search

gab-ai-inc / defiant-browser

Welcome to the free speech Internet.
Mozilla Public License 2.0
108 stars 24 forks source link

Version Update (Outdated Chromium and Brave Version) #52

Open ZandercraftGames opened 3 years ago

ZandercraftGames commented 3 years ago

Description

Dissenter is currently running on a fairly outdated build of Brave and Chromium (over one year old) and should really be updated as these version updates have provided vital security patches and bug fixes to both browsers. It is a security liability and a risk to run Dissenter browser at this time with it being so out of date. Some websites do not even support it anymore due to it's outdated build of Chromium.

Steps to Reproduce

  1. Download latest version
  2. Go to chrome://version (or dissenter://version/)
  3. See that version is not up to date with latest Chromium or Brave security patches, bug fixes, or feature updates.

Actual result:

Currently on Chromium version 80.0.3987.149 and hasn't been updated since 2020.

Expected result:

Dissenter really should update to the latest version of Brave, as it includes many security and bug fixes along with Chromium version updates that Dissenter simply is lacking on currently.

Reproduces how often:

All the time.

Brave version

Dissenter | 1.5.114 Chromium: 80.0.3987.149 (Official Build) (64-bit) Revision | 5f4eb224680e5d7dca88504586e9fd951840cac6-refs/branch-heads/3987_137@{#16} OS | Windows 10 OS Version 2009 (Build 19042.804)

Version/Channel Information:

Other Additional Information:

ZebulanStanphill commented 3 years ago

I was already a bit worried about the lack of security patches, but I thought it wasn't too big of a deal because of all the ad-blocking built-in by default. (That's not really a good excuse, though.) However, now I'm actually starting to run into broken CSS on websites, due to the usage of features that didn't exist yet in Chromium 80 (which Dissenter Browser 1.5.114, the latest release for Linux, is based on).

To provide a specific example of website breakage, the latest beta version of the WordPress block editor, Gutenberg, uses the CSS revert keyword in a lot of its editor styles now. Chromium added support for that keyword in version 84. The current version of Chromium is 89.

https://developer.mozilla.org/en-US/docs/Web/CSS/revert

I understand that the dev team has been busy with optimizing Social and the various other projects like TV, Chat, the Zoom alternative, and so on. For that reason I've been patient for several months now. But I think Dissenter Browser needs more maintenance than its been getting. Otherwise, I'm going to be forced to switch to Brave or Firefox.

I'd love to tell people to use Dissenter Browser, but I can't do so in good faith right now, because I'm not sure it even has a future. The Linux release hasn't received a single security update in months, let alone feature updates. It feels like it's been more or less abandoned, and for that reason, I'm increasingly hesitant to continue using it.

@freespeech4ever

ZandercraftGames commented 3 years ago

I was already a bit worried about the lack of security patches, but I thought it wasn't too big of a deal because of all the ad-blocking built-in by default. (That's not really a good excuse, though.) However, now I'm actually starting to run into broken CSS on websites, due to the usage of features that didn't exist yet in Chromium 80 (which Dissenter Browser 1.5.114, the latest release for Linux, is based on).

To provide a specific example of website breakage, the latest beta version of the WordPress block editor, Gutenberg, uses the CSS revert keyword in a lot of its editor styles now. Chromium added support for that keyword in version 84. The current version of Chromium is 89.

https://developer.mozilla.org/en-US/docs/Web/CSS/revert

I understand that the dev team has been busy with optimizing Social and the various other projects like TV, Chat, the Zoom alternative, and so on. For that reason I've been patient for several months now. But I think Dissenter Browser needs more maintenance than its been getting. Otherwise, I'm going to be forced to switch to Brave or Firefox.

I'd love to tell people to use Dissenter Browser, but I can't do so in good faith right now, because I'm not sure it even has a future. The Linux release hasn't received a single security update in months, let alone feature updates. It feels like it's been more or less abandoned, and for that reason, I'm increasingly hesitant to continue using it.

@freespeech4ever

I have actually moved over to Brave, due to its proper updating. I would love to see Dissenter actively updated too, but currently it is too dangerous to use.

In relation to the ad and tracker blocking, that wont stop virus and malware sites from using exploits (that have been known about for over a year now and patched in the latest versions of Brave and Chromium) to execute malicious code on your machine.

freespeech4ever commented 3 years ago

Though I still use it myself, I don't encourage people to use Dissenter right now. Unless we find someone else to take over the task of updating it, there's just not enough time to devote to it right now. Most people don't visit malware sites, the security concerns are likely overblown, but still, you're right. It will likely be 3-6 months before it would be possible to create a new version, based on what we're working on.

ZandercraftGames commented 3 years ago

Though I still use it myself, I don't encourage people to use Dissenter right now. Unless we find someone else to take over the task of updating it, there's just not enough time to devote to it right now. Most people don't visit malware sites, the security concerns are likely overblown, but still, you're right. It will likely be 3-6 months before it would be possible to create a new version, based on what we're working on.

I do agree with the fact that generally maintaining proper online security practices can avoid these kinds of things, however, an update is required when possible since certain people aren't as careful.

Thanks, however, for your response :D