Iridium: privacy-focused Chromium-based browser
Iridium is a privacy-focused modification of the Chromium web browser by members of the Open Source Business Alliance.
Chromium is the open source basis for Google Chrome and other browsers such as Opera or Vivaldi. While it ships with less things Google integrated in the browser than Google Chrome, there is still room for improvement privacy-wise.
The idea behind Iridium was to enhance user privacy by modifying Chromium code. One of the improvements of Iridium is that remote servers are not notified about queries, keywords or other metrics.
Automatic transmission of partial queries, keywords, metrics to central services is prevented and only occurs with the approval of the user
Iridium Browser
Iridium is fully open source. Users may download and install binary builds of the browser, or download the source code instead. The developers promise that all builds are "reproducible and modifications are auditable".
The Windows version of the browser is offered as a MSI-based installation file and a zip file.
The project homepage lacks information. It does not reveal any differences to Chromium for instance (besides the sentence quoted above). The same is true when you install and run the browser.
While you may spot a couple of differences, like that Qwant is the default search engine and not Google, there is little to discover in the browser's interface.
What you will notice however is that several extensions are installed by default, and that it is not really clear what they do either. You may notice the component extensions Bookmark Manager, Chromium PDF Viewer, Settings and CryptoTokenExtension listed on the extensions page for instance.
These appear to have been sideloaded by the browser and don't offer any description that is of use. Unless you dug into Chromium code before, you may not know that these are native component extensions of the browser that are not shown by default by Chromium / Google Chrome.
The only location to find information about what is different is the development changelog. It lists all changes made to the browser including those that were made to improve user privacy.
The following list is a short selection of modifications that improve user privacy:
- Auto-Update and update pings are disabled.
- Only keep cookies until exit, and block third-party cookies by default.
- Disable hyperlink auditing.
- Disable network / DNS prediction.
- Disable autofill download manager.
- Disable Safe Browsing cookie transmission and reporting.
- Disable Google promotion fetching.
The list goes on and on. You may not agree with some of the changes. Disabling auto-updating for instance means that you need to download and install new versions manually. There is a time component to updating the web browser though to patch security issues in previous versions.
Closing Words
Iridium feels and behaves pretty much like Chromium. You will notice a few differences here and there, but the majority of differences are under the hood.
It would help the browser gain popularity if certain changes would be listed on the official project website, and not only in the change log that regular users probably won't read.
Especially features that are unique to Iridium should be mentioned on that list. (via The Windows Club)
Now You: What's your take on Iridium?
I’ve mentioned previously on Ghacks that I use Epic Privacy browser which is built on the Chromium platform. It’s very fast and has a free built in VPN which the user can turn on or off with a click. The only drawback is the very limited selection of add-ons/extensions. Since I usually don’t really require customization, (I use FireFox for that) Epic is my primary browser. I don’t see how Iridium can improve on Epic.
The second rule of privacy is to look like everyone else. Can’t do that if your browser doesn’t even have 1% market share, sadly.
Good news is that there’s nothing Epic Privacy browser does that normal Firefox can’t do :)
– Install µBlock Origin and enable its 3 privacy options
– Do the following tweaks to disable all automatic connections: https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections , it’s pretty much complete and it’s kept up to date by Mozilla. You can check that indeed nothing leaks with a pinned tab set to µBlock Origin’s Behind-the-scenes log ( chrome://ublock0/content/logger-ui.html#tab_bts )
– Try the HTTPS Everywhere add-on, see if it fits you
– Use Startpage, DuckDuckGo or Qwant as your default search engine. (Privacy wise, Startpage wins thanks to Perfect Forward Secrecy)
– Clear all your data at least once a day
– Forbid third party cookies in Options, at least. Better: Install Cookie Controller and default to forbid all cookies
– Disable or fake referrers, either through about:config or an add-on of your choice. Rarely, a functionality from a website will not work with referrers turned off.
– Install NoScript if you’re brave enough. It’s actually the best move of all privacy and security wise, but can require management depending on the level of protection you want to get from it.
– If you want to be “protected” against your own ISP and government snooping you could use a proper VPN, like Epic Privacy browser, but it has downsides (privacy ones too). Best to use Tor if you want such a level of privacy.
That’s it, you’re better than Epic browser now. You can get even better but at this point, there is a management cost and a higher risk of breaking rule #2 of privacy.
Also use Firefox for Android with µBlock Origin set to forbid all scripts and all third party related things by default if you’re on that OS. Sure it’s not ideal for the second rule of privacy, but it’s great for the first: Expose yourself as little as possible, i.e. few network requests to third-parties and limit access to advanced browser features such as Javascript. You also gain a lot of battery, data and faster load times thanks to µBO, at the cost of some setup when you first land on a website.
There is also the matter of your IP address. If it isn’t dynamic you’re screwed no matter what and can only limit how many organisations you expose yourself to, unless you use Tor (or a good VPN but it’s hard to tell which one is good enough and trustworthy).
The most extreme way to limit exposition without Tor is to control ALL third party network requests, and remove or control referrers and third-party storage. When you have a fixed IP you can’t do anything to protect your privacy except not making network requests. So you’re doomed on first-party sites, all that remains is security. (Which means controlling JS, fonts, plugins and other active content is still good)
Thanks Mark,
I use some of your suggested options on Firefox, including NoScript which took a while to master. I’ve always used Startpage & to a lesser extent DDG. But some of your suggestions are well advised. Will follow up with some of the ones I was unaware of. Once again, thanks.
Do we really need another Chromium based browser? If someone wants new, they usually want completely new, not old with a new pair of socks. There really are more than enough of these. Time for someone to make something different. It is time to acquire Presto-based Opera, and do something wonderful with it!
Do we really need another Chromium based browser? If someone wants new, they usually want completely new, not old with a new pair of socks. There really are more than enough of these. Time for someone to make something different. It is time to acquire Presto-based Opera, and do something wonderful with it!
There is no such thing as a chromium-based browser that’s secure and private.
For a as private as it can be Chromium I use the “No sync • No WebRTC • No Widevine” version from chromium[dot]woolyss[dot]com. I heared about Iridim before, but I don’t intend to use any Chrmium based browsers as my default one, it’s simply not suitaable for my browsing habbits – three or four windows, 100+ tabs, etc..
Opera v12 was perfect for me, but Firefox does a fine job as well.
Sounds good. I’ll stick with Firefox for Primary though, and Opera for Opera Turbo and Pepper Flash. They get the job done.
Privacy maybe ok… but what about a browser with a sidebar like AIOS and a statusbar like Status4evar in Pale Moon? Is it so complicated to do this?
Although what is published on Iridium’s development changelog page, “[…] there is still room for improvement privacy-wise” … what must it be with Google’s Chrome!
The problem with unknown browsers is always the ability to tweak, to add extensions. I guess Iridium supports Chrome extensions, but what about the under-the-hood settings? Flags, anything comparable to Firefox’s about:config? As many settings when Firefox is really opened. When you start being really relaxed with a browser you know if not all of its components at least where to find them.
Anyway, a browser built by the members of the ‘Open Source Business Alliance’ must certainly be affected by the group’s policy/philosophy, of which I know nothing since I discover this alliance…. OK, reading a topo on Wikipedia.
Yet another Browsers in the grey zone advertised as secure and private:
This browser has AudioContext API so it’s opened to a web-tracking technique called Audio Fingerprinting. This tracking technology is based on fingerprinting a machine’s audio stack through the AudioContext API. Not Secure.
On the other side, by removing WidevineCdm – that’s not listed under chrome://components – Iridium is not suitable for those who browse netflix which requires Wine plugin.
So, it’s neither the most secure nor the most friendly. Chromium is following netflix ‘latest and greatest’ improvements, so Iridium will probably follow.
See:
https://github.com/iridium-browser/iridium-browser/issues