Librewolf but like... for chromium?
Librewolf but like... for chromium?
My main browser is Librewolf but I keep a chromium browser just in case. Previously used brave but their flatpak is shit. Ungoogled chromium seems ok but it looks like they don't change much from upstream chromium. Any good chromium browsers which harden their browsers like librewolf does for more privacy?
I would stick to librewolf. Supporting Chromium is not good for freedom.
Anyway, ungoogled chromium is probably the best answer. There also is Cromite which supports android and windows
Cromite is the closest thing i can think of to Librewolf. Tons of hardening. but i dont think he ships a Linux version. just android and windows.
I'm currently using thorium as an appimage and it is god enough. But to be honest if you want privacy use Firefox or a fork of it.
- not sandboxed
- no repo, no updates, always the risk of malware
- not hardened
- outdated version
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=tR-dhc_SWBk
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
The point of useing it is that privacy invasive sites like twitch or skribbl.io would still work. Twitch technicality works fine on stock Firefox unless you don't save your history, how dare you.
Yea I don't know a better one yet
I've been using Thorium recently with no issues. Before I was using Vivaldi.
Edit, Firefox is my main browser. Thorium is used as an alt for the 2 websites that don't work in Firefox.
Edit 2; seems the developer of Thorium has made some err questionable choices. Not with the browser itself, but a mild furry nsfw easter egg, and a link to some site talking about their beliefs against a common medical procedure performed on baby boys. I have not seen either for myself as they have both been removed as the browser gained a sudden spike in popularity.
Highly advise against Chromium, see different comment
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=tR-dhc_SWBk
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
Thorium would be good but it probably has too few contributors
And it is also outdated and not privacy optimised (which seems way less documented than with Firefox). Not sure if appimages even have sandbox or if that is broken too.
Thanks to everyone for replying! I have decided to stick with brave for now since after an update to the flatpak the thing's font is back to readable again.
Permanently Deleted
I use hardened Chrome with a lot of flags/features disabled and some privacy extensions. It's good enough for me.
hardened chrome
lmao.
What's so funny?
Chrome or Chromium? Because that "hardening" is only the switches they allow you to use, so if its full of proprietary tracking software it is not hardened at all
Thorium is good for privacy and speed but not security, Vivaldi isn’t that private, ungoogled chromium removes everything google. Brave also has packages available for manual installation if you want to give it another try
How is Thorium privacy optimized?
Its version is outdated and it has no focus on Privacy. Also important to see if privacy from Google or from the actual sites you visit i.e. fingerprint prevention.
Brave is better here
The repo shows all the patches. It uses some patches from ungoogled chromium for privacy. It isn’t my recommendation here, I just mentioned it because Brave didn’t work for OP
Maybe not up to date enough, degoogled but not fingerprinting improved.
it's more than enough for the very few sites not working in Librewolf.
I use Vivaldi, I don't know a better Chromium for privacy nor because other features (made in the EU by a employee-owned cooperative, no extern investors, gutted Chromium base (no phones to Google), no tracking, no logging, inbuild ad- and trackerblocker with customizables filterlists, encrypted sync, feed reader, mail client, calendar, reader list, reader view, splitscreen, full customizable UI, command chains, etc......). Apart with your account an own blogging platform, mail service, included an Mastodon account in the Vivaldis own instance, which you can use with your account. https://vivaldi.com
Vivaldi is not private. A good browser? It surely is. But it's not private.
It's also proprietary software, which is unacceptable. And yeah, don't repeat to me their marketing techniques. Yes, they release some partial source code. In practice, that's the same as releasing nothing. Just a marketing trick.
No, it isn't, try and see it yourself.
Yeah, but it is closed sourced.
Yes and no, 5% of the script, corresponding to its unique UI is proprietary, but 100% auditable and even moddeable by the user (in the Forum they show you even how to do it, at own risk, logical). And its better so this way, making it OpenSource too, Chrome and Edge are the first in forking it, which will be the end of Vivaldi and any other Chromium. Anyway, with more than 100 browsers curretntly in the market, OpenSource or not isn't the most important poiny, more important the ethics and transparency respect the user of the company. Respect privacy it is irrelevant, it depends only of the manufactor of the product, not if it OpenSource or not, all spying APIs of Google, Facebook, MS & cia are all OpenSource and included in a lot of the FOSS in the market (also in Firefox, eg the "save" browsing API is from Google, not really needed if you use an adblocker (uBO), which contains a similar function, this API send your browsing data to Google who host the list of phising sites but also logs your activity, If you can, desactivate it, in Vivaldi you can do it in the privacy settings)
Why bother with such micro optimisations when the purpose is to be used extremely infrequently for compatibility reasons?
Por que no los dos?
Ironically for Browser you shouldnt use Flatpaks if you trust the browser and you care about security.
https://madaidans-insecurities.github.io/firefox-chromium.html
What Distro are you on? I use Firefox and Brave, both as RPM now. I actually switched for convenience (keepassxc extension works, plasma extension works etc) but they are actually more secure.
Native Chromium is poorly way more secure than Firefox. When using the Browsers through Flatpak you need to remove the sandbox, so process isolation and memory stuff is gone, and replace the specific sandbox with bubblewrap.
Bubblewrap is good, but doesnt support isolated Tabs.
There are CSS exploits, but to my understanding just using Noscript in "block all by default" mode is best for security AND privacy.
I would like to like Brave, as it is more secure, but it sucks a lot. Very bloated, tab management worse, missing extensions, damn Chromium webstore and the addon not working so no updates. It is not bad, and I want to write a hardening config soon, to remove and disable all that bloat permanently.
I would not recommend Librewolf if you are advanced. For one it is a Flatpak, ironically (didnt know this a few weeks ago too) less secure. Also it lacks behind in updates a bit, not much, but this may become a problem.
https://github.com/trytomakeyouprivate/Arkenfox-softening
I am working on this tool, should work, that keeps your Arkenfox config up to date and sets a few switches to soften it. So you add that to Firefox and dont need Librewolf anymore.
On Fedora all you need is
libavcodec-freworldfrom rpmfusion to get everything working. But ublue.it images work best out of the box.Edit
Why are you downvoting this? Doesnt it fit your opinion? I also dont like Chromium, but its more secure. I also didnt know that Flatpak browsers are less secure, but thats a fact.
Flatpaks are really good, but people have so much faith in flatpaks is really frightening.
I mean sandboxes are just pretty complex. Chromium relies on user namespaces for process isolation. Flatpak browsers are isolated but have no internal isolation of processes (one tab could attack another tab). At the same time the Flatpak sandbox itself relies on user namespaces, while the flatpakked browser cannot use the namespaces internally.
Then there is the hardened kernel which disables user namespaces for security reasons, on the other hand people say running the Sandbox as suid means if there is a vulnerability processes get root access.
Flatpak browsers put less trust in the code, but more in the maintainer that has to keep them as updated as possible.
Its complex as fuck
Can you say more or provide a source on why you shouldn't use a browser as a Flatpak? Is it just because the sandboxing is potentially weaker?
The Chromium sandbox needs to be removed and something like Zypak needs to be used.
This means that the internal Browser sandbox is weaker and tab isolation. I could not find the source for that yet.
Even though pretty old and probably outdated, some points are for sure true. Some apps like Onionshare are horribly outdated, and unless every app has at least one packager responsible for it, best official and paid, its a total mess.
Chromium on Flatpak stable for the first time - GNOME blog post
Flatpak Browser Sandbox Challenges
These where not the sources I refer to, and it is pretty complex. Secureblue disables user namespaces and uses bubblewrap-suid for security, but after madaidans statement that would mean a hole in bubblewrap allows the app root privileges.
Permanently Deleted
Check this out
https://github.com/trytomakeyouprivate/braveinstall-fedora-atomic
Did you add the key, so that the repo has GPG verification?
Yes, Brave won't even install without GPG verification, but I did it manual way..
cat /etc/yum.repos.d/brave.repo[brave-browser] name=Brave Stable Channel baseurl=https://brave-browser-rpm-release.s3.brave.com/$basearch enabled=1 gpgcheck=1 repo_gpgcheck=1 #gpgkey="https://brave-browser-rpm-release.s3.brave.com/brave-core.asc" gpgkey=file:///etc/pki/rpm-gpg/brave-core.asc