio on my desktop, both from Mullvad Browser and Tor Browser.

Because video playback on Mullvad was working just fine on my laptop, I started looking for differences between the two machines. I found out that on my laptop, I also had installed the ffmpeg4.4 library. As soon as I installed ffmpeg4.4 on my desktop, video and audio playback were fixed.

I believe this issue started with the latest ffmpeg update from the Arch Repo.

Do you think ffmpeg4.4 should be added as a dependency for this package?

pvmab commented on 2024-06-26 12:29 (UTC)

That did it. Thank you.

tarball commented on 2024-06-26 08:35 (UTC)

Make sure to fetch the developers' signing key before building the package.

The official instructions are here. The link is also mentioned in the PKGBUILD.

If the site is blocked in your region, you'll have to work around it or trust me that this is what it says:

% gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

which (as of 2024-06-26) should also show this fingerprint:

EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290

If your gpg says otherwise, you may have been fed garbage.