This might have been discussed to death by now, unfortunately I couldn’t find any discussion on it on Lemmy. Though I would love to be corrected on that!
How does an always on incognito Chromium with uBlock Origin on medium mode (and other hardening/privacy settings enabled) compare to Brave (with e.g. Privacy Guides’ recommended settings) with respect to security and privacy on Linux[1]?
“With the looming advent of Manifest v3, this discussion might not be very relevant for long.”I’m aware.
“Just use Firefox/Librewolf or any other privacy-conscious browser that isn’t Chromium-based.”I already do, but some websites/platforms don’t play nice on non-Chromium-based browsers due to Google’s monopoly on the web. Sometimes I can afford to not use that website/platform, but unfortunately not always.
“Brave’s [insert controversy] makes them unreliable to take services from.”Honestly, I think that if both solutions are as effective that a reason like this might be sufficient to tip the balance in favor of one. Because ultimately this all comes down to trust.
"Just use Ungoogled Chromium." Some more knowledgeable people than me advice against it. Though, I’d say I’m open to hear different opinions on this as long as they’re somewhat sophisticated.
“Just use [insert another Chromium-based browser].”If it has merits beyond Brave and Chromium with respect to security and privacy, I’ll consider it.
Thanks in advance!
I can be more specific about which distro I prefer using, but I don’t think it matters. I might be wrong though*.
on other Linux distros the way to get brave is via flatpak if the provided repos are borked for you.
I would love to use the flatpak if it was endorsed. Privacy Guides says the following about it:
“We advise against using the Flatpak version of Brave, as it replaces Chromium’s sandbox with Flatpak’s, which is less effective. Additionally, the package is not maintained by Brave Software, Inc.”
Hehe :P . True dat. Maybe one day ;) . Perhaps I’ll just spin up a distrobox in order to get access to Brave through the AUR, but this (excellent) article has worsened my already bad paranoia to clearly unhealthy levels 🤣. So, it seems out of question for now 😅. Though I might be able to spin it up in a Wolfi container. Pessimism doesn’t help though 🤣.
Man you’ve gone down a security worm hole that makes me wonder if you should really be running qubes-OS rather than Fedora 🤣.
Seriously if you need more than the chromium sandbox for brave and want simplicity just use firejail.
The article you linked to is a wonderfully detailed write up but it is more geared towards those using containers that will be providing services (web, sql, etc) if you just want a browser in a secure container then any of the implementations will be fine for you. The browser is not a vector used to gain access to your OS directly but what you download potentially is so with that in mind your downloads folder should really be a CLAMFS folder or a target folder for on-access scanning by clamav.
The article you linked to is a wonderfully detailed write up but it is more geared towards those using containers that will be providing services (web, sql, etc) if you just want a browser in a secure container then any of the implementations will be fine for you. The browser is not a vector used to gain access to your OS directly but what you download potentially is so with that in mind your downloads folder should really be a CLAMFS folder or a target folder for on-access scanning by clamav.
Very interesting insights! Thank you so much! Would you happen to know of resources that I might refer to for this?
Question: Why do you think need such high security for a browser?
Good prompt! I actually started questioning my own motivations from this. And I’d say that the best I could come up with was that it’s required in order to attain the “peace of mind” from having properly secured my browser activity; which happens to be the primary activity on my device anyways.
Valid response, but why do you need to protect the OS from the browser when the browser (Brave) is already sandboxing and the browser is not an attack vector that can be directly exploited to gain access/root on your OS?
What I mean is that the tabs themselves are sandboxed to protect accounts that are opened in each from being breached, the bowser itself is obfuscating your fingerprint and blocking known bad actor sites etc so this leaves only what you manually download and here the browser will warn you if a given download has the potential to harm.
So unless you are downloading files from very questionable locations I can’t see the need for a containerised browser.
Containers are good and yes have flaws but the main purpose of them is to add another layer between the application and the OS so if application is exploited the attacker has to break another wall/layer to get to the real root.
I know in April 2021 the was a PoC that used JavaScript to reverse the effect of a patch which allowed an attacker to break out of the chromium sandbox, but that was never used and if it was the attacker would first need to breach a site to deploy the code that you would then execute by visiting the site or it would be fed to you via a phishing attempt. Both of these delivery methods would need to be very stealthy and fast.
currently there are 4 known CVEs for brave: (sorry for long link)
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacyguides@lemmy.one
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
We prefer posting about open-source software whenever possible.
No soliciting engagement: Don’t ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don’t repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
I use arch-btw so I get brave from aur, on other Linux distros the way to get brave is via flatpak if the provided repos are borked for you.
I would love to use the flatpak if it was endorsed. Privacy Guides says the following about it:
“We advise against using the Flatpak version of Brave, as it replaces Chromium’s sandbox with Flatpak’s, which is less effective. Additionally, the package is not maintained by Brave Software, Inc.”
Yes, I could say come to arch but you seem happy in fedora 😉
Hehe :P . True dat. Maybe one day ;) . Perhaps I’ll just spin up a distrobox in order to get access to Brave through the AUR, but this (excellent) article has worsened my already bad paranoia to clearly unhealthy levels 🤣. So, it seems out of question for now 😅. Though I might be able to spin it up in a Wolfi container. Pessimism doesn’t help though 🤣.
Man you’ve gone down a security worm hole that makes me wonder if you should really be running qubes-OS rather than Fedora 🤣.
Seriously if you need more than the chromium sandbox for brave and want simplicity just use firejail.
The article you linked to is a wonderfully detailed write up but it is more geared towards those using containers that will be providing services (web, sql, etc) if you just want a browser in a secure container then any of the implementations will be fine for you. The browser is not a vector used to gain access to your OS directly but what you download potentially is so with that in mind your downloads folder should really be a CLAMFS folder or a target folder for on-access scanning by clamav.
Hahaha 🤣. Honestly I would, if my device could handle.
Madaidan strikes (yet) again. F*ck my paranoia…
Very interesting insights! Thank you so much! Would you happen to know of resources that I might refer to for this?
Question: Why do you think need such high security for a browser?
Clam av on access scan: https://wiki.archlinux.org/title/ClamAV#OnAccessScan
ClamFS: https://github.com/burghardt/clamfs
Your help is much appreciated!
Good prompt! I actually started questioning my own motivations from this. And I’d say that the best I could come up with was that it’s required in order to attain the “peace of mind” from having properly secured my browser activity; which happens to be the primary activity on my device anyways.
Valid response, but why do you need to protect the OS from the browser when the browser (Brave) is already sandboxing and the browser is not an attack vector that can be directly exploited to gain access/root on your OS?
What I mean is that the tabs themselves are sandboxed to protect accounts that are opened in each from being breached, the bowser itself is obfuscating your fingerprint and blocking known bad actor sites etc so this leaves only what you manually download and here the browser will warn you if a given download has the potential to harm.
So unless you are downloading files from very questionable locations I can’t see the need for a containerised browser.
Containers are good and yes have flaws but the main purpose of them is to add another layer between the application and the OS so if application is exploited the attacker has to break another wall/layer to get to the real root.
I know in April 2021 the was a PoC that used JavaScript to reverse the effect of a patch which allowed an attacker to break out of the chromium sandbox, but that was never used and if it was the attacker would first need to breach a site to deploy the code that you would then execute by visiting the site or it would be fed to you via a phishing attempt. Both of these delivery methods would need to be very stealthy and fast. currently there are 4 known CVEs for brave: (sorry for long link)
https://www.cvedetails.com/vulnerability-list.php?vendor_id=16266&product_id=36540&version_id=0&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=3&sha=74c1df28c6d85bd121726a90109559ec94ea3549
None of these provide an attack vector that will allow access.