secureblue / Trivalent

Trivalent A security-focused, Chromium-based browser for desktop Linux inspired by Vanadium. Intended for use in secureblue. Scope In scope • Desktop-relevant patches from Vanadium (located in vanadium_patches) • Changes that increase hardening against known and unknown vulnerabilities • Changes that make secondary browser features opt-in instead of opt-out (for example, making the password manager and search suggestions opt-in) • Changes that disable opt-in metrics and data collection, so long as they have no security implications Out of scope • Any changes that sacrifice security for "privacy" (for example, enabling MV2) why? • Any novel functionality that is unrelated to security Installation Official support is only provided via secureblue. Unsupported installation is also possible via our repo. "Support" here refers to which systems Trivalent is tested against. It does not mean that it's forbidden to open GitHub issues regarding Trivalent's use on other systems. Post-install Some additional preferences are added to , these provide additional security and privacy controls should they be needed. An example of one toggle is the (disabled by default), which is known to occasionally clear cookies on exit. \ There is also a Website Dark Mode preference added to . \ \ Additionally, the following flags are available that provide extra hardening but may cause breakage or usability issues: • • Other flags are also provided for compatibility should you experience an issue related to some of the hardening enabled by default. For example, the default pop-up blocker is very strict, it may optionally be disabled to improve usability. Content Blocking Trivalent comes by default with content filtering enabled using Chromium's internal subresource filter. The lists used for content filtering can be found here. \ If you want to contribute to the subresource filter, for example suggesting a new list, visit here. Contributing Follow the contributing documentation, and make sure to respect the CoC.