Consider adding guides for configuring Google Chrome and Microsoft Edge

I understand your frustration. I think the “Principle of Charity” might be helpful for discussions like these—where the subject might be counter-intuitive. :smile:

I think that both you, @anon82677111, and others, raise important points! For instance:

  • As @anon82677111 argues, the right to privacy depends on sufficient security. In comparisons between mainstream tools, like Google Chrome and Microsoft Edge, which have a well-documented history of unethical practices (PDF), and specific alternatives, there might be good reason to say that the loss in security is too severe for particular threat models. So, while they are major offenders against people’s privacy, there might be certain cases where even they are still preferable.

  • However, as you rightly point-out, the Privacy Guides website is respected—among other reasons—for its rigorous evaluation and selective recommendation of options (e.g. web browsers). So, I agree that it’s important to consider whether advising on “configuring Google Chrome and Microsoft Edge” is right to do (or can be done at all, without it seeming like an endorsement).

Personally, I think that it might be simple enough to advise on these browsers with explicit warnings about their ethical history (say, with warning admonitions). However, I think a more pressing issue is that it might create an educational design which works against the reader: not everyone reads the whole website, or even whole articles, and including these guides might devalue our actual recommendations.

Consider skimming-through the tables-of-contents and seeing that “hey, there’s a Google Chrome section as well as Brave. I installed a privacy extension I saw on YouTube. They’re probably just gonna say that.”

Obviously, we have no control over what visitors do or should read, but I think that optimizing the structure of information is essential to enabling them—however they might interact with the site. Will it stop these cases? Almost definitely not. Are they likely? Probably not. Is it an important part of writing UX? Yes, almost definitely.

This is a wider point, though (see this thread for more discussion).

The inevitable takeaway is @matchboxbananasynergy’s point: this forum is not a reflection of Privacy Guides or the team’s advice (including this reply)! It’s just our discussion, and it can be a tricky process. :smile:

4 Likes

They’re the most secure because they have the most exploit mitigations, best sandboxing, and are the most up-to-date, and Edge supports MDAG on Windows and has a hardened security mode which disables JIT and enables more exploit mitigations.

Google Pixel phones properly support verified boot for third-party operating systems and they are the only phones that use the custom Titan M2 chip. No other phone comes close to being as secure. This goes to show that sometimes DeGoogling and alternatives can be harmful to privacy.

Most custom ROMs are known to break the Android security model. A lot of ROMs do not support Verified boot and most require rooting the device or leaving the bootloader unlocked. There is a reason mobile network operators do not allow unlocking the bootloader: to protect their customers.

1 Like

What’s the point of being secure if they track us and don’t respect our privacy? Are you even listening to yourselves? You are talking about Chrome and Edge, you are literally talking about the two browsers that those of us who care about privacy should avoid the most.

The OP (in this thread) is not recommending that Privacy Guides adds Google Chrome and Microsoft Edge as official recommendations, but rather that we provide guidance on how to configure them for people that want or need to use them.

As I have previously explained, and as @anon34719932 also mentioned in this thread, there are ways for us to provide configuration advice for setups that we do not necessarily endorse.

Privacy Guides is only useful if it serves its readers. Blanket statements such as “Google Chrome’s and Microsoft Edge’s security benefits don’t matter because they “track us and don’t respect our privacy”” are not helpful to our readers, and they also don’t tell the full story.

A lot of people seeking privacy want to minimize or eliminate unnecessary telemetry in their digital lives, and that’s is largely a valid thing for someone to want, and a lot of what our website recommends caters to that need.

However, viewing security and privacy through those narrow lens means that you’re excluding and gatekeeping a part of the community who has different or more specific concerns. There are people who may be okay with the telemetry in a browser like Microsoft Edge if that means that they get additional security in a specific situations.

To reject or shame people with those needs or try to stuff them into a “one size fits all” model of privacy that you’ve arrived to goes against exactly what I was saying in my previous reply about evaluating these options with nuance and through the lens of various use-cases.

5 Likes

The OP (in this thread) is not recommending that Privacy Guides adds Google Chrome and Microsoft Edge as official recommendations

OP might not be recommending PG add them as recs but he is giving advice to others without threat modelling context and as a statement of fact to other forum readers.
This deserves to be critically analysed and labelled as promoting FUD, lest they be misconstrued or until evidence is provided.

If we as a community don’t at least question these statements, then I’d argue, other new users reading a post by someone within the Privacy Guides community, on the official forums, and although not explicitly endorsed by them, can infer tacit agreement of the community to some extent.
It’s irresponsible to not at least question (“Why” or “show me evidence”) these statements of fact, for those above reasons .

Examples:

  • Google Chrome and Microsoft Edge are the most secure browsers and because of that they offer good privacy from hackers and malicious websites
  • Microsoft Office is the recommended office suite for Windows as LibreOffice is insecure
  • Google Pixel devices are the only secure phones and all other phones should be avoided.
  • Stock Android is far more secure than all custom ROMs

Back to your core premise:

evaluating these options with nuance and through the lens of various use-cases.

Agree it comes down to threat modelling and acceptable usability trade-offs, I’d argue it should’ve been the first piece of content that all others branch off; and that a lack of a ‘gold standard’ piece of evergreen content that is promoted in the community is, in my opinion, the single biggest issues in the privacy communities.

Otherwise without establishing a relevant threat model when debating tools and process, how can we ever talk the same ‘language’?
People will likely be on different pages just as the OP and “f0r_fr33d0m” are right now.
The entire Privacy community across all platforms, struggles with this immensely and gatekeeping ends up being a byproduct of the miscommunication.

All of us exist along a ‘threat spectrum’, facing either different adversaries or the same adversaries in differing contexts. Everyone in this forum is likely in a different place on the spectrum, from new beginners just realising the threat to users with an extreme threat model, targeting 100% anonymity, that are compiling their own naked AOSP OS, running Gentoo and maybe even building their own hardware.

This ‘tool’ from IVPN, which PG, also recommends is a great example. Do I need a VPN?

Maybe we should be targetting having a common set of questions to ask others, in order to help them determine their baseline threat model in order to make discussions more meaningful to everyone.

1 Like

@Fossforus I agree with most of what you said. Threat modeling and actually looking at your situation critically and making choices based on that is what we are hoping to help people do through our community as the website itself.

Edit: See the Threat modelling page and Common threats pages are back up (last i checked I got 404’s)

That is peculiar. We did not remove those pages, unsure why you ever got a 404 on them.

My issue with the comments made previously (the ones I was responding to) is that instead of trying to evaluate the suggestions being made and trying to fit them in a threat model and then seeing if they fit on the website in some capacity, we see comments such as:

What’s the point of being secure if they track us and don’t respect our privacy? Are you even listening to yourselves? You are talking about Chrome and Edge, you are literally talking about the two browsers that those of us who care about privacy should avoid the most.

This is not approaching the issue with nuance.

On the other hand, I fully agree that a lot of the statements by @anon82677111 are absolute and lack context/proof. Even if they are correct (I’m not saying they necessarily are, by the way), evidence is necessary to promote discussion and to help the community arrive at a useful conclusion.

I believe that both “sides” on this topic and others on this forum need to take a step back and engage in constructive discussion, providing evidence for their claims and keeping in mind that not everybody’s needs/threat model are the same.

2 Likes

[citation needed] edit: from the top of this page:

This discussion forum contains community and personal advice, tool suggestions, and proposed changes; none of which have been approved or vetted for accuracy. If you are looking for advice right now, today, visit privacyguides.org.

Emmm literally this thread should count as a quote… they’re talking about making a guide to software that, yes, is secure but is also a serious (if not absolute) privacy hazard. This thread reminds me of the typical guide on how to harden your Windows for privacy, which yes, it improves it, but it’s still a danger to your privacy, but anyway, I found this thread so damn absurd that I was too lazy to continue replying. Do what you want, you are free and it’s your project, but in my opinion, you are making a mistake here.

2 Likes

The OP specifically states

It’s taking a pragmatic stance to provide help to people that dgaf about the things many/most of us do here. And face it, most of the world will continue using Chrome & Edge regardless of any recommendations on the site.

3 Likes

So you want advice for not following the advice? It just seems pointless to me. People who don’t want to see that chrome is violating their privacy are not going to be respective to any advice i am afraid.

It’s not like the recommendations couldn’t be prefaced with something like

We strongly advise you go with PG recommendations for browsers, but if that’s not feasible for you, you can do the following to at least minimize harm.

People don’t like change, and ignoring that won’t help anyone.

1 Like

Disagree, literally this entire project is recommending changes you can make to your technology and behavior to attain more privacy. If we want privacy-respecting technology, change will be a requirement. I can’t think of any reasonable situation wherein changing your web browser is not “feasible.”

I think we need to see evidence that Google Chrome provides tangible security benefits over say, Brave Browser. If the difference is negligible I see no reason whatsoever to add “Recommended Google Chrome settings” to the website solely because it is a popular browser.

3 Likes

I think we need to see evidence that Google Chrome provides tangible security benefits over say, Brave Browser. If the difference is negligible I see no reason whatsoever to add “Recommended Google Chrome settings” to the website solely because it is a popular browser.

I fully agree with that. The particular statement you quoted was more me giving my opinion on threat models and how people seem to think security and privacy are two completely separate and unrelated things. It wasn’t me necessarily agreeing with the OP or wanting to add the guide.

I can see the case for using Microsoft Edge on Windows for some things (think things that are already tied to your identity and therefore Brave’s fingerprinting protection doesn’t really matter, in which case you could benefit from Edge’s JIT toggle, for instance) and perhaps even for non-Windows OSes, although the benefits are less prominent there.

With Google Chrome, I suppose you’re getting a near stock Chromium experience, and telemetry can be toggled off, but I don’t see any standout privacy or security benefits to Google Chrome. I would talk about it and have a section about configuring it if we make a guide on ChromeOS, though (a guide that I would eventually want us to have, by the way).

1 Like

Tentatively marking this thread as rejected for now.

As far as I’m aware Edge’s Super Duper Secure Mode (aka JITless) is available on all(?) Chrome browsers via a flag we could recommend if we wanted. At the very least it is supported by Brave:

I’m unsure Chrome/ChromeOS needs a guide on our website unless we also recommend alternative operating systems for Chromebooks (my line of thinking is that IMO we only have “stock Android” guides because we recommend Android phones, and we recommend Android phones because of the availability of GrapheneOS; and that analogy does not currently hold up when it comes to Chromebooks)… But, ChromeOS guides can be a separate topic to discuss.

2 Likes

As far as I’m aware Edge’s Super Duper Secure Mode (aka JITless) is available on all(?) Chrome browsers via a flag we could recommend if we wanted. At the very least it is supported by Brave:

The only issue here is that it’s an all-or-nothing thing. Edge allows you to toggle JIT per site (similar to Vanadium) which means that you can keep JIT disabled for sites not affected by it, but enable it for sites that need it (Element web would be an example).

Element web doesn’t need JIT, I’ve been using it in enhanced security mode since forever and have no issues.

Element web doesn’t need JIT, I’ve been using it in enhanced security mode since forever and have no issues.

Oops! :smile: It’s some web app, but I can’t remember which. Anyway, the point here is that much like with JavaScript, you can’t just fully block it and not eventually encounter issues.

1 Like

Proton doesn’t log into the web app if i disable jit in vanadium. Haven’t tested on desktop.

Note that im still using the two password mode, so that may be the issue.

While i agree Edge and Chrome can have some improved security over FF i would recommend adding a disclaimer at the top saying these aren’t recommended and only use them if “needed” or for a friend/family member who refuses to change browsers. One thing i did is on a relative’s computer was since they used Chrome i applied some changes there but also applied some improvements to Edge since it forces it self back to default web browser occasionally so if that happens it’s already hardened some.
Edit: Brave is one of the best choices and should be one of main recommendations based on privacy & security and should have been compared to rather the FF

Firefox is not the bar to clear, Brave Browser (Chromium-based) is.

This would be convenient. I wonder if it is possible to disable JIT in Brave while keeping it enabled for installed web apps (i.e. how Brave allows you to install PWAs as desktop “apps” with their own shortcuts) through some shortcut trickery… I’ll have to look into that.

Another thing to look at is whether you can use multiple Brave profiles and disable JIT in one profile, and not in the other.