hello friends! new(ish)!

Chromium

From InstallGentoo Wiki v2
Revision as of 19:48, 23 January 2017 by >Transience (→‎Notable forks: Add ungoogled-chromium)
Jump to navigation Jump to search
Note: try to keep this page up-to-date by updating the status of the extensions and patches.


Chromium
Software Chromium.png
Type Free
Layout engine Blink
Website

Chromium is a free and open source Web browser developed by Google and other contributors. It is known for its extremely fast JavaScript engine, multiprocess security model, and rapid development cycle.

When it was initially released, Chromium was vastly superior to the other major browsers in terms of performance, but this advantage gradually diminished in the years following its release as the other browsers caught up. Today, Chromium maintains an edge only in JavaScript performance and UI responsiveness.

Recently, Google forked the Apple-controlled Webkit project to give Chromium its own layout engine, Blink.

Google Chrome

The Google Chrome icon

Google Chrome is a proprietary sister project of Chromium developed by Google.

In addition to Chromium's usual set of features, it packages Google's 'Pepper' Flash plug-in, a Foxit-based in-line PDF reader, an automatic updater, and several controversial tracking capabilities. Due to the latter, it is commonly accused of being a botnet by the more security-conscious participants on /g/, for good reason.

Official release channels

  • Stable is targeted at most home and office users;
  • Beta;
  • Dev;
  • Canary is a bleeding-edge channel. Instability and vulnerabilities are to be expected.

Tracking details

Google Chrome's user tracking capabilities include, but are not necessarily limited to the following:

  • Installation: upon installation, Google Chrome sends a randomly generated token from the installer back to Google. This is used to measure the success rate of Chrome installations. This feature is non-optional.
  • RLZ identifier: an encoded string that, according to Google, contains non-identifying bits of information about where Chrome was downloaded from and when it was installed. It is transmitted to Google upon the first launch, first use of the address bar, and first Google search query. The collected information is used to measure the success of promotional campaigns. This feature is non-optional, but Google does provide the necessary source code to decode the string.
  • ClientID: a unique identifier coupled with user preferences, logs of usages metrics, and crashes. This feature is optional and disabled by default.
  • OmniBox predictions: any text typed into the address bar is sent to Google. This feature is optional, but enabled by default.
  • Page-not-found web service: upon receiving a server not found response, the query typed into the address bar is sent to Google. This feature is optional, but enabled by default.
  • Spell-checking web service: any text typed is transmitted to Google. This feature is optional and disabled by default.
  • Google update: data concerning the user's Chrome usage, operating system details, and Chrome version is transmitted to Google periodically. This feature is non-optional.

Notable forks

Iridium

Iridium is a FOSS fork of Chromium developed with security and privacy in mind. It generally uses the same Chromium version as Chrome stable. For a list of differences between it and Chromium, see this.

Sleipnir

Sleipnir is a proprietary, Windows/OSX exclusive fork whose sole purpose is to fix Chromium's broken font rendering.

ungoogled-chromium

ungoogled-chromium is a Chromium fork built with privacy as a top priority, with Google's privacy invading aspects stripped out of the browser. It's free and open source, leveraging some patch sets from the Iridium browser. It has taken off rather quickly on /g/ and no one is wasting their time meming it. The only real drawback is that extensions cannot be installed automatically from the Chrome Web Store, requiring you download the .crx file and then drag it into chrome://extensions to install it. A workaround is install a userscript that adds the option to download the .crx file from the Chrome Web Store.

Tags

Active.png — Development process is active.

Slow.png — Development process is slow. Software is mature enough to warrant less frequent updates, unless it comes with a "buggy" tag.

Stalled.png — Software isn't updated regularly. Mostly fine unless it comes with a buggy tag.

Buggy.png — Comes with a significant amount of bugs, possibly due to slow, or non-existent development.

Notable extensions

Adblocking, privacy, and security

Editthiscookie.png EditThisCookie Stalled.png

EditThisCookie is a great cookie manager for Chromium.

Httpseverywhere.png HTTPS-Everywhere Active.png

HTTPS Everywhere is maintained by the Electronic Frontier Foundation. It forces supported sites to prefer secure connections. This does occasionally cause problems, so the option to enable or disable the extension on a per-site basis is included.

UBlock.png uBlock Origin Active.png

uBlock Origin is a lightweight and low-resource adblocker. Has many filter lists built in, with EasyList, Peter Lowe’s Ad server list, EasyPrivacy, and Malware domains enabled by default.

  • Not to be confused with 'uBlock', an EXTREMELY outdated fork with some very slight changes to the UI.
  • If you feel bad about blocking advertisements, make a deal with yourself: you'll stop blocking ads when major international internet companies stop serving malware.

Ws.png uBO-WebSocket Active.png

uBO-WebSocket is a companion extension for Chromium-based browsers to expose websocket connections to uBlock Origin.

UMatrix.png uMatrix Slow.png

uMatrix's fine-grained control

uMatrix, made by the creator of uBlock, is a high performance matrix-based firewall that supports hosts files, capable of blocking a myriad of objects, complete with per-hostname and global toggles, as well as plenty of privacy oriented features. Can be used with uBlock.


Warning: it should be noted that while popular, the Hola VPN extension is a proven botnet (in the real, non-slang sense of the word), and should be avoided at all costs. See this site for more information.

Usability

Apng.png APNG Stalled.png

APNG is for those who want to seek enlightenment to the open source masterrace animated PNG. Good for when you go to the few corners of the web that actually use these things.

Updater.png Chromium Updater Active.png

Chromium Updater allows Windows and GNU/Linux users to conveniently identify, download, and install the latest Chromium build. It may not be as seamless or convenient as the automatic updates in Comodo Dragon and Google Chrome, but it does get the job done. Obviously, it should only be used with Chromium.

Pdfjs.png PDF Viewer Slow.png

PDF Viewer adds PDF.js, the free and open source HTML5 PDF reader found in Firefox and Chromium.

Stylish.png Stylish Active.png

Stylish allows the user to apply custom visual styles to Websites, internal browser pages, and more.

Tampermonkey.png Tampermonkey Active.png

Tampermonkey adds a proper user script manager to Chromium. While it is certainly possible to install user scripts as Chromium extensions without this extension, it makes managing them much more convenient.

Notable patches

The ungoogled-chromium repository contains a myriad of patches that you can apply on top of Chromium in order to harden it, remove Google from your browser, or both.

Tip: should you want to apply all of them, this is the order you should follow. Ideally, you should use the scripts provided by Eloston.

Do take into account patches are modular and you do not have to use ALL of them, though you should still follow the order.

Debian Stalled.png

This patchset is rather simple and only aims to remove a few minor annoyances.

  • Removes a few annoying warnings (e.g. default browser, the google API key warning when those aren't found, and so on);
  • Disables the ad promo system;
  • Increases GPU timeout from 10 seconds to 20;
  • Adds PostScript printing support.

Inox-patchset Slow.png

This patchset removes various Google services that you are unlikely to (/want to) use.

  • Hardens the sandbox with Position Independent Code (PIE) against ROP exploits;
  • Aesthetic fixes: removes branding, restores the old “new tab page”, as new one calls home, as well as Google's new Avatar and sign-in menu;
  • Changes default search engine to DuckDuckGo (you should and can easily change this to StartPage);
  • Disables default extensions you are unlikely to use: Hotword, Google Now, Google Feedback, Cloud Print, Google Webstore (you will have to install extensions manually, by drag-and-dropping), Network Speech synthesis, and Google Hangout;
  • Disables multiple calls to Google servers: saved form data is no longer transmitted to Google, Chromium will no longer ping Google to provide the closest Google server to you, to check if IPv6 is available, or just ping Google in general.

Iridium-browser Slow.png

These are the patches used on top of Chromium to create the Iridium Browser. If this is the only patchset you want to use, it will be significantly easier to simply go to their website and grab their binary, although you are certainly welcome to build it manually.

Warning: it is not recommended that you apply every single patch here; though most are safe to apply, others are dubious and one instance immediately comes to mind: it forces the browser to always send a “Do-Not-Track” header, when you would arguably blend in better by not sending anything to begin with.

Ungoogled-chromium Slow.png

The ungoogled-chromium patchset aims to further remove Google's intrusive features, mostly by removing additional detection of Google hosts, debloating the Omnibox, amongst other things. Most of ungoogled-chromium patches are mostly preference-based and will not significantly alter the way you browse, or the way the browser behaves.

For a more comprehensive list, see this.

VAAPI acceleration Slow.png

There is a VAAPI implementation for ChromeOS, despite the fact the Chromium team insists its unstable on Linux, so this patch will enable it.

Bugs

  • Youtube uses VP8/9 most of the time, which is not hardware accelerated.

Tweaks and Fixes

Reducing RAM Usage

Enabling Process per Site

By default Chrom* heavily isolates each tab regardless of it's domain. While doing this arguably improves security by some extent, downside is that as number of tabs increase, the RAM bloat due to duplication reaches absurd levels. This can end up with Chrom* using >4.5GB of RAM on a machine with 8GB thus preventing other heavy programs from running at the same time. This can be fixed by making Chrom* use one process per site/domain and not per tab. This greatly reduces RAM bloat while (probably) not sacrificing much from security. Use the following command-line argument:

chromium --process-per-site

For more details go here.

Suspending unneeded tabs

If you have tabs sitting around that you don't really actively need, you can unload them using The Great Suspender.

Fixing GPU hardware acceleration on Linux

In order to see if GPU acceleration is available, go to chrome://gpu. If it isn't, simply launch Chromium with the flag --ignore-gpu-blacklist, or enable Override software rendering list in chrome://flags, to fix it.

Fixing touchscreen on Linux

If your device runs Linux and has a touchscreen, you probably noticed that, by default, Chrom* completely ignores touch events. To make Chrom* use your touchscreen, you first need to find your input device ID:

xinput list

Find the ID of "Virtual core pointer", let's take for example id=2. Now run Chrom* with the following argument:

chromium --touch-devices=2

If ID of "Virtual core pointer" doesn't work, try the ID of touchscreen device.

KDialog freezes

Launch with the following environment variable:

NO_CHROME_KDE_FILE_DIALOG=1 chromium

Installing extensions

... that require a Google account.

Certain extensions demand that the user login to a Google account to install them from the Chrome Web Store, but a workaround exists. However, there is a weakness: the extension cannot be automatically updated.

  1. In this example, we will be using the Google Drive extension https://chrome.google.com/webstore/detail/google-drive/apdfllckaahabafndbhieahigkjlhalf);
  2. Locate its ID: the apparent gibberish following the extension's name in the URL which, in our example, happens to be apdfllckaahabafndbhieahigkjlhalf;
  3. Insert it in place of the bracketed statement in the following URL: https://clients2.google.com/service/update2/crx?response=redirect&x=id%3D[Your ID Goes Here]%26uc;
  4. In our example, the final URL is: https://clients2.google.com/service/update2/crx?response=redirect&x=id%3Dapdfllckaahabafndbhieahigkjlhalf%26uc;
  5. Now we must open it in a new tab and save the offered CRX file to a convenient location;
  6. Unfortunately, the file will not work for us as is, since we are not installing from the Chrome Web Store, so, to work around this problem, we must extract the contents of the CRX file to a folder with an archiver like 7zip;
  7. Now, we must enable 'developer mode' on the extensions page and load the folder as an unpacked extension.

Provided everything went according to plan, we should have have a working extension.

External links