Hacker News new | past | comments | ask | show | jobs | submit login
Google Chromium, sans integration with Google (ungoogled-software.github.io)
376 points by thunderbong on Nov 29, 2021 | hide | past | favorite | 306 comments

I really hope the privacy-conscious people downloading this aren't just downloading these binary blobs and instead compiling it from source. Especially after seeing this disclaimer on their download page:

>>>IMPORTANT: These binaries are provided by anyone who are willing to build and submit them. Because these binaries are not necessarily reproducible, authenticity cannot be guaranteed. For your consideration, each download page lists the GitHub user that submitted those binaries.

Well that's the thing - I'm not willing to build them. I wouldn't know where to start, even. And no ambition to learn, whilst Firefox and uBlock keep going. Seriously why should I? Maybe someone more able than I can share their knowledge with a pointer to a guide that says why this is better than what I have, and how to get it running on my Windows box.

My current position is to step wide and rather carefully around anything by/from Google.

Just use brave. I don't get why people are still trying to split off a new no-Google pro privacy chromium when there is a Very good option already. If people pushed to help brave even better we would be in a very good world

Brave shills cryptoshit at me, and Mozilla shills VPNs at me. Chrome is from an ad company. All three set off my sleaze alarm. What a sad state of affairs.

If Brave and Firefox are in the same league as Chrome for you your sleaze alarm is a very very bad guide to the modern world and seriously needs upgrading.

There are different levels of sleaze; I use firefox not chrome so don't try to put words into my mouth. While firefox may be a better choice than the other two, that's not saying much and Mozilla is very sleazy. If you don't see that, maybe you're acclimatized to it.

> While firefox may be a better choice than the other two, that's not saying much and Mozilla is very sleazy.

Rather than take such statements at face value, here's an example of one such instance that probably hurts its credibility: https://calpaterson.com/mozilla.html

Also, they're not exactly a world apart from Google in some respects either, for example: https://killedbymozilla.com/ vs https://killedbygoogle.com/ (though i guess the amount of projects also illustrates the difference in their sizes)

However, that's not to say that we even have many viable alternatives to Firefox either: https://batsov.com/articles/2021/11/28/firefox-is-the-only-a...

Personally, i think that we're past the peak of Firefox and are currently in the midst of it fading away, which i expect will come to its conclusion in the following decade. Apart from that, we basically have just a bunch of browsers that are all similar to Chromium.

Essentially, Chrome will have probably lived long enough to kill IE by becoming the next IE.

Who knows where the web standards will go when there will only be Google backed browsers: https://mozilla.github.io/standards-positions/

How do you recommend Mozilla generates the millions in revenue necessary to develop a browser?

In Brave you can just turn the adds off. They're optional for if you want to earn their token.

You're still supporting the cryptocurrency ecosystem by using it though. It's not completely unreasonable to want to avoid doing that if you're opposed to cryptocurrencies in a wider context.

You can do that but they will eventually add a new ad.

One day they added a small widget to buy crypto in the new tab page. That was the breaking point for me. Like it happened with Firefox ads, I started to understand that Brave was working against me too.

Brave even in the discussion is atleast a big improvement in affairs. I couldn't name a single chromium privacy fork from 5 years ago or whenever they started.

It's also like a few clicks to turn off brave settings. It's less setup for brave than I go through on any new video game settings lol

Yes, high-quality free products tend to try to find ways to fund themselves that involve appeals to their users. It's beyond ludicrous to find this a "sad state of affairs".

If only there was some sort of "free high quality product" operating system that existed and proved this asinine defense of capitalism wrong

That'd be nice.

But all we got is Linux on the desktop...

Comedy is truth and pain.

>If only there was some sort of "free high quality product" operating system that existed and proved this asinine defense of capitalism wrong

The only reason Linux is popular on servers is because it has huge corporate sponsorship. Big players figured it it's more beneficial for their bottom line to commoditize the backend infrastructure and invest in OSS. Same is happening with developer tools.

It's not happening with anything consumer facing because everyone wants to take their angle at capitalising on the market. I can't think of quality user facing OSS that isn't aimed at developers or isn't trying to capitalise on the users somehow. Scratch that - blender is the only one I can think of - these guys are an amazing exception.

Keepass, Calibre, and 7-zip come to mind.

I won't argue these projects aren't quality because they certainly do the job, but they obviously lack polish of commercial software. Eg. despite looking into kepass I still chose to pay for 1password, just for the convenience.

VLC and OBS as well.

VLC is a good point I forgot about it. AFAIK OBS is sponsored by streaming platforms - I think it's another case of comoditizing the infrastructure.

Another free product is the online dictionary! You may want to look up the word "tend", and the lack of universality it implies.

I use Edge. It works on Windows, Linux and Android.

This is the worst option, Microsoft has consistently show they have the lowest ethical standards when it comes to products like Edge. They packed in a 3rd party payment tool in the browser ! It's like browser with crapware built in.

The only reason they aren't worse than Google is that they've been so shit at capturing the market share they don't get to make the same kind of moves, but Bing/Edge are not good alternatives for Google/Chrome.

I'm not one of those people that screams "M$ evil boooo", I actually use .NET day-to-day on a current project. But they have a really shit track record on Edge, it's the first browser I would avoid.

Your M$ evil boooo mentality is somewhat out of date.

Microsoft is making great strides in open source and Linux. A decade ago, you wouldn't have believed MS would publish SQL Server for Linux, release something as great as VS Code, create Windows Subsystem for Linux (and Android soon), acquire npm and github and make them better rather than destroying them, etc.

Your "Microsoft <3's open source" mentality is also out of date[1][2][3].

[1] https://news.ycombinator.com/item?id=28975856

[2] https://keivan.io/the-day-appget-died/

[3] https://news.ycombinator.com/item?id=28794352

What 3rd party payment? I enjoy Edge because it blocks ads on Android, supports Chrome extensions and it is not controlled by Google.

There was a post here recently about it [1]. After shipping this with browser I would have 0 trust in this product.

I gave up on Edge because it didn't support uBlock origin on Android, I view bundled add blockers as just another way for the browser to block competition while still serving you their own "respectful" ads.

[1] https://www.xda-developers.com/microsoft-edge-buy-now-pay-la...

Edge is a quality product, but sadly a privacy disaster. Their new tab page is chatty as hell, they do run their own sync backend, but that backend is not fully end to end encrypted, only some data types are. Their session IDs are hardware-based, while many other browsers' are more transient (some don't persist across browser restarts, some do).


I've started using Vivaldi to break away from Chrome because the features just drew me in. It has a its quirks and flaws, but I really like it!

Ungoogled Chromium isn't new. It predates Brave by years. And Brave is funded by advertising, just like Google. (In theory, at least, if the company becomes self-sustaining.) I'm not sure why we needed to add cryptocurrency to that formula.

I only use Brave for Google properties like gMaps and Google Translate (which never work quite right in FF for me), but you don't have to turn on any of the crypto stuff if you don't want to, I keep it all disabled.

I don't have a problem with ads, I have a problem with tracking and profile building.

The problem is that Brave, Edge, Chromium, Vivaldi and everything else are not "split from Chrome". They are in sync in Chrome and just add their gimmics to every new Chrome change. There is zero point in using any of them if the target is to dethrone Google from their monopoly. The real "split from Chrome" browser is for example Safari - Safari and Chrome go back to the same Webkit but went different ways, with different decisions and different codebase. Brave is just a clone of Chrome with bells and whistles. Not very brave, just saying :)

You think Ungoogled Chromium is more split than Brave is? Or are you not replying to what the parent said?

Well, if I took all the brave features out of brave, it might then be reasonable to use.

Brave is done a lot of sleazy shit in the past, I clouding redirecting all Amazon links to their own Amazon referrals etc. They're hardly the knight in shining armour HN makes them out to be.

I'm curious why Brave crashes on CalyxOS (degoogled Android) any time I try to view my wallet balance.

Likely due to SafetyNet API not being supported on that platform. I think this is captured with https://github.com/brave/brave-browser/issues/15344

Why the hell does a web browser implement SafetyNet?!? The one and only justifiable use for SafetyNet that I've seen is Snapchat - everything else has been a net negative...

If a user has Brave Rewards and ads enabled and gets an ad grant at the end of the month, SafetyNet is one measure used to help filter out fraudsters. The absence of it shouldn't cause a crash though

It's DRM that ensures only Google-approved platforms can run Android apps.

Thanks for the info! Very disappointing that Brave markets themselves as a degoogled browser, but depends on Google Play Services.

Brave is also based on the Chromium engine, and using any Chromium based browser would work against open web standards.

So you say your current position is to be rather carefully around anything by/from Google, but you trust Internet randos to build the binary of the browser you use?


Firefox is a well-known project that I've followed for one and a half decade, with roots much older than that and an established an well-known governance structure. I'd certainly trust them as much if not more than Google.

Unlike this project, which is very much from "internet randos"

> with roots much older than that and an established an well-known governance structure

such a well-known governance that keeps putting back telemetry and ads when users dont want them.

The term "telemetry" can mean anything from automatic crash reports to click tracking to transmitting your browsing history along with your social security number. Google is far closer to the end of that spectrum, Mozilla is somewhere in the lower first half.

As for ads - where? I haven't seen any and I've been using Firefox on multiple platforms for many years.

Both ends of the telemetry spectrum are evil, explicitly because the term means nothing except "data about you".

That's...not what telemetry means...

Even if it did, we're again back at the point of "X is a spectrum". "evil" is a spectrum which, according to you, includes anonymous crash reports and then goes on to include serial killers and war criminals. Even then, anonymised usage data used to guide development is far less evil than collecting highly personal and identifying data and using it for targeted psychological manipulation to get you to buy things.

I get it, Mozilla isn't the poster child FLOSS org that we'd like it to be, but it's still orders of magnitude better than the competition.

> the term means nothing except "data about you".

No, crash reports are primarily data about the program, with very little if anything about you.

Very few applications take pains to make sure no personal information is submitted in crash dumps. Generally it is just a bald memory dump that you're supposed to ship out - definitely not a good idea if you care about your privacy.

So they will do stuff like show you ads. They won't do stuff like steal your credit card details, passwords, or identity which an internet rando might do.

Mozilla has tested our patience with Pocket, a horrible service that’s more or less abused by Moz.

Is a pre-installed clipboard addon somehow as bag as siphoning all your private data and browsing habits? I don't think we're comparing equivalent evils here. It's also easy to not use Pocket.

Yes, there's a lot to be desired with Mozilla, and I don't think they do a particularly good job. With "I trust them as much if not more than Google" I wasn't setting a particularly high bar.

i read that as "why bother with a hacked up chromium when i can just use firefox"

Point being that you're always trusting somebody.

"Reflections on Trusting Trust": https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...

And even if you go Full OpenBSD, you're still relying on some chip microcode and BIOS that you bought sight-unseen.

So, unless the Free Software Foundation staffs its own fab staffed by angels, the best we can do is minimize risk.

Wisdom of crowds though — there's enough eyes on the stuff built by "internet randos" over at Mozilla to have a larger level of trust in it Vs an unknown fork of Chromium

Do you trust Internet randos to build the binaries of the compilers you use to compile the Chromium source code? How deep do we need to go?

If you really want to blow your mind you can go all the way back to stage0[0].

A more practical depth would be to bootstrap with GNU Mes, which is a source based bootstrapping path, that begins with a tiny scheme interpreter (~5000 LOC of simple C) and a C compiler written in scheme that are mutually self-hosting.

These tools can compile a slightly patched version of TinyCC that is self-hosting. Using this C compiler you can bootstrap a bunch of gnutools (glibc, binutils, gcc) and using these tools you can bootstrap a full Guix Linux distro.

[0]: https://github.com/oriansj/stage0

The bootstrapping process that GCC uses is as follows:

stage 1: build from source using your existing compiler

stage 2: build again from source using the compiler you just built

stage 3: (just for checking): build a stage 3 compiler from the stage 2 compiler. Verify that it is byte-for-byte identical.

extra stages for the paranoid: repeat the process with a different starting compiler, as unrelated as possible. Again, verify that the output is bit-for-bit identical. You then know either that you're good, that the compiler reflects the source, or both starting compilers have the same devious hidden hack, perhaps courtesy of Ken Thompson himself.

GNU Mes achieves that paranoid step: once you verify with GNU Mes that you get the same bits, you don't really have to do this ever again, because you can certify that the compiler you get is reproducible from source and has no tricks.

> So you say your current position is to be rather carefully around anything by/from Google, but you trust Internet randos to build the binary of the browser you use?

How did you come to this conclusion when they stated that they'd rather use Firefox? Or are you saying Mozilla are the internet randos?

Why not? I trust internet randos to build the binaries of (linux) OSes I use. It’s not like I know the folks who compiled the Ubuntu or Manjaro LiveCD from Adam.

Wouldn't you trust randos with nothing in common but trying to build an open browser vs a corporation who mission is to gather information from you via your browser?

Sounds a little crazy not to trust them.

The trust is in different areas. The risk that Google would ship something that steals your passwords, addresses, or credit card information and does anything harmful with it besides ad targeting is basically zero. You know what you're getting with Google for the most part. The risk in the case of downloading random binaries is they may actually steal your information and cause real harm beyond ad targeting.

If you want chromium without Google there are several options such as Edge, Opera, Brave and probably a dozen more I've never heard of.

I trust that Google will abuse my personal information for monetary gain via advertising. I also trust that their compiled versions of Chrome will not be a ticking time bomb of ransomware.

On the other hand, I simply don't trust internet randos, much less to install their binaries.

And it seems like a third option of Firefox w/ uBlock is less bad than either of the above.

No, unless I misunderstand them, they're saying they make do with Firefox and uBlock. They're not saying they will download the rando binary.

If you don’t use ungoogled-chromium, you’re presumably not downloading and running community-provided non-reproducible binary blobs of ungoogled-chromium, so you don’t need to learn to compile them from source instead. That’s what the comment was about.

Have some fun, make your own delta script. Download only what you need, recompile!

I like LibreFox.

https://www.basilisk-browser.org/ and https://www.gnu.org/software/gnuzilla/ are also nice, depending on which OS you're on

I'm a waterfoxer, myself. Unmozillad Firefox. I'm going to unwaterfox the shit out of that browser if they start acting up.

someone should setup some bare shell sandbox called "build your own chromium"


Could that be straight running the CI build image on your machine ?


Considerably more trustworthy binaries are available for Arch, Debian, and Fedora through OpenSUSE's Open Build Service. Arch binaries are also reproducible.




NixOS has it packaged, reproducibly I presume? https://github.com/NixOS/nixpkgs/blob/8a308775674e178495767d...

Took a few hours to compile on a ryzen 2600.

Worth it until the next "update", I think.

Chromium security patches usually don't require a full recompile. Usually an incremental build will just take 30 seconds or so. Obviously that still means you need 100GB spare for the working directory.

Does Chromium have `make -j$(nproc)` or equivalent? Because a few hours on a fairly recent processor with a whole bunch of cores sounds long.

Not GP, I am a Gentoo user that compiles ungoogled-chromium from source. I have a 16-core AMD CPU.

Despite that, it takes 4-8 hours to compile, due to two factors: 40,000+ separate targets, of which most are C++ files (famously slow to compile anyway).

And yes, 40,000+ separate targets is no exaggeration; ninja's first run claims about 18,000 targets, and after it finishes those, it generates a second ninja file that has to compile 23,000 targets.

I personally think it's worth it. Others may disagree, and I can't blame them. I have to run it overnight.

Something is off there. I have Ryzen 3900X and it takes around 1-1,5 hours to compile ungoogled chromium.

It is really hard to keep up-to-date with security patches if you need to compile every few days from source with that time..

Edit: Also 32GB RAM which matters

The fact that it takes 1.5 hours on essentially an early 2000s supercomputer cluster full steam ahead to compile a fancy HTML viewer with integrated lightweight Java-like mini script language is bonkers.

You may be under-appreciating just how fancy this thing is.

I wonder how long does Java (which actually has a standard library, unlike JavaScript) take to compile? Would be an interesting comparison.

Far less on my machine. I think 1 hour?

Here with Ryzen 5700G, it takes almost 2.5 hours to compile chromium (doing one at the moment). This is with /var/tmp/portage mounted on tmpfs.

I have a 3900, no X, and 32 GB of RAM. I used to use a tmpfs, but I found that the build would run out of memory.

What if you try to compile in similar way than here? https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=ungoo...

Edit: Also, 3900 is 3900X running on eco mode (same spec but half power). You might get a lot more performance by tuning BIOS settings.

I'm not going to try to compile by hand, unfortunately. <shudder>

I'll take a peek at the BIOS, but I'll also no good at doing such things.

Do you have to do the make clean all, or equivalent, every time? Chrome has a ton of bits and bobs built in, right? Not all of which need to be updated every time (I guess?).

I wonder how it compares to the build time of something with equivalent functionality, like firefox.

It typically takes more than 20 hours on my dual core laptop. It's a pain, but once compiled I get the best of both worlds: fast as chrome, privacy friendly as firefox.

EDIT: Looks like popularity is on the rise [1]. Hopefully it will make it into the community repository.

[1] https://pkgstats.archlinux.de/packages/ungoogled-chromium

Are you building on an HDD? I went from 3-4 hours to under two when I switched to an SSD.

It's off an SSD. I have an SSD for my OS, which is where /var/tmp is on my machine.

Chromium is big. I think the last time I looked, it's larger than all the BSDs combined.

holy shit, what did the other dude who replied to this 15 minutes ago do?

Well going by some of their other comments, probably not nothing.

It's interesting the first release on that page is from 2016 and then the build .zip was 69MB, the last release from yesterday weighs 100MB compared to the official chromium which is 179MB that is alot of google and alot of non-google added in 5 years!

I can't find a list of removed features, but I'm gonna take a wild guess that it includes proprietary codecs. It's the same reason why the chromium binaries in most distro repos are smaller than the official ones, but also useless for normal users that want to experience all content on the net.

Couldn't they (or someone) set up a Github Action to compile the project on every release?

I forked the repo with the intention of doing this a couple months ago. The default Windows runner for Actions doesn’t have enough free disk space to compile Chromium (at least, given the build instructions the project provided). Given it took an hour to fail every time, it made trying to optimize hard and I eventually gave up.

Got a link to that fork? I might want to pick that up sometime.

https://github.com/jedieaston/ungoogled-chromium-windows isn't my original attempt (I deleted the original repo, oops), but I recreated pretty much where I was. GH Actions runners only have 14GB of usable space, and Chromium requires 100GB or so of free space to compile on Windows apparently: https://chromium.googlesource.com/chromium/src/+/refs/heads/...

GitHub Actions free tier comes with ~34 hours of free compute time with 500MB storage. Pro comes with 50 hours and 1GB. Enterprise comes with much more. Building on Windows or macOS divides those compute rates by 2 and 10 respectively.

For a project with frequent point releases, building Chromium via GitHub might require a monetary commitment.

Has it changed? It used to be unlimited for open projects.

I wasn't aware it was ever free for open projects. Reading this page shows that you're right[1], public repositories can use GitHub Actions for free.

[1] https://github.com/features/actions

So what's stopping them?

Seems like something someone with some time can make a pull request for ;)

I just use Brave browser now. It's very good. I can use chrome extensions.

I've had a horrible experience on PC with early Brave. I'll never install that again. Just understand this, you don't trust Google, fine... Now do you trust some randos telling you you should trust them instead of Google...

I'm inclined to trust Brenden Eich over Google or random compiles.

Yeah, because they don't control half of the internet.

How early? Could be worth trying again.

I think I trust a random binary blob more than I do Brave's random binary blob, with all of it's crypto lug-alongs.

The crypto stuff does weird me out. But I'd rather use it than a google product.

I use Firefox as my main browser, Brave as backup foot sites that don't work well with FF. Brave does a good job with randomizing fingerprints.

Pretty easy to turn off the crypto stuff

Agreed. That's what I did.

I'd rather use a Google product than a Brendan Eich one.

Well why choose? Just use neither.

I don't know, Brave has always broken more sites and failed to block more ads for me, than either Chromium or Firefox with uBlock Origin.

Vivaldi Browser is a better Chrome clone than Brave.

Interesting, that source code is growing FAST though, I wonder why that is...


edit: "integrated email client" Ok now I see why ;)

Vivaldi, just like Opera back in a day has things integrated, yeah... They even have Philips Hue controls https://help.vivaldi.com/desktop/miscellaneous/philips-hue/

I thought Vivaldi was closed source for some reason, so thank you for this! I may be using that more often now!

The UI is closed source.

Right, I didn't know that

> Note that, of the three layers above, only the UI layer is closed-source. Roughly 92% of the browser’s code is open source coming from Chromium, 3% is open source coming from us, which leaves only 5% for our UI closed-source code

That changes the equation quite a bit.

It's still readable and editable, AFAIK. At least the CSS files.

Vivaldi is the definition of bloat. What was that saying, that all software grows until it bundles an entire mail client? Yeah, that's Vivaldi.

It's just doing the same stuff Opera did (with a much less pleasing engine).

I've used Vivaldi for years but now I'm getting split on it. I've got regressions that are just unacceptable (especially when it comes to video playback), but at the same time it comes with features I can't live without.

Zawinski's Law of Software Envelopment : “Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.”

Google/Chrome has gmail. Vivaldi has a mail client. That's why Firefox is dying!

I mean, there are different setups of Vivaldi you can choose when you first open the browser: https://vivaldi.com/features/#essentials

Essentials gives you the very basic stuff, classic gives you some extra features, and fully loaded gives you the built in mail client and all that other stuff.

because reasons?

Anyone know how the Flatpak builds of this project[1] are built? Does FlatHub have a CI pipeline that builds Ungoogled Chromium binaries?

[1] https://flathub.org/apps/details/com.github.Eloston.Ungoogle...

They are built by Flathub, just like the vanilla Chromium build on Flathub.

Here is the most recent build logs for x86_64 https://flathub.org/builds/#/builders/12/builds/8123 which I found from the GitHub green-tick status icon on the latest commit on https://github.com/flathub/com.github.Eloston.UngoogledChrom....


How hard is it to compile these days? I recall trying to build several years back for Electron development work on Ubuntu and it was a royal pain in the butt.

Ok, let's say I'm a tech savvy Windows user. Assuming I have something like Visual Studio installed, would this compile correctly off the bat? I doubt it. (I've not tried tbh)

Personal experience, most of the source I download from GitHub either will straight refuse to compile in Visual Studio, or requires me tweaking a lot of the dependencies and stepping through the warnings and errors until it does.

"Ah, but don't use Visual Studio" you say. "Use XYZ-compiler-de-jour". Right, that's now in the 'too-hard/too-time-consuming' bucket, and I'll look for something else.

Pretty easy if you have a reasonably fast PC (>8 cores, ideally HEDT/server), use one of the two popular platforms (Windows or Ubuntu) and don't try to outsmart the build system.

Chromium builds are reproducible though .. So why isn't this project using that to publish hashes of valid builds?

This is the hilarious irony of this entire software project. I trust Google a lot more to produce a safe binary than some random internet stranger who promises to be good. Even if I don't ultimately trust Google as a software vendor, I can at least make some reasonable assumptions about the security of their product.

> I really hope the privacy-conscious people downloading this aren't just downloading these binary blobs and instead compiling it from source.

Those would be on a nix (linux/bsd/other) free source OS with distro specific binaries (or rolling their own and would be better off compiling it themselves anyways)

I am baffled that they would accept binaries, instead of, oh, say, pull requests helping set up builds.

There is exactly such a PR - https://github.com/Eloston/ungoogled-chromium/pull/1693 - as you might imagine building a complex binary for many target OSs and flavors within OSs, it's a little complicated and requires some discussion about the right approach. In the mean time, binaries are available.

The Marmaduke build might be a better alternative in this regard: https://chromium.woolyss.com/

I installed it through flatpak. What is HN crowd opinion on this?

And for the precisely the same reason, I hope the privacy-conscious people who are compiling it from source aren't downloading their compilers as binary blobs!

There is a project to solve that, they aim to bootstrap an entire Linux distro from under 1K of machine code plus all the necessary source code.


And I sure hope they didn't download and install their OS from a premade image too, you really can't trust canonical and the rest of those gangs these days!

> These binaries are provided by anyone

I don’t think this is true for macOS? the builds seem automated…

Or, more typically, the binary is built your distribution.

The problem with this is updates: there is no trusted publisher of binaries, and even if you pick one person to trust, oftentimes builds are 6 - 8 weeks out of date with Chromium which means you're susceptible to all the published zero-days.

Tried building it myself and it takes 4 hours on my 32-core 5950x, and you still depend on someone actually porting a version bump because their patches need to be regenerated for every new chromium build.

I like the idea of it in principle; if someone donates some CI time and we get official CI builds, plus getting more active with picking up new builds it'll be a real contender. I'll stick with Firefox for now.

Because I previously worked on the Chromium codebase at Google I have a 'specialist' dev workstation, an HP Z840 dual 18 core Xeon with 256GB of RAM. And that's a model from many years ago now, the newer specialist workstations are even heftier. To work on chrome @ Google you absolutely need one.

That said, if you're using cached builds via goma and have a nice fat pipe it can go quite fast without making your machine sweat much.

It's an absolutely massive code base. I wish I could explain why, but it is. No single part sticks out as bloat to me. I could never get CLion (among other tools) to index it properly.

Maybe someone can create a Goma-equivalent for ungoogled chromium, but it's the project's explicit goal to not depend on Google stuff (they actually apply hundreds of patches to the code to remove built-in google service references) so a Google-supplied Goma cache won't be of much use to this project's builds.

These days I work on a team at Google that provides distributed build infrastructure for non-Google3 projects, including goma. But unfortunately it's not available to the outside world, despite being built with that in mind.

How long does it take to build Chromium with a machine like that?

I was building Chromecast most often, not Chromium itself. So can't really recall. For Chromecast, from clean, it was around 10 minutes.

That sounded pretty reasonable until I realized you were talking about that beast of a workstation that can easily be between $25,000-80,000.

Pfft.... 10 minutes to compile, no sweat, not even enough time to brew and drink a tea/coffee.

According to https://zworkstations.com/products/z840/ it would be around 8k.

Not 5 years ago when it was first provisioned for me.

On the bottom row to the left of the price when viewed with desktop resolution: Condition: Refurbished

That's $8,000 for a refurbished computer with a processor that was launched in 2013.

> 32-core 5950x

damn, that's twice as many cores as a regular 5950x

Got the special sku... :)

Threads, vCores, etc. ... used to working in VMs not bare metal; but you got the point.

>Tried building it myself and it takes 4 hours on my 32-core 5950x,

That seems excessively long? For me it only takes around 2.5 hours on a 8c/16t processor. This is with optimizations enabled, with plenty of free ram and building on SSD.

It took 2 hours on a pristine 48-core Azure VM from start to finish; wrote some details here when I was playing with it: https://github.com/ungoogled-software/ungoogled-chromium-win...

It's likely it'll be faster if I build on bare-metal on my box; spun up a VM because the build does all kinds of stuff (downloads binaries, spits up temporaries all over the place, etc.).

>pristine 48-core Azure VM

1. it's actually 24 physical cores, since azure counts hyperthreads as "vCPUs". still, that still seems slow compared to my own build times.

2. azure VMs have horrendous IO on the persistent data drives. You can probably get a small to medium speed improvement by moving your build to the D: drive.

> 2. azure VMs have horrendous IO on the persistent data drives.

This. If you want to benchmark builds on Azure, building on a tmpfs or ramfs will help mitigate disk IO latency, although tmpfs might swap.

It's packaged by Nix, should be more convenient.

In my case I was running Windows, but even the Linux binaries are based on Chromium 91 (from back in May).

Flathub has it for Linux based on version 96.x.

96 in Nixpkgs right now.

4 hours on a 32-core modern CPU? If this isn’t the strongest indictment of browsers getting out of control with regards to features and complexity, I don’t know what is.

Browsers are a window into the internet. Browsers should be simple enough to be implemented by a single person in a week.

I want the web to be re-constructed from scratch starting with the TCP/IP stack all the way to gifs with modern hindsight.

GIFs alone would take more than a week for a single person. I think you are severely underestimating the necessary complexity.

"Browsers should be simple enough to be implemented by a single person in a week."

They are. It all depends on who defines what a "browser" is and what it can do.

The browser I use as a "daily driver" is a 1.3M static binary. It is 5.7M of C code, including graphics stuff I do not utilise. It compiles in under a minute on a low-end computer.

This browser allows me to "browse" hypertext. It displays HTML tables beautifully in textmode. I can download files. I can save HTML as formatted text. It supports FTP. The program has various settings for cache size, character set and so forth. I can script the browser using tmux.

This browser is all I really need.^1 I read HTML then decide if I want to download or save something. Simple. What else is there, really. When I want to run programs I do not do that using this browser. I have separate compilers and interpeters for that. When I want to listen to audio or watch video, I do not try to listen or watch using this browser. I have separate programs for that. And so on. I do not try to live inside a single pogram. In every case of a non HTML-reading/saving or www/ftp browsing task, the separate programs do a better job than the browser could. If this sounds something like the "UNIX principle" maybe that is not a coincidence.

Sure, we can take each of those individual programs and integrate them into a single program, and still call it a "browser" but why would anyone want to do that.^2 What is that concept in programming called "separation of concerns". Someone once called it "an ordering of one's thoughts". When people use browsers written by web advertising-supported organisations, then the "organisation of thoughts" is going to revolve around advertising (requisite tracking and personal data/metadata collection) and how to integrate it into the browser. When I use the text-only browser I choose, the ordering of thoughts is quite different. I see no advertising. Ever. I still consume the same amount of "content", maybe even more because this 1.3M browser is quite fast.

1. Major corporations operating on the web today, e.g., banks, can obviously force people to use certain browsers for business and important personal matters. For recreational web use, however, people can choose any browser.

2. The answer is not "For everyone's convenience and free enjoyment." That is why we have people trying to "un-google".

M stands for MB

Also probably worth mentioning that I am not always necessarily using the browser to retrieve the HTML I want to read, nor to download binary files like audio, video, PDFs, and tarballs. I use other dedicated programs for that. The browser is used just as much "offline" as "online".

Connections from this browser go through an up-to-date localhost-bound forward proxy which handles any TLS verification. One of the obstacles to anyone writing a browser might be all the TLS stuff, getting it right and keeping it updated.

A lot of words without saying what “this browser” is. Is it lynx? Something else?

The browser is links, various versions of the 1.x series and 2.x series, with various personal changes.

I used lynx in the late 90s. Honestly, as a 24/7 text-only browser user, I think lynx may be the worst of the text-only browsers. IMO, the fact that it is so often mentioned seems to suggest most folks who mention it are not using it much and/or are unfamiliar with the full range of alternatives.

Usually the only reason someone asks "what browser" is so they can make snide comments about it, diverting the discussion away from the original point, which is that there are other browsers like this and it is possible to write them. As such it is usually against better judgment to respond. Let's see what happens this time.

What I prefer is not the point. Every user is different. The point is that people have written other, smaller, simpler browsers, I am using one, and I am able to comment here and read every submitted website just like anyone else who is using Chromium or the like to do it.

>Usually the only reason someone asks "what browser" is so they can make snide comments about it

I wasn't the person who asked, but I was also wondering and appreciate your answer for non-snide reasons. Especially in the context of the larger thread it's nice to hear what people use.

> Usually the only reason someone asks "what browser" is so they can make snide comments about it

Far from the intent, just genuine curiosity. As you say, “most…are unfamiliar with the full range of alternatives”.

Apologies for the misunderstanding. Genuine curiousity is good! Alas, the "full range of alternatives" is not very large. Nevertheless, IMHO, one can easily do better than lynx.

I doubt lynx is over 5M lines of code...

It’s not, and neither is links (both are around 165 SLOC). Maybe what they meant was 5 MB of source code, but that’s not right either (even compressed the links source is bigger than that, though lynx isn’t, but who knows what version they’re using). I dunno. Without units it’s anyone’s guess.

You may want to check out Urbit. It’s philosophy is not far from yours.

For something less radical, Gemini

FWIW the 5950X has 16 cores (32 threads), not 32 cores as the poster indicated.

If you just want a subset of the internet, Lynx builds in under a minute.

TCP/IP is not part of "the web".

It’s as much a part of the web as tires are parts of a car

What's surprising to me is that this product not only removes Google services integration, but also adds rather opinionated "Enhancing Features" of its own. Many of these are pretty good, but not everyone will like all of them. I, for example, doesn't like the "Force all pop-ups into tabs" change.



Guix does not distribute Firefox and instead distributes GNU Icecat, which comes with the unremovable libreJS and an extension to make UPS's site work without JavaScript.


Uhh... thanks

The privacy features are why I won't use it. Same with librewolf. I am sick and tired of all of these web breaking alterations being the only independent forks available.

In IceCat disabling those additional features is a click away. And it won’t demand that you enable them back.

See also: VSCodium if you like VSCode but don't like sending sensitive telemetry info to Microsoft.

It is ironically hosted for free on Microsoft's popular git hosting website.

Or perhaps we could all stop using software written by people with the express intent of reducing our overall freedom?

It's easy, just don't use Google, Microsoft and Apple stuff.

It's not that easy. Computing is a collaborative effort for many; these decisions are not made at the margin and in isolation.

What phone OS do you use?

Mobian at home, and Lineage without GAPPs at work.


You're not OP!

Indeed, but I fully agree with the OP and do what they suggested.

One of these things is not like the others. I really wouldn't put Apple in that group.

The only reason I can think of even putting them in a nearby group is because of App Store restrictions, but you can still sideload your own code, and it doesn't apply to Macs at all.

>but you can still sideload your own code

Unless something has changed very recently, you can't sideload apps to your iOS device without getting a developer account from Apple and owning another apple OSX product from which to do the installation.

Not to mention being unable to use non-safari browsers on iOS and the scanning your images for illegal stuff they're planning on rolling out, and the extremely egregious anti right-to-repair lobbying they're doing.

Apple is not your friend. The less control we have over their device, the more money they can make from us.

Unless i am mistaken, You can use non safari browsers on iOS. I use Firefox.

No, the engine is still Safari. See also: https://news.ycombinator.com/item?id=21587606.

> and the extremely egregious anti right-to-repair lobbying they're doing.

They're rolling out a self-repair program soon, though this is certainly due to pressure from shareholders and the like.

The other points are completely valid but their sins pale in comparison to Google and Microsoft's.

> but their sins pale in comparison to Google and Microsoft's

I invite you to have a look at my favorite HN submissions about Apple: https://news.ycombinator.com/favorites?id=fsflover.

> One of these things is not like the others. I really wouldn't put Apple in that group.

Apple is an order of magnitude worse at "with the express intent of reducing our overall freedom".

No offense, but Stallman has a very black and white view of the world.

I saw him give a talk once, and it was peppered with childish insults and calling companies and products he didn't like by "funny" alternative names.

It was impossible to take him seriously.

Shooting the messenger. The linked page is not up to encyclopedic standards of neutrality, but there are bits worth discussing.

> Apple devices lock users in solely to Apple services by being designed to be incompatible with all other options, ethical or unethical.

Is this litterally the best facts that gnu.org could come up with? Who put together this crap; a 12 year old or a guy who sells mattresses and is gonna launch his big lawsuit any day now.

But it’s true. Can you use Apple Watch with Android? No. You even cannot use it with an iPad!

> But it’s true

> Apple devices lock users in solely to Apple services by being designed to be incompatible with all other options

incompatible with ALL other options

Can you use an iPad with Gmail? Yes. Can you use google maps? Yes. Can you use the non apple internet? Yes. Can use non apple services on an OSX? Yes. Can you use dropbox? Yes.

I wont keep going as the list of non apple services you can use with an apple device is bascially infinite. In the time it would take to write them all down many more would have come into existence.

So it is demonstrably false, not even remotely close to being true.

There are legitimate issues, you dont need to litterally make up shit to make the case. It is either lazy, or just shows that the people making the case are too retarded for the nuance needed to actually highlight the real problems that exist.

This is a bit like complaining that you can't use an Xbox controller with a Playstation.

There is no technical reason why Apple Watch can't work with other devices, except intentional Apple lockdown forcing users to buy iPhones. I see nothing similar with the gaming platforms.

Apple Watch can't even be turned on without an iPhone. Have a look at PineTime - an open-source watch that can work with anything you want, or by itself.

> I see nothing similar with the gaming platforms.

How can you say that? I can’t run home brew games on an Xbox due to intentional locking down of the device by Microsoft forcing me to buy games they bless to be on their platform.

But some how these companies get a pass but Apple gets constantly blasted for this practice?

For the record, you should be able to do these things. But that is somewhat of a naive view of the world.

Apples closed and heavily taxed ecosystem is the worst of the three.

It's easy, just don't use a computer.

It's easy as avoiding drinking water. lol

Gave up on it after it stopped downloading extensions from both the official Microsoft store and the OpenVSX store due to the CORS issue. The fragility of the OpenVSX store was in highlight when their maintainers couldn't make it compatible with the CORS requirement of VSCode for several months. I'm not sure if it's fixed now or if they're still using a workaround.

does vscodium have a way to only display FOSS extensions? I've considered giving it a whirl but I don't really like the idea of it if it ends up just being a trojan horse for closed source extensions

vscodium by default only offers extensions from https://open-vsx.org/ But I am not sure whether that repo accepts non-free software.

what do you consider "sensitive telemetry"?

VSCodium doesn't work well with Github Copilot (from my limited testing)

Now this is one I'd use, but I'm already satisfied with Firefox.

Firefox for Android could use some improvements, when I switched from Chrome, the downgraded experience felt almost immediately, but you get used to that to the point you don't notice.

What I love about Firefox on Android: sending pages to my other devices. So when I see an interesting webpage on the subway, I can send it to my office computer and read it later.

Any privacy concerns there? I am assuming that it is sent through Mozilla's systems.


> Firefox Sync by default protects all your synced data so Mozilla can’t read it. We built Sync this way because we put user privacy first. In this post, we take a closer look at some of the technical design choices we made and why.

Nice. Thanks

Problem I have is MS Teams doesn't work on FF. I usw Brave as a substitute for that.

What exactly do you mean? Speed?

Scroll speed is noticeable (it's not as smooth) when you're used to Mobile Chrome, but you get used to it. I don't feel it anymore.

Some UX shortcuts or improvements could have been used as well (e.g. the "Sync" button for the tabs in other devices instead of syncing without asking, or... the weird zoom it does into a form field when I'm about to type in it).

If you want to make a statement, just don't use chromium in any form. Use Firefox, even if it's slightly worse for you.

Why bother "de-googling" if you're still eating from Google's hand anyway? You get to support the Chromium/Blink hegemony _and_ the warm fuzzies that you're not sharing your data with Google (because you're technically adept enough to search this out, while supporting the propagation of a technology which disenfranchises non-technical users' privacy).

I use Chromium for testing and the occasional website that doesn’t work on Firefox. I’m not going to install Chrome for that.

Because the only alternative is Firefox.

The technical stuff - https://github.com/Eloston/ungoogled-chromium/blob/master/do...

(I wish someone would do this with Firefox too. I am tired of all the useless or meaningless services being added to Firefox - from pocket to monitor to even ads now.)

GNU IceCat is a "de-mozillaed"[^] Firefox LTS:


It seems it is mostly maintained within GNU Guix now (which has 91.3.0).

[^]: It comes with its own set of opinionated (but privacy-friendly) add-ons.

Unfortunately, upstream IceCat appears to use the FireFox 60.x ESR branch, which is three branches behind the current ESR and is past its end-of-life date. It's also a few security updates behind the 60.x ESR branch's last release.

The GUIX package is more recent, but its description states:

> WARNING: IceCat 91 has not yet been released by the upstream IceCat project. This is a preview release, and does not currently meet the privacy-respecting standards of the IceCat project.

It reminds me when Debian shipped with "Iceweasel" instead of Firefox because of some licensing nonsense.

>(I wish someone would do this with Firefox too. I am tired of all the useless or meaningless services being added to Firefox - from pocket to monitor to even ads now.)

Is that really needed considering that about:config flags fixes all/most of the issues?

Once upon a time, I used icecat, based on the conclusion that it was basically just firefox but with all the settings pre-set to what I would have had to manually set them to. A soft fork, or repackaging, of firefox that just tunes about:config values to somewhat more conservative presets would be lovely.

> about:config flags fixes all/most of the issues?

How do I even keep track of all this? What if my personal data has been uploaded to some service that I am not even aware is running in the background.

I'd like all that unnecessary code stripped from the browser. (It's like we are going backwards - we seem to have removed browser plugins in favour of bundling everything into a big bloat of a browser ... yeah, I know some of these are "special" firefox addons. The only thing that makes them "special" is that they are bundled into the browser by Mozilla, do not show up in the addons / extension page and cannot be removed like other user-installed addons.).

Mozilla can remotely kill extensions which means that privacy enabling features of firefox that are served as extensions like the containers feature can suddenly and without warning stop working.

No amount of config flag fudging will fix that glaring design choice.

And make no mistake, it's a choice, not an error.

>privacy enabling features of firefox that are served as extensions like the containers feature can suddenly and without warning stop working.

containers is a core feature of the browser. The addon (Firefox Multi-Account Containers) only adds some niceties like an addon button to start containers, and auto-assigning sites to containers. Without the addon, you can still manage containers by going to about:preferences#containers and open a tab in a given container by long pressing the new tab button.

Any idea why Mozilla has chosen to implement it this way?

Nobody thinks that Mozilla’s remote kill switch for extensions is an error. The reason I accept it is because I don’t want to be personally responsible for every extension I might install. Nobody has time for that. Let someone who does this stuff for a living take care of it.

I agree with that sentiment, It would just be nice to be able to turn of that kill switch, you know?

Librewolf might be in a similar vein to what you're looking for? https://librewolf-community.gitlab.io/

Been using it on my work machine for a few months and I'm quite happy with it



    rm /usr/lib/firefox/browser/features/*.xpi
takes care of pretty much all of the firefox bloat for me

Applications are open for YC Winter 2024

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact