|
OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
Chrome or Firefox
Froma security/privacy point of view, which does OpenBSD consider a better choice?
Thanks |
|
||||
For security use www/chromium, for privacy use www/lynx
__________________
Destruam et ædificabo |
|
|||
There is also www/iridium which is an ungoogled chromium. Some of chromium's security comes from reporting your browsing habits to Google. Unfortunately Google does more with that information than warn you about malicious web sites.
Iridium actively searches for code that contacts Google and disables it. Presently there is a newer release available in -current that has not been back-ported to 6.6stable. |
|
|||
Thanks to both of you for the information. I'll look into iridium.
|
|
|||
Quote:
Unfortunately tor-browser isn't available on OpenBSD at the moment, so if you want to use it you will have to use another OS. Tails is easy to put on pen drive so there is that. |
|
|||
The tor-browser bundle just needs updating; all the infrastructure is there.
|
|
|||
In fact, it's not so easy.
- Chromium is the first delivered with pledge and unveil. OK, good point. - But, the team works hard to build Firefox with both securities. (Complete for 6.7)? - And, the new libfido, on -current (perhaps, for 6.7), run with only Firefox. (FIDO: to support 2FA) - Google has rejected request for patch fido, with tags "WontFix" and "this plateform is not supported"! Boo, for Google, and Chrome! And, up for FF… Now, Tor-Browser is available as package: v8.0.9 on stable 6.6 |
|
|||
Pledge and unveil in Firefox are a mixed blessing for me. I can't access any local files, including those in ~/Downloads and /tmp which are supposed to be available. Putting the unveil config files in /etc/firefox makes no difference.
|
|
|||
Ive found Firefox-71 unuseable. I use Firefox-esr. but lately Ive been using Chromium more. Its really snappy these days.
|
|
|||
Quote:
Incidentally Chrome does provide access to these directories but it has its own problems, notably I can't increase the size of the (tiny) toolbar font. |
|
|||
I'm having the same problem with file access as acampbell (see post #8, above). I've started a new thread to address this issue.
Last edited by gustaf; 4th January 2020 at 09:28 AM. Reason: clarity |
|
|||
FYI: The patch to Chromium for libfido is upstream on current!
Quote:
|
|
|||
I think one of the most important thing is decent anti-tracker and ad-blocker such as uBlock Origin (general purpse content blocker). Unfortunately Chrome (with exception for enterprise customers) and Chromium will remove Web Request API which is required for this.
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
|
|||
or, better : one liste managed by un(bou|wi)nd which handles all network requests and not just the web browser.
Because, just on the web browser, just gives you the illusion of being "protected", when only requests from the web browser are "filtered"... not all others network requests. |
|
|||
Quote:
Browser extension also allows for the most fine-grained filtering. Some domain may host both tracking script and content you want to see. There may be page which you want to support by turning off ad-blocker or be forced to disable it by anti-ad-blocking measures.
__________________
Signature: Furthermore, I consider that systemd must be destroyed. Based on Latin oratorical phrase |
|
|||
Quote:
Well, that's a short question but others mentioned uBlock Origin in the thread - it's possible to block connections via this extension but it will NOT block the connections to evil G (meaning the connections by the browser to the mothership). This is why I'm wondering what might be the best way to block the browser's connections (if someone knows which IPs to block). One way is using the hosts file (but this will not work for me because of the setup here). The other way might be via firewall I suppose. Or maybe using a proxy, which makes it possible to block certain connections. |
|
||||
I can't say about best, but one other approach is to use a DNS server that purposely tries not to resolve any google hosts properly. An example is DeCloudUs. I once tried their free DNScrypt server for a few days. It was OK but I didn't like being completely unable to use Google search, e.g., with lynx. So I stopped using it.
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites | amphibious | News | 6 | 20th April 2017 12:33 PM |
Firefox/Chrome Core dumps | shep | OpenBSD Packages and Ports | 8 | 21st August 2014 03:43 AM |
wine installing firefox, chrome | maxrussell | General software and network | 3 | 7th December 2009 03:32 AM |
Google Chrome browser | drhowarddrfine | General software and network | 63 | 15th September 2008 11:09 PM |
Upgrading firefox to firefox 3 -keeping plugins+bookmarks | kasse | FreeBSD Ports and Packages | 11 | 5th July 2008 01:34 PM |