Hello!
Wondering If anyone else have gave Iridium browser a shot.
Its a FOSS that is privacy oriented, based on chromium engine which has been completly stripped down of all the google telemetry and tracking elements. Additionally it has made a lot of changes by default that an average-joe might miss out that can improve his browsing experience along with privacy.
Its highly deployable. Available for almost any popular desktop OS like Deb [or deb based OS], MacOS, Windows, Suse, Fedora, RHEL/CentOSā¦you get the point.
Since Parrot have included āPrivacy Suiteā as a selling point on download/documentation page, I reckon giving users flexibility of choice to choose between firefox or Iridium [i.e chromium based] browser by default on installing OS would be awesome. Especially for users switching from Windows.
One can argue that : how is it different from chromium which is available from apt repo, and the answer to that is,
Iridium has following things Up from chromium by default -
Security improvements:
- Increase RSA keysize to 2048 bits for self-signed certificates (used by WebRTC)
Generate a new WebRTC identity for each connection instead of reusing identities for 30 days - Generate a new ECDHE keypair for each WebRTC connection instead of reusing them for multiple connections
- Disable using system-provided plugins (i.e. Java, Flash, etc.)
Privacy enhancements:
- Disable āUse a web service to help resolve navigation errorsā
- Disable autocomplete through prediction service when typing in Omnibox
- Always send āDo-Not-Trackā header
- Network/DNS prediction is disabled by default
- Block third-party cookies by default
- Link auditing
(<a ping="link here">)
is disabled by default - Fetch plugins list from iridiumbrowser.de where it will be updated regularly
- Site data (cookies, local storage, etc.) is only kept until exit, by default
- Passwords are not stored by default
- Input form autofill is disabled by default
- For IPv6 probes, use a DNS root server instead of Google
- The default search provider is Qwant
- Load āabout:blankā on new tabs instead of the currently set search engine and/or promotions.
- Donāt report Safe Browsing overrides.
- Donāt use autofill download service.
- Disable cookies for safebrowsing background requests.
- Disable the battery status API.
Disabled features:
- Disable background mode
- Disable EV certificates, so they are shown just like ānormalā certificates
- Disable Google cloud printing
- Disable Google hot word detection
- Disable Google experiments status check
- Disable Google translation service
- Disable Google promotion fetching
- Disable Google Cloud Messaging (GCM) status check
- Disable Google Now
- Disable automatic update check
- Disable profile-import on first run
Networking changes
- Network/DNS prediction is disabled by default
- Link auditing
(<a ping="LINK here">)
is disabled by default
Other changes
- Add DuckDuckGo search provider
- Add Qwant search provider
- Add certificate pinning for iridiumbrowser.de
- Let user confirm downloading translation dictionaries from Google
- Always prompt for download directory
- Donāt ask to send settings to Google by default on profile reset
- Donāt warn about missing API keys (services are not used anyway)
- Iridium will show a warning bar when running possibly unwanted requests (trk prefix)
- Show all extensions (including internals) in chrome://extensions.
For installing it on debian,
wget -qO - https://downloads.iridiumbrowser.de/ubuntu/iridium-release-sign-01.pub|sudo apt-key add -
cat <<EOF | sudo tee /etc/apt/sources.list.d/iridium-browser.list
deb [arch=amd64] https://downloads.iridiumbrowser.de/deb/ stable main
#deb-src https://downloads.iridiumbrowser.de/deb/ stable main
EOF
sudo apt-get update
sudo apt-get install iridium-browser
Iāve been using it for a while now, works flawless [initially had to make few changes in firejail profile but other than that, no issues]. The repo regularly pushes for security patches and upgrades just like chrome.
Maybe @palinuro & other devs can have a look at it and share their thoughts.
Cheers!