Battle Which is better Chromium or Ungoogled Chromium?

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
Right now I am using Eloston Ungoogled Chromium. Runs smooth and fast. However, it is one version behind the latest update.

I always avoided Chromium because I thought it was a beta version before Google stabilized it. I think I may be wrong, so clarification would be helpful.

If one had a choice of the two, which one would you use, and why?
 
  • Like
Reactions: Stopspying and Nevi

wat0114

Level 11
Verified
Top Poster
Well-known
Apr 5, 2021
547
Ungoogled-Chromium doesn't depend on Google web services, so I think for privacy reasons, it's better than Chromium. It's explained in the following link under Objective and Motivation and Philosophy:

Ungoogled-Chromium

It is a full version behind, although I was running it in latest Debian Linux enforced with a reasonably tight Apparmor profile.
 
  • Like
Reactions: Stopspying and Nevi
F

ForgottenSeer 85179

I always avoided Chromium because I thought it was a beta version before Google stabilized it. I think I may be wrong, so clarification would be helpful.
Chromium is the OpenSource browser, development by Google which is used as core by another browser like Edge.
Google then add its own services which is Chrome.

If one had a choice of the two, which one would you use, and why?
Eloston Ungoogled Chromium isn't recommended for many reasons:
# Not digital signed
# Easily trackable because of unique fingerprint
# These binaries are provided by anyone who are willing to build and submit them. Because these binaries are not necessarily reproducible, authenticity cannot be guaranteed; In other words, there is always a non-zero probability that these binaries may have been tampered with

last one is from their own site: https://github.com/Eloston/ungoogled-chromium#downloads
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Chromium is the OpenSource browser, development by Google which is used as core by another browser like Edge.
Google then add its own services which is Chrome.


Eloston Ungoogled Chromium isn't recommended for many reasons:
# Not digital signed
# Easily trackable because of unique fingerprint
# These binaries are provided by anyone who are willing to build and submit them. Because these binaries are not necessarily reproducible, authenticity cannot be guaranteed; In other words, there is always a non-zero probability that these binaries may have been tampered with

last one is from their own site: https://github.com/Eloston/ungoogled-chromium#downloads
Is this considered as digitally signed?

1624404745952.png


Besides TOR which browser is not easily trackable? So you prefer one which can be tracked or one which tracks your every move?

So far there's no incident that UC (Eloston) has been tampered with..............that's at least I know of.
 
Last edited:
  • Like
Reactions: Nevi and wat0114
F

ForgottenSeer 85179

Is this considered as digitally signed?

View attachment 259225
No. This only means that the file was uploaded by someone with GitHub permission.

Besides TOR which browser is not easily trackable?
Tor browser can be tracked like other browsers too. It’s only better then some other

So you prefer one which can be tracked or one which tracks your every move?
(Always with default settings and without extensions):
Apple devices : Safari
Windows: Chrome & Edge
Android: Chrome
 
  • Like
Reactions: p410n3 and Nevi

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
No. This only means that the file was uploaded by someone with GitHub permission.


Tor browser can be tracked like other browsers too. It’s only better then some other


(Always with default settings and without extensions):
Apple devices : Safari
Windows: Chrome & Edge
Android: Chrome
Your browses are tracking you as you use them by MS, Apple and Google
 
  • Like
Reactions: Nevi
F

ForgottenSeer 85179

Your browses are tracking you as you use them by MS, Apple and Google
That's not how it works (you also forgot Mozilla). These companies don't sell your data like website owner do. Apple also provide best privacy if you fear about OS company as attack vector.
Here also quote from OISD filter list dev:

Simple; disable 3th party cookies.
And stop being scared of tracking.

Live a happy live, and right before you die, laugh at all the people that were overly worried about tracking for no reason.

Greets,
Stephan
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
That's not how it works (you also forgot Mozilla). These companies don't sell your data like website owner do. Apple also provide best privacy if you fear about OS company as attack vector.
Here also quote from OISD filter list dev:
For FF you can de-Mozilla by using Librewolf.

What these companies (MS, Google, Apple, Mozilla etc) do with your data they collected I have no idea what they'll do with it. Do you?

Apple's best privacy is against others or against herself or against both?
 
  • Like
Reactions: Nevi
F

ForgottenSeer 85179

For FF you can de-Mozilla by using Librewolf.
You only move your trust from Mozilla to Librewolf which is a small community project and i wouldn't trust my security in such a project.
The code is still Mozilla.

What these companies (MS, Google, Apple, Mozilla etc) do with your data they collected I have no idea what they'll do with it. Do you?
For that, privacy policies exist.

Apple's best privacy is against others or against herself or against both?
It protects against others. Apple also provide configuration for every data transmission setting so you can protect against them too if you want/ if that's your thread model.
 
  • Like
Reactions: Nevi

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
You only move your trust from Mozilla to Librewolf which is a small community project and i wouldn't trust my security in such a project.
The code is still Mozilla.


For that, privacy policies exist.


It protects against others. Apple also provide configuration for every data transmission setting so you can protect against them too if you want/ if that's your thread model.
Stop reading their privacy policies. Are you aware the big tech companies are working with the US gov?
 
  • Like
Reactions: Nevi
F

ForgottenSeer 85179

Stop reading their privacy policies. Are you aware the big tech companies are working with the US gov?
I and 99% user doesn't care about that.
If governments are your thread model, that's another case.

Anyway, i'm out. Looks like you're only searching for reasons that have no "use case" for normal users.
 
  • Like
Reactions: Nevi and enaph

wat0114

Level 11
Verified
Top Poster
Well-known
Apr 5, 2021
547
In my few months using Ungoogled-Chromium on Debian, I didn't sense it was doing anything suspicious whatsoever. It worked and behaved like any other ordinary browser. I grabbed the releases form the opensuse repositories here:

Debian Buster Ungoogled-Chromium

Also, nothing in the Apparmor profiles indicates anything outside the ordinary. The profiles are similar to Chrome's, just a bit leaner.
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
So is the end conclusion that Ungoogled Chromium by Eloston is SAFE to use or not?


Other posts, and other secure browser sites say it is recommended as secure:

 
  • Like
Reactions: Nevi and Mercenary

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
So is the end conclusion that Ungoogled Chromium by Eloston is SAFE to use or not?
There's no indication that the binaries have been tampered with. Just keep in mind that these binaries aren't subject to strict security/access controls, so the potential for tampering is there and you're unlikely to know about it until it's too late.
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
There's no indication that the binaries have been tampered with. Just keep in mind that these binaries aren't subject to strict security/access controls, so the potential for tampering is there and you're unlikely to know about it until it's too late.
If there is a "potential" risk would Chromium rather than the Ungoogled be a better choice or Brave browser instead.
 
  • Like
Reactions: Nevi

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
If there is a "potential" risk would Chromium rather than the Ungoogled be a better choice or Brave browser instead.
Both Chromium or Brave would be a better choice if you're concerned about the trustworthiness of UC binaries.
With that said I wouldn't recommend Chromium. It's raw build far ahead of Chrome's stable channel and thus is exceedingly buggy. It also requires manually updating.
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
Being that use of Ungoogled Chrome presents the issue of questionable binaries, I have decided to uninstall it, and use Brave as my secure browser.

Just as there is no such thing as the perfect non-bloated do everything security software, the same applies to browsers

Boils down to personal preference, and good surfing habits.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top