Chromium unconditionally downloads binary blob

16 replies [Last post]
pizzaiolo
Offline
Joined: 03/12/2015

In case you weren't convinced why Chromium is proprietary: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786909

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

interesting read.

Calinou
Offline
Joined: 03/08/2014
pizzaiolo
Offline
Joined: 03/12/2015

Still, a bit weird, no? A mistery blob with access to your microphone...

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

right!

gnulux
Offline
Joined: 06/17/2015

Many thanks for the information.
In fact, the topic isn't closed, as Christoph's reply to this:
> oss-sec is a far better venue for discussion since Debian is not the only distribution that includes chromium 43.
runs like this:

>I don't see how that would practically ever change something at the
Debian level; this seems rather like simply pushing away and unpleasant
issue.
And just because all other distros ship software which injects possibly
malicious blobs, we don't have to do the same.

Anyway, I haven't said that banning such software from Debian would be
the only solution... but at least these incidents come far too frequent
recently, so apparently something needs to be done at Debian level to
pro-actively prevent future cases/compromises like this.
=======

Some people think theirs computers may have been compromised even if the blob's been removed. That's bad.

Yet, is it Debian's fault? I read somewhere on trisquel.info that Trisquel can't garantee there aren't any blob or such but will remove them as soon as they are found.

Nevertheless I think Debian should ban Chromium and take the time to inspect Iceweasel and strip its config to safety.

I fail to see why this thread is in the Troll Hole

pizzaiolo
Offline
Joined: 03/12/2015

I just posted it here because it's not directly related to "Trisquel users", since Trisquel users theoretically don't use Chromium :P

tdlnx

I am a member!

Offline
Joined: 04/09/2014

Luckily I've never used Chromium. I've briefly used Chrome on a friend's laptop when I was in a hurry, but would never consider installing it or any derivative on my personal machine. I can honestly say I'm not surprised in the least by the news.

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Come on people! They put this "listening to your microphone" blob just for your safety! Imagine there's a fire in your house and you start screaming "oh my god, there's a fire in my house!!" - google fiends hear that and call the firemen for you..
After all google is well known for just wanting our safety. They want us safe. So they paid a shitload of money to mozilla to implement "safe browsing", and now this blob in chromium, which, as I clearly demonstrated is yet another safety measure.
So say with me: "I love Big Brother!"
Don't you like to feel safe?

danieru
Offline
Joined: 01/06/2013

Good point. And it's clear why the source code has to be a secret too. To improve security! What else? This way no one (besides Google and partners) can make you pranks by calling the firemen when everything is okay, so it's safe even with Google being a lazy ass that don't pay too much attention to security bugs.

techgnuponey69
Offline
Joined: 06/02/2015

glad i never used chrominum

Garsmith
Offline
Joined: 07/27/2013

A surprise for me. Rick Falkvinge, founder of Pirate Party in Sweden, talks about open source and free software. Sadly it seems he thinks lives in the open source bubble that Ubuntu is completely open source when in reality it includes binary blobs. Or he maybe dont want to go to support free software over open source because then people some how takes a step away and look at you as someone who is weird.

https://www.privateinternetaccess.com/blog/2015/06/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/

Google is and will always be a evil global company. So why is so many people in the "Linux open source thinking" using and supporting this company?

cooloutac
Offline
Joined: 06/27/2015

whats crazy is chrome has been known to do this for a couple years now, and even proved to be listening when its supposedly shut off.... I guess the recent revelation is because people are surprised it was found in chromium. But i could be wrong, I thought chromium made it for google lol. like they do many things, i consider chromium the beta chrome lol. So its funny how people try to seperate them because they are supposedly open sourced, and supposedly owned by another company. I'm staying away from chromium now thats for sure...

https://www.youtube.com/watch?v=s5D578JmHdU

pizzaiolo
Offline
Joined: 03/12/2015

Many don't really care about freedom (it's the whole point of "open source"). It's all about convenience for them, regarless of ethical considerations.

cooloutac
Offline
Joined: 06/27/2015

I got an issue now I don't know what to do. I want to watch vides on c-span.org, But i can't unless i have the latest flash player (not on linux?) or I use pepper flash :(' I think I should write c-span a letter.

Legimet
Offline
Joined: 12/10/2013

I needed to download a video from c-span once, and I used rtmpdump I believe.

tomlukeywood
Offline
Joined: 12/05/2014

"But i can't unless i have the latest flash player
you can if you don’t have the latest flash player XD!

you can download the majority of flash videos using the program youtube-dl

so you just do

youtube-dl videolink

i tested it and it works on c-span
if you need any help installing/running youtube-dl feel free to ask!

btw flash is a non-free program made by adobe that you can run on gnu/linux
but i would very strongly recommend against doing so
as its non-free and contains malicious features

however there is a project called gnash:
http://www.gnashdev.org/

which is a replacement for adobe flash and its free software

its not complete yet but it can successfully run
on some sites including youtube