Kicksecure ™ Default Browser Considerations
Kicksecure (not Whonix!) is primarily a security focused Linux distribution. Preferring security over privacy if such a decision is unavoidable. However, Kicksecure ™ will never implement outrageous privacy violations. It will even provider slightly better privacy than most other Linux distributions (such as no popularity contest installed), but otherwise no huge efforts to optimize privacy such as in Whonix. (And yet, Kicksecure ™ would be a suitable host for Kicksecure ™ until Whonix-Host materializes. No contradiction here since Kicksecure ™ works fine on top of any secure Linux distribution that does not implement outrageous privacy violations.)
Even if Firefox would provide better privacy than Chromium, this would still not speak in favor of choosing Firefox as the only browser installed by default in Kicksecure ™ because as elaborated in the first paragraph in this chapter, Kicksecure ™ is primarily a security focused Linux distribution.
Other browsers not available from packages.debian.org are not considered (at least not in initial versions) because Kicksecure ™ will have a similar default application to Whonix default application policy.
However, Firefox should be preferred for reasons other than security and privacy, see threats to user freedom thorough market share domination. In future, Firefox might have better advertisement blocking capabilities?
SecBrowser (a browser providing better privacy when browsing clearnet) will not be installed by default in Kicksecure ™ because of grave usability issues, namely its window bar is still saying "Tor Browser" rather than Firefox or SecBrowser. That would be too confusing for new users of Kicksecure. Also Chromium is more secure than SecBrowser.
See also these Chromium considerations.
Therefore the decision which browser to install by default in Kicksecure ™ is a difficult one.
To not let the perfect be the enemy of the good, it's been decided to install Chromium by default in the initial versions of Kicksecure. The decision is based on practicality, available resources, achievable initial goals. It is a significant development effort to create a dedicated website for Kicksecure ™ and to create a new Linux distribution. Kicksecure ™ doesn't have to find solutions to the difficult mostly globally unaddressed Miscellaneous Threats to User Freedom right from the start.
See also #Potential Future Solutions which might be implemented in later stages of the development.
no browser installed by default
- That would be a terrible user experience, specifically for Live ISO / USB users, waiting until all browser related packages are downloaded and installed using APT. Users want ready to go solution. The fact that they already have to invest time to get a new operating system is already a barrier. Asking them to wait till a browser downloads is too much.
install both firefox-esr and chromium by default
- a waste of disk space
- longer update times as both packages are downloaded in the future
- not a strong stance against chromium
Potential Future Solutions
Might be implemented in a later version but not in the initial versions.
Browser Choice Dialog
Similar to this:
During the build process of Kicksecure ™ download (cache) both packages, firefox-esr and chormium but don't install these. This is to avoid avoid APT traffic and time wasted on network download. In more technical terms, similar to this:
sudo apt update sudo apt install --download-only firefox-esr sudo apt install --download-only chromium
The packages will then be cached but didn't actually install the packages. These downloaded packages files will reside in folder
/var/cache/apt/archives and otherwise do nothing. Would be cleaned up once the user runs
sudo apt clean.
That would work well for ISO release but not for installation from repository. The latter not sure how important long term, perhaps for servers (server vendors won't offer Kicksecure ™ pre-install very soon) but then for servers no browser is required.
Not sure yet this can work with the ISO build process.
Also after first boot there is a technical issue. Suppose users would run
sudo apt update followed by
sudo apt full-upgrade before ever starting a browser, which is recommended and good security practice. Then when running the browser choice dialog (through clicking browser icon in start menu)...
At this point the user most likely the browser choice tool cannot run
sudo apt install firefox-esr or
sudo apt install chromium on behalf of the user without network traffic. This is because dependencies, package versions changed meanwhile. (User run
sudo apt update would have noticed that.) This decreases usability. Thereby the browser choice tool would be changed from
offline install previously downloaded browser package to
network dependent download and install of browser.
To keep the browser choice tool
offline install previously downloaded browser package should the browser choice be a popup at first boot?
There might be technical solutions for all of this but this makes the default browser choice a major development task.
draft text for browser choice dialog
Not relevant yet since the browser choice dialog will not be implemented soon.
Kicksecure ™ supports any Debian compatible browser, but defaults to two major choices: Chromium and Firefox.
- Firefox - Pros: Keeps the web open and free as we know it. Less secure.
- Chromium - Pros: More secure. Cons: Increases Google's influence, which may harm user freedom and choice in the future.
Please make a selection:
[ ] Chromium
[ ] Do not install any browser at this time
[ ] Do not ask again
[ ] Quit
Domain name will change go kicksecure.com.
- Dev/Default Browser
- Chromium Browser for Kicksecure ™ Discussions (not Whonix)
- Google Chrome Repository Insecurity