Open graphixillusion opened 7 months ago
are you sure it doesn't work? i don't think i have modified anything about it (although I am pleased that it does not work :) the problem is that there is nothing in windows to protect the profile folder from external tampering, only, precisely, encryption of important data with Windows user-related encryption. the only possibility would be to produce another executable (with another icon, to be clear), which is less secure by default. One would need to understand how much this mode is used, I would not use it for example.
I have tested several times including last version and while everything it's working under ungoogledchromium, it doesn't work in Cromite. Clean install in both situation. I know and i'm agree with yout about security but sadly this is the only way to move stuff arounds without a sync mechanism.
ah, now I understand. that flag doesn't exist in chromium, it's an ungoogled specific patch!
thanks! that's exactly what i wish it was never done, which is to inject dll into cromite. but does it work?
now that i know it can be done, i will try to make it no longer possible.
I didn't try that because my Cromite profile was already encrypted due to the lack of --disable-encryption. This profile is somehow corrupted and can't be fully restored; this is a significant problem. It's not just about another computer; let's say you perform a clean install of Windows, then suddenly, all your passwords, extensions, and settings disappear and cannot be restored in any way. It only keeps your history, bookmarks, and open tabs. Additionally, I encountered other strange issues, such as being unable to add any passwords.
In summary, if you want to install a new OS, Google forces you to use an account for syncing, which goes against your privacy.
For the above reasons, I switched back to Ungoogled Chromium and gave it another try. The results show that fingerprinting is slightly better than Cromite too.
let's say you perform a clean install of Windows, then suddenly, all your passwords, extensions, and settings disappear and cannot be restored in any way.
of course, I realise, it's a big problem. that's why I also use keepass in windows.
Google forces you to use an account for syncing, which goes against your privacy.
theoretically, if you enter the passphrase in google sync, the data is indecipherable (chromium uses nigori, but I'm not a mathematician so I'm just going by what I read).
The results show that fingerprinting is slightly better than Cromite too.
I like comparisons. if you want to open a discussion on the subject, I would be happy to engage in it.
I also use KeePass. My main browser is LibreWolf, but I use Chrome-based browsers as secondary, which means I don't have as many passwords to manage. Additionally, I have backups of these passwords. I already knew that Chrome encrypts profiles by default, but there were two switches for disabling it. So, I didn't encounter any problems until I migrated from Ungoogled to Cromite. Then, for about a year, I thought that Cromite supported these switches too. It was only after reinstalling Windows that I came to realize my mistake. Additionally, Cromite is my main browser on phone (I didn't store anything on the phone, so there is no issue). Overall, this is not a big problem for me, but I believe it could be a big problem for average users. Also, it limits me to using only Ungoogled, whereas I enjoy trying various options and choosing the best one. Therefore, this limitation is somewhat annoying.
For comparison, I don't have enough free time to reproduce the situation in every case, so please excuse me if I can't open a new discussion. However, you can test both Cromite and Ungoogled with the Ublock (Medium mode) and Spoof Timezone on these tests: CoverYourTracks AmiUnique As I said , they are similar, but Ungoogled performed slightly better in resolution and font for me.
Btw, are you going to implement the portable patch in Cromite or there are problems doing it?
thanks! that's exactly what i wish it was never done, which is to inject dll into cromite. but does it work?
now that i know it can be done, i will try to make it no longer possible.
Can there be a [portable] file recognition of a portable mode in the program folder like a CentBrowser?
The following is the portable version of the self -decomposition compression file. You can also use 7Z to manually decompress https://static.centbrowser.com/win_stable/5.1.1130.129/centbrowser_5.1.1130.129_portable.exe
Preliminary checklist
Can the bug be reproduced with corresponding Chromium version?
No
Are you sure?
Yes
Cromite version
123.0.6312.122
Device architecture
x64
Platform version
Windows 10
Android Device model
Windows 10
Is the device rooted?
No
Changed flags
no flags changed
Is this bug happening in an incognito tab?
No
Is this bug caused by the adblocker?
No
Is this bug a crash?
no
Describe the bug
As the title says i'm running cromite with these two flags for enable portable mode but when i move the folder into another computer, all the extensions, cookies and everything else are gone. You need to install the extensions again for make them show up again.
Steps to reproduce the bug
Start cromite with these flags: --user-data-dir=..\profile --disable-machine-id --disable-encryption
Install some extensions
Move cromite folder to another system
Expected behavior
Extensions, cookies and everything else should be keeped correctly on the new system.
Screenshots
No response