I’m especially concerned about it being somehow broken, unwieldy, insecure or privacy-invasive.
Case in point; at times I have to rely on a Chromium-based browser if a website decides to misbehave on a Firefox-based browser. Out of the available options I gravitate towards Brave as it seems like the least bad out of the bunch.
Unfortunately, their RPM-package leaves a lot to be desired and has multiple times just been awful to deal with. So much so that I have been using another Chromium-based browser instead that’s available directly from my distro’s repos. But…, I would still switch to Brave in an instant if Brave was found in my distro’s repos. A quick search on repology.org reveals that an up-to-date Brave is packaged in the AUR (unsurprisingly), Manjaro and Homebrew. I don’t feel like changing distros for the sake of a single program, but adding Homebrew to my arsenal of universal package managers doesn’t sound that bad. But, not all universal package managers are created equal, therefore I was interested to know how Homebrew fares compared to the others and if it handles the packaging of the browser without blemishing the capabilities of the browser’s sandbox.
P.S. I expect people to recommend me Distrobox instead. Don’t worry, I have been a staunch user of Distrobox for quite a while now. I have also run Brave through an Arch-distrobox in the past. But due to some concerns I’ve had, I chose to discontinue this. Btw, its Flatpak package ain’t bad either. But unfortunately it’s not official, so I choose to not make use of it for that reason.
What does Brave give you what the other Chromium based browser doesn’t have? Maybe you can install add-ons instead?
What does Brave give you what the other Chromium based browser doesn’t have?
Brave is known to take privacy (and security) more seriously than its contenders. It’s therefore unsurprising to find it recommended by Privacy Guides. Some of its unique features related to privacy can be found here.
Maybe you can install add-ons instead?
Excellent extensions like uBlock Origin heavily rely on Manifest v2 in order to do their bidding. Unfortunately, Chromium intends to stop supporting it. Which will inevitably lead to many Chromium-based browsers to follow the lead and stop supporting it as well. At least Brave has confirmed multiple times to support Manifest v2 longer. Furthermore, I’m not aware of any extension that does an equally excellent job at spoofing your fingerprint randomly. Though, I’d love to be corrected on that.
Brave is known to take privacy (and security) more seriously than its contenders.
Nice, their marketing works. If you really cared about privacy you’d probably use something like Librewolf, which is not proprietary.
Excellent extensions like uBlock Origin heavily rely on Manifest v2 in order to do their bidding. Unfortunately, Chromium intends to stop supporting it.
It works without issues in Firefox and similar browsers like Librewolf.
Nice, their marketing works.
You can’t deny its merits. At best you can question their integrity based on bad business-practices in the past. Their CEO being “X” and doing “Y” does not inherently make the software bad.
If you really cared about privacy you’d probably use something like Librewolf, which is not proprietary.
From OP: “at times I have to rely on a Chromium-based browser if a website decides to misbehave on a Firefox-based browser”
You can’t deny its merits.
Yes, yes I can. It’s proprietary and doesn’t do anything better than Firefox or Librewolf. The latter even has an active community on Lemmy.
Their CEO being “X” and doing “Y” does not inherently make the software bad.
I didn’t even mention the CEO, you must have confused my reply. It’s the product being X and doing Y which I don’t like.
doesn’t do anything better than Firefox or Librewolf.
Besides the fact that some sites misbehave on Firefox(-based browsers), it does if you’re actually security sensitive; Chromium’s sandbox is simply superior to Firefox’.
I didn’t even mention the CEO, you must have confused my reply. It’s the product being X and doing Y which I don’t like.
It’s true that you didn’t mention anything regarding its CEO, but I assumed your comment might be related to it. It seems not to be the case; my bad for assuming and mentioning it and thank you for clearing yourself from that ‘allegation’!
Would it be fair to assume that your primary gripe with Brave is its (at best) controversial stance regarding the ‘open’ source nature of their product?
Yes, and the business practices of the company making it which broke my trust to the point of me assuming they wouldn’t be above breaking the law in compiling spyware or other malware into their closed source product for profit.
…why would you use homebrew on linux?
You already use an arch container that has access to the AUR, which has literally every package, available on linux.
Also, if anything, flatpaks are THE official (universal) packaging format for Linux, it’s the most widely adopted and most well integrated of the universal packaging formats. I’m not saying that homebrew is bad, just why bother with it when you’ve got 100 other packaging formats that are all better…
You already use an arch container that has access to the AUR, which has literally every package, available on linux.
if anything, flatpaks are THE official (universal) packaging format for Linux
I don’t deny that, I make good use of a ton of flatpaks on my system. I also believe that it’s the best we have. And I would literally switch to Brave as a flatpak if it would satisfy the following:
- Be official and thus maintained by Brave itself.
- Not having to forego its own more powerful sandbox due to (hopefully) current restrictions of Flatpak. Yes, you read that correctly; while flatpaks are arguably the safest way to consume most applications, this doesn’t apply to apps that actually have stronger sandboxes which had to be ‘slimmed down’ when packaged as a flatpak. Thus, currently, for maximum protection, one simply can’t rely on flatpaks for their Chromium-based browsers. If you choose to do so and it has worked out for you wonderfully; that’s awesome, I’ve been there and enjoyed the experience as well. But, I can’t justify it for myself any longer.
Officially supported doesnt mean its more stable. They can just take binaries, add dependenciesy tadaa.
Bubblewrap is not insecure. But I am not an expert
Officially supported doesnt mean its more stable.
Never implied that anyways. Official merely ensures that the amount of trusted parties can be minimized.
Bubblewrap is not insecure.
Bubblewrap, when properly applied is indeed excellent; perhaps the best utility to sandbox applications on Linux. I’m thankful that flatpaks makes use of bubblewrap, namespaces and seccomp to offer relatively safe/secure apps/binaries, I’m unaware of any other ‘(universal) package manager’ within the Linux-space that offers similar feats in that regard. Unfortunately, Chromium-based browsers just happen to have an even stronger sandbox -if properly configured- than flatpaks are currently capable of.
Okay true. I am not so much into this Browser sandbox thing and dont really get it. Its a different way than bubblewrap, as from Firefox RPM for example I can open any file and save anywhere. But its process isolation right?
as from Firefox RPM for example I can open any file and save anywhere. But its process isolation right?
For Firefox, the verdict on its native sandbox vs Flatpak’s native sandbox doesn’t seem conclusive. With -assumingly- knowledgeable peeps on both sides of the argument, which indeed does raise the question how knowledgeable they actually are. Nonetheless, for myself, I’ve accepted Flatpak’s sandbox to not be inferior to Firefox’ native one. Thus, I don’t see any problem with using its flatpak.
Apart from having all the nice KDE integration and things like Keepass integration, Fido2 keys, drag and drop and some more things…
Also afaik the Fedora Firefox has a good SELinux profile and it runs damn fast. I did a speed test and it was best, along with Mozillas all-together-binary.
Apart from having all the nice KDE integration
I’m a sucker for GNOME :P , but I’ll keep it in mind.
things like Keepass integration
The flatpak does allow integration, but isn’t built-in unfortunately; so one has to fiddle a bit themselves to set it up.
Fido2 keys
I should rely more on those. Do you have any recommendations? I’ve been hearing good things about Nitropad and Yubico, but I honestly don’t know if they’re actually good and how they would fare amongst eachother.
drag and drop
Overrated anyways /s :P .
Also afaik the Fedora Firefox has a good SELinux profile
It’s probably better configured with the native package than the flatpak one indeed. I wonder if this will change as Fedora is interested to ship Firefox as a flatpak by default on Silverblue (and variants).
it runs damn fast. I did a speed test and it was best
I haven’t had the best internet speeds since I’ve been relying on free VPN. But that’s on me :P .
Distrobox… or simply Flatpak?
