SoylentNews is people
SoylentNews
Submitted via IRC for TheMightyBuzzard
Linux users are more likely than most to be familiar with Chromium, Google's the free and open source web project that serves as the basis for their wildly popular Chrome. Since the project's inception over a decade ago, users have been able to compile the BSD licensed code into a browser that's almost the same as the closed-source Chrome. As such, most distributions offer their own package for the browser and some even include it in the base install. Unfortunately, that may be changing soon.
[...] To the average Chromium user, this doesn't sound like much of a problem. In fact, you might even assume it doesn't apply to you. The language used in the post makes it sound like Google is referring to browsers which are spun off of the Chromium codebase, and at least in part, they are. But the search giant is also using this opportunity to codify their belief that the only official Chromium builds are the ones that they provide themselves. With that simple change, anyone using a distribution-specific build of Chromium just became persona non grata.
(Score: 3, Informative) by RamiK on Wednesday January 27 2021, @06:06PM (6 children)
The relevant ungoogled-chromium discussion brings up all the alternative solutions like floccus and xbrowsersync: https://github.com/Eloston/ungoogled-chromium/issues/667 [github.com]
They each have their own cons and pros, especially on Android. Personally I would have liked to see xBrowserSync support some p2p solution... But for now I'm sticking to the tried and true text file and editor over syncthing share :D
compiling...
(Score: 3, Informative) by boltronics on Thursday January 28 2021, @02:23AM (5 children)
I use xBrowserSync, just for bookmarks (I wouldn't trust any sync service with passwords). It works fine. Occasionally when it refreshes it momentarily clears all bookmarks and re-adds them - you can see them all vanish and re-appear on occasion, maybe once ever few days, or when you update bookmarks on a different browser that you're syncing with. It's great having the same bookmarks in Firefox and Chromium, so I'm quite happy with it.
I just wish I could completely turn off the Firefox Sync and Google Sync built-in browser options, because it's annoying getting messages asking me to switch them on when I have no intention of doing so (and xBrowserSync isn't compatible with the built-in sync options and they must be disabled).
It's GNU/Linux dammit!
(Score: 2) by RamiK on Thursday January 28 2021, @04:36PM (4 children)
If chromium could allow redirecting to a self-hosted server, xBrowserSync could implement the protocol and let you run it localhost on your phone. Well, the option exists for firefox and no one bothered as of yet so maybe not... Still, it will sort out both the requests and the syncing issues where the bookmarks disappear for a few seconds.
You can self-host with syncthing to e2e p2p share your ~/.password-store [passwordstore.org] and Android-Password-Store [f-droid.org] for the rest of the song & dance.
compiling...
(Score: 2) by boltronics on Friday January 29 2021, @04:36AM (2 children)
> Well, the option exists for firefox and no one bothered as of yet so maybe not...
For years I was using the ownCloud add-on called mozilla-sync [github.com] and then they went and completely replaced the protocol with a new mechanism which was *much* more complex, and removed support for the old when Mozilla started to push Firefox Accounts hard.
It's no surprise nobody bothered. Who knows when Mozilla will go and change it all again? xBrowserSync is independent of whatever browser vendors comes up with next, but works with all browsers. It's a much better solution, although browser vendors must hate it and probably will try to break it somehow if it becomes more popular.
For passwords, I already use pass. I just copy/paste into the browser using its built-in clipboard integration (which automatically reverts after a few seconds) - no browser plugins required. I don't sync anything with my phone, quite deliberately so - I don't trust phones to be secure, what with all the proprietary components they run. I suppose I could have a separate password store for syncing unimportant things with my phone... but I'm not such a heavy phone user that not having synced passwords bothers me. Just having bookmarks there is sufficient for my use case.
It's GNU/Linux dammit!
(Score: 2) by RamiK on Friday January 29 2021, @08:15PM (1 child)
They iterated 2 breaking protocol changes over the course of 2 decades and explained how those changes were necessary due to security concerns.
Implementing a shim around the browsers' own protocols will eliminate those sync issues. Whether it's worth the extra maintenance burden is for the developer to decide and the users to accept/reject. Personally I'm not using xBrowserSync over those issues. But your mileage may vary...
On the desktop I prefer passff [github.com]. Again, mileage may vary...
Fair enough. I used it on and off with a 2nd store dedicated for "low-security" passwords made out of linking only the passwords I need to the phone. That way when I need to change/add a password it syncs. But if/when you can avoid it...
compiling...
(Score: 2) by boltronics on Monday February 01 2021, @03:40AM
> They iterated 2 breaking protocol changes over the course of 2 decades and explained how those changes were necessary due to security concerns.
I don't believe "security" is the concern - it's just an excuse. The new sync has known security issues and last I checked they don't care. They don't want to change the way it works because it would be problematic due to their integration with Pocket (a proprietary service - it still blows my mind that Firefox added this integration). There's an open bug report about it somewhere that I was reading last year, and it wasn't a new issue either. That was one of the big disincentives I saw regarding Firefox Sync specifically.
It's GNU/Linux dammit!
(Score: 2) by boltronics on Friday January 29 2021, @04:40AM
Also, I don't want my password manager to be stored/syncedon the same device I use for 2FA. I think that's asking for trouble, and I also don't particularly want to use dedicated 2FA hardware.
It's GNU/Linux dammit!