[bug#28004] Chromium

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#28004] Chromium

From:	Marius Bakke
Subject:	[bug#28004] Chromium
Date:	Mon, 06 Nov 2017 00:52:32 +0100
User-agent:	Notmuch/0.25.1 (https://notmuchmail.org) Emacs/25.3.1 (x86_64-pc-linux-gnu)

Marius Bakke <address@hidden> writes:

> Ludovic Courtès <address@hidden> writes:
>
>> I think we should make sure that our package does not call home in any
>> way.  That’s what I expect from a security- and privacy-conscious
>> distro.
>
> Currently, it calls home at first launch, prompting for a login.  But
> I've verified that it does not send any unsolicited requests for
> subsequent startups, as long as the user does not change the
> command-line flags.

I tried picking two other Debian patches[0][1] to see if it helped with
the annoying splash screen and decided to verify whether the browser
still "calls home" from a clean profile.  The last time I checked was
many versions ago.

After dismissing the sign-in dialog, the "New Tab Page" loads a regular
Google search bar, and "pre-fills" two of the "most commonly used" slots
with Chrome URLs, (still) downloading a bunch of data in the process.

Not great, but maybe we could live with that if it was just for the
first run (it wasn't; had to change search engine to prevent the New Tab
Page from calling the mothership).

To my great surprise, while watching tcpdump from a different window, it
also called home *when I switched windows*.  Every time the Chromium
window was activated, some data was sent to Google servers.

Going into settings and toggling the "Use a prediction service to help
complete searches and URLs typed in the address bar" option (to off)
disabled that behaviour.

Not very confidence-instilling.

I'm going to try to incorporate the "Inox Patchset"[2], which is a set
of patches that attempts to remove all such misfeatures from Chromium.
They seem to have managed to stay on top of recent Chromium development,
unlike two other prominent privacy-focused "forks", so I'm optimistic.

But it might take some weeks before the next update.  Stay tuned..

[0] 
<https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/promo.patch>
[1] 
<https://anonscm.debian.org/cgit/pkg-chromium/pkg-chromium.git/tree/debian/patches/disable/external-components.patch>
[2] <https://github.com/gcarq/inox-patchset>

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#28004] Chromium, Marius Bakke <=
- [bug#28004] Chromium, Adonay Felipe Nogueira, 2017/11/10

Prev by Date: [bug#29100] [PATCH 3/3] gnu: service: Update comment.
Next by Date: [bug#29144] [PATCH] gnu: add pydot.
Previous by thread: [bug#29079] [PATCH] gnu: Add hunspell-en-US.
Next by thread: [bug#28004] Chromium
Index(es):
- Date
- Thread