shadow
/
SpywareWatchdog
26
104
Fork 37
Code Issues 39 Pull Requests 7 Releases Activity
Labels Milestones
New Issue

Please, review Bromite Browser #96

Open
opened 2 years ago by Iceberg · 6 comments
Iceberg commented 2 years ago

Bromite is a Chromium fork with ad blocking and privacy enhancements
(Open source, only android browser)

It has things like patches from other privacy oriented browsers / anti-fingerprinting mitigations

All Features:
https://github.com/bromite/bromite#features

Official Site:
https://www.bromite.org/

Bromite is a Chromium fork with ad blocking and privacy enhancements (Open source, only android browser) It has things like patches from other privacy oriented browsers / anti-fingerprinting mitigations All Features: https://github.com/bromite/bromite#features Official Site: https://www.bromite.org/
bromite.png
3.3 KiB
👍 1
baobab added the enhancement label 2 years ago
Ghost commented 1 year ago

My mini-research:

  • it uses google search engine as default
  • it takes adblocking filters from its website (https://bromite.org/filters/filters.dat)
  • makes a few DNS-requests to bookmarks on the homepage: bromite.org, chromium.org, eff.org, libera.chat.
  • downloads probably adblock list from bromite.org (only on first startup?). It downloaded 2,3 MB.
  • makes a few requests to bromite.org for something else

But it has it own F-Droid repo, looks smooth like default chrome browser and has built-in adblock.

I recommend open source PCAPdroid for MITM check. It don't need root, because it creates VPN.

My mini-research: * it uses google search engine as default * it takes adblocking filters from its website (<https://bromite.org/filters/filters.dat>) * makes a few DNS-requests to bookmarks on the homepage: bromite.org, chromium.org, eff.org, libera.chat. * downloads probably adblock list from bromite.org (only on first startup?). It downloaded 2,3 MB. * makes a few requests to bromite.org for something else But it has it own F-Droid repo, looks smooth like default chrome browser and has built-in adblock. I recommend open source [PCAPdroid](https://github.com/emanuele-f/PCAPdroid) for MITM check. It don't need root, because it creates VPN.
👍 1 🚀 1
Iceberg closed this issue 1 year ago
Iceberg reopened this issue 1 year ago
Iceberg commented 1 year ago
Poster

My mini-research:

  • it uses google search engine as default
  • it takes adblocking filters from its website (https://bromite.org/filters/filters.dat)
  • makes a few DNS-requests to bookmarks on the homepage: bromite.org, chromium.org, eff.org, libera.chat.
  • downloads probably adblock list from bromite.org (only on first startup?). It downloaded 2,3 MB.
  • makes a few requests to bromite.org for something else

But it has it own F-Droid repo, looks smooth like default chrome browser and has built-in adblock.

I recommend open source PCAPdroid for MITM check. It don't need root, because it creates VPN.

Thanks

> My mini-research: > > * it uses google search engine as default > * it takes adblocking filters from its website (<https://bromite.org/filters/filters.dat>) > * makes a few DNS-requests to bookmarks on the homepage: bromite.org, chromium.org, eff.org, libera.chat. > * downloads probably adblock list from bromite.org (only on first startup?). It downloaded 2,3 MB. > * makes a few requests to bromite.org for something else > > But it has it own F-Droid repo, looks smooth like default chrome browser and has built-in adblock. > > I recommend open source [PCAPdroid](https://github.com/emanuele-f/PCAPdroid) for MITM check. It don't need root, because it creates VPN. Thanks
anonymous commented 1 year ago
Owner

Bromite can be setup (by going through the graphical settings) to not make any weird connections.

Good app for testing connections:
https://f-droid.org/en/packages/org.secuso.privacyfriendlynetmonitor/

Bromite can be setup (by going through the graphical settings) to not make any weird connections. Good app for testing connections: https://f-droid.org/en/packages/org.secuso.privacyfriendlynetmonitor/
Narsil commented 12 months ago

As @rutriv said, Google search engine by default.
Automatic connection to bromite.org in order to update adblocking filters.
It also downloads homepage bookmarks.

No trackers embedded.

We could consider adding it with Low spyware level.

As @rutriv said, Google search engine by default. Automatic connection to bromite.org in order to update adblocking filters. It also downloads homepage bookmarks. No trackers embedded. We could consider adding it with Low spyware level.
anonymous commented 12 months ago
Owner

@Narsil Sounds good.

@Narsil Sounds good.
nazrin commented 4 months ago

Noting that they use Github (Microsoft) for hosting

https://www.bromite.org/privacy

Some aspects of interacting with the Bromite Project will involve the collection of personal information, namely:

browsing the Bromite Official Website, which is hosted on GitHub Pages
the automatic updates of subresource filters used for the AdBlocking functionality, enabled by default, which downloads a file hosted on GitHub Pages
the automatic check and update of Bromite itself, enabled by default, which checks for headers on a a file hosted on GitHub Project Releases and allows to download it
using the Bromite Official F-Droid repository

So all of these requests are logged and tracked. This killed any interest I had in it.

Noting that they use Github (Microsoft) for hosting https://www.bromite.org/privacy >Some aspects of interacting with the Bromite Project will involve the collection of personal information, namely: >browsing the Bromite Official Website, which is hosted on GitHub Pages >the automatic updates of subresource filters used for the AdBlocking functionality, enabled by default, which downloads a file hosted on GitHub Pages >the automatic check and update of Bromite itself, enabled by default, which checks for headers on a a file hosted on GitHub Project Releases and allows to download it >using the Bromite Official F-Droid repository So all of these requests are logged and tracked. This killed any interest I had in it.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Apply labels
Clear labels
bug
Something is not working critical
A massive change duplicate
This issue or pull request already exists enhancement
New feature help wanted
Need some help invalid
Something is wrong question
More information is needed wontfix
This won't be fixed
No Label bug critical duplicate enhancement help wanted invalid question wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Assignees
Assign users
Clear assignees
No Assignees
5 Participants
Notifications
Due Date

No due date set.

Dependencies

No dependencies set.

Reference: shadow/SpywareWatchdog#96
Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(<nil>)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes