I already know that it’s spyware but in the case that I need to use it for work and school on my Linux laptop, do I need to worry about configuring something so that it won’t have access to my whole system like it does on Windows? I’m on ZorinOS/Ubuntu. Thanks in advance
You must log in or register to comment.
You could try Qubes OS? Portable version maybe? That’s quite easy and sucure.
Why would suggest a jump from Ubuntu to qubes?
Afaik Qubes runs all software in containers,
which isolates them from each other,
which is great for privacy.However, OP only asked for Chrome,
and I assume the jump to Qubes might be too big.To only isolate Chrome,
I’d recommend a Flatpak instead.Or even better Ungoogled-Chromium.
Oh, I just figured that a portable version of an isolated OS would be a decent alternative. Bit you’re right maybe a bit too much
If you don’t like flatpak there is also firejail which you can run to isolate browsers or many other programmes.
There is also a programme to run your browser from ram and commit changes to disk when it closes, which I’ve used for a year or so and can recommend. I have to look up the name later at home, if you are interested.
Browsers write to disk every couple odd seconds per default settings (I think up to 20gb a day), which eats away on an ssds life cycle. in Firefox this can be changed, but the in ram option makes it smappier as well as a benefit.
I just use chromium when needed. Not ideal but usually works in place of chrome.
Ok thanks. Are flatpaks better for isolation than snaps? I see many people avoid snaps.
IIRC the flapak packaging system is completely open source while snap does not release the server code.
Also, snaps were forced to the users, had terrible performance at the start, thus, making them unpopular.
Neither isolates everything. Both have some isolation features. The features enabled by default vary from package to package, so you would have to look at the permissions on each package to find out.
For a bit more isolation than a flatpak/snap, I suggest creating a separate user account for running chromium (or any other moderately nosy software). Note that linux lets you log in to two accounts at the same time, each with its own desktop, and switch between them. Check out your desktop environment’s “switch user” function.
For even more isolation, you could run chromium in a hypervisor-based virtual machine.
I avoid snaps, don’t trust Canonical and they’ve had malware incidents. There’s also a degoogled chromium flatpak if you’re worried about Google worming into your system. Idk how on security updates or anything it is though v normal chromium though.
