2008 marked the release of a new open source Web browser called Chromium. This was the open source basis for Google Chrome, one of the most widely known Web browsers available. It promised a couple of interesting security characteristics that were not available in major competitors like Mozilla Firefox and Microsoft Internet Explorer:
- Chromium offers a segregated multiprocess model for tab management that effectively “sandboxes” Web pages opened in separate tabs by loading them within separate processes.
- A limited permissions and privilege-separation mode enabled by Chromium’s multiprocess model was explained in a “comic book” released by Google in both print and online formats. That limited permissions and privilege separation model represented a notable advance in security characteristics for Web browsing. Unfortunately, the comic book appears to have disappeared from Google’s site, but you should be able to find it somewhere else with a Web search.
Another interesting characteristic of Chromium is the fact that the project’s new code has been released under a copyfree license — specifically, a BSD License. Parts of the complete open source project came from pre-existing software, however, which are distributed under the terms of other open source licenses:
- MIT License
- MPL/GPL/LGPL tri-license
Despite the fact the project’s primary license is a BSD License, it was originally released only for MS Windows, then ported (mostly by Google developers) to MacOS X and Linux-based systems. It was not until several developers started working on ports for FreeBSD, NetBSD, and OpenBSD independently of the Google-directed main software project that Chromium finally made its way to stable operation on any BSD Unix systems.
Ben Laurie started work on a FreeBSD port of Chromium, and Sprewell applied the finishing touches. Peter Valchev maintains an OpenBSD port based in part on Sprewell’s port, and there is a NetBSD project as well.
This year is when Chromium appeared in the FreeBSD ports system. I am still only using it side-by-side with Firefox, rather than using it as the primary browser on my FreeBSD laptop. Part of the reason Firefox has not been replaced is the need to get the right set of extensions working on Chromium. While Firefox has a number of problems that make me want to use Chromium instead, the wide range of extensions available for it have spoiled me. Chromium is quickly catching up, of course; it offers several extensions for vi-like keybindings, as well as several proxy setting management options, plus the Perspectives HTTPS man-in-the-middle detection extension.
Chromium on FreeBSD still suffers an additional handicap when it comes to extensions, though. Some of those vi-like keybinding extensions do not work on FreeBSD, for instance. In fact, I am using one with the colorful name YakShave, but its default configuration for vi-like keybindings is less than comprehensive and custom configuration is a bit obtuse. One that appears to offer much better default keybinding coverage (Vimium) will not install on the FreeBSD port of Chromium at all. (edit: see Vimium and Other Chromium Extensions for more details, including how to get Vimium to install on FreeBSD’s Chromium)
Another extension that is important to me is the product of a collaboration between the EFF and the Tor Project: the HTTPS Everywhere extension for Firefox. So far, there does not appear to be any particular effort underway to create an equivalent for Chromium. The same is true of the GoogleSharing extension, which offers anonymous proxy service for Google searches and other Google-run sites.
At present, however, the biggest hurdle to my adoption of Chromium on FreeBSD as my primary browser is the lack of a better extension that provides vi-like keybindings, covering at least a significant subset of the reasons I use the Vimperator extension for Firefox. Of course, your mileage may vary.