Peter Beverloo is keeping excellent, updated list of various cmd-line switches for Chromium (and Chrome) and I picked from there few ones that might make it less "chatty" by running it like this under Linux (and should work with Windows too): chromium-browser --disable-background-networking --disable-breakpad --disable-cloud-import --disable-databases --disable-preconnect --disable-speech-api --disable-sync --disable-voice-input --disable-webgl --incognito --media-cache-dir=/dev/null --disk-cache-dir=/dev/null --no-pings --no-wifi --disable-local-storage --proxy-server=socks5://127.0.0.1:9050 So far everything seems to work okay (knocks wood). Of course, running Chromium with Tor (--proxy-server switch) might be questionable but I just couldn't resist trying it. Here is Peter's blog https://peter.sh/experiments/chromium-command-line-switches/
I at least would be very interested in this endeavor. I currently run SRWare Iron and Chromodo instead of Chrome, but I am aware they are not much better, and so I keep close watch on alternates for XP Pro...which eliminates Iridium and ungoogled-chromium.
Um, no, that doesn't work under Windows.... lol. You'd be better off using the actual flags instead of command line switches. Understatement of the year.
Note most of switches are not configurable from flags. I currently don't use Chromium on Linux, but on Windows I use: --cipher-suite-blacklist=0x00aa --disable-breakpad --disable-cloud-import --disable-speech-api --disable-sync --disable-voice-input --disk-cache-size=1 --enable-strict-powerful-feature-restrictions --no-wifi --flag-switches-begin --no-pings --disable-touch-adjustment --enable-appcontainer --history-entry-requires-user-gesture --disable-offline-auto-reload --disable-push-api-background-mode --site-per-process --disable-touch-drag-drop --extension-content-verification=enforce_strict --load-media-router-component-extension=0 --pull-to-refresh=0 --reduced-referrer-granularity --touch-events=disabled --enable-features=FramebustingNeedsSameOriginOrUserGesture,HttpFormWarning,PermissionsBlacklist,VibrateRequiresUserGesture --disable-features=AccountConsistency,AppBanners,DesktopIOSPromotion,DoodlesOnLocalNtp,ExperimentalAppBanners,GamepadExtensions,GenericSensor,GenericSensorExtraClasses,IPH_DemoMode,ImageCaptureAPI,NewUsbBackend,NoStatePrefetch,OmniboxSpeculativeServiceWorkerStartOnQueryInput,OpenVR,OptimizationHints,ServiceWorkerPaymentApps,SpeculativePreconnect,SpeculativeResourcePrefetching,TopSitesFromSiteEngagement,TranslateRankerEnforcement,UseSuggestionsEvenIfFew,VoiceSearchOnLocalNtp,WebPayments,ZeroSuggestRedirectToChrome,affiliation-based-matching --flag-switches-end I basically don't toggle switches/flags which are not relevant unless certain flag/function is enabled (password manager, autofill, suggest etc.) tho there're exception. There're still many privacy/security related flags I haven't touched for some reason. What bothers me most is those switches/flags change rapidly. I periodically check them and remove obsolete ones and add new ones... e.g. --disable-preconnect listed in OP is obsolete. BTW I personally against disabling media cache & HTML5 storage for performance/usability perspective. In Windows you can also use policies to further restrict Chrome, but it's not available on Home version unless you install unofficial policy editor. Even if you edit corresponding registry, they have no effect. Android version have a quite different flag set, but I'm lazy to upload/write down these tweaks.
They might be better in privacy (not much sure, actually) but not better in security, due to slow update and added attack surface they may introduce. I'll never use Comodo's browser again. Their PrivDog MITM was really ridiculous as certificate organization/security vendor, but their response to that matter was even more terrible. And it was NOT only sign of their bad practice in security, low adoption rate of DEP/ASLR, another vuln found in Comodo Dragon discovered by Tavis Ormandy, etc... I think maybe only Opera, Yandex, and Brave manage to keep up with latest security standard.
I can't edit earlier post, but it seems now policy restriction work on Windows Home too. I don't remember when, but at least it didn't work, but anyway it works in the latest Winodws 10 Home. I attached a registry tweak script just in case someone want it (changed extension to txt), but use it in your own risk!
@142395 Thank you for sharing your list of flags. I had to look up many of them. By the way, I have found chrome://flags/#enable-policy-tool to be quite useful lately. It adds new Chrome URL chrome://policy-tool which allows easy user-level (not machine level) policy editing.
Potential FYIs. - Among several security-related flags, enable-safe-browsing-ap-download-verdicts, strict-origin-isolation, and same-site-by-default-cookies would attract some ppl (the last one is security flag too, in strict sense). - MS seems to have changed behavior of default app management. Now you need to modify HKLM\Software\Clients\StartMenuInternet key to apply flags for your browser when invoked by other apps. - Unfortunately, Brave browser doesn't accept local policy whatever registry keys you tried. BTW, --cipher-suite-blacklist=0x00aa I wrote above was typo. Correct one is 0x000a.
