1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 21:02:09 +00:00
seirdy.one/content/notes/caveats-to-ungoogled-chromium-recommendations.md
2024-07-15 00:15:10 -04:00

2.2 KiB

title date syndicatedCopies
Caveats to Ungoogled Chromium recommendations 2024-07-15T00:05:38-04:00
title url
The Fediverse https://pleroma.envs.net/objects/b4de6133-3e88-448a-a795-874d285e56da
title url
jstpst https://jstpst.net/f/technology/10291/caveats-to-ungoogled-chromium-recommendations

In the wake of a certain ad-funded browser company bundling adtech into its browser yet again, some people have been recommending Ungoogled-Chromium (UGC). I think it's fine to recommend UGC with caveats, such as the fact that it disables component updates that include:

  • Certificate revocation. Chromium uses downloaded CRLSets for revocation; it does not support OCSP.

  • Out of band security patches. When browser components have exploits in the wild, they need to be patched ASAP; updating billions of installations within time-frames measured in hours often means restartless out-of-band updates.

  • Out of band certificate bundle updates.

If you assume Google uses its component update server logs maliciously, you may wish to consider a fork that still offers component updates provided by a different party's servers.

UGC disabled mDNS at one point. This exposed local IP addresses over WebRTC for years, but they seem to have shipped a fix in May 2023 to disable non-proxied UDP.

UGC also disables the Chrome Web Store in favor of installing extensions out of band. Make sure you regularly update your extensions installed out-of-band, since UGC won't do it on its own. Some scripts and a special extension re-implement some of this functionality.

Overall, UGC is still safer than QtWebEngine despite making heavy compromises to security for privacy (though I can't see how either benefited from disabling mDNS: I'm not aware of threat models under which revealing a local IP to every application is preferable to revealing it to just Google). Running UGC is fine if you understand these trade-offs and have accounted for them. I use it in headless mode to run accessibility and performance tests.