HarborFront

Level 54
Verified
Content Creator
I downloaded it to confirm and Safe Browsing is disabled by default. I also left the browser running for an hour and used Fiddler to record the network traffic from first-run; it made no connection to any Google properties within that hour.
Maybe you should go to some sites and test to see whether Safe Browsing kicks in or not? Disable other extensions like uBO, netcraft etc. Can test at sites like Phishtank and Openphish

You can read his Win 64 version for Ungoogled Chromium below

Screenshot_20200803_175900_com.kiwibrowser.browser.jpg
 
Last edited:

Arequire

Level 25
Verified
Content Creator
Maybe you should go to some sites and test to see whether Safe Browsing kicks in or not? Disable other extensions like uBO, netcraft etc. Can test at sites like Phishtank and Openphish
Tested all OpenPhish links (would've done PhishTank too but was short on time) that were present on the main page in UC. Safe Browsing didn't trigger for any of them. Tested the same links in Brave with Safe Browsing enabled. Safe Browsing triggered on the first link.
So Safe Browsing definitely disabled in Marmaduke's UC build.
 

security123

Level 24
Verified
How about Iridium?

Not recommend.
current version 2020.04.81
(based on Chromium 81.0.4044.92)
Chromium 81 branch is from Jan 30, 2020.
Latest one is 85.
See Chromium Development Calendar and Release Info - The Chromium Projects
 

Arequire

Level 25
Verified
Content Creator
How about Iridium?

11 builds behind Chrome's stable release. 67 missing security fixes. Can't say anything about its privacy chops as I have no experience with the browser, but it's build is so far behind it shouldn't even be considered if you value your security.
 

HarborFront

Level 54
Verified
Content Creator
Tested all OpenPhish links (would've done PhishTank too but was short on time) that were present on the main page in UC. Safe Browsing didn't trigger for any of them. Tested the same links in Brave with Safe Browsing enabled. Safe Browsing triggered on the first link.
So Safe Browsing definitely disabled in Marmaduke's UC build.
When Safe Browsing did not trigger the red screen for UC for the same website tested using Brave did you monitor the connections and checked whether any calls back to Google?

Thanks
 

Opc9

Level 1
When Safe Browsing did not trigger the red screen for UC for the same website tested using Brave did you monitor the connections and checked whether any calls back to Google?

Thanks
If calls back or telemetry is a security concern why address it on an app by app basis and not globally ?

Using a global DNS blocker like pi-hole or peer-block etc to block all telemetry from all browsers, av software and even your OS..
 
Last edited:

Opc9

Level 1
Do you use Bitdefender?
Yes I am.

I have Firefox, Brave and Edge installed. Both Brave and FireFox show TLS 1.3 support on Cloudflare.
Edge is the only browser that does not show TLS1.3 working correctly on my system.

BitDefender could be causing an issue with Edge but brave and FF seems unaffected.
Will attach a pic of FF with DOH and sni encryption enabled.
 

Attachments

Last edited:

security123

Level 24
Verified
Can you confirm which version of edge your are using.
You can see that on my second screen. 84.0.522.52

Did you manage to find a way to enable DOH ?
I was only able to get Edge to use DNSSEC and DOH by using a 3rd a party program i could not configure the browser natively.
As i say, Edge flags provide a secure dns setting
Code:
Secure DNS lookups
Enables DNS over HTTPS. When this feature is enabled, your browser may try to use a secure HTTPS connection to look up the addresses of websites and other web resources. – Mac, Windows

#dns-over-https
 

SeriousHoax

Level 29
Verified
Malware Tester
Update: Btidefender was indeed causing the issue with Edge disabling the Encrypted web scan got Edge TLS 1.3 to work correctly.
Stange that Brave and FF was not affected by BitDefender.
Just what I suspected. Bitdefender is the reason. Bitdefender downgrades connections to TLS 1.2. But they actually don't do HTTPS scanning on most of the trusted page but not sure why it wasn't scanning the site on Firefox but on Chromium Edge.
 

blackice

Level 27
Verified
1 If you care about security, then browser updates are essential. Google Chrome is always ahead in the update department.

2 Every time you add an extension to your browser that has any kind of permissions, you are punching a hole in your security. What if the extension gets hacked, or sold, or the owner compromises his principles?

3 Conclusion: excessive paranoia about privacy often comes at the expense of security. Call me crass, but I would rather tell a database where I buy my socks than give a hacker my credit card.
I think most people are just worried about hiding certain browsing habits that are publicly embarrassing. 😳
 
Top