• HughJanus@lemmy.ml
    link
    fedilink
    English
    arrow-up
    23
    ·
    edit-2
    1 year ago

    since they’re chromium i don’t trust them an inch with my personal data.

    This is such a ridiculous position. Do you have any evidence at all that every Chromium browser (even the ones specifically designed to avoid this) are transmitting your personal data?

    • russjr08@outpost.zeuslink.net
      link
      fedilink
      English
      arrow-up
      47
      ·
      1 year ago

      This is such a ridiculous position.

      I’m not the original person you responded to, but I am going to go out on a limb here and say that I disagree. While I personally do not think that all Chromium browsers (especially since there are projects like ungoogled-chromium) transmit your personal data, I can’t verify this myself because the Chromium codebase is far too much of an undertaking for myself to review.

      While the same is also true for Firefox (and really any potential open source browser), on a pure personal-trust factor I trust Mozilla/Firefox to be more caring about protecting my personal data than I do Google, who literally revolves around data collection. Inevitably its a moot point for me since I do use Google services anyways, but I don’t think its that far reaching for someone who potentially doesn’t to take the original person’s stance.

      • fernandofig@reddthat.com
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        While I personally do not think that all Chromium browsers (especially since there are projects like ungoogled-chromium) transmit your personal data, I can’t verify this myself because the Chromium codebase is far too much of an undertaking for myself to review.

        Don’t you think that, with so many contributors and projects having eyes on it (arguably more so than on gecko), if there was foul play wouldn’t anyone have sounded the alarm?

        • barryamelton@lemmy.ml
          link
          fedilink
          English
          arrow-up
          19
          ·
          1 year ago

          but they did sound the alarm? Debian took Chromium out of their repos for a time because they found unreported telemetry sent encrypted back to Google. All the info is on the net. You just need to read it.

          • HughJanus@lemmy.ml
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            1 year ago

            All the info is on the net. You just need to read it.

            “The net” is kind of a big place. I’ve researched “the net” on this subject quite extensively and come up empty-handed so maybe you’d like to share where you found this information?

            It sounds like you’re referring to the Chromium web browser, which is not the topic of discussion. Rather it is Chromium-based web browsers such as Brave, Vivaldi, Edge, Opera, etc.

        • russjr08@outpost.zeuslink.net
          link
          fedilink
          English
          arrow-up
          7
          ·
          1 year ago

          Argh, I originally finished typing out a reply and went to upvote your reply - which apparently causes Lemmy to close the reply box, sending my original reply to /dev/null, sigh…

          What I was originally going to say, in a more abridged version is that plenty of people audit and review open source libraries such as OpenSSL which ended up having a massive vulnerability that no one knew about in the form of Heartbleed for two years - so while its possible someone would ring the alarm bell on Chromium, its also possible that they wouldn’t (through no fault of their own).

          At the end of the day, I still believe that my own personal trust in a project is going to trump the stamp of approval from people that I have zero connection to. There have been countless times in my life where someone said that X was okay, and I blindly trusted them instead of relying on my own judgment only to inevitably bitten in the ass when they ended up being wrong. Even down to medications that I’ve taken in the past that were deemed fine by multiple doctors, which have now resulted in me having permanent negative side effects that I’ll have to deal with for the rest of my life.

          I appreciate your level headed reply (as opposed to the passive aggressive “people do not understand chromium is NOT CHROME” reply), and to your credit I would say its probably significantly harder to forget to remove a ton of telemetry from a project than it is to not catch one line of code that accidentally causes a massive vulnerability to a project - but if Firefox works just fine for me, I don’t see a need to even have to take a (probably small) gamble on Chromium.

          I don’t even advocate to others that they shouldn’t use Chromium for the reason that was listed in the top parent comment (usually if someone does ask me how I feel about my choice of browser, I will tell them that I prefer Firefox because it doesn’t have a dominant position of marketshare over web standards), but I did feel it was worth retorting that the parent comment was in fact, not really a “ridiculous position to take”.

          • fernandofig@reddthat.com
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            Fair enough! FWIW, I also think your stance on the matter is fairly level-headed and well thought out, even if I’m more or less on the other side of the fence.

      • HughJanus@lemmy.ml
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        1 year ago

        I can’t verify this myself because the Chromium codebase is far too much of an undertaking for myself to review.

        No, but there are several people and organizations that can and do that would be screaming from the rooftops if there was some sort of telemetry that they could not remove.

        I trust Mozilla/Firefox to be more caring about protecting my personal data than I do Google, who literally revolves around data collection.

        You don’t need to trust Google because Chromium-based projects are not made by Google. They are forks of the open-sourced Chromium, made by completely independent organizations, explicitly for the purpose of removing telemetry.

        People are seemingly incapable of understanding that Chromium-based browsers are not Chrome, nor are they Chromium.

    • barryamelton@lemmy.ml
      link
      fedilink
      English
      arrow-up
      44
      ·
      edit-2
      1 year ago

      Evidence? OF COURSE!

      Have you even tried searching for it?

      Google even says so for Chromium on its own official page!

      https://security.stackexchange.com/questions/144289/privacy-with-chromium

      You don’t need to trust us. Trust Google, they are telling you legally if you want to listen.

      Also, look up the handful of open bugs on the Debian but tracker, where known people, with name and faces (I’ve met some on conferences), showcase and share how Chromium calls home and sends encrypted data. They share their Wireshark logs.

      https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792580;msg=53

      Look up how Debian removed Chromium for a time, until some of it got removed upstream.

      And all of this doesn’t mean that Google cannot re-introduce it or add different approaches in new updates.

      Plus, Google actively creates and pushes for their “standards” via Chrome(ium), which allows them to push for even more surveillance.

      In addition, Chromium is not a community project. It’s developed behind closed doors, with a secret roadmap, and a code dump happens on release. That’s no way to develop the 90% of web browser market that society needs in this day and age. But, don’t think you will care about that, do you? you are happy with papa Google for the foreseeable.

      • HughJanus@lemmy.ml
        link
        fedilink
        English
        arrow-up
        10
        ·
        edit-2
        1 year ago

        Have you even tried searching for it?

        Of course I have. I’ve never found any substantiation, which is why I’m asking. I use them every day so I would certainly like to know if there is, but the concerns I constantly see only apply to Chrome, and not Chromium-based browsers.

        Google even says so for Chromium on its own official page!

        This is specifically for the Chromium browser, not Chromium-based browsers. I know, it’s confusing. Chromium is basically just the open-sourced version of Chrome.

        Plus, Google actively creates and pushes for their “standards” via Chrome(ium), which allows them to push for even more surveillance.

        This is yet another item attributed to Chrome and it’s users. You can totally create a Chromium fork that adheres to conventional standards.

        • RealHonest
          link
          fedilink
          English
          arrow-up
          17
          ·
          1 year ago

          How hard can you simp for Vivaldi. Jesus Christ.

          You don’t think Google themselves admitting that Chromium has the same privacy notice is substantial? What more could you possibly need?

          What’s worse is that Vivaldi took an open source browser with a bunch of privacy concerns, added some things and closed the source. And you think it’s somehow less of a cause of concern.

          You’re nuts.

          • HughJanus@lemmy.ml
            link
            fedilink
            English
            arrow-up
            10
            ·
            edit-2
            1 year ago

            How hard can you simp for Vivaldi. Jesus Christ.

            I use 5 different browsers, zero of which are Vivaldi, and thus do not “simp” for Vivaldi. The only “simping” I do is for the truth. The Google hate train is valid but misplaced in this instance.

            You don’t think Google themselves admitting that Chromium has the same privacy notice is substantial?

            You’re simply deliberately misreading my comment because what I said is not that it’s unsubstantial, I said that it’s inaccurate. Google does not and cannot have any control over any Chromium forks or their respective individual privacy policies’. This statement only pertains to the Chromium web browser.

            I can see that you have no interest in an honest discussion so I won’t be engaging with you further. Bye.

            • ReversalHatchery@beehaw.org
              link
              fedilink
              English
              arrow-up
              4
              ·
              1 year ago

              Google does not and cannot have any control over any Chromium forks

              That is not true. I remember several chromium-based browser developers saying for several changes made by google to chromium that they can’t afford the maintenance burden to reverse it.

              One instance of that happening is switching the addon framework to manifest v3, which severely degrades the functionality of browser firewalls, like uBlock Origin, by restricting (for “security reasons”, apparently) the amount of network filters they can apply (and maybe with other changes too, I don’t remember it exactly).

              But there were also other instances of this happening, which I don’t remember right now. Maybe also when they released the first version with FLoC.

              And then I think these 2 (anti)features (even any of them alone) also qualify for invasions of privacy, and they are present in most of the chromium based browsers.

          • glhf@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Do you really think there is Google telemetry in all chromium based browsers? lol

        • barryamelton@lemmy.ml
          link
          fedilink
          English
          arrow-up
          9
          ·
          edit-2
          1 year ago

          Of course I have. I’ve never found any substantiation, which is why I’m asking. I use them every day so I would certainly like to know if there is, but the concerns I constantly see only apply to Chrome, and not Chromium-based browsers.

          Just run WIreshark against your Chromium then. Enjoy.

          This is specifically for the Chromium browser, not Chromium-based browsers. I know, it’s confusing. Chromium is basically just the open-sourced version of Chrome.

          Did you read the link I posted?

          Let me copy-paste directly from the Chromium office page for you then:

          Additional Information on Chromium, Google Chrome, and Privacy

          Features that communicate with Google made available through the compilation of code in Chromium are subject to the Google Privacy Policy.

          There, you have it. Now you can try moving more goalposts again, and provide excuses for them.

          This is yet another item attributed to Chrome and it’s users. You can totally create a Chromium fork that adheres to conventional standards.

          Nah it’s not. I’m talking about Google pushing and implementing IETF standards that hamstring privacy. They are open standards, but they are malicious. That a standard is open doesn’t mean is doing things that are not ethical.

          To me, it’s obvious that you don’t even want to look for proof. Why so hell-bent on taking the stance of a state-level billionare corporation built by extracting privacy from users? How do you think they got there?

          Or do you have something specific against the legal non-profit organization that is Mozilla?

          • HughJanus@lemmy.ml
            link
            fedilink
            English
            arrow-up
            6
            ·
            1 year ago

            To me it’s clear, based on your personal attacks, that you have no interest in an honest discussion so I will not engage with you further. Goodbye.

    • Space Sloth@feddit.dk
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      The mere fact that you’re forced to use a Google service for synchronicity between devices? Yes, Firefox has the same but i find them much more trustworthy.

      Give me a browser that allows for using a synchronization service of my own choice.

      Decentralize!

      • HughJanus@lemmy.ml
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        The mere fact that you’re forced to use a Google service for synchronicity between devices?

        Uh…was that supposed to be a question? If so, the answer is “no”.

    • deejay4am@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Probably more/better fingerprinting techniques for chromium engine browsers but I feel like if invasive telemetry was discovered in the open-source codebase of the chromium engine we’d hear about it.