Chromium Bromite patches + Promethean additions

This is a fork of the Bromite repo on Github.

It contains a number of patches to Chromium that greatly increase security and privacy and fix various annoyances.

One patch has been removed from the original Bromite distribution:

• Automated domain substitution

One patch has been modified:

• The Bromite adblock engine is disabled by default

Build instructions

Getting Chromium

Building requires a properly set up environment. The Promethean builder machine has the proper dependencies installed.

The builder also has an existing Chromium checkout in /tank/chromium/src and a checkout of this repo in /tank/chromium/bromite. Before starting, you may wish to make a clone of /tank/chromium:

sudo zfs snapshot tank/chromium@allen
sudo zfs clone tank/chromium@allen tank/chromium4allen

If you are not using the builder or wish to start from scratch, follow the instructions to [install depot_tools] and [get the code] but stop before the Install additional build dependencies section. If you're building on the builder box, skip that particular instruction. Apply the patches before continuing.

Prepare your environment

All the operations that follow assume you are in an updated checkout of Chromium. It's advisable to set your PATH to where gclient is located. For example:

export PATH=/tank/chromium4allen/depot_tools/:$PATH
cd /tank/chromium4allen/src

Prepare Chromium

The patches are intended to be applied to the 108.0.5359.156 tag of the Chromium repo. Before continuing, make sure you are on that tag in the Chromium source repo:

git fetch origin
git checkout -B promethean-108.0.5359.156 108.0.5359.156
gclient sync --with_branch_heads --with_tags
gclient runhooks

Do a quick check to see if there are any new dependencies that might be missing:

./build/install-build-deps.sh --quick-check

Note: this does not do a comprehensive check for missing dependencies. If you have troubles with the build, you may wish to run ./build/install-build-deps.sh to make sure dependencies are properly installed.

Applying the patches

Now apply the patches in correct order. Make sure you do this from the src/ directory of the Chromium checkout and set the BROMITE_REPO variable to the location of this checkout:

export BROMITE_REPO=/tank/chromium4allen/bromite
for patchName in `cat $BROMITE_REPO/build/bromite_patches_list.txt`; do
  git am $BROMITE_REPO/build/patches/$patchName || break
done

All patches should apply cleanly. If they did not, make sure you have checked out the proper Chromium tag (108.0.5359.156).

Getting the third dependencies

If you have added the third dependencies to third_party/android_deps/build.gradle, you need to run third_party/android_deps/fetch_all.py to regenerate libs.

python3 third_party/android_deps/fetch_all.py --android-deps-dir third_party/android_deps/ --ignore-vulnerabilities --ignore-licenses

How to add third dependencies

First, you need to add the configurations to third_party/android_deps/build.gradle, like compile 'com.prometheanworld:telemetry:0.3.2'. Also, if other configurations (such as resource_overlay = true, enable_bytecode_checks = false) are needed, you need to add these configurations to third_party/android_deps/buildSrc/src/main/groovy/BuildConfigGenerator.groovy.

Secondly, if you want to use these libs on chrome/android, you need to add these to chrome/android/BUILD.gn. If you don't know where to add, maybe you can run the build, the error message will tell you.

Finally, if you don't know how to begin with, maybe Telemetry-event-video-full-screen.patch will help you.

Setting the build arguments

The arguments in bromite/build/bromite.gn_args must be used as the Chromium build arguments. To do this, run gn args with the default args file. You can optionally set your preferred editor. This is done from the Chromium src directory:

EDITOR=vi gn args out/Default

Replace all the args with the contents of the build/bromite.gn_args file in this repo.

Continuing the build

This command will build Chromium for the Android API 28 target. This should produce a package with the highest level of optimization for ActivPanel devices:

autoninja -C out/Default monochrome_public_apk

The resulting APK can be found at out/Default/apks/MonochromePublic.apk in the Chromium source directory.

(Original Bromite README follows)

Merging upstream changes

Periodically the Bromite project will add new patches for release. There is a specific process to add these to this repo which should be followed to ensure a clean and maintainable Git history.

1. Make sure the upstream remote is established.

If you do not have an upstream remote, add it with:

git remote add upstream https://github.com/bromite/bromite.git

2. Retrieve the upstream changes

   git fetch upstream

3. Find the latest Bromite release tag

   git describe --tags --abbrev=0 upstream/master

This will give you output like 108.0.5359.156 which we'll use as an example going forward.

4. Create a new branch based on this tag

   git checkout -b upstream-108.0.5359.156 108.0.5359.156

5. Rebase this branch on the current master

   git rebase origin/master

If the rebase complete cleanly, you're done! Push the branch and open a PR to master.

If you run into conflicts, there is more work to do. We want to keep the upstream commits faithful to their original source. This means collecting any conflicts and putting them into a separate commit. The procedure is largely the same but start out by adding a commit with the conflicts pre-resolved. Then rebase onto origin/master and -- if the rebase succeeds cleanly -- push the new branch.

Bromite - Take back your browser

Bromite is a Chromium fork with support for ad blocking and enhanced privacy.

Bromite is only available for Android Marshmallow (v6.0, API level 23) and above.

For the Frequently Asked Questions see F.A.Q..

For documentation see the wiki.

Goals

Bromite aims at providing a no-clutter browsing experience without privacy-invasive features and with the addition of a fast ad-blocking engine. Minimal UI changes are applied to help curbing the idea of "browser as an advertisement platform".

Donate

Please donate to support development of Bromite and the costs for the build system.

→ Support development with a donation

Patreon: https://www.patreon.com/csagan5

BTC donations address: bc1qlx7h0lj9z88g2xfeuwsrtfs77sxuhrxf2t28sw

ETH donations address: 0x5d392F8FBf3465afe05B1Adc575e248D33B891F6

Features

• customizable adblock filters via user-provided URL (see https://www.bromite.org/custom-filters)
• automatically updated adblock filters
• remove click-tracking and AMP from search results
• DNS-over-HTTPS support with any valid IETF DoH endpoint
• always-incognito mode
• disable all field trials permanently
• disable smart search by default, allow web search from incognito mode
• always-visible cookies, javascript and ads site settings from address bar popup
• remove Play integration binary blobs
• use CFI on all architectures except x86
• enable trivial auto var init
• disable media router and remoting by default
• disable dynamic module loading
• show warnings for TLSv1.0/TLSv1.1 pages
• enable site-per-process isolation for all devices with memory > 1GB
• completely remove safe browsing and other privacy-unfriendly features
• proxy configuration page with PAC and custom proxy lists support
• settings to disable custom intents and clear session on exit
• flags to toggle anti-fingerprinting mitigations for canvas, audio, client rects, webGL and sensor APIs (see full list below for all the new flags)
• use frozen User-Agent to conceal real model and browser version
• privacy enhancement patches from Iridium, Inox patchset, Brave and ungoogled-chromium projects
• security enhancement patches from GrapheneOS project
• disable scroll-to-text-fragment
• reduced referer granularity
• block gateway attacks via websockets (partial fix, see this upstream issue)
• use 64-bit ABI for webview processes
• make all favicon requests on-demand (supercookie mitigation)
• enable all network isolation features (PartitionConnectionsByNetworkIsolationKey, PartitionHttpServerPropertiesByNetworkIsolationKey, SplitHostCacheByNetworkIsolationKey, AppendFrameOriginToNetworkIsolationKey, SplitCacheByNetworkIsolationKey, UseRegistrableDomainInNetworkIsolationKey, PartitionSSLSessionsByNetworkIsolationKey, PartitionExpectCTStateByNetworkIsolationKey, PartitionDomainReliabilityByNetworkIsolationKey)
• ignore enterprise policies that disallow secure DNS
• ask permission to play protected media
• disable the DIAL repeating discovery
• disable RTCGetCurrentBrowsingContextMedia by default
• disable FLoC and privacy sandbox by default
• disable feeds
• disable reporting of certificate errors
• use pre-defined phone model for client hints and Javascript
• allow forcing external links to open in incognito
• disable AGSA by default
• flag to enable Certificate Transparency
• allow adding search engines from incognito mode
• disable predictors
• disable supervised users
• disable safety check
• disable capability to block view-source: URLs
• disable SegmentationPlatformFeature, OptimizationHints, client hint headers
• disable AsyncDNS by default
• customize history expiration threshold
• disable idle detection
• HTTPS-only mode enabled by default
• disable TLS resumption by default
• partition DoH requests by top-frame NIK
• strict site isolation and strict origin isolation

Features not related to privacy

• browser automatic updates, enabled by default
• native Android autofill support
• import/export bookmarks
• bookmark all tabs from tabs regroup menu
• allow playing videos in background tabs and disable pause on switching tabs
• all codecs included (proprietary, open H.264 etc.)
• AV1 codec support
• dav1d decoder enabled by default
• built with official speed optimizations
• increase number of autocomplete matches from 5 to 10
• allow changing default download storage location
• do not ignore save prompt for users without SD cards
• disable articles and increase number of icons on new tab page
• adding an URL as bookmark will clear its blocked status for the NTP tiles
• history support in incognito mode
• view source of pages
• sticky desktop mode setting
• mobile/desktop user agent customization
• accessibility preference to force tablet UI
• use Alt+D to focus address bar
• allow sharing to Bromite
• UI for crash information collection
• allow OpenSearch search engine detection in incognito
• allow OpenSearch search engine detection with paths
• keyboard dictionary hints in address bar
• always allow view-source: URLs
• allow moving navigation bar to bottom
• add option to use home page as NTP

You can inspect all functionality/privacy changes by reading the patches and/or the CHANGELOG.

Flags

Flags which have been retired from upstream Chromium but are still available in Bromite.

• #pull-to-refresh
• #enable-search-ready-omnibox
• #darken-websites-checkbox-in-themes-setting
• #simplified-ntp, enabled by default
• #enable-text-fragment-anchor, disabled by default
• #num-raster-threads
• #enable-image-reader, enabled by default
• #enable-tab-groups and #enable-tab-groups-ui-improvements
• #offline-indicator-v2

New flags:

• #fingerprinting-canvas-image-data-noise, #fingerprinting-client-rects-noise and #fingerprinting-canvas-measuretext-noise, enabled by default
• #incognito-screenshot, disabled by default
• #max-connections-per-host
• #resume-background-video
• #ipv6-probing
• #enable-device-motion and #enable-device-orientation
• #show-legacy-tls-warnings
• #save-data-header, disabled by default
• #export-bookmarks-use-saf, disabled by default
• #allow-user-certificates, disabled by default
• #cleartext-permitted, enabled by default, can be used to disable all cleartext-HTTP traffic
• #omnibox-autocomplete-filtering, can be used to restrict omnibox autocomplete results
• #disable-external-intent-requests, can be used to disable opening any external app for any URL
• #enable-userscripts-log, see https://github.com/bromite/bromite/wiki/UserScripts#flags
• #certificate-transparency-enabled, enabled by default; see https://chromium.googlesource.com/chromium/src/+/master/net/docs/certificate-transparency.md
• #move-top-toolbar-to-bottom, disabled by default
• #site-engagement, enabled by default
• #offline-pages-auto-save, disabled by default, allows auto-saving of pages when device goes offline
• #adaptive-button-in-top-toolbar-customization, disabled by default, allows having a new tab or share button on the address bar

Site settings

• webGL, disabled by default
• images, enabled by default
• Javascript JIT, disabled by default
• timezone customization override
• autoplay, disabled by default
• webRTC, disabled by default

Privacy limitations

Bromite's privacy features, including anti-fingerprinting mitigations (which are not comprehensive), are not to be considered useful for journalists and people living in countries with freedom limitations, please look at Tor Browser in such cases.

Releases

All built versions are available as releases; the official website points to those releases and - when browsing via Android - it will automatically highlight the one apt for your device (or none otherwise).

Each tag corresponds to a Chromium Stable release tag.

Bromite is currently built for ARM, ARM64 and x86 and for the Android SDK version 23+; Bromite SystemWebView is provided as well (SDK23+). For every Bromite build you can always find a matching vanilla Chromium build which is used for example to verify which issues are specific to Bromite or not.

You will automatically receive notifications about new updates (and be able to install them) via the auto updater functionality (enabled by default), see related wiki page.

All official releases are also available through the official third-party F-Droid repository.

Integrity and authenticity

You can verify the integrity of a downloaded APK file from this project with any sha256sum-compatible tool by downloading the corresponding brm_X.Y.Z.sha256.txt or chr_X.Y.Z.sha256.txt file, where X.Y.Z is the release version number. Example:

$ sha256sum --check brm_68.0.3440.54.sha256.txt
arm64_SystemWebView.apk: OK
arm64_ChromePublic.apk: OK
arm64_ChromeModernPublic.apk: OK

You can verify authenticity, e.g. that the author (csagan5) released the file, by using gpg2:

$ gpg2 --quiet --verify brm_68.0.3440.54.sha256.txt.asc
gpg: assuming signed data in 'brm_68.0.3440.54.sha256.txt'
gpg: Signature made Sun 08 Jul 2018 04:22:52 PM CEST using RSA key ID D85DC0C5
gpg: Good signature from "csagan5 <32685696+csagan5@users.noreply.github.com>"

You can download csagan5's public GnuPG key from here: csagan5.asc.

How to build

The Bromite main repository contains tags for each corresponding Chromium release (see https://chromium.googlesource.com/chromium/src.git).

Please refer to official Chromium build documentation to get started on how to build Chromium; if you can build Chromium for Android, you can build Bromite.

The Chromium version tag used as base for the patches is available here: RELEASE; this is always corresponding to the git tag for every release. The GN args used to build Bromite are available here: bromite.gn_args. The patches are to be applied second the order specified in the bromite_patches_list.txt file (you can use git am).

NOTE: no official support is provided for builds.

How to build the filters

See upstream documentation: https://github.com/chromium/chromium/blob/master/components/subresource_filter/FILTER_LIST_GENERATION.md

Bromite uses an unindexed filter file, which is periodically published at https://github.com/bromite/filters

Contributing

Please submit issues following the issue template; beware that GitHub does not display the templates from mobile.

Patches are welcome and accepted if they match the project goals.

For any usage or development discussion please use GitHub Discussions: https://github.com/bromite/bromite/discussions

Credits

• Chromium project and developers
• Iridium project for some patches
• ungoogled-chromium for some patches
• ungoogled-chromium-android for some patches
• GrapheneOS for some security patches
• Inox patchset for some patches (via ungoogled-chromium)
• Brave Browser for some patches
• Vadim Pleshkov for Bromite's logo

Filters credits

• EasyList
• EasyPrivacy
• uBlock Origin
• Peter Lowe's Ad and tracking server list

The URLs of the lists used are available at: https://github.com/bromite/filters/blob/master/lists.txt

License

The patches published as part of the Bromite project are released under GNU GPL v3.