Chromium - Privacy-Focused Builds

Discussion in 'other software & services' started by WildByDesign, Oct 5, 2016.

  1. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,640
    Location:
    Toronto, Canada
    I wanted a thread specifically to discuss the fantastic open-source, privacy-focused Chromium builds from (https://chromium.woolyss.com/).

    I did not think that it would be appropriate to discuss these builds in the main Chrome Stable Channel Update thread because that is intended for official Google Chrome stable release discussions. There is also a thread within all things UNIX discussing Ungoogled-Chromium but that is specific to Linux builds.

    The one thing that I was not sure of was whether this topic should be within other software & services or one of the Privacy sub-forums.

    For each of the builds, you have a choice between:
    • Installer or Archive
    • Stable or LKGR
    • Sync - WebRTC - Windvine (builds containing Google API's)
    • No Sync - No WebRTC - No Windvine (privacy-focused builds with no Google API's)

    Recently, they have been providing PGO-optimized builds as well which is what Google Chrome team has also been doing since M53 (x64) and upcoming M54 (x86) for performance improvements in Chromium.

    On top of all of that goodness, they have also been recently experimenting with compiling their typical vanilla Chormium builds but introducing some of the GitHub - Eloston/ungoogled-chromium patches bit by bit for an even more privacy-focused browser without Google API's and less Google oriented in general.

    Some fantastic links:
    * chrlauncher is a tiny portable application which allows you to easily (and automatically) update Chromium builds and gives you the choice of different channels such as: Dev, Stable, etc. You can choose how often to check for updates and much more. Better yet, chrlauncher includes a portable Flash Player PPAPI binary. Therefore you can achieve an entirely portable Chromium, with auto-updates, channel selection, and portable Flash Player.

    I will add more and organize this better later.
     
    Last edited: Oct 7, 2016
  2. Mister X

    Mister X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    1,777
    Location:
    Mexico
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    I use woolyss releases for some time now and I like them. I use archive of stable x64 version with no Sync, WebRTC ... No problems so far.
    If you need flash you will have to install it from Adobe.
    They usually release new version same day (or maybe day after) Google releases new version.
     
  4. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,018
  5. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,640
    Location:
    Toronto, Canada
    I just wanted to add to this point. Developers Woolyss, Nik, and Henry++ are loosely acquaintances and have come together within that community to contribute their efforts and work together. chrlauncher (developed by Henry++) was essentially been developed to follow Woolyss' API for downloading Chromium builds and to make entirely portable Chromium. However, in recent builds of chrlauncher, they have also included portable Flash Player PPAPI binary so that the user can use Chromium together with Flash Player for portable use and therefore, in that specific use case, users can avoid having to download Adobe Flash Player. I believe that he provides builds with and without Flash Player. I've checked hashes to ensure that the Flash Player binaries are the same PPAPI binaries as official.

    I've updated the OP to include details about portable Flash Player.
     
  6. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    @WildByDesign

    Thanks for the links. I like to use Chromium, because the Chome executable of Chromium is not signed. I have UAC set to deny elevation of unsigned, the advantage of running Chromium over Chrome is that Chromium broker runs in a Basic User container with this UAC tweak (is not allowed to elevate to high integrity level/administrator rights).

    When "validate administrator Code Signatures is on(1)" it is possible to run unsigned programs and programs with invalid signature. When you try to install them or run them as administrator, Windows will display the "Referral returned from the server" error message. See Microsoft info about this UAC setting. Vista and Windows 7 users might notice a delay with UAC prompts, because the signature is checked (so malware with forged signature is blocked), but the delay is hardly noticeable on Windows 8.1 and seems completely gone in Windows 10 (it seems to improve with every Windows version).

    I run this UAC-tweak since 2009 and only once had a problem (when Microsoft update removed all signatures of its own Executables), but a simple return to "last known good configuration" using Windows startup recovery, corrected that hilarious Microsoft blooper. When I need to install an unsigned program, I temporarely allow unsigned elevation by running two regedit files, see below:

    Set UAC to block elevation of unsigned: Block_Unsigned_Install.reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    "ValidateAdminCodeSignatures"=dword:00000001

    Set UAC to allow elevation of unsigned: Allow_Unsigned_Install.reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    "ValidateAdminCodeSignatures"=dword:00000000
     
    Last edited: Oct 9, 2016
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
  9. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,018
  10. Shelta

    Shelta Registered Member

    Joined:
    Oct 8, 2016
    Posts:
    7
    Location:
    EU
    Why would one opt out safelist/malware check and at the same time use third-party software that potentially collects the very same info?
     
  11. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    @Shelta, welcome to this forum, good question, paranoid probably.

    Facebook removing an image of the Copenhagen mermaid statue worries me more.
     
    Last edited: Oct 10, 2016
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    Opting out of malware check could improve your privacy (less communication with Google's servers). Locally you can use adblocker with anti-malware list enabled (I use uBlock Origin), which doesn't collect data or communicate with any server. It's probably not that efficient but IMO it should be enough for most users.
     
  13. Shelta

    Shelta Registered Member

    Joined:
    Oct 8, 2016
    Posts:
    7
    Location:
    EU
    True that! I was under the impression that "Safe Browsing" just compared urls against a local downloaded list. :(
     
  14. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
  15. Shelta

    Shelta Registered Member

    Joined:
    Oct 8, 2016
    Posts:
    7
    Location:
    EU
  16. Shelta

    Shelta Registered Member

    Joined:
    Oct 8, 2016
    Posts:
    7
    Location:
    EU
    Btw, which uBlock Origin malware lists do you recommend over the two (Malware Domain List, Malware domains) that comes with the default installation (if any)?
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    I personally use Malware Domains - it contains more filters - but I can't recommend you which is better, as I never tested or compared them.
     
  18. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,640
    Location:
    Toronto, Canada
    Chromium has just recently added support for Control Flow Guard (CFG) mitigation in Dev builds revision r425226 and newer (via patch https://codereview.chromium.org/2412983006). They are starting initially with CFG enabled for chrome.exe & chrome_elf.dll and will assess any performance implications before eventually enabling CFG for more modules. I should mention that this is only for Windows 8.1 and Windows 10 users in which the CFG mitigation will take effect. The builds will still work fine for Windows 7 users, however, CFG will have no effect.

    More on CFG: https://msdn.microsoft.com/en-us/library/windows/desktop/mt637065(v=vs.85).aspx


    cfg-chrome.png
    Note: the CF Guard indication from Process Hacker above.


    At the moment, there are only a couple of builds over at https://chromium.woolyss.com/ which have CFG enabled.

    There is one Dev/LKGR build from main developer/build provider Nik, but at the moment is 32-bit. His next 64-bit Dev/LKGR build will have CFG enabled. Just remember that the revision number needs to be r425226 or greater.
    Link: https://github.com/henrypp/chromium/releases/tag/v56.0.2891.0-r425278-win32

    There is a more recent Chromium build provider, RobRich, who has taken that single CFG patch and backported it to the current Chromium Stable branch build (54.0.2840.59) so this is a more stable build, but it is lacking Google API keys and therefore no Sync, etc. It does have media codecs though and I've been using this build for a few hours and it works great. This build is 64-bit, but no PGO at the moment.
    Link: https://chromium.woolyss.com/#comment-1421

    Personally, I am hoping that the main build provider, Nik, does a backport to Stable branch and therefore his builds would have a choice between Sync and No Sync and would also likely be PGO-optimized.
     
  19. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,640
    Location:
    Toronto, Canada
    This (below) is what I absolutely love about Chromium in general. The Chromium Team developers take full advantage of the built-in protections in which the latest operating systems have to offer. Same goes for Chromium on Linux. Living off the land!

    By latest, I mean, many of these mitigations shown below are only available in Windows 8.1 and Windows 10; some are Windows 10 only.


    mit-chrome.png
     
  20. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    Thx @WildByDesign

    According to this link Chrome started out to implement Control Flow Guard with Chrome canary build 56.0.2891.0, on 15 Oct 2016. This is also the latest available on Woolyss

    :thumb:
     
    Last edited: Oct 22, 2016
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
  22. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    Woolyss uses Chromium "stable" in all version displayed, better to look a the tags

    STABLE = Identical version as latest released Chrome which has passed the broad (automated) regression test (54.0.2840.71) and (automated) code (sanatizing) analysis, available for 64 bits only

    LKGR = Last Known Good Revision = development version with no reported errors (meaning it has passed a limited set of program test cases) (56.0.2891.0) available for both 32 and 64 bits

    Risks of LKGR version: new code may have introduced logic errors in old code, new code is not yet fully tested (might show unexpected behavior) and new code is not analyzed for code vulnerabilities yet.

    Benefits are well explained by WildByDesign
     
    Last edited: Oct 22, 2016
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    @Windows_Security
    Yes I follow Woolyss release for some time - they deliver great service for Chromium users :thumb:
    My post was meant as FYI for users that use stable release and don't use chrlaunher to automatically update it (like me).
     
  24. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    1,640
    Location:
    Toronto, Canada
    The best news regarding the stable channel build (https://github.com/henrypp/chromium/releases/tag/v54.0.2840.71-r414607-win64) in which @Minimalist was referring to is that the main Woolyss' community build compiler Nik has achieved CFG patch backported into stable channel 54.0.2840.71 build and optimization via PGO, with the usual choice between Sync and No-Sync. This build is far more secure in comparison to Google's own Chrome stable channel and performs just as fast thanks to PGO. The build that I mentioned initially from RobRich did have the CFG backported patch to stable, but did not have PGO or Sync.

    The interesting thing about CFG is that every process protected by CFG mitigation has a 2TB virtual memory size which is the case with almost every Windows 10 built-in process. Now with CFG for Chromium, every chrome.exe process has a 2TB virtual memory size which I assume allows for improved randomization and entropy. Hopefully someone with more experience in Windows memory management can clarify that.
     
  25. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,093
    Location:
    Netherlands
    No problem, you were right to point the version number of the real stable :thumb: To be honest I thought I was downloading the production stable (because of the titles Woolyss uses), while in fact I was downloading the LKGR (development stable). Unfortunately I am on 32 bits, so can't take advantage of the link you posted.
     
    Last edited: Oct 22, 2016
Loading...