Q&A Which is better Chromium or Ungoogled Chromium?

SearchLight

Level 12
Verified
Jul 3, 2017
577
Right now I am using Eloston Ungoogled Chromium. Runs smooth and fast. However, it is one version behind the latest update.

I always avoided Chromium because I thought it was a beta version before Google stabilized it. I think I may be wrong, so clarification would be helpful.

If one had a choice of the two, which one would you use, and why?
 
  • Like
Reactions: Stopspying and Nevi

wat0114

Level 3
Apr 5, 2021
126
Ungoogled-Chromium doesn't depend on Google web services, so I think for privacy reasons, it's better than Chromium. It's explained in the following link under Objective and Motivation and Philosophy:

Ungoogled-Chromium

It is a full version behind, although I was running it in latest Debian Linux enforced with a reasonably tight Apparmor profile.
 
  • Like
Reactions: Stopspying and Nevi

SecurityNightmares

Level 40
Verified
Jan 9, 2020
2,955
I always avoided Chromium because I thought it was a beta version before Google stabilized it. I think I may be wrong, so clarification would be helpful.
Chromium is the OpenSource browser, development by Google which is used as core by another browser like Edge.
Google then add its own services which is Chrome.

If one had a choice of the two, which one would you use, and why?
Eloston Ungoogled Chromium isn't recommended for many reasons:
# Not digital signed
# Easily trackable because of unique fingerprint
# These binaries are provided by anyone who are willing to build and submit them. Because these binaries are not necessarily reproducible, authenticity cannot be guaranteed; In other words, there is always a non-zero probability that these binaries may have been tampered with

last one is from their own site: https://github.com/Eloston/ungoogled-chromium#downloads
 

HarborFront

Level 59
Verified
Content Creator
Oct 9, 2016
4,831
Chromium is the OpenSource browser, development by Google which is used as core by another browser like Edge.
Google then add its own services which is Chrome.


Eloston Ungoogled Chromium isn't recommended for many reasons:
# Not digital signed
# Easily trackable because of unique fingerprint
# These binaries are provided by anyone who are willing to build and submit them. Because these binaries are not necessarily reproducible, authenticity cannot be guaranteed; In other words, there is always a non-zero probability that these binaries may have been tampered with

last one is from their own site: https://github.com/Eloston/ungoogled-chromium#downloads
Is this considered as digitally signed?

1624404745952.png


Besides TOR which browser is not easily trackable? So you prefer one which can be tracked or one which tracks your every move?

So far there's no incident that UC (Eloston) has been tampered with..............that's at least I know of.
 
Last edited:
  • Like
Reactions: Nevi and wat0114

SecurityNightmares

Level 40
Verified
Jan 9, 2020
2,955
Is this considered as digitally signed?

View attachment 259225
No. This only means that the file was uploaded by someone with GitHub permission.

Besides TOR which browser is not easily trackable?
Tor browser can be tracked like other browsers too. It’s only better then some other

So you prefer one which can be tracked or one which tracks your every move?
(Always with default settings and without extensions):
Apple devices : Safari
Windows: Chrome & Edge
Android: Chrome
 
  • Like
Reactions: p410n3 and Nevi

HarborFront

Level 59
Verified
Content Creator
Oct 9, 2016
4,831
No. This only means that the file was uploaded by someone with GitHub permission.


Tor browser can be tracked like other browsers too. It’s only better then some other


(Always with default settings and without extensions):
Apple devices : Safari
Windows: Chrome & Edge
Android: Chrome
Your browses are tracking you as you use them by MS, Apple and Google
 
  • Like
Reactions: Nevi

SecurityNightmares

Level 40
Verified
Jan 9, 2020
2,955
Your browses are tracking you as you use them by MS, Apple and Google
That's not how it works (you also forgot Mozilla). These companies don't sell your data like website owner do. Apple also provide best privacy if you fear about OS company as attack vector.
Here also quote from OISD filter list dev:

Simple; disable 3th party cookies.
And stop being scared of tracking.

Live a happy live, and right before you die, laugh at all the people that were overly worried about tracking for no reason.

Greets,
Stephan
 

HarborFront

Level 59
Verified
Content Creator
Oct 9, 2016
4,831
That's not how it works (you also forgot Mozilla). These companies don't sell your data like website owner do. Apple also provide best privacy if you fear about OS company as attack vector.
Here also quote from OISD filter list dev:
For FF you can de-Mozilla by using Librewolf.

What these companies (MS, Google, Apple, Mozilla etc) do with your data they collected I have no idea what they'll do with it. Do you?

Apple's best privacy is against others or against herself or against both?
 
  • Like
Reactions: Nevi

SecurityNightmares

Level 40
Verified
Jan 9, 2020
2,955
For FF you can de-Mozilla by using Librewolf.
You only move your trust from Mozilla to Librewolf which is a small community project and i wouldn't trust my security in such a project.
The code is still Mozilla.

What these companies (MS, Google, Apple, Mozilla etc) do with your data they collected I have no idea what they'll do with it. Do you?
For that, privacy policies exist.

Apple's best privacy is against others or against herself or against both?
It protects against others. Apple also provide configuration for every data transmission setting so you can protect against them too if you want/ if that's your thread model.
 
  • Like
Reactions: Nevi

HarborFront

Level 59
Verified
Content Creator
Oct 9, 2016
4,831
You only move your trust from Mozilla to Librewolf which is a small community project and i wouldn't trust my security in such a project.
The code is still Mozilla.


For that, privacy policies exist.


It protects against others. Apple also provide configuration for every data transmission setting so you can protect against them too if you want/ if that's your thread model.
Stop reading their privacy policies. Are you aware the big tech companies are working with the US gov?
 
  • Like
Reactions: Nevi

wat0114

Level 3
Apr 5, 2021
126
In my few months using Ungoogled-Chromium on Debian, I didn't sense it was doing anything suspicious whatsoever. It worked and behaved like any other ordinary browser. I grabbed the releases form the opensuse repositories here:

Debian Buster Ungoogled-Chromium

Also, nothing in the Apparmor profiles indicates anything outside the ordinary. The profiles are similar to Chrome's, just a bit leaner.
 

Arequire

Level 27
Verified
Content Creator
Feb 10, 2017
1,630
So is the end conclusion that Ungoogled Chromium by Eloston is SAFE to use or not?
There's no indication that the binaries have been tampered with. Just keep in mind that these binaries aren't subject to strict security/access controls, so the potential for tampering is there and you're unlikely to know about it until it's too late.
 

SearchLight

Level 12
Verified
Jul 3, 2017
577
There's no indication that the binaries have been tampered with. Just keep in mind that these binaries aren't subject to strict security/access controls, so the potential for tampering is there and you're unlikely to know about it until it's too late.
If there is a "potential" risk would Chromium rather than the Ungoogled be a better choice or Brave browser instead.
 
  • Like
Reactions: Nevi

Arequire

Level 27
Verified
Content Creator
Feb 10, 2017
1,630
If there is a "potential" risk would Chromium rather than the Ungoogled be a better choice or Brave browser instead.
Both Chromium or Brave would be a better choice if you're concerned about the trustworthiness of UC binaries.
With that said I wouldn't recommend Chromium. It's raw build far ahead of Chrome's stable channel and thus is exceedingly buggy. It also requires manually updating.
 

SearchLight

Level 12
Verified
Jul 3, 2017
577
Being that use of Ungoogled Chrome presents the issue of questionable binaries, I have decided to uninstall it, and use Brave as my secure browser.

Just as there is no such thing as the perfect non-bloated do everything security software, the same applies to browsers

Boils down to personal preference, and good surfing habits.
 
Top