Closed matsushita1918 closed 3 months ago
PF4Public
commented
4 months ago It would've been great if you could provide more information directly here instead of us needing to browse through the internet, translate web pages with expired certificates and so on.
matsushita1918
commented
4 months ago It would take a few mins to see these things, but I understand man, since I am the one sending these things, but yeah, the dsfc link can be translated easily, you dont have to look at that guys profile on reddit who linked his site on the original post, I just linked it so you'd have that information. The privacy test.org site is also a quick look too. It's only one page with a simple graph pitting browsers against each other, highlighting their strengths and weakness compared to each other, that is worth a look. You would understand quite a bit of that better than I which is why I sent it. You also dont have to view the other reddit link, as it was just point to where the original comment was from, where the guy linked his site... Really, the main point, what does he mean by ungoogled not being fully degoogled or by under windows in ipv6 its using the 1e100net Google servers this browser is not ungoogled.
Heres the blog post translated as well as the pictures. To start off Title of that blog post in english....
Ungoogled Chromium or your browsing data in the hands of Google Body of text beneath translates to this...
It was when I wanted to reuse Ungoogled Chromium under Windows that I realized some crippling oddities when using the latest version of this product. Although I had allowed the chrome.exe process to exit on ports TCP/80 and TCP/43, UDP/80 and UDP443 for the QUIC protocol, I still could not go to the Internet. I would like to point out that I am in IPv6: this may be important. This is where he started talking about process monitor. Process Monitor for analyzing packet outputs and returns After launching Process Monitor, and authorizing the HTTPS and QUIC protocols, I noticed in the properties of the events linked to browser activity that the packets were going to the par21s19-in-x03.1e100.net machine and coming back. A kind of proxy-firewall, in a way.
Under the process monitor screen grab he says this...
Address resolution by nslookup Then, I tried to resolve with nslookup this address referring to this on googles website.
After reading what that guy linked, they "Google" say its safe, but you know how big tech can be.... its probably just big corporate suit boiler plate bs.
The Google article in reference....
What is 1e100.net? 1e100.net is a Google-owned domain name used to identify the servers in our network.
Following standard industry practice, we make sure each IP address has a corresponding hostname. In October 2009, we started using a single domain name to identify our servers across all Google products, rather than use different product domains such as youtube.com, blogger.com, and google.com. We did this for two reasons: first, to keep things simpler, and second, to proactively improve security by protecting against potential threats such as cross-site scripting attacks.
Most typical Internet users will never see 1e100.net, but we picked a Googley name for it just in case (1e100 is scientific notation for 1 googol). Under where this article from Google was linked, he said this C:\Users\Administrator>nslookup par21s19-in-x03.1e100.net Server: localhost Address: ::1
After that that guy had this information
Name: par21s19-in-x03.1e100.net Address: 2a00:1450:4007:813::2003 Via the dbip site, I had confirmation that it was indeed After that he "I guess tracked things and found the server to be IP ADDRESS GEOLOCATION 2a00:1450:4007:813::2003 2a00:1450:4007:813::2003 is an IPv6 address owned by Google LLC and located in Dublin, Ireland
He said this as the conclusion Conclusion after the article
It is very curious that a version of Chromium supposed to free itself from the heavy supervision of its publisher sends all its requests to the servers of this same publisher. As it stands, I strongly recommend that you do not use Ungoogled Chromium until its designers offer an operation that takes into account the confidentiality of your browsing. I thought it might be an IPv6 support issue.
Below are the screenshots....
It would've been great if you could provide more information directly here instead of us needing to browse through the internet, translate web pages with expired certificates and so on.
Hope it is easy to read...
I guess he is saying that he would rather to have a setting to fix this, or maybe a flag that you could turn on to prevent this, or set it up so it doesn't do this and then he would be satisfied. As I said, just wanted to bring this post to your attention. I really do like ungoogled and find it to be the lightest browser available. According to https://privacytests.org/ "which I hope you and others here can take a peak at which only would be a minute of your time" it seems to score fairly well when stacked against others. But, I was wondering if there would be a way for yall to absolutely destroy every other browser there in terms of still keeping it fairly light but pass all their testing too to make it more secure. Ofc without using tor as I think that is unnecessary when users could just subscribe to a proper VPN. About the privacy test site, I see ungoogled doesn't rate well at all on the 'Fingerprinting resistance tests' or 'Tracking query parameter tests" compared to others there, but that 2nd one, I would image could be improved with something like Decentraleyes which I have already and ublockorigin, along with malwarebytes browser guard. Those three of which hardly increase ungoogled's memory footprint. Also have some of the finger printing & canvas deception flags turned on too. But I doubt it would account for much.
PF4Public
commented
4 months ago It would take a few mins to see these things
Have you attempted changing chrome://flags/#set-ipv6-probe-false?
The privacy test.org site […] is worth a look.
Do you have anything particular on your mind? Otherwise it is to broad to even consider and act upon.
matsushita1918
commented
4 months ago Would that remove ungoogled access to 1e100net Google server that he talks about, from the way he makes it sound, that's spying on ungoogled. Would it be possible for you guys to allow users to remove access to this by choice, from my understanding, Google can still mine your data though it, so seeing if its possible to have a setting to turn it off would be great, unless I've read his analysis incorrectly. What would that flag you talked about do. Lastly, It would also be awesome if it were possible to increase ungoogled ability to resist finger printing, even if just a bit more. But I understand that might be difficult, so if the finger printing thing is too broad, it's all good, the first issue is that server. Still appreciative of the hard work you guys put into this and whatever you can do with some of this info and also willing to take the time to read my posts, though, I do wanna make that clear, as I do use this browser every day, on Linux with flatpak and on windows. One thing I notice is especially in the open source community, yall dont get treated as well as you should by end users which pusses me off, well some end users specifically, get up their own ass which always did irritate me, because maintaining this ain't easy, and the pressure behind it is probably insane, as people use this as a daily driver. people don't take the time to give credit where it is due and they just expect certain things but dont try to appreciate how much time these things take. But everyone that does use this browser every day does appreciate it, especially because it is another way to stick it to the man! Not a programmer, but can appreciate it.
PF4Public
commented
4 months ago Would that remove ungoogled access to 1e100net Google server that he talks about, from the way he makes it sound, that's spying on ungoogled.
Would you accept the possibility him being wrong? :)
Would it be possible for you guys to allow users to remove access to this by choice
Have you attempted changing chrome://flags/#set-ipv6-probe-false?
from my understanding, Google can still mine your data though it
What exactly makes you think it is that way?
unless I've read his analysis incorrectly
… or it being not comprehensive enough ;)
What would that flag you talked about do.
Lastly, It would also be awesome if it were possible to increase ungoogled ability to resist finger printing, even if just a bit more.
Do you have anything particular on your mind? Otherwise it is to broad to even consider and act upon. We already have a decent amount of anti-fingerprinting measures. You can learn more about that in docs.
Still appreciative of the hard work you guys put into this
I am [we are] pleased to hear that!
yall dont get treated as well as you should by end users […] maintaining this ain't easy, and the pressure behind it is probably insane, as people use this as a daily driver. people don't take the time to give credit where it is due and they just expect certain things but dont try to appreciate how much time these things take.
It is indeed sad. It's a pity that those people are the loudest, but we should always remember that there are also grateful people, who prefer keeping silent, which should motivate us to continue.
as people use this as a daily driver
This is the ultimate goal in order to improve overall awareness of the privacy and security issues associated with modern Internet.
matsushita1918
commented
4 months ago yeah I accept it, really, I just looked up that tester site and seen that other browsers seem to protect better according to the graphs, ill admit that I know a bit more than the average user, but not to this level. I just thought it was interesting that a few other browsers score a bit better according to that site, you're right in that I could also see now things being too broad and too time consuming. So I assume that French dude was wrong too. From my understanding ipv6 is more secure than 4, I just thought that if it was true that, data was being sent to that Google server it would be a privacy issue, idk, just don't trust big tech. Since these arnt as a big deal like I was thinking. This would be a request now, One feature that I'd like to request is to be able to easily setup a ram disk cache without a third party tool like how Firefox has in its flags for ungoogled. Sure the storage isn't persistent. But I will say that I did notice a speed bump when preventing Firefox to writing to my drive and only working in ram even with an ssd, it would be cool to see something baked in to ungoogled like that. So thats pretty much it man. I appreciate your time. Also have all the fingerprinting and canvas stuff enabled, also bounce tracking mitigations, Anonymize local IPs exposed by WebRTC. Enable mitigation algorithm for rate obfuscation in compute pressure, Fingerprinting Protection Blocklist, hardware secure encrypt. Disable GREASE for TLS, has not had problems with all that really, it would've scored better on those test had those things been enabled, they probably only tested out of the box experience. Also have reduced system info and remove client hints on too. I have popup to tabs enabled, then have a tab limiter extension turned on with a set number of tabs, it allow me to set perw window how many, or max total tabs, so I get a popup, it closes it immediately, Full screen popups disabled too, a few other things. Had these things enabled for a long time. Keep up the good work.
github-actions[bot]
commented
3 months ago This issue has been automatically marked as stale as there has been no recent activity in response to our request for more information. Please respond so that we can proceed with this issue.
github-actions[bot]
commented
3 months ago This issue has been automatically closed as sufficient information hasn't been provided on the issue for further actions to be taken. Feel free to add more information.
So a comment on this post https://www.reddit.com/r/browsers/comments/180581r/is_ungoogledchromium_a_safesecure_browser_to_use/ at the very bottom user bloginfo has said the following and provided this link https://www.dsfc.net/internet/navigateurs/ungoogled-chromium-ou-vos-donnees-de-navigation-dans-les-mains-de-google/ My post is in French. But you can translate. ;+) under windows in ipv6 its using the 1e100net Google servers this browser is not ungoogled
So I guess you'll have to translate from French to whatever language you speak, but he claiming that this browser isn't as locked down or whatever, I have no means to test as I am not a programmer, but this is the reddit users account https://www.reddit.com/user/bloginfo/ his blog site website seems to be fairly detailed on the issue with screenshots and all that. Regardless, I really appreciate all the hard work you all do, you all who work on this in your free time are doing a fantastic service for the people, but I just wanted to bring this to y'alls attention. I also seen yalls browser pitted against others on https://privacytests.org/ not sure if the data here could help you guys or not, but I wanted to include it anyway that maybe some of the information here could help you guys.