After several years of warning after warning after advisory after advisory and calls to repeatedly update or remove andNOT USE CHROME by the Department of Homeland Security, it should be inconceivable that anyone does - but they do.
Sometimes these are patched with automatic updates before horrific and catastrophic results occur, sometimes not. To be frank, part of the problem stems from the fact that Chrome is the largest attack surface out there where browsers are concerned, but notwithstanding it being the fav target are also serious privacy concerns that aren't shared by other chromium based browsers.
To be fair, many exploits are indeed shared by other chromium based browsers, but not most, while some are related to other browser capabilities, like WebRTC, but it's still best to just ditch Chrome and never look back.
Here's more coverage on vulnerabilities issued less than a month ago. It took 3 seconds to bring this up, and no, not using Google, which didn't reveal this when I tried that search engine in a subsequent search, lolz. Why would they return SERPs that poo poo their own product?
There's truly only one way to ensure safety - unplug. But there's a lot of simple things you can do to exact a reasonable level of security, so why not observe some of those best practices? It's not like it will cramp your style.
Anyway, that's my two cents. h/t to @darnell for raising awareness of this latest brokewell. Make sure you take the time to visit the link he's provided for you too.
There are plenty of #Browsers that run on #Android (to name a few, alphabetized):
Brave Browser
Chromium
DuckDuckGo
Firefox
Kiwi
Vivaldi
IMO, No one should be running Chrome - Desktop or otherwise. It's a privacy nightmare even when there aren't CERT warnings circulating.
Decided to test some browser fingerprinting this morning via the Cover Your Tracks tool by @eff. @brave, @librewolf, and (no surprise) @torproject all performed (or appeard to perform) better than @mullvadnet.
Dunno. I like uBlock Origin a lot but disabling scripts per site is not something that feels very comfortable for me. With LibreJS it can be quite a hassle but I’m already quite used to that, and on the way I kind of learn things. Like that blocking scripts about Apple and Google logins at Twitter with LibreJS helps with clutter free reading and not being asked to login.
How does this work exactly. I get it can see a fair amount of stuff on my browser, but if I close the page and then reopen the visit doesn’t go to 2 and I don’t see the signature I added. Does this mean it cannot fingerprint my setup?
Edit: I also tried this on my fairly vanilla firefox installation with ublock origin and I see that the visit count will go up as I return to the page—so I suppose the fingerprinting is working on that setup. On my iPad with adguard each visit appears to be unique.
"The early results come after the EU's sweeping Digital Markets Act, which aims to remove unfair competition, took effect on March 7, forcing #bigtech companies to offer mobile users the ability to select from a list of available web #browsers from a #choicescreen."
Cross-Industry Giants Unite for Speedometer 3.0 browser benchmark
Since its inception in 2014 by the WebKit team, Speedometer has served as an essential barometer for browser engines, propelling performance enhancements to meet the escalating demands for more dynamic and seamless online experiences.
@stshank They can only kill web apps on Apple products. That's not the EU. And the EU is about fine them $500m+ for what's been called "malicious compliance" with EU regulations. I'll back the EU every time.
More "Are you absolutely sure you want to do that thing you chose to do, that I think you shouldn't be doing?" bullshit.
So now anything we choose to download is scanned and shared and compared against an index somewhere of downloads that are considered "safe" and "acceptable"? And anything not "acceptable" to the machine must be characterised with suspicion, as a dangerous threat?
"When using Malware Protection to protect downloaded files, Firefox may communicate with Mozilla's partners to verify the safety of certain executable files. In these cases, Firefox will submit some information about the file, including the name, origin, size and a cryptographic hash of the contents, to the Google Safe Browsing service which helps Firefox determine whether or not the file should be blocked."
Been thinking about software bloat (and Zawinski's law), particularly with browsers, and had an idea.
The promise of add-ons was that we could have a lean core and then whatever additional functionality we wanted could be customised. In reality, most users probably have 1-2 add-ons and we can't expect most people to trawl through software repositories just trying to get their browser to do what they would consider to be "simple stuff".
But what if browsers were more like distros? No one expects Linux, GNU/Linux, or even say Debian to meet the needs of most users as-is or for most users to select all the various software packages necessary to bring it up to that they need.
We could have a Gecko/Firefox core and then different browser distros could select a set of add-ons that make it functional in a particular way. That way, each browser distro could make sure that the set of add-ons worked together and met the needs of their particular user base.
And in Linux land, Linux distros could include their particular browser distro tailored to their intended audience.
So I've been messing with browsers for a while, and I think I've finally decided on Vivaldi. 😎
Yay for Profiles that work well because all my sanity is based on splitting up all the projects into profiles. I also like that I don't have to give up my favourite Chrome extensions. Panels are useful too.
Fascinating to see how they've built Mastodon in. I like the prompts they push out over the first few days for onboarding. :blobcatthinking:
@MondayMarionJ@rLok@pixelcats That a selling point- tranlslation. I’ll give it a whirl in the desktop and iOS. Also privacy- yeah that will be useful too.
@GQB@MondayMarionJ@rLok Translation Protip - for desktop check out the Deepl extension - for Edge, Firefox or Chrome (the chrome one works in Vivaldi) .. so good!
Of course machine translations are never perfect, but it's better than Google/Weverse and you just have to highlight some text .. https://www.deepl.com
I've been playing with the tool built into Vivaldi this evening and it is also cool - but it seems to fail at recognizing Korean fairly often, and you need the panel open.
It’s amusing reading on various sites how users of desktop browsers based on Chromium 121.x, which went Stable this past week, have become so upset because — gasp! — the top of each tab is now separated from the bottom of the tab by a thin line (similar to what Firefox did a few versions back)
Even if I were a tabs-hoarder, as many of them seem to be, I don’t think I could work up this much artificial outrage over such a topic.
He traduït al català l'article que vaig publicar aquest dilluns al meu bloc sobre com activar en 4 passos molt simples l'opció oculta de Firefox per blocar automàticament els bàners de les galetes.
@worldwidewerner It's Firefox but they remove all the ads and commercial stuff. It was an independent project, then Startpage.com bought it, then sold it back to its owner. https://www.waterfox.net
As far as I’m aware, Waterfox has never been listed anywhere as a privacy tool, and rightly so.
It has been acquired by a ad marketing company at one point. Also, having a look at the Terms page, it seems Waterfox sends at least some telemetry to their company2. It also has "Safe Browsing Service" enabled by default, which is a service by Google and has a history of collecting data and forwarding them to authorities and cencorship.
Waterfox is a great browser, but it is certainly not a privacy browser.