this post was submitted on 19 Jul 2023
1499 points (98.3% liked)

Technology

34977 readers
33 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 46 points 1 year ago (2 children)

This is such a ridiculous position.

I'm not the original person you responded to, but I am going to go out on a limb here and say that I disagree. While I personally do not think that all Chromium browsers (especially since there are projects like ungoogled-chromium) transmit your personal data, I can't verify this myself because the Chromium codebase is far too much of an undertaking for myself to review.

While the same is also true for Firefox (and really any potential open source browser), on a pure personal-trust factor I trust Mozilla/Firefox to be more caring about protecting my personal data than I do Google, who literally revolves around data collection. Inevitably its a moot point for me since I do use Google services anyways, but I don't think its that far reaching for someone who potentially doesn't to take the original person's stance.

[–] [email protected] 2 points 1 year ago (3 children)

While I personally do not think that all Chromium browsers (especially since there are projects like ungoogled-chromium) transmit your personal data, I can't verify this myself because the Chromium codebase is far too much of an undertaking for myself to review.

Don't you think that, with so many contributors and projects having eyes on it (arguably more so than on gecko), if there was foul play wouldn't anyone have sounded the alarm?

[–] [email protected] 16 points 1 year ago (1 children)

but they did sound the alarm? Debian took Chromium out of their repos for a time because they found unreported telemetry sent encrypted back to Google. All the info is on the net. You just need to read it.

[–] [email protected] -3 points 1 year ago* (last edited 1 year ago)

All the info is on the net. You just need to read it.

"The net" is kind of a big place. I've researched "the net" on this subject quite extensively and come up empty-handed so maybe you'd like to share where you found this information?

It sounds like you're referring to the Chromium web browser, which is not the topic of discussion. Rather it is Chromium-based web browsers such as Brave, Vivaldi, Edge, Opera, etc.

[–] [email protected] 6 points 1 year ago (1 children)

Argh, I originally finished typing out a reply and went to upvote your reply - which apparently causes Lemmy to close the reply box, sending my original reply to /dev/null, sigh...

What I was originally going to say, in a more abridged version is that plenty of people audit and review open source libraries such as OpenSSL which ended up having a massive vulnerability that no one knew about in the form of Heartbleed for two years - so while its possible someone would ring the alarm bell on Chromium, its also possible that they wouldn't (through no fault of their own).

At the end of the day, I still believe that my own personal trust in a project is going to trump the stamp of approval from people that I have zero connection to. There have been countless times in my life where someone said that X was okay, and I blindly trusted them instead of relying on my own judgment only to inevitably bitten in the ass when they ended up being wrong. Even down to medications that I've taken in the past that were deemed fine by multiple doctors, which have now resulted in me having permanent negative side effects that I'll have to deal with for the rest of my life.

I appreciate your level headed reply (as opposed to the passive aggressive "people do not understand chromium is NOT CHROME" reply), and to your credit I would say its probably significantly harder to forget to remove a ton of telemetry from a project than it is to not catch one line of code that accidentally causes a massive vulnerability to a project - but if Firefox works just fine for me, I don't see a need to even have to take a (probably small) gamble on Chromium.

I don't even advocate to others that they shouldn't use Chromium for the reason that was listed in the top parent comment (usually if someone does ask me how I feel about my choice of browser, I will tell them that I prefer Firefox because it doesn't have a dominant position of marketshare over web standards), but I did feel it was worth retorting that the parent comment was in fact, not really a "ridiculous position to take".

[–] [email protected] 5 points 1 year ago

Fair enough! FWIW, I also think your stance on the matter is fairly level-headed and well thought out, even if I'm more or less on the other side of the fence.

[–] [email protected] 0 points 1 year ago (1 children)
[–] [email protected] 23 points 1 year ago

Brave is icky. It's smeared in crypto and they were caught injecting affiliate links in 2020.

[–] [email protected] -4 points 1 year ago* (last edited 1 year ago)

I can't verify this myself because the Chromium codebase is far too much of an undertaking for myself to review.

No, but there are several people and organizations that can and do that would be screaming from the rooftops if there was some sort of telemetry that they could not remove.

I trust Mozilla/Firefox to be more caring about protecting my personal data than I do Google, who literally revolves around data collection.

You don't need to trust Google because Chromium-based projects are not made by Google. They are forks of the open-sourced Chromium, made by completely independent organizations, explicitly for the purpose of removing telemetry.

People are seemingly incapable of understanding that Chromium-based browsers are not Chrome, nor are they Chromium.