Guest Posted July 1, 2022 Posted July 1, 2022 https://github.com/dreammjow/ChromiumHardening/blob/main/flags/chrome-command-line.md Even Chromium-based browsers can be hardened to protect our privacy/security. Check out the multiple info in this link if they can help you. Do not use all the command line switches or flags described. But choose and especially check those that may seem useful to you.
XPerceniol Posted July 1, 2022 Posted July 1, 2022 (edited) 7 hours ago, Sampei.Nihira said: https://github.com/dreammjow/ChromiumHardening/blob/main/flags/chrome-command-line.md Even Chromium-based browsers can be hardened to protect our privacy/security. Check out the multiple info in this link if they can help you. Do not use all the command line switches or flags described. But choose and especially check those that may seem useful to you. TY Edited July 1, 2022 by XPerceniol
Guest Posted July 3, 2022 Posted July 3, 2022 (edited) It should be kept in mind that it is not possible to add many Command Lines Switches to "destination" (I hope in English" is called identically). In my opinion (but I personally use few of them) it is necessary to create a batch file: Edited July 3, 2022 by Sampei.Nihira
Eddie Phizika Posted July 6, 2022 Posted July 6, 2022 (edited) I think the main point about the viability of hardening a browser is the case where the code from it is already safe enough along with how architecturally vulnerable it is. By that i mean, chromium may be the worst because it's a whole operating system inside a binary with so much stuff that isn't even browsing-related and the code is just so massive and long-standing. but the complexity of things like its true multi-process architecture, and, particularly, the way the architecture works in certain operating systems, brings extra attack vectors where things do not always happen in userland in a more dominant way and things get mixed (windows NT is an example where that may be a security liability from the way the browser manipulates the OS, but linux is just a kernel and we know there are plenty distros that operate in a very similar way). The browser may be jailed like people in OpenBSD world do, but sometimes you can't jail the browser because you do not want to lose performance (i'm fully anti-sandbox in a desktop system level, for me it was a way of reducing OS and virus protection costs from microsoft, google and apple, the same i think about real time protection). Firefox is better in that respect, and some kind of safari-like browser would be better than the two, as webkit seems to be, in a contradictory way, the freest and easiest community maintainable open source engine from the 3 mainstream ones today, and you can even see people backporting webkit2 code to webkit1 in the WebPositive Haiku browser. I think the ideal mainstream browser to be hardened should be a webkit2 one, Although i'm biased to UXP/PM due to design decisions, way cleaner/smaller codebase, and architectural differences, i think these are my views about the three main platforms. Edited July 6, 2022 by Eddie Phizika
Guest Posted July 6, 2022 Posted July 6, 2022 Hi, Firefox is conceptually less secure than Chromium-based browsers not only in Windows Operating Systems: https://madaidans-insecurities.github.io/firefox-chromium.html
XPerceniol Posted July 7, 2022 Posted July 7, 2022 (edited) https://madaidans-insecurities.github.io/browser-tracking.html ...? From that site: Quote Even if you did magically create a blacklist of every single tracker domain ever, the website does not need to connect to a third party domain to run tracking code. For example, blocking Google Analytics does not prevent the website from simply running their own first party tracking code or even hosting third party tracking code from a first party domain. The website can then share this information to the people that made the trackers you've blocked, so everyone gets the exact same information they would have gotten in the first place. Blocking trackers can only remove some low hanging fruit and is not a proper approach to systemically improving privacy. I would like very much to know your opinion on this as I know you have given us a wealth of knowledge on here re the subject. Hope all is well Edited July 7, 2022 by XPerceniol
Guest Posted July 8, 2022 Posted July 8, 2022 (edited) The article quite drastically says that it is not possible to eliminate tracking and fingerprinting in other non-Tor browsers. This statement is indeed unfortunately true. It should also be said that unfortunately there is no practical effectiveness to using Tor for all our web activity. So, as is often the case, a compromise must be made. If you use non-Tor browsers there is a chance to greatly reduce tracking and fingeprinting. (Don't cancel tracking and fingeprinting,just reduce these 2 anti-privacy factors). Edited July 8, 2022 by Sampei.Nihira
XPerceniol Posted July 12, 2022 Posted July 12, 2022 On 7/8/2022 at 10:07 AM, Sampei.Nihira said: The article quite drastically says that it is not possible to eliminate tracking and fingerprinting in other non-Tor browsers. This statement is indeed unfortunately true. It should also be said that unfortunately there is no practical effectiveness to using Tor for all our web activity. So, as is often the case, a compromise must be made. If you use non-Tor browsers there is a chance to greatly reduce tracking and fingeprinting. (Don't cancel tracking and fingeprinting,just reduce these 2 anti-privacy factors). I see .. I headed over to: https://canvasblocker.kkapsner.de/test/ ... and ran a few tests and only 1 says I'm safe.
XPerceniol Posted July 12, 2022 Posted July 12, 2022 (edited) Bit worse on 360 Chrome V11. Do you know what "API tampering detected" means? thank you as always for your insight Edited July 12, 2022 by XPerceniol
Guest Posted July 12, 2022 Posted July 12, 2022 (edited) Hi, You should ask kkapsner not me. You cannot compare an extension-specific (privacy) test in the absence of the extension.... But probably in my browser the test,with an obviously different layout, would still pass. I would like to advise you a correct way to deal with hardening (of Chromium-based browsers) otherwise I would have titled the thread in a different way don't you think ? Check in your Chromium-based browser if sandbox support returns a status. chrome://sandbox And whether hardening is possible. If you want to check a comparison in Firefox-based browsers (that would not be the purpose of this thread) you need to give the command: about:support Example of a Chromium-based browser (my browser) with hardening done,of course also thanks to the command-lines included in the first post of the thread: Edited July 12, 2022 by Sampei.Nihira
XPerceniol Posted July 13, 2022 Posted July 13, 2022 (edited) 18 hours ago, Sampei.Nihira said: Hi, You should ask kkapsner not me. Oh, even if I could ask the developer I'd still would ask you first as I trust your judgment and advice. 18 hours ago, Sampei.Nihira said: chrome://sandbox And whether hardening is possible. If you want to check a comparison in Firefox-based browsers (that would not be the purpose of this thread) you need to give the command: about:support Example of a Chromium-based browser (my browser) with hardening done,of course also thanks to the command-lines included in the first post of the thread: Thank you for the help regarding security question. I confess, I'm largely clueless 90% of the time anyway. Ha! I put the ph in confusion. Sometimes I (actually) learn it and have learned so much here at MSFN. Edited July 13, 2022 by XPerceniol
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now