________________________________________________________________________________
I really hope the privacy-conscious people downloading this aren't just downloading these binary blobs and instead compiling it from source. Especially after seeing this disclaimer on their download page:
>>IMPORTANT: These binaries are provided by anyone who are willing to build and submit them. Because these binaries are not necessarily reproducible, authenticity cannot be guaranteed. For your consideration, each download page lists the GitHub user that submitted those binaries.
Well that's the thing - I'm not willing to build them. I wouldn't know where to start, even. And no ambition to learn, whilst Firefox and uBlock keep going. Seriously why should I? Maybe someone more able than I can share their knowledge with a pointer to a guide that says why this is better than what I have, and how to get it running on my Windows box.
My current position is to step wide and rather carefully around _anything_ by/from Google.
Just use brave. I don't get why people are still trying to split off a new no-Google pro privacy chromium when there is a Very good option already. If people pushed to help brave even better we would be in a very good world
Brave shills cryptoshit at me, and Mozilla shills VPNs at me. Chrome is from an ad company. All three set off my sleaze alarm. What a sad state of affairs.
If Brave and Firefox are in the same league as Chrome for you your sleaze alarm is a very very bad guide to the modern world and seriously needs upgrading.
There are different levels of sleaze; I use firefox not chrome so don't try to put words into my mouth. While firefox may be a better choice than the other two, that's not saying much and Mozilla is very sleazy. If you don't see that, maybe you're acclimatized to it.
> While firefox may be a better choice than the other two, that's not saying much and Mozilla is very sleazy.
Rather than take such statements at face value, here's an example of one such instance that probably hurts its credibility:
https://calpaterson.com/mozilla.html
Also, they're not exactly a world apart from Google in some respects either, for example:
vs
(though i guess the amount of projects also illustrates the difference in their sizes)
However, that's not to say that we even have many viable alternatives to Firefox either:
https://batsov.com/articles/2021/11/28/firefox-is-the-only-a...
Personally, i think that we're past the peak of Firefox and are currently in the midst of it fading away, which i expect will come to its conclusion in the following decade. Apart from that, we basically have just a bunch of browsers that are all similar to Chromium.
Essentially, Chrome will have probably lived long enough to kill IE by becoming the next IE.
Who knows where the web standards will go when there will only be Google backed browsers:
https://mozilla.github.io/standards-positions/
How do you recommend Mozilla generates the millions in revenue necessary to develop a browser?
In Brave you can just turn the adds off. They're optional for if you want to earn their token.
You're still supporting the cryptocurrency ecosystem by using it though. It's not completely unreasonable to want to avoid doing that if you're opposed to cryptocurrencies in a wider context.
You can do that but they will eventually add a new ad.
One day they added a small widget to buy crypto in the new tab page. That was the breaking point for me. Like it happened with Firefox ads, I started to understand that Brave was working against me too.
I use Edge. It works on Windows, Linux and Android.
This is the worst option, Microsoft has consistently show they have the lowest ethical standards when it comes to products like Edge. They packed in a 3rd party payment tool in the browser ! It's like browser with crapware built in.
The only reason they aren't worse than Google is that they've been so shit at capturing the market share they don't get to make the same kind of moves, but Bing/Edge are not good alternatives for Google/Chrome.
I'm not one of those people that screams "M$ evil boooo", I actually use .NET day-to-day on a current project. But they have a really shit track record on Edge, it's the first browser I would avoid.
Your M$ evil boooo mentality is somewhat out of date.
Microsoft is making great strides in open source and Linux. A decade ago, you wouldn't have believed MS would publish SQL Server for Linux, release something as great as VS Code, create Windows Subsystem for Linux (and Android soon), acquire npm and github and make them better rather than destroying them, etc.
Your "Microsoft <3's open source" mentality is also out of date[1][2][3].
[1]
https://news.ycombinator.com/item?id=28975856
[2]
https://keivan.io/the-day-appget-died/
[3]
https://news.ycombinator.com/item?id=28794352
What 3rd party payment? I enjoy Edge because it blocks ads on Android, supports Chrome extensions and it is not controlled by Google.
There was a post here recently about it [1]. After shipping this with browser I would have 0 trust in this product.
I gave up on Edge because it didn't support uBlock origin on Android, I view bundled add blockers as just another way for the browser to block competition while still serving you their own "respectful" ads.
[1]
https://www.xda-developers.com/microsoft-edge-buy-now-pay-la...
Brave even in the discussion is atleast a big improvement in affairs. I couldn't name a single chromium privacy fork from 5 years ago or whenever they started.
It's also like a few clicks to turn off brave settings. It's less setup for brave than I go through on any new video game settings lol
Vivaldi?
I've started using Vivaldi to break away from Chrome because the features just drew me in. It has a its quirks and flaws, but I really like it!
Yes, high-quality free products tend to try to find ways to fund themselves that involve appeals to their users. It's beyond ludicrous to find this a "sad state of affairs".
If only there was some sort of "free high quality product" operating system that existed and proved this asinine defense of capitalism wrong
That'd be nice.
But all we got is Linux on the desktop...
Comedy is truth and pain.
>If only there was some sort of "free high quality product" operating system that existed and proved this asinine defense of capitalism wrong
The only reason Linux is popular on servers is because it has huge corporate sponsorship. Big players figured it it's more beneficial for their bottom line to commoditize the backend infrastructure and invest in OSS. Same is happening with developer tools.
It's not happening with anything consumer facing because everyone wants to take their angle at capitalising on the market. I can't think of quality user facing OSS that isn't aimed at developers or isn't trying to capitalise on the users somehow. Scratch that - blender is the only one I can think of - these guys are an amazing exception.
Keepass, Calibre, and 7-zip come to mind.
I won't argue these projects aren't quality because they certainly do the job, but they obviously lack polish of commercial software. Eg. despite looking into kepass I still chose to pay for 1password, just for the convenience.
VLC and OBS as well.
VLC is a good point I forgot about it. AFAIK OBS is sponsored by streaming platforms - I think it's another case of comoditizing the infrastructure.
The problem is that Brave, Edge, Chromium, Vivaldi and everything else are not "split from Chrome". They are in sync in Chrome and just add their gimmics to every new Chrome change. There is zero point in using any of them if the target is to dethrone Google from their monopoly.
The real "split from Chrome" browser is for example Safari - Safari and Chrome go back to the same Webkit but went different ways, with different decisions and different codebase. Brave is just a clone of Chrome with bells and whistles. Not very brave, just saying :)
You think Ungoogled Chromium is more split than Brave is? Or are you not replying to what the parent said?
Ungoogled Chromium isn't new. It predates Brave by years. And Brave is funded by advertising, just like Google. (In theory, at least, if the company becomes self-sustaining.) I'm not sure why we needed to add cryptocurrency to that formula.
I only use Brave for Google properties like gMaps and Google Translate (which never work quite right in FF for me), but you don't have to turn on any of the crypto stuff if you don't want to, I keep it all disabled.
I don't have a problem with ads, I have a problem with tracking and profile building.
Well, if I took all the brave features out of brave, it might then be reasonable to use.
I'm curious why Brave crashes on CalyxOS (degoogled Android) any time I try to view my wallet balance.
Likely due to SafetyNet API not being supported on that platform. I think this is captured with
https://github.com/brave/brave-browser/issues/15344
Why the hell does a web browser implement SafetyNet?!? The one and only justifiable use for SafetyNet that I've seen is Snapchat - everything else has been a net negative...
It's DRM that ensures only Google-approved platforms can run Android apps.
If a user has Brave Rewards and ads enabled and gets an ad grant at the end of the month, SafetyNet is one measure used to help filter out fraudsters. The absence of it shouldn't cause a crash though
Thanks for the info! Very disappointing that Brave markets themselves as a degoogled browser, but depends on Google Play Services.
Brave is also based on the Chromium engine, and using any Chromium based browser would work against open web standards.
So you say your current position is to be rather carefully around anything by/from Google, but you trust Internet randos to build the binary of the browser you use?
Okay.
Firefox is a well-known project that I've followed for one and a half decade, with roots much older than that and an established an well-known governance structure. I'd certainly trust them as much if not more than Google.
Unlike this project, which is very much from "internet randos"
> with roots much older than that and an established an well-known governance structure
such a well-known governance that keeps putting back telemetry and ads when users dont want them.
The term "telemetry" can mean anything from automatic crash reports to click tracking to transmitting your browsing history along with your social security number. Google is far closer to the end of that spectrum, Mozilla is somewhere in the lower first half.
As for ads - where? I haven't seen any and I've been using Firefox on multiple platforms for many years.
Both ends of the telemetry spectrum are evil, explicitly because the term means nothing except "data about you".
That's...not what telemetry means...
Even if it did, we're again back at the point of "X is a spectrum". "evil" is a spectrum which, according to you, includes anonymous crash reports and then goes on to include serial killers and war criminals. Even then, anonymised usage data used to guide development is far less evil than collecting highly personal and identifying data and using it for targeted psychological manipulation to get you to buy things.
I get it, Mozilla isn't the poster child FLOSS org that we'd like it to be, but it's still orders of magnitude better than the competition.
> the term means nothing except "data about you".
No, crash reports are primarily data about the program, with very little if anything about you.
So they will do stuff like show you ads. They won't do stuff like steal your credit card details, passwords, or identity which an internet rando might do.
Mozilla has tested our patience with Pocket, a horrible service that’s more or less abused by Moz.
Is a pre-installed clipboard addon somehow as bag as siphoning all your private data and browsing habits? I don't think we're comparing equivalent evils here. It's also easy to not use Pocket.
Yes, there's a lot to be desired with Mozilla, and I don't think they do a particularly good job. With "I trust them as much if not more than Google" I wasn't setting a particularly high bar.
i read that as "why bother with a hacked up chromium when i can just use firefox"
Point being that you're always trusting somebody.
"Reflections on Trusting Trust":
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...
And even if you go Full OpenBSD, you're _still_ relying on some chip microcode and BIOS that you bought sight-unseen.
So, unless the Free Software Foundation staffs its own fab staffed by angels, the best we can do is minimize risk.
Wisdom of crowds though — there's enough eyes on the stuff built by "internet randos" over at Mozilla to have a larger level of trust in it Vs an unknown fork of Chromium
> So you say your current position is to be rather carefully around anything by/from Google, but you trust Internet randos to build the binary of the browser you use?
How did you come to this conclusion when they stated that they'd rather use Firefox? Or are you saying Mozilla are the internet randos?
Do you trust Internet randos to build the binaries of the compilers you use to compile the Chromium source code? How deep do we need to go?
If you really want to blow your mind you can go all the way back to stage0[0].
A more practical depth would be to bootstrap with GNU Mes, which is a source based bootstrapping path, that begins with a tiny scheme interpreter (~5000 LOC of simple C) and a C compiler written in scheme that are mutually self-hosting.
These tools can compile a slightly patched version of TinyCC that is self-hosting. Using this C compiler you can bootstrap a bunch of gnutools (glibc, binutils, gcc) and using these tools you can bootstrap a full Guix Linux distro.
[0]:
https://github.com/oriansj/stage0
The bootstrapping process that GCC uses is as follows:
stage 1: build from source using your existing compiler
stage 2: build again from source using the compiler you just built
stage 3: (just for checking): build a stage 3 compiler from the stage 2 compiler. Verify that it is byte-for-byte identical.
extra stages for the paranoid: repeat the process with a different starting compiler, as unrelated as possible. Again, verify that the output is bit-for-bit identical. You then know either that you're good, that the compiler reflects the source, or both starting compilers have the same devious hidden hack, perhaps courtesy of Ken Thompson himself.
GNU Mes achieves that paranoid step: once you verify with GNU Mes that you get the same bits, you don't really have to do this ever again, because you can certify that the compiler you get is reproducible from source and has no tricks.
Why not? I trust internet randos to build the binaries of (linux) OSes I use. It’s not like I know the folks who compiled the Ubuntu or Manjaro LiveCD from Adam.
Wouldn't you trust randos with nothing in common but trying to build an open browser vs a corporation who mission is to gather information from you via your browser?
Sounds a little crazy not to trust them.
The trust is in different areas. The risk that Google would ship something that steals your passwords, addresses, or credit card information and does anything harmful with it besides ad targeting is basically zero. You know what you're getting with Google for the most part. The risk in the case of downloading random binaries is they may actually steal your information and cause real harm beyond ad targeting.
If you want chromium without Google there are several options such as Edge, Opera, Brave and probably a dozen more I've never heard of.
I trust that Google will abuse my personal information for monetary gain via advertising. I also trust that their compiled versions of Chrome will not be a ticking time bomb of ransomware.
On the other hand, I simply don't trust internet randos, much less to install their binaries.
And it seems like a third option of Firefox w/ uBlock is less bad than either of the above.
No, unless I misunderstand them, they're saying they make do with Firefox and uBlock. They're not saying they will download the rando binary.
I trust a homeless person on the street more than I trust google.
If you don’t use ungoogled-chromium, you’re presumably not downloading and running community-provided non-reproducible binary blobs of ungoogled-chromium, so you don’t need to learn to compile them from source instead. That’s what the comment was about.
Have some fun, make your own delta script. Download only what you need, recompile!
I like LibreFox.
https://www.basilisk-browser.org/
and
https://www.gnu.org/software/gnuzilla/
are also nice, depending on which OS you're on
I'm a waterfoxer, myself. Unmozillad Firefox. I'm going to unwaterfox the shit out of that browser if they start acting up.
someone should setup some bare shell sandbox called "build your own chromium"
/nerdsnipe
Could that be straight running the CI build image on your machine ?
yes
Considerably more trustworthy binaries are available for Arch, Debian, and Fedora through OpenSUSE's Open Build Service. Arch binaries are also reproducible.
https://build.opensuse.org/project/show/home:ungoogled_chrom...
https://github.com/Eloston/ungoogled-chromium/discussions/14...
https://github.com/ungoogled-software/ungoogled-chromium-arc...
NixOS has it packaged, reproducibly I presume?
https://github.com/NixOS/nixpkgs/blob/8a308775674e178495767d...
Took a few hours to compile on a ryzen 2600.
Worth it until the next "update", I think.
Does Chromium have `make -j$(nproc)` or equivalent? Because a few hours on a fairly recent processor with a whole bunch of cores sounds long.
Not GP, I am a Gentoo user that compiles ungoogled-chromium from source. I have a 16-core AMD CPU.
Despite that, it takes 4-8 hours to compile, due to two factors: 40,000+ separate targets, of which most are C++ files (famously slow to compile anyway).
And yes, 40,000+ separate targets is no exaggeration; ninja's first run claims about 18,000 targets, and after it finishes those, it generates a second ninja file that has to compile 23,000 targets.
I personally think it's worth it. Others may disagree, and I can't blame them. I have to run it overnight.
Something is off there. I have Ryzen 3900X and it takes around 1-1,5 hours to compile ungoogled chromium.
It is really hard to keep up-to-date with security patches if you need to compile every few days from source with that time..
Edit: Also 32GB RAM which matters
The fact that it takes 1.5 hours on essentially an early 2000s supercomputer cluster full steam ahead to compile a fancy HTML viewer with integrated lightweight Java-like mini script language is bonkers.
You may be under-appreciating just how fancy this thing is.
I wonder how long does Java (which actually has a standard library, unlike JavaScript) take to compile? Would be an interesting comparison.
Far less on my machine. I think 1 hour?
Here with Ryzen 5700G, it takes almost 2.5 hours to compile chromium (doing one at the moment). This is with /var/tmp/portage mounted on tmpfs.
I have a 3900, no X, and 32 GB of RAM. I used to use a tmpfs, but I found that the build would run out of memory.
What if you try to compile in similar way than here?
https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=ungoo...
Edit: Also, 3900 is 3900X running on eco mode (same spec but half power). You might get a lot more performance by tuning BIOS settings.
I'm not going to try to compile by hand, unfortunately. <shudder>
I'll take a peek at the BIOS, but I'll also no good at doing such things.
Do you have to do the make clean all, or equivalent, every time? Chrome has a ton of bits and bobs built in, right? Not all of which need to be updated every time (I guess?).
I wonder how it compares to the build time of something with equivalent functionality, like firefox.
It typically takes more than 20 hours on my dual core laptop. It's a pain, but once compiled I get the best of both worlds: fast as chrome, privacy friendly as firefox.
EDIT: Looks like popularity is on the rise [1]. Hopefully it will make it into the community repository.
[1]
https://pkgstats.archlinux.de/packages/ungoogled-chromium
Are you building on an HDD? I went from 3-4 hours to under two when I switched to an SSD.
It's off an SSD. I have an SSD for my OS, which is where /var/tmp is on my machine.
Chromium is big. I think the last time I looked, it's larger than all the BSDs combined.
holy shit, what did the other dude who replied to this 15 minutes ago do?
Well going by some of their other comments, probably not nothing.
it does. that’s just how long chromium takes.
Chromium security patches usually don't require a full recompile. Usually an incremental build will just take 30 seconds or so. Obviously that still means you need 100GB spare for the working directory.
It's interesting the first release on that page is from 2016 and then the build .zip was 69MB, the last release from yesterday weighs 100MB compared to the official chromium which is 179MB that is alot of google and alot of non-google added in 5 years!
I can't find a list of removed features, but I'm gonna take a wild guess that it includes proprietary codecs. It's the same reason why the chromium binaries in most distro repos are smaller than the official ones, but also useless for normal users that want to experience all content on the net.
Couldn't they (or someone) set up a Github Action to compile the project on every release?
I forked the repo with the intention of doing this a couple months ago. The default Windows runner for Actions doesn’t have enough free disk space to compile Chromium (at least, given the build instructions the project provided). Given it took an hour to fail every time, it made trying to optimize hard and I eventually gave up.
Got a link to that fork? I might want to pick that up sometime.
https://github.com/jedieaston/ungoogled-chromium-windows
isn't my original attempt (I deleted the original repo, oops), but I recreated pretty much where I was. GH Actions runners only have 14GB of usable space, and Chromium requires 100GB or so of free space to compile on Windows apparently:
https://chromium.googlesource.com/chromium/src/+/refs/heads/...
GitHub Actions free tier comes with ~34 hours of free compute time with 500MB storage. Pro comes with 50 hours and 1GB. Enterprise comes with much more. Building on Windows or macOS divides those compute rates by 2 and 10 respectively.
For a project with frequent point releases, building Chromium via GitHub might require a monetary commitment.
Has it changed? It used to be unlimited for open projects.
I wasn't aware it was ever free for open projects. Reading this page shows that you're right[1], public repositories can use GitHub Actions for free.
[1]
https://github.com/features/actions
So what's stopping them?
Seems like something someone with some time can make a pull request for ;)
I just use Brave browser now. It's very good. I can use chrome extensions.
I've had a horrible experience on PC with early Brave. I'll never install that again. Just understand this, you don't trust Google, fine... Now do you trust some randos telling you you should trust them instead of Google...
I'm inclined to trust Brenden Eich over Google or random compiles.
Yeah, because they don't control half of the internet.
How early? Could be worth trying again.
I don't know, Brave has always broken more sites and failed to block more ads for me, than either Chromium or Firefox with uBlock Origin.
I think I trust a random binary blob more than I do Brave's random binary blob, with all of it's crypto lug-alongs.
The crypto stuff does weird me out. But I'd rather use it than a google product.
How about Firefox?
https://news.ycombinator.com/item?id=29378307
I use Firefox as my main browser, Brave as backup foot sites that don't work well with FF.
Brave does a good job with randomizing fingerprints.
Pretty easy to turn off the crypto stuff
Agreed. That's what I did.
I'd rather use a Google product than a Brendan Eich one.
Well why choose? Just use neither.
Vivaldi Browser is a better Chrome clone than Brave.
Interesting, that source code is growing FAST though, I wonder why that is...
edit: "integrated email client" Ok now I see why ;)
Vivaldi, just like Opera back in a day has things integrated, yeah... They even have Philips Hue controls
https://help.vivaldi.com/desktop/miscellaneous/philips-hue/
I thought Vivaldi was closed source for some reason, so thank you for this! I may be using that more often now!
The UI is closed source.
Right, I didn't know that
> Note that, of the three layers above, only the UI layer is closed-source. Roughly 92% of the browser’s code is open source coming from Chromium, 3% is open source coming from us, which leaves only 5% for our UI closed-source code
That changes the equation quite a bit.
It's still readable and editable, AFAIK. At least the CSS files.
It's obfuscated.[1]
[1]
https://vivaldi.com/blog/technology/why-isnt-vivaldi-browser...
Vivaldi is the definition of bloat. What was that saying, that all software grows until it bundles an entire mail client? Yeah, that's Vivaldi.
I mean, there are different setups of Vivaldi you can choose when you first open the browser:
https://vivaldi.com/features/#essentials
Essentials gives you the very basic stuff, classic gives you some extra features, and fully loaded gives you the built in mail client and all that other stuff.
Zawinski's Law of Software Envelopment : “Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.”
Google/Chrome has gmail. Vivaldi has a mail client. That's why Firefox is dying!
It's just doing the same stuff Opera did (with a much less pleasing engine).
I've used Vivaldi for years but now I'm getting split on it. I've got regressions that are just unacceptable (especially when it comes to video playback), but at the same time it comes with features I can't live without.
because reasons?
Anyone know how the Flatpak builds of this project[1] are built? Does FlatHub have a CI pipeline that builds Ungoogled Chromium binaries?
[1]
https://flathub.org/apps/details/com.github.Eloston.Ungoogle...
They are built by Flathub, just like the vanilla Chromium build on Flathub.
Here is the most recent build logs for x86_64
https://flathub.org/builds/#/builders/12/builds/8123
which I found from the GitHub green-tick status icon on the latest commit on
https://github.com/flathub/com.github.Eloston.UngoogledChrom...
.
Thanks
How hard is it to compile these days? I recall trying to build several years back for Electron development work on Ubuntu and it was a royal pain in the butt.
Ok, let's say I'm a tech savvy Windows user. Assuming I have something like Visual Studio installed, would this compile correctly off the bat? I doubt it. (I've not tried tbh)
Personal experience, most of the source I download from GitHub either will straight refuse to compile in Visual Studio, or requires me tweaking a lot of the dependencies and stepping through the warnings and errors until it does.
"Ah, but don't use Visual Studio" you say. "Use XYZ-compiler-de-jour". Right, that's now in the 'too-hard/too-time-consuming' bucket, and I'll look for something else.
Pretty easy if you have a reasonably fast PC (>8 cores, ideally HEDT/server), use one of the two popular platforms (Windows or Ubuntu) and don't try to outsmart the build system.
> I really hope the privacy-conscious people downloading this aren't just downloading these binary blobs and instead compiling it from source.
Those would be on a _nix (linux/_bsd/other) free source OS with distro specific binaries (or rolling their own and would be better off compiling it themselves anyways)
The Marmaduke build might be a better alternative in this regard:
I installed it through flatpak. What is HN crowd opinion on this?
And for the precisely the same reason, I hope the privacy-conscious people who are compiling it from source aren't downloading their compilers as binary blobs!
There is a project to solve that, they aim to bootstrap an entire Linux distro from under 1K of machine code plus all the necessary source code.
And I sure hope they didn't download and install their OS from a premade image too, you really can't trust canonical and the rest of those gangs these days!
Or, more typically, the binary is built your distribution.
This is the hilarious irony of this entire software project. I trust Google a lot more to produce a safe binary than some random internet stranger who promises to be good. Even if I don't ultimately trust Google as a software vendor, I can at least make some reasonable assumptions about the security of their product.
Chromium builds _are_ reproducible though .. So why isn't this project using that to publish hashes of valid builds?
I am baffled that they would accept binaries, instead of, oh, say, pull requests helping set up builds.
There is exactly such a PR -
https://github.com/Eloston/ungoogled-chromium/pull/1693
- as you might imagine building a complex binary for many target OSs and flavors within OSs, it's a little complicated and requires some discussion about the right approach. In the mean time, binaries are available.
The problem with this is updates: there is no trusted publisher of binaries, and even if you pick one person to trust, oftentimes builds are 6 - 8 weeks out of date with Chromium which means you're susceptible to all the published zero-days.
Tried building it myself and it takes 4 hours on my 32-core 5950x, and you still depend on someone actually porting a version bump because their patches need to be regenerated for every new chromium build.
I like the idea of it in principle; if someone donates some CI time and we get official CI builds, plus getting more active with picking up new builds it'll be a real contender. I'll stick with Firefox for now.
Because I previously worked on the Chromium codebase at Google I have a 'specialist' dev workstation, an HP Z840 dual 18 core Xeon with 256GB of RAM. And that's a model from many years ago now, the newer specialist workstations are even heftier. To work on chrome @ Google you absolutely need one.
That said, if you're using cached builds via goma and have a nice fat pipe it can go quite fast without making your machine sweat much.
It's an absolutely massive code base. I wish I could explain why, but it is. No single part sticks out as bloat to me. I could never get CLion (among other tools) to index it properly.
Maybe someone can create a Goma-equivalent for ungoogled chromium, but it's the project's explicit goal to not depend on Google stuff (they actually apply hundreds of patches to the code to remove built-in google service references) so a Google-supplied Goma cache won't be of much use to this project's builds.
These days I work on a team at Google that provides distributed build infrastructure for non-Google3 projects, including goma. But unfortunately it's not available to the outside world, despite being built with that in mind.
How long does it take to build Chromium with a machine like that?
I was building Chromecast most often, not Chromium itself. So can't really recall. For Chromecast, from clean, it was around 10 minutes.
That sounded pretty reasonable until I realized you were talking about that beast of a workstation that can easily be between $25,000-80,000.
Pfft.... 10 minutes to compile, no sweat, not even enough time to brew and drink a tea/coffee.
According to
https://zworkstations.com/products/z840/
it would be around 8k.
Not 5 years ago when it was first provisioned for me.
On the bottom row to the left of the price when viewed with desktop resolution: Condition: Refurbished
That's $8,000 for a refurbished computer with a processor that was launched in 2013.
> 32-core 5950x
damn, that's twice as many cores as a regular 5950x
Got the special sku... :)
Threads, vCores, etc. ... used to working in VMs not bare metal; but you got the point.
>Tried building it myself and it takes 4 hours on my 32-core 5950x,
That seems excessively long? For me it only takes around 2.5 hours on a 8c/16t processor. This is with optimizations enabled, with plenty of free ram and building on SSD.
It took 2 hours on a pristine 48-core Azure VM from start to finish; wrote some details here when I was playing with it:
https://github.com/ungoogled-software/ungoogled-chromium-win...
It's likely it'll be faster if I build on bare-metal on my box; spun up a VM because the build does all kinds of stuff (downloads binaries, spits up temporaries all over the place, etc.).
>pristine 48-core Azure VM
1. it's actually 24 physical cores, since azure counts hyperthreads as "vCPUs". still, that still seems slow compared to my own build times.
2. azure VMs have horrendous IO on the persistent data drives. You can probably get a small to medium speed improvement by moving your build to the D: drive.
> _2. azure VMs have horrendous IO on the persistent data drives._
This. If you want to benchmark builds on Azure, building on a tmpfs or ramfs will help mitigate disk IO latency, although tmpfs might swap.
It's packaged by Nix, should be more convenient.
In my case I was running Windows, but even the Linux binaries are based on Chromium 91 (from back in May).
Flathub has it for Linux based on version 96.x.
96 in Nixpkgs right now.
4 hours on a 32-core modern CPU? If this isn’t the strongest indictment of browsers getting out of control with regards to features and complexity, I don’t know what is.
Browsers are a window into the internet. Browsers should be simple enough to be implemented by a single person in a week.
I want the web to be re-constructed from scratch starting with the TCP/IP stack all the way to gifs with modern hindsight.
GIFs alone would take more than a week for a single person. I think you are severely underestimating the necessary complexity.
"Browsers should be simple enough to be implemented by a single person in a week."
They are. It all depends on who defines what a "browser" is and what it can do.
The browser I use as a "daily driver" is a 1.3M static binary. It is 5.7M of C code, including graphics stuff I do not utilise. It compiles in under a minute on a low-end computer.
This browser allows me to "browse" hypertext. It displays HTML tables beautifully in textmode. I can download files. I can save HTML as formatted text. It supports FTP. The program has various settings for cache size, character set and so forth. I can script the browser using tmux.
This browser is all I really need.^1 I read HTML then decide if I want to download or save something. Simple. What else is there, really. When I want to run programs I do not do that using this browser. I have separate compilers and interpeters for that. When I want to listen to audio or watch video, I do not try to listen or watch using this browser. I have separate programs for that. And so on. I do not try to live inside a single pogram. In every case of a non HTML-reading/saving or www/ftp browsing task, the separate programs do a better job than the browser could. If this sounds something like the "UNIX principle" maybe that is not a coincidence.
Sure, we can take each of those individual programs and integrate them into a single program, and still call it a "browser" but why would anyone want to do that.^2 What is that concept in programming called "separation of concerns". Someone once called it "an ordering of one's thoughts". When people use browsers written by web advertising-supported organisations, then the "organisation of thoughts" is going to revolve around advertising (requisite tracking and personal data/metadata collection) and how to integrate it into the browser. When I use the text-only browser I choose, the ordering of thoughts is quite different. I see no advertising. Ever. I still consume the same amount of "content", maybe even more because this 1.3M browser is quite fast.
1. Major corporations operating on the web today, e.g., banks, can obviously force people to use certain browsers for business and important personal matters. For recreational web use, however, people can choose any browser.
2. The answer is not "For everyone's convenience and free enjoyment." That is why we have people trying to "un-google".
M stands for MB
Also probably worth mentioning that I am not always necessarily using the browser to retrieve the HTML I want to read, nor to download binary files like audio, video, PDFs, and tarballs. I use other dedicated programs for that. The browser is used just as much "offline" as "online".
Connections from this browser go through an up-to-date localhost-bound forward proxy which handles any TLS verification. One of the obstacles to anyone writing a browser might be all the TLS stuff, getting it right and keeping it updated.
A lot of words without saying what “this browser” is. Is it lynx? Something else?
The browser is links, various versions of the 1.x series and 2.x series, with various personal changes.
I used lynx in the late 90s. Honestly, as a 24/7 text-only browser user, I think lynx may be the worst of the text-only browsers. IMO, the fact that it is so often mentioned seems to suggest most folks who mention it are not using it much and/or are unfamiliar with the full range of alternatives.
Usually the only reason someone asks "what browser" is so they can make snide comments about it, diverting the discussion away from the original point, which is that there are other browsers like this and it is possible to write them. As such it is usually against better judgment to respond. Let's see what happens this time.
What I prefer is not the point. Every user is different. The point is that people have written other, smaller, simpler browsers, I am using one, and I am able to comment here and read every submitted website just like anyone else who is using Chromium or the like to do it.
>Usually the only reason someone asks "what browser" is so they can make snide comments about it
I wasn't the person who asked, but I was also wondering and appreciate your answer for non-snide reasons. Especially in the context of the larger thread it's nice to hear what people use.
> Usually the only reason someone asks "what browser" is so they can make snide comments about it
Far from the intent, just genuine curiosity. As you say, “most…are unfamiliar with the full range of alternatives”.
Apologies for the misunderstanding. Genuine curiousity is good! Alas, the "full range of alternatives" is not very large. Nevertheless, IMHO, one can easily do better than lynx.
I doubt lynx is over 5M lines of code...
It’s not, and neither is links (both are around 165 SLOC). Maybe what they meant was 5 MB of source code, but that’s not right either (even compressed the links source is bigger than that, though lynx isn’t, but who knows what version they’re using). I dunno. Without units it’s anyone’s guess.
You may want to check out Urbit. It’s philosophy is not far from yours.
For something less radical, Gemini
FWIW the 5950X has 16 cores (32 threads), not 32 cores as the poster indicated.
If you just want a subset of the internet, Lynx builds in under a minute.
TCP/IP is not part of "the web".
It’s as much a part of the web as tires are parts of a car
What's surprising to me is that this product not only removes Google services integration, but also adds rather opinionated "Enhancing Features" of its own. Many of these are pretty good, but not everyone will like all of them. I, for example, doesn't like the "Force all pop-ups into tabs" change.
https://ungoogled-software.github.io/features/
Yeah...
Guix does not distribute Firefox and instead distributes GNU Icecat, which comes with the unremovable libreJS and an extension to make UPS's site work without JavaScript.
https://www.gnu.org/software/gnuzilla/
Uhh... thanks
The privacy features are why I won't use it. Same with librewolf. I am sick and tired of all of these web breaking alterations being the only independent forks available.
In IceCat disabling those additional features is a click away. And it _won’t_ demand that you enable them back.
See also: VSCodium if you like VSCode but don't like sending sensitive telemetry info to Microsoft.
It is ironically hosted for free on Microsoft's popular git hosting website.
Or perhaps we could all stop using software written by people with the express intent of reducing our overall freedom?
It's easy, just don't use Google, Microsoft and Apple stuff.
It's not that easy. Computing is a collaborative effort for many; these decisions are not made at the margin and in isolation.
What phone OS do you use?
Mobian at home, and Lineage without GAPPs at work.
Mobian.
You're not OP!
Indeed, but I fully agree with the OP and do what they suggested.
One of these things is not like the others. I really wouldn't put Apple in that group.
The only reason I can think of even putting them in a nearby group is because of App Store restrictions, but you can still sideload your own code, and it doesn't apply to Macs at all.
>but you can still sideload your own code
Unless something has changed very recently, you can't sideload apps to your iOS device without getting a developer account from Apple and owning another apple OSX product from which to do the installation.
Not to mention being unable to use non-safari browsers on iOS and the scanning your images for illegal stuff they're planning on rolling out, and the extremely egregious anti right-to-repair lobbying they're doing.
Apple is not your friend. The less control we have over their device, the more money they can make from us.
Unless i am mistaken, You can use non safari browsers on iOS. I use Firefox.
No, the engine is still Safari. See also:
https://news.ycombinator.com/item?id=21587606
.
> and the extremely egregious anti right-to-repair lobbying they're doing.
They're rolling out a self-repair program soon, though this is certainly due to pressure from shareholders and the like.
The other points are completely valid but their sins pale in comparison to Google and Microsoft's.
> but their sins pale in comparison to Google and Microsoft's
I invite you to have a look at my favorite HN submissions about Apple:
https://news.ycombinator.com/favorites?id=fsflover
.
> One of these things is not like the others. I really wouldn't put Apple in that group.
Apple is an order of magnitude worse at "with the express intent of reducing our overall freedom".
https://www.gnu.org/proprietary/malware-apple.en.html
https://stallman.org/apple.html
No offense, but Stallman has a very black and white view of the world.
I saw him give a talk once, and it was peppered with childish insults and calling companies and products he didn't like by "funny" alternative names.
It was impossible to take him seriously.
Shooting the messenger. The linked page is not up to encyclopedic standards of neutrality, but there are bits worth discussing.
_> Apple devices lock users in solely to Apple services by being designed to be incompatible with all other options, ethical or unethical._
Is this litterally the best _facts_ that gnu.org could come up with? Who put together this crap; a 12 year old or a guy who sells mattresses and is gonna launch his big lawsuit any day now.
But it’s true. Can you use Apple Watch with Android? No. You even cannot use it with an iPad!
> But it’s true
_> Apple devices lock users in solely to Apple services by being designed to be incompatible with all other options_
_incompatible with ALL other options_
Can you use an iPad with Gmail? Yes. Can you use google maps? Yes. Can you use the non apple internet? Yes. Can use non apple services on an OSX? Yes. Can you use dropbox? Yes.
I wont keep going as the list of non apple services you can use with an apple device is bascially infinite. In the time it would take to write them all down many more would have come into existence.
So it is demonstrably false, not even remotely close to being true.
There are legitimate issues, you dont need to litterally make up shit to make the case. It is either lazy, or just shows that the people making the case are too retarded for the nuance needed to actually highlight the real problems that exist.
This is a bit like complaining that you can't use an Xbox controller with a Playstation.
There is no technical reason why Apple Watch can't work with other devices, except intentional Apple lockdown forcing users to buy iPhones. I see nothing similar with the gaming platforms.
Apple Watch can't even be turned on without an iPhone. Have a look at PineTime - an open-source watch that can work with anything you want, or by itself.
> I see nothing similar with the gaming platforms.
How can you say that? I can’t run home brew games on an Xbox due to intentional locking down of the device by Microsoft forcing me to buy games they bless to be on their platform.
But some how these companies get a pass but Apple gets constantly blasted for this practice?
For the record, you _should_ be able to do these things. But that is somewhat of a naive view of the world.
Apples closed and heavily taxed ecosystem is the worst of the three.
It's easy as avoiding drinking water. lol
It's easy, just don't use a computer.
Gave up on it after it stopped downloading extensions from both the official Microsoft store and the OpenVSX store due to the CORS issue. The fragility of the OpenVSX store was in highlight when their maintainers couldn't make it compatible with the CORS requirement of VSCode for several months. I'm not sure if it's fixed now or if they're still using a workaround.
does vscodium have a way to only display FOSS extensions? I've considered giving it a whirl but I don't really like the idea of it if it ends up just being a trojan horse for closed source extensions
vscodium by default only offers extensions from
But I am not sure whether that repo accepts non-free software.
what do you consider "sensitive telemetry"?
VSCodium doesn't work well with Github Copilot (from my limited testing)
Now this is one I'd use, but I'm already satisfied with Firefox.
Firefox for Android could use some improvements, when I switched from Chrome, the downgraded experience felt almost immediately, but you get used to that to the point you don't notice.
What I love about Firefox on Android: sending pages to my other devices. So when I see an interesting webpage on the subway, I can send it to my office computer and read it later.
Any privacy concerns there? I am assuming that it is sent through Mozilla's systems.
https://hacks.mozilla.org/2018/11/firefox-sync-privacy/
> Firefox Sync by default protects all your synced data so Mozilla can’t read it. We built Sync this way because we put user privacy first. In this post, we take a closer look at some of the technical design choices we made and why.
What exactly do you mean? Speed?
Scroll speed is noticeable (it's not as smooth) when you're used to Mobile Chrome, but you get used to it. I don't feel it anymore.
Some UX shortcuts or improvements could have been used as well (e.g. the "Sync" button for the tabs in other devices instead of syncing without asking, or... the weird zoom it does into a form field when I'm about to type in it).
Problem I have is MS Teams doesn't work on FF. I usw Brave as a substitute for that.
If you want to make a statement, just don't use chromium in any form. Use Firefox, even if it's slightly worse for you.
Why bother "de-googling" if you're still eating from Google's hand anyway? You get to support the Chromium/Blink hegemony _and_ the warm fuzzies that you're not sharing your data with Google (because you're technically adept enough to search this out, while supporting the propagation of a technology which disenfranchises non-technical users' privacy).
I use Chromium for testing and the occasional website that doesn’t work on Firefox. I’m not going to install Chrome for that.
Because the only alternative is Firefox.
Relevant discussion about Firefox:
https://news.ycombinator.com/item?id=29378307
provides a collection of Chromium builds for different architectures, including Eloston ungoogled.
Is this browser preferable, from a privacy perspective, over using regular Chrome without signing in to Google, disabling any built-in convenience services (such as Safe Browsing) that phone home, and switching your default search engine to DDG?
You _can_ disable Safe Browsing in a regular build of Google Chrome. But besides Safe Browsing there are other things that are harder to disable, if your goal is to make your browser never talk back to Google.
I took a look at
https://github.com/Eloston/ungoogled-chromium/tree/master/pa...
and saw some surprising removals.
This or something similar I believe is the best Chrome competitor option in the near future. As others have commented it would need to be run by a group that can consistently and quickly put out new versions to correspond to new Chromium versions.
I was hoping this would just redirect to Firefox :P
I would use it if it was in the Arch repo. I do not have the patience and the adequate hardware to build it in a frequent basis and ignoring all trust issues I do not have the patience sort through issues present on random builds.
Id say don't use this. Their patches cripple many of Chromium's security features.
Can you expand on that?
Namely, there's quite a but of lag in updates. I think the reason why that's bad should be apparent. They also don't build with control-flow integrity enabled [0].
They don't enable the is_official_build flag which enables some security features (including CFI), and disables some debug stuff that a regular user shouldn't be using [1].
0:
https://qua3k.github.io/ungoogled/
1:
https://groups.google.com/a/chromium.org/g/chromium-dev/c/4F...
Amazing how much effort the "security expert" shills are putting into making sure the highest possible number of people use Microsoft/Google/Apple as their trusted authority.
ungoogled-chromium is the best we have today, and it is a shame it gets actively attacked and not actively defended. This qua3k guy would contribute a fix to ungoogled-chromium if he was genuine.
If you have Homebrew on your Mac, this is available by installing "eloston-chromium".
Thank you for this project. Brave browsers feature set and roadmap has been off the rocker for a while and i will be happily dropping it for this.
It's called Edge.
It looked good initially and I actually used it for a while, but it's scammy AF now with data siphoning, forced usage, weird integrations with lenders, etc.
I'd much rather trust Firefox.
It's free, just 24 interest-free payments of $0!
Someone please integrate about://net-internals back to local browser.
Related: what options are there to avoid a dependency on either Google or Microsoft when it comes to productivity apps? I feel like the only two "real" options are G Suite (or whatever it is called now) and Office. Are there others that are compatible-enough that they are realistic options, particularly with online (in browser) experiences?
Next cloud has integration with collabora
https://nextcloud.com/collaboraonline/
There's
. It's not a web collaboration suite though.
FreeOffice is closed-source, but free, and available on Linux, macOS and Windows. It works pretty well and I think it's better than what LibreOffice currently offers.
[1]
https://www.freeoffice.com/en/
> closed-source, but free,
That's the scariest combination possible IMO. Regardless of the trustworthiness of the developer, it stacks incentives in a bad way. Even if LibreOffice is worse, at least it'll be around longer than one single developer.
I agree completely, but it might suit the use case of someone trying to get some work done.
There is also WPS Office.
. It's actually very well done, and seems to be pretty compatible. It also runs on everything.
It's usable in isolation, but at least the last time I used it, it did not fit the parent post's criteria for "compatible-enough that they are realistic options"; it did break document layouts when exchanging work to/from people using MS Office.
Cryptpad (
) is what's recommended on PrivacyGuides, though it looks like it's only using OnlyOffice under the hood, at least for its spreadsheet.
I use Apple’s iWork suite (mainly Pages and Numbers). It’s closed source, obviously, but very usable for my needs. It also has collaborative editing built in without involving the browser. I’m pretty generally anti-browser as a person though. If there’s a desktop application I can use instead of the browser, I’ll use it.
Only Office:
compatible Office, connects to NextCloud, Android and iOs, open source… (didn't try but I see organizations using it)
Check out FreeOffice[1]. It's closed-source but zero cost.
[1]
https://www.freeoffice.com/en/
Without defining what "real" means, I think you've answered the question for yourself.
There is Onlyoffice for nextcloud, but it was a bit laggy when I tried it myself
I've been impressed with the recent versions of LibreOffice. If you don't need collaboration, it's quite good.
The technical stuff -
https://github.com/Eloston/ungoogled-chromium/blob/master/do...
(I wish someone would do this with Firefox too. I am tired of all the useless or meaningless services being added to Firefox - from pocket to monitor to even ads now.)
GNU IceCat is a "de-mozillaed"[^] Firefox LTS:
https://www.gnu.org/software/gnuzilla/
It seems it is mostly maintained within GNU Guix now (which has 91.3.0).
[^]: It comes with its own set of opinionated (but privacy-friendly) add-ons.
Unfortunately, upstream IceCat appears to use the FireFox 60.x ESR branch, which is three branches behind the current ESR and is past its end-of-life date. It's also a few security updates behind the 60.x ESR branch's last release.
The GUIX package is more recent, but its description states:
> WARNING: IceCat 91 has not yet been released by the upstream IceCat project. This is a preview release, and does not currently meet the privacy-respecting standards of the IceCat project.
It reminds me when Debian shipped with "Iceweasel" instead of Firefox because of some licensing nonsense.
>(I wish someone would do this with Firefox too. I am tired of all the useless or meaningless services being added to Firefox - from pocket to monitor to even ads now.)
Is that really needed considering that about:config flags fixes all/most of the issues?
Once upon a time, I used icecat, based on the conclusion that it was basically just firefox but with all the settings pre-set to what I would have had to manually set them to. A soft fork, or repackaging, of firefox that just tunes about:config values to somewhat more conservative presets would be lovely.
Mozilla can remotely kill extensions which means that privacy enabling features of firefox that are served as extensions like the containers feature can suddenly and without warning stop working.
No amount of config flag fudging will fix that glaring design choice.
And make no mistake, it's a choice, not an error.
>privacy enabling features of firefox that are served as extensions like the containers feature can suddenly and without warning stop working.
containers is a core feature of the browser. The addon (Firefox Multi-Account Containers) only adds some niceties like an addon button to start containers, and auto-assigning sites to containers. Without the addon, you can still manage containers by going to about:preferences#containers and open a tab in a given container by long pressing the new tab button.
Any idea why Mozilla has chosen to implement it this way?
Nobody thinks that Mozilla’s remote kill switch for extensions is an error. The reason I accept it is because I don’t want to be personally responsible for every extension I might install. Nobody has time for that. Let someone who does this stuff for a living take care of it.
I agree with that sentiment, It would just be nice to be able to turn of that kill switch, you know?
> about:config flags fixes all/most of the issues?
How do I even keep track of all this? What if my personal data has been uploaded to some service that I am not even aware is running in the background.
I'd like all that unnecessary code stripped from the browser. (It's like we are going backwards - we seem to have removed browser plugins in favour of bundling everything into a big bloat of a browser ... yeah, I know some of these are "special" firefox addons. The only thing that makes them "special" is that they are bundled into the browser by Mozilla, do not show up in the addons / extension page and cannot be removed like other user-installed addons.).
Librewolf might be in a similar vein to what you're looking for?
https://librewolf-community.gitlab.io/
Been using it on my work machine for a few months and I'm quite happy with it
https://github.com/arkenfox/user.js
plus
rm /usr/lib/firefox/browser/features/*.xpi
takes care of pretty much all of the firefox bloat for me
HAVE YOU HEARD ABOUT WHAT MOZILLA VPN CAN DO FOR YOU?
THERE, LET ME OPEN A TAB TO TELL YOU. _Closes tab_ _Presses Cmd+T_ “MOZILLA MAKES THE WORLD BETTER FOR YOU. BIG BROWSER CARES FOR YOU, AND ALWAYS WILL.”
Just spend the 2 seconds to change your default new window / tab page to “Blank Page” if it bothers you that much. I set that in the 2000s and they've always honored it since.
The first run after an update opens a separate tab with the bullshit in it, regardless of what the start page is set to. Now this wouldn't be a problem like back in the day where updates were rare, but nowadays they're churning out updates like crazy and use these as an opportunity to get in your way.
That's what I have set as well. Still seeing VPN ads.
Isn't Chrome supposed to be based on Chromium? Why does one need to ungoogle it?
No information on how it's secured, audited or even considerations about software lifecycle. This project is either straight up compromised or begging to be - the browser equivalent of rolling your own crypto.
I had trouble downloading chrome extensions. sad
install (sideload) the extension below [1] and set the chrome flags noted in the readme. It will provide a near native chrome extension installation experience.
workarounds to install extensions were a major PITA till I found this
[1]
https://github.com/NeverDecaf/chromium-web-store
There’s been a glitch that breaks extensions and stops pages loading if you have an adblocker. I stopped using it.
PSA: Please don't download random binaries. Ungoogled Chrome already exists. It's called Microsoft Edge. And it has a cousin called Brave.
>It's called Microsoft Edge
it's called telemetry ridden trash, that's shoved down users throats even for those that don't want it:
https://www.theverge.com/2021/11/15/22782802/microsoft-block...
So Edge doesn't have any telemetry? (Honest question)
Edge does have telemetry [0], that's pretty much a given in any Microsoft product.
The control panel doesn't provide a way to disable diagnostic telemetry, but it can be turned off via group policy. Then there's more options for MS service in "Privacy, search and services" to be disabled.
Edge is more like altgoogled than ungoogled.
[0]
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-e...
Poe's law, my friend.
That law is silly because you should always verify statements made on the internet.
It's not about the validity of the content, but whether the writer believes in what he stated.
Chromium is the opensource project Google based Chrome on, there should be no need to explicitly stress it's Google free, Chromium is vanilla until google's APIs are added in. I guess the name persists for additional clarity though.
I personally use Henry's chrlauncher:
https://github.com/henrypp/chrlauncher
Some trust is needed but if given it automatically checks for builds on an automated build server and updates Chromium before launching it.
Chromium contains google services, and significant google integration. It does not contain any of the closed source components, including some security components and DRM.
This is absolutely not the case.
You can find some of the some of the patches here but there's more patches in the parent dir -
https://github.com/Eloston/ungoogled-chromium/tree/master/pa...
There's a lot of telemetry, and a few other services such as time checking.
The features you're mentioning include the user syncing, translation, and DRM platforms (though you can add widevine to chromium, you cant add the others). Those are not the only things that call home to google.
This is Factually Inaccurate, there are many services in Chromium code that require Google services (and a special API key for them that is effectively impossible to use at scale)