Battle Chromium vs Google Chrome vs Brave Browser - Which One is Best?

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
626
I read a couple of posts on this site about secure and private browsing. Some have mentioned that Chromium stable(from the woolys site) is better than Google Chrome because it is vanilla Chrome without calling home. Others like Brave until they started to insert ads of their own.

Is Chromium Stable the best choice of these three in terms of privacy? Clarification would be appreciated.

As an aside, no one refers to SRware Iron Browser supposedly a Chromium derivative. Not advised? Thanks.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
I downloaded it to confirm and Safe Browsing is disabled by default. I also left the browser running for an hour and used Fiddler to record the network traffic from first-run; it made no connection to any Google properties within that hour.
Maybe you should go to some sites and test to see whether Safe Browsing kicks in or not? Disable other extensions like uBO, netcraft etc. Can test at sites like Phishtank and Openphish

You can read his Win 64 version for Ungoogled Chromium below

Screenshot_20200803_175900_com.kiwibrowser.browser.jpg
 
Last edited:

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
Maybe you should go to some sites and test to see whether Safe Browsing kicks in or not? Disable other extensions like uBO, netcraft etc. Can test at sites like Phishtank and Openphish
Tested all OpenPhish links (would've done PhishTank too but was short on time) that were present on the main page in UC. Safe Browsing didn't trigger for any of them. Tested the same links in Brave with Safe Browsing enabled. Safe Browsing triggered on the first link.
So Safe Browsing definitely disabled in Marmaduke's UC build.
 
F

ForgottenSeer 85179

How about Iridium?

Not recommend.
current version 2020.04.81
(based on Chromium 81.0.4044.92)

Chromium 81 branch is from Jan 30, 2020.
Latest one is 85.
See Chromium Development Calendar and Release Info - The Chromium Projects
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
How about Iridium?

11 builds behind Chrome's stable release. 67 missing security fixes. Can't say anything about its privacy chops as I have no experience with the browser, but it's build is so far behind it shouldn't even be considered if you value your security.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
Tested all OpenPhish links (would've done PhishTank too but was short on time) that were present on the main page in UC. Safe Browsing didn't trigger for any of them. Tested the same links in Brave with Safe Browsing enabled. Safe Browsing triggered on the first link.
So Safe Browsing definitely disabled in Marmaduke's UC build.
When Safe Browsing did not trigger the red screen for UC for the same website tested using Brave did you monitor the connections and checked whether any calls back to Google?

Thanks
 

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
549
When Safe Browsing did not trigger the red screen for UC for the same website tested using Brave did you monitor the connections and checked whether any calls back to Google?

Thanks

If calls back or telemetry is a security concern why address it on an app by app basis and not globally ?

Using a global DNS blocker like pi-hole or peer-block etc to block all telemetry from all browsers, av software and even your OS..
 
Last edited:

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,698

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
549
Do you use Bitdefender?
Yes I am.

I have Firefox, Brave and Edge installed. Both Brave and FireFox show TLS 1.3 support on Cloudflare.
Edge is the only browser that does not show TLS1.3 working correctly on my system.

BitDefender could be causing an issue with Edge but brave and FF seems unaffected.
Will attach a pic of FF with DOH and sni encryption enabled.
 

Attachments

  • Firefox sni.jpg
    Firefox sni.jpg
    397.7 KB · Views: 546
Last edited:
F

ForgottenSeer 85179

Can you confirm which version of edge your are using.
You can see that on my second screen. 84.0.522.52

Did you manage to find a way to enable DOH ?
I was only able to get Edge to use DNSSEC and DOH by using a 3rd a party program i could not configure the browser natively.
As i say, Edge flags provide a secure dns setting
Code:
Secure DNS lookups
Enables DNS over HTTPS. When this feature is enabled, your browser may try to use a secure HTTPS connection to look up the addresses of websites and other web resources. – Mac, Windows

#dns-over-https
 

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
549
Do you use Bitdefender?

Update: BitDefender was indeed causing the issue with Edge disabling the Encrypted web scan got Edge TLS 1.3 to work correctly.
Strange that with Brave and FF TLS 1.3 was not affected by BitDefender.

On a side note. With Kaspersky security cloud SNI encryption does not work if secure TLS scanning is enable.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868
Update: Btidefender was indeed causing the issue with Edge disabling the Encrypted web scan got Edge TLS 1.3 to work correctly.
Stange that Brave and FF was not affected by BitDefender.
Just what I suspected. Bitdefender is the reason. Bitdefender downgrades connections to TLS 1.2. But they actually don't do HTTPS scanning on most of the trusted page but not sure why it wasn't scanning the site on Firefox but on Chromium Edge.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
1 If you care about security, then browser updates are essential. Google Chrome is always ahead in the update department.

2 Every time you add an extension to your browser that has any kind of permissions, you are punching a hole in your security. What if the extension gets hacked, or sold, or the owner compromises his principles?

3 Conclusion: excessive paranoia about privacy often comes at the expense of security. Call me crass, but I would rather tell a database where I buy my socks than give a hacker my credit card.
I think most people are just worried about hiding certain browsing habits that are publicly embarrassing. 😳
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top