SearchLight

Level 11
Verified
I read a couple of posts on this site about secure and private browsing. Some have mentioned that Chromium stable(from the woolys site) is better than Google Chrome because it is vanilla Chrome without calling home. Others like Brave until they started to insert ads of their own.

Is Chromium Stable the best choice of these three in terms of privacy? Clarification would be appreciated.

As an aside, no one refers to SRware Iron Browser supposedly a Chromium derivative. Not advised? Thanks.
 

Arequire

Level 26
Verified
Content Creator
Others like Brave until they started to insert ads of their own.
A clarification on Brave: They don't insert their own ads. It's a feature to receive ads as system notifications and it's wholly opt-in.
They do have sponsored images enabled by default though, which can be disabled in two clicks.

As long as there is Safe Browsing feature and/or can download extensions directly from Chrome Web Store the chromium-based browser will call home
Marmaduke's Ungoogled Chromium build has Safe Browsing disabled by default and requires the installation of an extension enable the use of the Web Store.

no one refers to SRware Iron Browser supposedly a Chromium derivative. Not advised?
SRware Iron is just Chromium with Google's web services disabled and the installation ID removed. Last time I checked it still communicated with Google on startup, and it's currently three Chromium releases behind Chrome's stable release (read: missing 46 security fixes).

As for privacy: If the objective it the least amount of web requests from the browser to its corresponding vendor then Ungoogled Chromium is your best bet. I haven't checked the traffic from it in years but last time I did it made no calls to Google outside of their integration on websites.
Just be aware that It comes with a bunch of 'management' issues that aren't present with other browsers.
 

HarborFront

Level 54
Verified
Content Creator
A clarification on Brave: They don't insert their own ads. It's a feature to receive ads as system notifications and it's wholly opt-in.
They do have sponsored images enabled by default though, which can be disabled in two clicks.


Marmaduke's Ungoogled Chromium build has Safe Browsing disabled by default and requires the installation of an extension enable the use of the Web Store.


SRware Iron is just Chromium with Google's web services disabled and the installation ID removed. Last time I checked it still communicated with Google on startup, and it's currently three Chromium releases behind Chrome's stable release (read: missing 46 security fixes).

As for privacy: If the objective it the least amount of web requests from the browser to its corresponding vendor then Ungoogled Chromium is your best bet. I haven't checked the traffic from it in years but last time I did it made no calls to Google outside of their integration on websites.
Just be aware that It comes with a bunch of 'management' issues that aren't present with other browsers.
That Ungoogled Chromium at woolyss by Marmaduke has Safe Browsing enabled which is different from the Eloston flavor. Enabling/disabling is not just simply checking/unchecking a box . There are things under the hood that needs to be done.

Read my post #63 here and see his Ungoogled Chromium over at github

 
Last edited:

HarborFront

Level 54
Verified
Content Creator
Understand. I think I will just stick with Chrome + UbO + Privacy Badger. Works tried and true. Any other extension I should add to ensure more privacy and/or security?
As long as you use Chrome browser it'll collect info from you. You'll need many extensions (which many here will not recommend) to minimize against websites collecting info from you. Can also use Adguard for Windows/BlackFog Privacy to do a similar job
 
Last edited:

oldschool

Level 56
Verified
There is no "best", only personal preference. @HarborFront @Arequire make valid points. I suggest Brave for out-of-the-box usability and privacy when properly configured via Brave > Settings. Chromium is more minimalist overall and requires slightly more configuration via chrome://flags + extensions. Eloston versions trail behind Marmaduke @ woolyss and raw Chromium builds.
 
Last edited:

SearchLight

Level 11
Verified
Thanks so much for the Brave clarification by all of you tech gurus. It is appreciated.
Based on the clarifications here, I download and installed it. With the much hubbub about the inserted ads, I turned them off as described by Arequire above. Being that it has its own impressive shields is there any other extension that should be added like Privacy Badger or Decentraleyes to complete it or is it fine as is?
 

HarborFront

Level 54
Verified
Content Creator
There is no "best", only personal preference. @HarborFront @Arequire make valid points. I suggest Brave for out-of-the-box usability and privacy, when properly configured via Brave > Settings. Chromium is more minimalist ovarall and requires slightly more configuration via flags at about:chrome + extensions. Eloston versions trail behind Marmaduke @ woolyss and raw Chromium builds.
FYI, the WIndows version for Ungoogled Chromium is worked upon now, update to Chromium 84.0.4147.89


Hopefully, it can be completed and released soon
 

security123

Level 26
Verified
Understand. I think I will just stick with Chrome + UbO + Privacy Badger. Works tried and true. Any other extension I should add to ensure more privacy and/or security?
Don't bloat your browser with insecure and untrusted extensions. Use browser internal features and you're done.
The whole extension guides are a mess.

Why is Firefox not on the list, if you are talking about safe browsing?

Its supports DOH with a few simple clicks.
Also you can enable DNSSEC and Encrypted SNI very easily using the about:config.
Firefox lack a lot of important security and privacy features like site isolation and sandboxing.
You can read more here: Firefox and Chromium Security | Madaidan's Insecurities

Also I recommend Chromium-Edge as Browser as it's native in Windows and has best compatibility with Windows security.
Security experts like Daniel Micay are against Brave as it's just another way of marketing ads.
Other Chromium forks are outdated, not digital signed or have other problems.
 

shmu26

Level 85
Verified
Trusted
Content Creator
1 If you care about security, then browser updates are essential. Google Chrome is always ahead in the update department.

2 Every time you add an extension to your browser that has any kind of permissions, you are punching a hole in your security. What if the extension gets hacked, or sold, or the owner compromises his principles?

3 Conclusion: excessive paranoia about privacy often comes at the expense of security. Call me crass, but I would rather tell a database where I buy my socks than give a hacker my credit card.
 

Opc9

Level 1
Firefox lack a lot of important security and privacy features like site isolation and sandboxing.
You can read more here: Firefox and Chromium Security | Madaidan's Insecurities

Also I recommend Chromium-Edge as Browser as it's native in Windows and has best compatibility with Windows security.
Security experts like Daniel Micay are against Brave as it's just another way of marketing ads.
Other Chromium forks are outdated, not digital signed or have other problems.

I had a quick look the updated Chromium-Edge.

Could not find an easy way to enable DOH through the browser settings/Flags. Although this can be done using something like DNS crypt externally
Does not enable TLS 1.3 by default. Not that big of an issue but still not impressed.

DO you know if you can enable DOH or encrypted SNI using this Chromium Edge browser?

Also stumbled across this article while trying to find a way to configure the browser.

Mostly likely going to removed edge. But will still look at other Chromium variants.
 
Last edited:

security123

Level 26
Verified
I had a quick look the updated Chromium-Edge.

Could not find an easy way to enable DOH through the browser settings/Flags. Although this can be done using something like DNS crypt externally
Does not enable TLS 1.3 by default. Not that big of an issue but still not impressed.

DO you know if you can enable DOH or encrypted SNI using this Chromium Edge browser?

Also stumbled across this article while trying to find a way to configure the browser.

Mostly likely going to removed edge. But will still look at other Chromium variants.
You can enable secure DNS in Edge flags. I guess they're working on better config.

TLS 1.3 is enabled by default.

Encrypted SNI / eSNI is still a draft and no Chromium browser support that yet.

The article is misleading. You can config Edge like you want. Also it respect automatically your windows privacy settings. No other browser does that.
 

Spawn

Administrator
Verified
Staff member
Others like Brave until they started to insert ads of their own.
You want a sustainable Browser, use Brave.
 

Opc9

Level 1
You can enable secure DNS in Edge flags. I guess they're working on better config.

TLS 1.3 is enabled by default.

Encrypted SNI / eSNI is still a draft and no Chromium browser support that yet.

The article is misleading. You can config Edge like you want. Also it respect automatically your windows privacy settings. No other browser does that.

I have this version of Edge install 84.0.522.52.

Followed the guide below and there is no option to enable DOH

According to Clouflare TLS 1.3 is not fully working with this browser.
 
Last edited:

Opc9

Level 1
egde sni.jpg
 
Top