LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Vivaldi seems to have finally won me over (https://www.linuxquestions.org/questions/slackware-14/vivaldi-seems-to-have-finally-won-me-over-4175643177/)

cwizardone 11-29-2018 11:23 AM

What is exactly how I have it set up.
The problem is most noticeable on distrowatch.com due to the numerous links on that page, but I see it on other sites, Amazon.com comes to mind.

Hooks123 11-29-2018 05:14 PM

Where can i get the newest version? sbopkg has the 2.0.1309.37 which i installed and like very much.

Lysander666 11-29-2018 05:25 PM

Quote:

Originally Posted by Hooks123 (Post 5931650)
Where can i get the newest version? sbopkg has the 2.0.1309.37 which i installed and like very much.

Voilą.

Hooks123 11-29-2018 06:28 PM

Quote:

Originally Posted by Lysander666 (Post 5931652)

Thanks a bunch.

PROBLEMCHYLD 11-29-2018 07:49 PM

Does it phone home and all that data collecting crap?!!!

Lysander666 11-30-2018 04:40 AM

Quote:

Originally Posted by PROBLEMCHYLD (Post 5931679)
Does it phone home and all that data collecting crap?!!!

There are various responses to this, but the short answer is - no, it does not collect data. It does contact Google, but only to:

a] update certain certificates
b] update Widevine
c] update the safe browsing blacklist [this can be turned off].

This question has been asked a number of times, as you can imagine.

From one of the devs:

Quote:

No, we do not share any data with Google knowingly (except for search and search suggestions). We use the Chromium code base and there are some "call home" for various things there, but we believe we have plugged all those holes. If we missed something, it would be a bug.
Slightly longer answer from the Vivaldi team:

Quote:

There is no "spyware" involved here.

The two main reasons for Vivaldi to access Google servers automatically are:

Downloading and updating necessary components, the two major ones are the Certificate component and the Widevine video decoder. The certificate component performs extra checks on certificates, including revocation. The list of components is available on this internal page vivaldi://components

Downloading and updating the Safe Browsing blacklist. This is a so-called Bloom filter. This system works by calculating a very big number (hash) for the URL and parts of it. Then a few digits (32 bits) of these numbers are used to check in the local filter database. If the entry corresponding to the smaller number indicates that the URL may be blacklisted, Vivaldi uses more digits from the candidate number to request more information from the online Safe Browsing database, if still a possible blacklist, more data, using more digits of the number, are requested, until the server sends a list of URLs that are blacklisted. If one of the URLs is a match, then the page is block. At no time does Vivaldi send the URL to the server. The use of calculated hashes means that two almost identical URLs have wildly different hashes, but two wildly different URLs can have the same calculated hash (especially if one is using just a few digits). It is also almost impossible to reverse the calculation to get the original URL. These two points mean that it is not really possible for Google (or anyone) seeing the hash to tell which URL the user visited (in the case of the URL list, one might reasonably assume it was one of those, but it is still not a sure thing).

In neither case does Vivaldi send any cookies to the servers; only the IP address is, as always, known to the servers.

With respect to the connections to mtalk.google.com, this server is Google's Push Notifications server aka (Google Cloud Messaging, GCM). One of its uses is updates for a user's Sync data, which we are have disabled, since our Sync system uses a different system for such notification. Another use of this service is "Push Notifications" aka "Notification" from web sites. Whenever the user accepts Notifications from a website, persistent actions for receiving and handling these notifications are registered in Vivaldi, and among these actions is the establishment of a persistent connection to the GCM server, to listen for the notifications, and these connections are re-established immediately when Vivaldi starts. IOW, the connections to mtalk.google.com were initiated and configured by the user. Relevant URLs for this is chrome://settings/content/notifications , chrome://settings/siteData and vivaldi://gcm-internals
Even longer answer:

Read the privacy policy. Here's an excerpt:


Quote:

When you install Vivaldi browser (“Vivaldi”), each installation profile is assigned a unique user ID that is stored on your computer. Vivaldi will send a message using HTTPS directly to our servers located in Iceland every 24 hours containing this ID, version, cpu architecture, screen resolution and time since last message. We anonymize the IP address of Vivaldi users by removing the last octet of the IP address from your Vivaldi client then we store the resolved approximate location after using a local geoip lookup. The purpose of this collection is to determine the total number of active users and their geographical distribution.

...

Your browsing history such as visited URLs, typed search keywords and downloaded content are stored in your client profile and only accessible by your own action. Vivaldi AS has no access to this data. Your history cannot be shared unless it is by your own action.

When you turn on Search suggestions in your Settings (Settings > Search), Vivaldi will send a request to the chosen search engine with the typed keyword in order to display search results. Privacy policies for individual supported search engines can be found here.

Vivaldi integrates the Safe browsing API from Google, which checks the site you are visiting against a master list of known suspected phishing and malware sites. This feature can be turned off in the Privacy settings (Settings > Privacy > Privacy).

Many websites use cookies to identify repeat visitors and store information about their site visitors. Vivaldi stores cookies based on the user’s privacy settings (Setting > Privacy > Cookies) but how the cookie is used is determined by the website you are visiting and types of cookies. Therefore it is important that you understand the privacy policy of the websites you are visiting. You can view, manage and remove all stored cookies in your privacy settings.
This is the only way I'm getting to Iceland any time soon, unfortunately.

elcore 11-30-2018 05:25 AM

Quote:

Originally Posted by PROBLEMCHYLD (Post 5931679)
Does it phone home...

ACL/Whitelist (more effective than safebrowsing nanny list)
Quote:

Originally Posted by PROBLEMCHYLD (Post 5931679)
... and all that data collecting crap?!!!

It's maintaining a standard sqlite database (could just mount RAM where it expects a profile, and clear on reboot)

ruario 11-30-2018 07:33 AM

Quote:

Originally Posted by cwizardone (Post 5931576)
What is exactly how I have it set up.
The problem is most noticeable on distrowatch.com due to the numerous links on that page, but I see it on other sites, Amazon.com comes to mind.

Here is a video from a clean install in a VM, with distrowatch. It works fine for me.

Do you have any extensions installed or something else that might be messing this up for you?

ruario 11-30-2018 07:47 AM

Quote:

Originally Posted by Lysander666 (Post 5931784)
[…]the short answer is - no, it does not collect data. It does contact Google, but only to:


b] update Widevine

I just want to clarify this. On Linux in the current stable version we do not fetch Widevine automatically using the Chromium components update mechanism. This is something that only happens on Windows and Mac. However as of the recent Linux snapshots we have started auto-fetching Widevine, but it still isn't using the Chromium components update mechanism. Instead it is done in a shell script (that I wrote), which is called by the post install scripts of the deb and rpm. It is only called on installation or upgrade (or uninstall to clear the file). The Vivaldi repack script I make (and the SlackBuild on SBo) are not currently running this script or doing any equivalent, so nobody here gets automatic Widevine.

P.S. If you want to see what the widevine update steps involve, download the latest vivaldi snapshot build (.deb or .rpm) unpack it and take a look at “/opt/vivaldi-snapshot/update-widevine”.

EDIT: Short summary, “https://dl.google.com/widevine-cdm/$WIDEVINE_VERSION-linux-$WIDEVINE_ARCH.zip” is fetched ( “$WIDEVINE_VERSION” and “$WIDEVINE_ARCH” are hardcoded in the script itself) and unpacked locally. A sha256sum (also hardcoded in the script) is then used to confirm that the lib inside is the exact version we expect and if so, it is moved into a location where we can find it (“/var/opt/vivaldi-snapshot”). The pre-uninstall scripts of the .deb and .rpm packages will remove this file (if present) just before the package manger removes all the files that were installed normally (thus leaving the system clean on uninstall).

ruario 11-30-2018 08:12 AM

I should also add that if you do run the snapshot version of Vivaldi, you could actually call the bundled update script yourself to fetch and install Widevine for you:

Code:

su -c '/opt/vivaldi-snapshot/update-widevine --system'
Or to remove it

Code:

su -c '/opt/vivaldi-snapshot/update-widevine --system --undo'
P.S. Root access is only needed because it places the lib in “/var/opt/vivaldi-snapshot”.

ruario 11-30-2018 08:20 AM

As a side note, here is a story on how I announced the automatic widevine fetching and how I did not test it properly! :p

slalik 11-30-2018 09:54 AM

Quote:

Originally Posted by elcore (Post 5931016)
I'd use it full-time if only it could support userchrome.css and usercontent.css (which chromium can't do).

The SBo script allows to customize the user interface using the
/opt/vivaldi/resources/vivaldi/style/custom.css file if built with CUSTOM_CSS=yes.
For web pages I use the Stylus extension.

elcore 11-30-2018 10:42 AM

Quote:

Originally Posted by slalik (Post 5931862)
/opt/vivaldi/resources/vivaldi/style/custom.css

Thanks, I will look into that custom.css seems equivalent of userchrome.css

Quote:

Originally Posted by slalik (Post 5931862)
For web pages I use the Stylus

This extension is too heavy, I see on github what it is, a fork of extension (stylish) that was already fat years ago.
I don't think it's gotten any smaller. What I'd prefer is just few lines of css, not a huge package manager thing with hundreds of features.

slalik 11-30-2018 12:42 PM

Quote:

Originally Posted by elcore (Post 5931889)
This extension is too heavy, I see on github what it is, a fork of extension (stylish) that was already fat years ago.
I don't think it's gotten any smaller. What I'd prefer is just few lines of css, not a huge package manager thing with hundreds of features.

There are other extensions, for example User JavaScript and CSS.

enorbet 11-30-2018 01:03 PM

Thank you Lysander666 for an interesting thread. It seems quite a few people have at least some concerns with where a number of mainstream browsers are going and Vivaldi may qualify as a great substitute. However before I install yet another web browser I'd like to ask you why you left Opera for Chromium and when? What was the last version of Opera you used? I'm asking this because I recently installed Opera 57.1 and was pretty much "knocked out" with it's balance of Features and Simple Quality, especially in handling multimedia. Basically I'd like to hear a comparison of current Opera and current Vivaldi. I may just go ahead and do that myself but it would be nice to hear from someone with more background experience with Opera.


All times are GMT -5. The time now is 08:14 PM.