iridium

iridium


Security improvements

  • Increase RSA keysize to 2048 bits for self-signed certificates (used by WebRTC)
  • Generate a new WebRTC identity for each connection instead of reusing identities for 30 days
  • Generate a new ECDHE keypair for each WebRTC connection instead of reusing them for multiple connections
  • Disable using system-provided plugins (i.e. Java, Flash, etc.)


Privacy enhancements

  • Disable "Use a web service to help resolve navigation errors"
  • Disable autocomplete through prediction service when typing in Omnibox
  • Always send "Do-Not-Track" header
  • Network/DNS prediction is disabled by default
  • Block third-party cookies by default
  • Link auditing (<a ping="...">) is disabled by default
  • Fetch plugins list from iridiumbrowser.de where it will be updated regularly
  • Site data (cookies, local storage, etc.) is only kept until exit, by default
  • Passwords are not stored by default
  • Input form autofill is disabled by default
  • For IPv6 probes, use a DNS root server instead of Google
  • The default search provider is Qwant
  • Load "about:blank" on new tabs instead of the currently set search engine and/or promotions.
  • Don't report Safe Browsing overrides.
  • Don't use autofill download service.
  • Disable cookies for safebrowsing background requests.
  • Disable the battery status API.


Disabled features

  • Disable background mode
  • Disable EV certificates, so they are shown just like "normal" certificates
  • Disable Google cloud printing
  • Disable Google hot word detection
  • Disable Google experiments status check
  • Disable Google translation service
  • Disable Google promotion fetching
  • Disable Google Cloud Messaging (GCM) status check
  • Disable Google Now
  • Disable automatic update check
  • Disable profile-import on first run


Networking changes

  • Network/DNS prediction is disabled by default
  • Link auditing (<a ping="...">) is disabled by default


Other changes

  • Add DuckDuckGo search provider
  • Add Qwant search provider
  • Add certificate pinning for iridiumbrowser.de
  • Let user confirm downloading translation dictionaries from Google
  • Always prompt for download directory
  • Don't ask to send settings to Google by default on profile reset
  • Don't warn about missing API keys (services are not used anyway)
  • Iridium will show a warning bar when running possibly unwanted requests (trk prefix)
  • Show all extensions (including internals) in chrome://extensions.


Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org