My main browser is Librewolf but I keep a chromium browser just in case. Previously used brave but their flatpak is shit. Ungoogled chromium seems ok but it looks like they don’t change much from upstream chromium. Any good chromium browsers which harden their browsers like librewolf does for more privacy?

  • Possibly linux@lemmy.zipEnglish
    502·
    11 months ago

    I would stick to librewolf. Supporting Chromium is not good for freedom.

    Anyway, ungoogled chromium is probably the best answer. There also is Cromite which supports android and windows

    • dakd2@lemmy.world
      11·
      11 months ago

      looks like Cromite bad beacuse it has AdBlock plus instead of uBlock origin and uses google as a default search engine and includes the chrome web store

          • sir_reginald@lemmy.world
            13·
            11 months ago

            no, do not mistake yourself. they are not proprietary blobs. the whole browser is proprietary. they release a tarball with the chromium code + some changes. but the whole UI which are the main changes are proprietary (after all, like any Chromium browser, it’s mostly a re-skinned Chromium, they don’t make any changes to the engine).

            It’s a proprietary browser. They just release a bunch of code for marketing purposes. Don’t believe me? Try compiling it, and tell me if what you get is Vivaldi minus some blobs.

              • duplexsystem@lemmy.blahaj.zone
                81·
                11 months ago

                “Note that, of the three layers above, only the UI layer is closed-source. Roughly 92% of the browser’s code is open source coming from Chromium, 3% is open source coming from us, which leaves only 5% for our UI closed-source code.”

                Straight from the horses mouth. So 92% of it is the same as every other chromium browser. 3% is their oss code and 5% is closed source. That 5% more than actual open source browsers.

                Which means the final product is closed source.

  • wincing_nucleus073@lemm.ee
    8·
    11 months ago

    Cromite is the closest thing i can think of to Librewolf. Tons of hardening. but i dont think he ships a Linux version. just android and windows.

  • helpImTrappedOnline@lemmy.world
    71·
    11 months ago

    I’ve been using Thorium recently with no issues. Before I was using Vivaldi.

    Edit, Firefox is my main browser. Thorium is used as an alt for the 2 websites that don’t work in Firefox.

    Edit 2; seems the developer of Thorium has made some err questionable choices. Not with the browser itself, but a mild furry nsfw easter egg, and a link to some site talking about their beliefs against a common medical procedure performed on baby boys. I have not seen either for myself as they have both been removed as the browser gained a sudden spike in popularity.

  • spez@sh.itjust.worksOPEnglish
    5·
    11 months ago

    Thanks to everyone for replying! I have decided to stick with brave for now since after an update to the flatpak the thing’s font is back to readable again.

  • iloverocks@feddit.de
    61·
    11 months ago

    I’m currently using thorium as an appimage and it is god enough. But to be honest if you want privacy use Firefox or a fork of it.

      • iloverocks@feddit.de
        1·
        11 months ago

        The point of useing it is that privacy invasive sites like twitch or skribbl.io would still work. Twitch technicality works fine on stock Firefox unless you don’t save your history, how dare you.

        Yea I don’t know a better one yet

        • Pantherina@feddit.de
          11·
          11 months ago

          They will work on ungoogled chromium too though, I guess.

          In theory there is even the ability to store a chrome:flags override and use it like a user.js. So you could use upstream chromium and not rely on outdated stuff.

          • iloverocks@feddit.de
            1·
            11 months ago

            I will try it out after work. Do you know a way to provent automatic openings instead of librewolf? I’m currently using Hyprland and was using the appimage so it doesn’t have any conflicts.

            • Pantherina@feddit.de
              1·
              11 months ago

              Automatic openings? Like default Webbrowser? Also dont use Appimages, just dont.

              Depending on the Distro I recommend using Firefox or Brave, add their signed repo and call it a day.

              • iloverocks@feddit.de
                1·
                11 months ago

                Exactly default browser. Yes I tryed native and flatpak packages but it would constantly open all other browser instead of librewolf. Even if I defined a other one in the mineapps file

                • Pantherina@feddit.de
                  1·
                  11 months ago

                  No default browser works normally but no idea how to set that in Hyprland.

                  I highly advise against Appimages. Flatpak is only useful if you dont trust the app which is a valid opinion, but poorly then the browser cant sandbox websites on its own. So native packages are the best option for security it you trust the browser.

                  Perfect would be to have the browser isolated and also using its sandbox to isolate websites from each other. I dont know if this works though, on Android it does (not with Firefox poorly as they didnt implement it)

  • RmDebArc_5@lemmy.mlEnglish
    41·
    11 months ago

    Thorium is good for privacy and speed but not security, Vivaldi isn’t that private, ungoogled chromium removes everything google. Brave also has packages available for manual installation if you want to give it another try

    • Pantherina@feddit.de
      24·
      11 months ago

      How is Thorium privacy optimized?

      Its version is outdated and it has no focus on Privacy. Also important to see if privacy from Google or from the actual sites you visit i.e. fingerprint prevention.

      Brave is better here

      • RmDebArc_5@lemmy.mlEnglish
        2·
        11 months ago

        The repo shows all the patches. It uses some patches from ungoogled chromium for privacy. It isn’t my recommendation here, I just mentioned it because Brave didn’t work for OP

        • Pantherina@feddit.de
          2·
          11 months ago

          OP mentioned that the Flatpak is shit, and Browser Flatpaks are not as secure too. Thanks for the Link!

  • Atemu@lemmy.ml
    47·
    11 months ago

    Why bother with such micro optimisations when the purpose is to be used extremely infrequently for compatibility reasons?

  • Pantherina@feddit.de
    25·
    11 months ago

    Ironically for Browser you shouldnt use Flatpaks if you trust the browser and you care about security.

    https://madaidans-insecurities.github.io/firefox-chromium.html

    What Distro are you on? I use Firefox and Brave, both as RPM now. I actually switched for convenience (keepassxc extension works, plasma extension works etc) but they are actually more secure.

    Native Chromium is poorly way more secure than Firefox. When using the Browsers through Flatpak you need to remove the sandbox, so process isolation and memory stuff is gone, and replace the specific sandbox with bubblewrap.

    Bubblewrap is good, but doesnt support isolated Tabs.

    There are CSS exploits, but to my understanding just using Noscript in “block all by default” mode is best for security AND privacy.

    I would like to like Brave, as it is more secure, but it sucks a lot. Very bloated, tab management worse, missing extensions, damn Chromium webstore and the addon not working so no updates. It is not bad, and I want to write a hardening config soon, to remove and disable all that bloat permanently.

    I would not recommend Librewolf if you are advanced. For one it is a Flatpak, ironically (didnt know this a few weeks ago too) less secure. Also it lacks behind in updates a bit, not much, but this may become a problem.

    https://github.com/trytomakeyouprivate/Arkenfox-softening

    I am working on this tool, should work, that keeps your Arkenfox config up to date and sets a few switches to soften it. So you add that to Firefox and dont need Librewolf anymore.

    On Fedora all you need is libavcodec-freworld from rpmfusion to get everything working. But ublue.it images work best out of the box.

    Edit

    Why are you downvoting this? Doesnt it fit your opinion? I also dont like Chromium, but its more secure. I also didnt know that Flatpak browsers are less secure, but thats a fact.

      • Pantherina@feddit.de
        1·
        11 months ago

        I mean sandboxes are just pretty complex. Chromium relies on user namespaces for process isolation. Flatpak browsers are isolated but have no internal isolation of processes (one tab could attack another tab). At the same time the Flatpak sandbox itself relies on user namespaces, while the flatpakked browser cannot use the namespaces internally.

        Then there is the hardened kernel which disables user namespaces for security reasons, on the other hand people say running the Sandbox as suid means if there is a vulnerability processes get root access.

        Flatpak browsers put less trust in the code, but more in the maintainer that has to keep them as updated as possible.

        Its complex as fuck