Iridium – a free, open, and libre browser modification of the Chromium code base, with privacy being enhanced in several key areas. Automatic transmission of partial queries, keywords, metrics to central services inhibited and only occurs with consent. In addition, all our builds are reproducible, and modifications are auditable, setting the project ahead of other secure browser providers.
Differences between Iridium and Chromium
– Increase RSA keysize to 2048 bits for self-signed certificates (used by WebRTC)
– Generate a new WebRTC identity for each connection instead of reusing identities for 30 days
– Generate a new ECDHE keypair for each WebRTC connection instead of reusing them for multiple connections
– Disable using system-provided plugins (i.e. Java, Flash, etc.)
– Disable “Use a web service to help resolve navigation errors”
– Disable autocomplete through prediction service when typing in Omnibox
– Always send “Do-Not-Track” header
– Network/DNS prediction is disabled by default
– Block third-party cookies by default
– Link auditing is disabled by default
– Fetch plugins list from iridiumbrowser.de where it will be updated regularly
– Site data (cookies, local storage, etc.) is only kept until exit, by default
– Passwords are not stored by default
– Input form autofill is disabled by default
– For IPv6 probes, use a DNS root server instead of Google
– The default search provider is Qwant
– Load “about:blank” on new tabs instead of the currently set search engine and/or promotions.
– Don’t report Safe Browsing overrides.
– Don’t use autofill download service.
– Disable cookies for safebrowsing background requests.
– Disable the battery status API.
Disabled features: background mode; EV certificates, so they are shown just like “normal” certificates; Google cloud printing; Google hot word detection; Google experiments status check; Google translation service; Google promotion fetching; Google Cloud Messaging (GCM) status check; Google Now; automatic update check; profile-import on first run.
Networking changes: Network/DNS prediction is disabled by default; Link auditing is disabled by default.
– Add: DuckDuckGo search provider; Qwant search provider; certificate pinning for iridiumbrowser.de
– Let user confirm downloading translation dictionaries from Google
– Always prompt for download directory
– Don’t ask to send settings to Google by default on profile reset
– Don’t warn about missing API keys (services are not used anyway)
– Iridium will show a warning bar when running possibly unwanted requests (trk prefix)
– Show all extensions (including internals) in chrome://extensions.