Tootfinder

In what was supposed to be a *security release* in their stable series, the #chromium upstream developers added #Gemini (that's Google's AI, if you're unfamiliar) PDF summary stuff to the tab UI.

@… <https://www.reddit.com/r/freebsd/comments/1qyh3pe/comment/o43qttr/>
"… Maybe first runs of www/chromium are just a lit…

RE: https://social.coop/@mlncn/116527806503621617
Anybody know if Chromium will have this monstrosity? I think not?

Yeah. Ok, then. This makes me very happy I deleted Chrome from my Mac about a year ago… (And have never / will never installed Claude Desktop).
I use one Chromium-based browser: @…. And I hope that will never become infected with this kind of AI crapware.

Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane. — That Privacy Guy!
Google Chrome is downloading a 4 GB Gemini Nano model onto users' machines without consent, with no opt-in, no opt-out short of enterprise tooling, and an automatic re-download every time the user deletes it. The pattern is identical to the Anthropic Claude Desktop case I wrote about last month, but the scale is between two and three orders of magnitude larger. This article does the legal analysis and, for the first time, the environmental analysis. The numbers are not small.

I'm pretty sad that my favorite browser #vivaldi adopted a min-width change from chromium to make it unusable to on linux phones. Guess the options are firefox or firefox then. https://www.reddit.com/r/vivaldibrowser/comments/1nk40kf/unable_to_resize_window_to_smaller_than_500px/

Filed Chromium bug #483413444: Invalid `aria-level` values incorrectly default to 1
https://issues.chromium.org/issues/483413444
Which addresses the regressions I found yesterday:

There are frameworks like {golem} and {rhino} to make shiny development more robust, but I like the concept of {shinytest2} in providing a testing framework for pure shiny. https://rstudio.github.io/shinytest2/index.html

from my link log —
LastPass leaks credentials from previous site.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1930
saved 2019-09-16

Amongst other security improvements from Chromium upstream it includes a fix for CVE-2026-5281 (Use after free in Dawn), which has a known exploit in the wild.

"can't park there, mate" is seared into my brain https://salsa.debian.org/chromium-team/chromium/-/blob/master/debian/patches/llvm-19/keyfactory.patch?ref_type=heads

debian/patches/llvm-19/keyfactory.patch · master · chromium / chromium · GitLab
Chromium packaging

Can confirm this for Arc, Brave, Edge, Chromium, and Vivaldi on my machine:
#Anthropic secretly installs spyware when you install Claude Desktop
https://www.thatprivacyguy.com/blog/anthro

Anthropic secretly installs spyware when you install Claude Desktop — That Privacy Guy!
Anthropic's Claude Desktop silently installs a Native Messaging bridge into seven Chromium browsers, including browsers Anthropic's own documentation says it does not support, and browsers the user has not even installed.

RE: https://cosocial.ca/@mhoye/116521805012366059
Chrome prohibits first-class ad blocking extensions.
Chrome now installs a 4GB AI model.
Google is an ad company. They harvest your data.
Use Firefox or else a Chromium fork like Vivaldi.

Amongst other security improvements from Chromium upstream it includes a fix for CVE-2026-5281 (Use after free in Dawn), which has a known exploit in the wild.

~The Claude Desktop App installs its browser extension into 7 different browsers without consent automatically. This is very much not cool.~
Edit: I misread the article, and this is not what is happening. Instead, these files that are installed allow for easier installing of the actual browser extensions, which is much less evil. No browser extensions are automatically installed. Thanks to @…

Anthropic secretly installs spyware when you install Claude Desktop — That Privacy Guy!
Anthropic's Claude Desktop silently installs a Native Messaging bridge into seven Chromium browsers, including browsers Anthropic's own documentation says it does not support, and browsers the user has not even installed.

What's a good ad blocker for Chrome?
[anyone suggesting I move to Chromium, Safari, or Mozilla will be summarily meme-d to death]

I just spam the Vivaldi browser update posts with pictures of my cycles because I can and nobody stops me! 🤣
https://vivaldi.com/blog/desktop/desktop-updates/minor-update-five-7-9/

Minor update (5) for Vivaldi Desktop Browser 7.9
This update includes a crash fix, a fix for Linkedin and a minor upgrade to Chromium 146 (Extended Stable Release) from upstream, which in turn includes security fixes from Chromium 147.

Chromium does weekly stable releases, and typically there are at least a few CVE fixes in a new release. Sometimes there's just one or two, but usually there's around 10-20.
The latest #chromium stable release (147.0.7727.55) has *60* CVEs. I don't know if that's LLMs being better at finding security holes or what, but that's the most I've ever seen by far.

Yes, it’s all Chromium, and yes they all love yummy-yummy RAM

@… *MY COMRADE IN CHROMIUM*

🔌 Full support for all #Chromium extensions incl. MV2. Extension downloads anonymized via Helium services — Google can't track what you install.
❗ Native !bangs: jump directly to 10,000 sites. !w Wikipedia, !gh #GitHub, !wa Wolfram Alpha, !chatgpt for AI chats. Works fully offline, …

@…
Seems to display fine with Chromium and Firefox on Android

What's the current state of the art in electroless copper plating chemistries that i can use to put a solderable, oxidation resistant coating on a bare copper surface?
The ideal would be something with a long shelf life that I can store indefinitely and apply a few microliters at a time with a swab or something, and that isn't exorbitantly toxic or carcinogenic (e.g. no cyanide or hexavalent chromium) and that I can buy in lab quantities rather than "I'm outfitting a P…

There’s life beyond VSCode… thought I’d share my dev setup:
• Main monitor: WezTerm¹ running in a three (sometimes four)-way split with Helix Editor² as my main editor, a terminal pane for general commands while working, and Yazi³ usually running in another for working with files/directories in a project.

• Other monitor: Sublime Merge⁴ always running full-screen so I can immediately see exactly what I’ve changed (in real time) as I’m working.
Others (not shown): Br…

Baking in overrides on certain flatpak apps in bog so I can get past the frequent need to manually check permissions for Chromium browsers so they can generate PWAs without hassle of using the terminal, fun thing is this does require me to basically make the same file with like 6 different names lol

I've got an issue with #tailscale I have used a funnel for linkwarden do be able to reach it from outside my LAN without having e.g. cloudflare. It has worked flawlessly but a couple of days ago it stopped working. I first thought it was a firefox thing, but I have tried it with chromium and it does'nt solve the problem.
I can ping the service (a docker container) and get answe…

🚫 No analytics, no telemetry, zero web requests on first launch. The browser itself has no ads or trackers — unlike Chrome, Edge or Brave.
⚡ Built on #Chromium for maximum speed & efficiency. Removes all bloat — one of the lightest modern browsers available. Doesn't slow down over time.
🖥️ Split view: open pages side-by-side. Quick link copy ⌘ Shift C. Install any web app…

And speaking of jank.. it finally builds and runs.

The TC39 Temporal proposal is coming along. It’s meant to replace JavaScript’s date API:
https://www.igalia.com/2026/03/13/Temporal-Reaches-Stage-4.html
Jason Williams’ talk about this at State of the Browser is now online:

Temporal Reaches Stage 4 | Igalia
Igalia is an open source consulting firm specialised in the development of innovative projects and solutions. Our engineers have expertise in a wide range of technological areas, including browsers and client-side web technologies, graphics pipeline, compilers and virtual machines. We have the most WPE, WebKit, Chromium/Blink and Firefox expertise found in the consulting business, including many reviewers and committers. Igalia designs, develops, customises and optimises GNU/Linux-based solutio…

Holy shit, why am I maintaining #chromium packages instead of hunting for security holes in it?!

Baking in overrides on certain flatpak apps in bog so I can get past the frequent need to manually check permissions for Chromium browsers so they can generate PWAs without hassle of using the terminal, fun thing is this does require me to basically make the same file with like 6 different names lol

@… This includes security fixes for CVE-2026-3909 & CVE-2026-3910 from Chromium 146.0.7680.80.

@… For the curious, this includes security fixes for CVE-2026-3909 & CVE-2026-3910 from Chromium 146.0.7680.80.
And yes, we somehow beat the Chrome team getting this out even though they did the fix. 😂

"how's everyone's chromium build looking? Mine finished and I'm testing* it now."
* farting around on mastodon

This was easily the worst chromium release in my ~3 years of maintenance. They just broke _everything_, and then turned around an immediately did another release 2 days later (after delaying CVEs by a day). I *just* uploaded packages to the security buildds, and there's already a new release. With no CVEs of course, but maybe there will be some CVEs tomorrow?
Note that it takes half a day just to build the damned thing.

🌐 #Helium is a free, fully #opensource #browser built on #Chromium — privacy-first by def…