The browser wars are back, but it’s different this time

Discussion in 'other software & services' started by ronjor, Jan 16, 2020.

  1. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,459
    Location:
    USA
    I like YouTube but the censorship is more than apparent. But that's another conversation that probably isn't allowed here.
     
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    2,766
    Location:
    Canada
    I'm interested :) I've been running Tor occasionally on Linux, enforced with Apparmor. it's certainly a bit slower than normal Firefox, but it otherwise works quite well. Against their suggestion, I am running one addon, uBlockO, because I don't want ads. It would of course be better combined with a VPN, but that's not in the budget yet.
     
  3. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,539
    Location:
    Nicaragua
  4. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    742
    Great! I have had a break of the project but been thinking of working again on it.
    Both 32-bit and 64-bit Linux build are under construction right now.

    Native Windows version will probably follow later but it will not be as secure as Linux versions (it just have the basic sandboxing, no hardened stuff or anything like that that is possible with Linux)

    So after finished, the recommended way would be to run it always inside VM in it's own hardened environment.
     
  5. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,254
    Keep us posted. I would be interested.
     
  6. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    742
    Some WebGL performance tests....

    https://www.orwell1984.today/cname/webgl_test1.png

    https://www.orwell1984.today/cname/webgl_test2.png

    Of course, In a final version ,I will disable WebGL by default (it's a privacy issue) but user still has the option to turn it back on if really want to ...

    Test were done running 32-bit security hardened kernel and 32-bit CyberDragon browser on bare OpenGL accelerated framebuffer....inside 64-bit QEMU VM.

    That's right, you don't need any DM (like Gnome or KDE), WM (like Fluxbox), or even X11/Xorg to run it :)
    Plain old command line, and framebuffer (with or without OpenGL support) is enough.

    That gives few advantages:
    - Less software/code bloat = smaller attack vector and less likely your privacy and security will be compromised. Even thought the whole thing is run inside VM.
    - Less usage of RAM/Disk space (for now, I gave the VM 4G .... later I do some more optimizations and see how low I can go before it crashes).

    EDIT:

    Basic system tests ....
    https://www.orwell1984.today/cname/system_tests.png
     
    Last edited: Feb 6, 2020
  7. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    923
    Location:
    UK
    Not a proper war.

    All using the same chromium base, and vivaldi is the only that has the ***** to actually deviate from chrome design standards, everyone else is a UI clone.

    Brave browser which supposedly puts privacy first even has its own online profile sync system, so they use your data online as well.
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,936
    Location:
    Here
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,480
    Location:
    The Netherlands
    Yes that's the thing, except for Firefox they are all based on Chromium. But I do think that if browsers like Vivaldi focuses on privacy and if they can convince people that Chrome isn't trustworthy, they can gain marketshare. That's why I'm surprised they haven't implemented an anti-tracking feature yet. Firefox, Brave and even Opera and Edge all have this.
     
  10. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    What's the matter? Besides it's completely opt-in, all data are locally encrypted so not in anyway usable for them - and all these components are open source. There's also confusion about Brave ads (opt-in) on Internet by those who don't understand the tech. When Brave says 'anonymous', it's in true sense (unlike others like that AV). You probably know some dude once accused Vivaldi as spyware just because they use piwik. I won't call it spyware even if it was Google Analytics if it's properly configured. Such people talk about privacy w/out understanding what the privacy is. They also never understand how configurable GA is, or even what the GA is - in their one-track thinking "GA = evil, period" and they refuse to understand all the complexity and pleats of reality.
     
  11. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    742
    I seriously can't trust browser maker that has it's own ad network ....
    https://ppc.land/brave-browser-launches-an-ad-network-while-blocking-publishers-ads/

    And about Google Analytics...if you are using uBlock Origin you are already blocking it by default.
    So if the EasyList creators think that GA = Evil then it's good for me

    EDIT: If I am right, Brave business model is essentially:

    1) We block ads, we are a private browser (all shout yay!!!)
    2) We have our own ad network, so we replace those just blocked ads with our own ads.
    3) Please opt-in and watch our Brave ads. We pay you BAT tokens that you can (maybe) turn into cryptocurrency or real money.
    4) We pinky swear that our own ads don't track you.

    So basically people are lured to watch their own choise of ads while blocking publishers ads.
    How can any sane people recommend this browser not to mention, call it "private"?

    If you are in ad-blocking business the last thing you do is to replace the just blocked ads with your own....that just isn't right.
    Subscription model would be more honest for Brave.
     
    Last edited: Feb 10, 2020
  12. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,735
    This is incorrect. Show me examples where Firefox is insecure. I can think of one real scenario, patched.
    Mrk
     
  13. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,121
    It's more like Chrome is more secure due to having more resources.
     
  14. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,735
    More secure how. Can you quantify that?
    Mrk
     
  15. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,121
    Mozilla recently had to reduce employees due lack of money. Google certainly has way more money than Mozilla.
     
  16. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,056
    Location:
    Member state of European Union
    Better sandboxing.
    Just look at Pwn2Own competition or Zerodium payouts. There is more money for hacking Google Chrome then Mozilla Firefox. You can divide one prize by another to have some sort of ratio.
     
  17. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,735
    Better sandboxing - how. Where are practical examples that demonstrate this on a continuous, repeated, mass scale?
    This is just like javascript benchmarks - entirely meaningless in day-to-day work.
    Mrk
     
  18. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,056
    Location:
    Member state of European Union
    Do you think that I can explain all the nitty-gritty details of something that nuanced as sandbox and developed over the last decade in one small forum post?
    Practical examples are outdated or costs money. Zerodium gives up to half million of dollars to give them that examples. Do you think that somebody would give you example for free when they can send it to Google's bug bounty or Zerodium or to black market and receive money for that?
     
  19. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    1,806
    That hackers are willing to pay more for a bug in Chrome can also be explained by its considerably larger market share and not necessarily by Chrome being more secure than Firefox (alone).

    That said, the Firefox sandbox level is at 5 on Windows. Where does Chrome offer more? (Serious question because as a Linux user I'm no longer that familiar with the Windows details.) Yes, I know that there is Site Isolation in Chrome but this will be available in Firefox stable pretty soon from the Fission project (you can already enable it in the Nightlies).
     
  20. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    280
    Firefox uses Low Integrity which is what most things use that access the Internet. Most programs run with Medium Integrity, High Integrity is Administrators or elevated privileges and System is well for the system like the Windows kernel. Low is still subject to malware abuse. As you can see in the Moz Wiki Firefox has been Low Integrity since level one and relies more and more on the added mitigations. Not saying its not strong. Chrome runs as Untrusted, well stronger in Appcontainer. Appcontainer blocks read and write access to most of the system. Can only access its install folder and subfolders without user interaction. If you want more secure Chromium Edge is actually stronger than Chrome as you can add the Code Integrity Guard mitigation. No DLL can inject unless its signed by Microsoft.
     
    Last edited: Feb 11, 2020
  21. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    @Stefan Froberg I'm already an EasyList forum member and have proposed more than a dozen trackers so am familiar w/ their inclusion criteria. They simply block any 3rd party tracker unless they cause a trouble, while a different criteria is applied for 1p tracker. Occasionally developers or web owners come and request removal from the lists, sometimes admitted (e.g. bugsnag) other times not. It's unlikely Google or a web owner requests to remove GA, but it's entirely possible to use GA w/ privacy-friendly way if configured properly. However, we never know if a site is using GA in such a way or not unless you monitor the traffic by MITM or dev tools, so it's reasonable to block GA generally. In short, they're not necessarily taking GA as evil.

    In an ideal world, there wouldn't be any ads. The reality is the online ads won't die before we die, even if all of us started to block them - what will occur then? A good example is avgle, a notorious site that defeated all the ad-blocking community. Who finally stopped their nasty act was...Google (see the EasyList forum link). Why blocking side couldn't win? See this grave of another effort fighted against them. Site owners get money by showing ads, defender are mostly volunteers. We seriously need to seek for a compromise and Brave proposes one possibility: privacy-friendly ads. We all know "anonymized" data is actually not that anonymous if combined w/ other data. However, there's already solution for this: quantify the probability an attacker can identify somebody/sth in the worst possible case and put an upper limit on that. There are several frameworks to do this and the most famous one probably is differential privacy which utilizes Laplace noise. It's two or more years since I read whitepapers by Brave so I forgot many and sth may have changed, but essentially they utilize a similar approach of ANONIZE2 which is also mathematically proven. Ofc there may be a serious implementation bug which breaks this proven privacy, but then that can be fixed - and Brave is fully open source and they have open bug bounty which one of security expert I follow praised for his experience w/ the program.
     
    Last edited: Feb 11, 2020
  22. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
    (Not to mention Google pays about three times more $ for bounty to buy blackhat)
    Nothing has really changed since I joined Wilders when it comes to Mozilla's attitude to security and their lack of resources. It's common for them to leave non-severe bugs for years. I believe most of you remember what Mozilla said when they're criticized for lack of sandbox exposed by this Google-sponsored report, it was essentially "Sandbox is not all, we have other measures like ASLR!" but it turned out Firefox's adoption rate of those memory mitigation was the least. They're always behind Chrome, when they finally declared a plan for sandbox, Chrome started to adopt AppContainer and Win32k call filter on Windows and also added a new memory protection (I can't find the link now but should have mentioned in this forum; EDIT maybe this). When they completed the decent sandbox, Chrome started to enable site isolation which Firefox initially denied for more memory usage. It seems Intel CPU flaws finally convinced them to adopt the isolation, but actually it's not necessarily for such a flaw, Firefox had been either downplaying in-sandbox exploit or lacking resource to prioritize this. Now they started to add site isolation but Chrome is already experimenting stricter origin isolation and PDF isolation. Firefox were also late for malicious download protection, but it's Google's service so I don't count it. But they were behind of Chrome on U2F default support too. Another fact is they leave many legacies despite their claim of replaced, new engine and appearance (Quantum): asmjs is one example which in past had many vuln - this makes sense only if websites write according JS code, but now almost no website uses such a code and disabling this has virtually no detriment. I hope those who haven't disabled this now-useless feature will never see another exploit. Yet another is Firefox Android has no sandbox except what OS provides for all apps while Chrome Android is protected by own sandbox tighter than the OS'. Well, a good news is this time Mozilla was not so behind (but not ahead) of Chrome on SameSite cookie.

    I guess I already spent too much time to write this, but note I have no interest in defending or offending sth - I only have interest in truth and welcome to be proven wrong by technical and verifiable argument. I'd actually followed technical explanation of some of Chrome bypasses in past so please don't make such an argument that "But Chrome sandbox was bypassed!" (You really should look at details of the exploit).

    [EDIT] BTW Adobe Reader uses the same sandbox as Chromium, but known to be (much) weaker. The strength of sandbox is not determined by what technologies are used, but HOW they're used. One way to measure the strength is analyzing them w/ mathematical model(s).

    Probably already posted, but this is some other improvements on the isolation. But if we started to talk about each and every these individual improvements of both side, the talk will never end - there have been such many advancements.
     
    Last edited: Feb 11, 2020
  23. Bertazzone

    Bertazzone Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    282
    Location:
    Milan, Italia
    @Yuki2718 I appreciate the discussion, so thank you. :thumb:
     
  24. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,944
  25. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,735
    Yes, it would be nice to put it into a small forum post. Because if you look across the wider internet, there isn't a plague of Firefox users getting pwned day and night. Can it happen? Maybe, possibly, yes. Is it something that happens more than other browsers? Probably not in any measure that makes any major difference. It would be nice to look across 10 years, see how many practical examples apply to x y and z, and then calculate the actual fallout from those situations to get a real-life cost.

    Like say looking at what seat belts vs airbags vs whatever did for car safety. You get quantifiable results for that.

    Mrk
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.