Chrome?

[robbyt]

Using Chome as a recommended browser is a bit confusing.

Why would anyone go through all of the trouble to secure an OS X system, but then use a closed-source browser that has a history of consumer privacy issues?

[drduh]

Now this is an interesting question which deserves discussion. Is there a browser security expert about who cares to weigh in?

My decision to recommend Chrome was a personal one, based on my own experience using both Firefox and Chrome. While it's true Google Chrome is closed source, I think it offers protections not available to other browsers and is overall a better choice.

Consider the following example.

https://blog.torproject.org/blog/isec-partners-conducts-tor-browser-hardening-study

It is no secret that in many ways, both we and Mozilla are playing catch-up to reach the level of code execution security provided by Google Chrome, and in fact closely following the Google Chrome security team was one of the recommendations of the iSEC report.

In particular, Google Chrome benefits from a multiprocess sandboxing architecture, as well as several further hardening options and innovations (such as PartitionAlloc).

Can you cite a few examples of "consumer privacy issues" Chrome on OS X has faced? I can add this information to the guide to help readers make an informed decision.

Thank you.

[sgtsquiggs]

Is Safari completely out?

[robbyt]

Just to preface, I'm not a security expert, a web browser security expert, or any other sort of expert. :)

• Earlier this year, Debian developers observed Chromium downloading unsigned(?) binary blobs from Google and unconditionally executing them without any user confirmation.
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786909
• Multi-process sandboxing is coming to Firefox in v42. https://wiki.mozilla.org/Electrolysis
• Google states in their privacy docs ( https://www.google.com/intl/en/chrome/browser/privacy/ ) they send a lot of information about users to their servers, by default. I'm not sure if you can disable all of the settings that allow Chrome to send information to their servers.

And there are probably some others as well.

[toddself]

Chrome is still vulnerable to Logjam. It also still accepts low-quality SSL certificates.

Also with Firefox I just don't have Flash installed. You do not need it.

[operator2010]

You better Use Chromium than Chrome.

[taravancil]

Yes, use some derivative of Chromium. At present it's the only browser that implements sandboxing. Though sandboxing is coming in Firefox, Chrome's is battle tested and has been iterated upon for a quite a while. It's going to be a while before Firefox catches up.

Chrome is still vulnerable to Logjam. It also still accepts low-quality SSL certificates.

Chrome stable is, Canary is not, which means that very soon, Chrome won't be. In any case, if you're concerned about security, it might be worth your time to encourage the sites you visit to disable export-grade ciphers and make sure they're using a 2048-bit Diffie Hellman group. Here's step-by-step info for doing so.

Earlier this year, Debian developers observed Chromium downloading unsigned(?) binary blobs from Google and unconditionally executing them without any user confirmation. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786909

There was a lot of misunderstanding re: this event due to a number of different settings factoring in to whether the "OK Google" voice search was enabled. It was always an opt in feature, but has since been removed from Chromium and remains an opt-in feature in Chrome.

Google states in their privacy docs ( https://www.google.com/intl/en/chrome/browser/privacy/ ) they send a lot of information about users to their servers, by default.

The information they send is standard operating procedure for browsers, and you'd be a fool to think other browsers don't do the same. A lot of the information listed there is only sent if you sign into Chrome or enable certain features.

Three vital Chrome extensions for privacy/security-minded folk:

• uBlock Origin for an open-source and performant ad blocker
• Privacy Badger for putting an end to cross-origin tracking
• HTTPSEverywhere to ensure your browser uses a TLS connection whenever it's available. Bonus points for turning on the "block all HTTP requests feature"

Also, turn off Flash at chrome:plugins. Flash is bad, really bad, and recent events (Hacking Team getting hacked) reinforced that Flash is a common source of 0days.

[keithwellman]

Telling readers not to use Safari seems a result of personal bias. Maybe I'm wrong but from my research Safari is more secure than Chrome and up until very recently the only major browser to block flash by default.

[toddself]

@taravancil the problem is logjam has been known for quite sometime and it still hasn't been fixed; and will accept cipher suites that should not be accepted (for a long time I had to harass car2go and geico as their sites would not open in Firefox due to weak crypto -- Chrome provided no warning for them whatsoever).

Also the fact that chrome is not open source (just based on chromium) gives me the willies about using a browser -- if all of the source code in the browser (as enabled by default) is not open-source and inspect-able are you positive what you're using is secure? Are you sure?

[Calinou]

Telling readers not to use Safari seems a result of personal bias. Maybe I'm wrong but from my research Safari is more secure than Chrome and up until very recently the only major browser to block flash by default.

Proprietary software is insecure by design.

It's not like Chromium is hard to install: http://chromium.woolyss.com/#mac-64-bit

[robbyt]

I'm closing this ticket, because @drduh has a personal preference for Chrome. Here's my final points:

1. Chrome is made by Google, a company who makes money by tracking people's activity and showing them advertisements. If you don't mind compromising your security and privacy, then use Chrome.
2. Mozilla has always been a champion of privacy and security, and it just so happens Firefox is open source.
3. Closed source software is not insecure by design - anyone who believes that should not be using OS X, a closed source operating system.

[sg-s]

why not advocate for browser segregation?

the idea is that you have some tasks that you only perform on some browsers.

for example, any interaction with google (youtube, gmail, etc.) will only be on Chrome, as if you're using it, you're probably leaking data to Google anyway. all other browsing would be with firefox+noscript, and you would configure firefox never to talk to anything related to google.

[TraderStf]

My 2 cents... where to set the limit?

• A lot of VPN are using Google DNS: 8.8.8.8 and 4.4.4.4.
• Lot of users have a gmail, gdrive... each time they use it, google 'reconnect' them, even if the user has clean its 'cookies, history...'
• Several ISP are also tracking, even on mobile phone (see the news about ATT inserting ads)

This list can be longer, as soon as you are using online services, you are spotted.

To get full privacy: you must buy your computer and pay with cash, never update it, shut down your smartphone, any wifi/bluetooth/nfc... signal off (totally off, wifi has some stuff still active even when off), pay everything with bitcoin like or prepaid-cards, use dnscrypt server and a vpn that you can trust...

I will stop here before reaching the Faraday Cage you must buy. 👻

[sg-s]

sure, there's a tradeoff. but browser segregation has almost no downsides, and a very small cost (many browsers) allows you to deal with google and give them all your data while still keeping the rest of your browsing history from them