BriskBard web browser

Submit portable freeware that you find here. It helps if you include information like description, extraction instruction, Unicode support, whether it writes to the registry, and so on.
Message
Author
User avatar
smaragdus
Posts: 2120
Joined: Sat Jun 22, 2013 3:24 am
Location: Aeaea

Re: BriskBard 1.8.0

#16 Post by smaragdus »

Someone who has time, network expertise and appropriate tools (for example Wireshark) may check BriskBard for unsolicited connections and background requests. In my opinion a closed source browser cannot be trusted. I have tested several versions in the past (1.3.0, 1.3.2, 1.6.0) which I immediately discarded. I had a short look at the current version (1.8.0) (browser, FTP. RSS)- the FTP client comes closest to being usable. Several Google services are enabled by default which is a huge security flaw. The customization level is low- I did not find a way to disable the warning message when closing the browser with open tabs, which is extremely annoying, I did not found a way to delete entries from speed dial (which by the way does not look good), I did not find a way to add my own entries to the speed dial. The worst- the browser does not support extensions- for me a browser without extensions is like a car without wheels. The browser puts an icon to system tray but it is useless as the tray icon has no commands and the browser cannot be minimized to tray. Overall- I find this browser generally slow and unresponsive. The browser response is so poor that I presume that it is making requests in the background but I have no time to dig deeper and currently I don't have the necessary tools installed. I also have the feeling that the developer's unwillingness to open source the browser (and thus possibly get help from other developers) has to do with the browser's background connections. Otter Browser may also be one-man project and may also have many flaws but at least I am sure that its developer does not have secret intents.

User avatar
salvadordf
Posts: 9
Joined: Fri Nov 03, 2017 7:40 am
Location: Spain
Contact:

Re: BriskBard 1.8.0

#17 Post by salvadordf »

smaragdus wrote: Mon Jun 24, 2019 3:20 pm Someone who has time, network expertise and appropriate tools (for example Wireshark) may check BriskBard for unsolicited connections and background requests.
By default, these are the only connections you will see :
  • BriskBard downloads the databases from the phishing protection services to your computer : PhishTank and "Google Safe Browsing". PhishTank is a simple URL list that the browser checks when the user visits a website and the browser doesn't send any data to their servers. "Google Safe Browsing" is a lot more complex but the only data that is sent to Google are incomplete URL hashes when the user visits a suspicious website. You can disable these services in the configuration window.
  • BriskBard asks briskbard.com what's the latest browser version and it shows a desktop notification if you're using an outdated version. No data is sent in that request.
  • BriskBard also downloads the latest version of the "effective_tld_names.dat" file to update the Internet domains list used when you use the BriskBard rendering engine (not Blink or Trident). That file is necessary to know what is a valid domain.
  • If you use the search box the browser sends your search terms to Google to show some search suggestions but you can disable this in the configuration window.
  • If you use the "Check for phishing threat" menu option then the browser will send the current URL to the Google or Yandex server to check if it's malicious. This only happens is the user clicks on that option.
  • If you enable the Tor network then you will see connections to the "Windows Expert Bundle" proxy (tor.exe)
  • If you use the FTP client, email client, newsgroups reader or news aggregator you will see some connections to check your email, newsgroups and RSS feed subscriptions, and to the FTP server.
If you detect any other connection, please make sure that you downloaded the installer from briskbard.com and check your computer for malware.
smaragdus wrote: Mon Jun 24, 2019 3:20 pm In my opinion a closed source browser cannot be trusted.
I respect your opinion but I disagree. Some other closed source projects may have a bad reputation but that, in my opinion, doesn't make all closed source projects guilty. There are many other reasons to decide if a project must be open or closed source.

In the case of BriskBard, most of the code is open source but I keep a few close source fragments as a protection against companies and developers living in countries with a relaxed copyright law.

I work alone with a limited budget and I could be easily outrun by any company willing to invest time and money. They could just rebrand the project, add a few features and have a big marketing campaign. By the time I realize someone copied BriskBard I wouldn't be able to do anything and all the years and effort developing BriskBard would be in vain.
smaragdus wrote: Mon Jun 24, 2019 3:20 pm Several Google services are enabled by default which is a huge security flaw.
There are 2 Google services enabled by default : "Google Safe Browsing" and the search suggestions.
Both of them were added because several users asked for more phishing protection and for a complete search box.

You can disable them in the web browser configuration window. You can also use a different search engine for the search box and change the homepage.
smaragdus wrote: Mon Jun 24, 2019 3:20 pm I did not find a way to disable the warning message when closing the browser with open tabs, which is extremely annoying, I did not found a way to delete entries from speed dial (which by the way does not look good),
Thanks for the suggestions! I'll add those features in the next version.
smaragdus wrote: Mon Jun 24, 2019 3:20 pm I did not find a way to add my own entries to the speed dial.
Load a web page, click the right button in the mouse over the page to open the context menu and select the "Add this page to the Speed Dial" option. I'll see if I can add that option somewhere else too.
smaragdus wrote: Mon Jun 24, 2019 3:20 pm The worst- the browser does not support extensions- for me a browser without extensions is like a car without wheels.
BriskBard uses CEF (CEF4Delphi) to embed Chromium browsers and CEF support for extensions is incomplete. I'll add them as soon as CEF has better extensions support.
smaragdus wrote: Mon Jun 24, 2019 3:20 pm The browser puts an icon to system tray but it is useless as the tray icon has no commands and the browser cannot be minimized to tray.
I'll add a menu with some options in that icon. Thanks again!
smaragdus wrote: Mon Jun 24, 2019 3:20 pm Overall- I find this browser generally slow and unresponsive. The browser response is so poor that I presume that it is making requests in the background but I have no time to dig deeper and currently I don't have the necessary tools installed. I also have the feeling that the developer's unwillingness to open source the browser (and thus possibly get help from other developers) has to do with the browser's background connections.
The first BriskBard version you tried used Trident as the default rendering engine and it had some performance issues but now BriskBard uses Blink and all those issues are gone.
I understand that Trident left a bad first impression and it's not easy to change first impressions.

As I mentioned before, I'm the maintainer of the CEF4Delphi project at GitHub. CEF4Delphi is an open source project and I regularly help other developers in our forums. As you can see at GitHub and the developer forums, I also accept suggestions, code with new features or fixes for CEF4Delphi too.

BriskBard uses CEF4Delphi which uses CEF to embed Chromium browsers in Delphi applications, and other open source components like OpenSSL, SQLite, Hunspell, Indy, etc.
In terms of code length, only a few minor code fragments are close source for the reasons I commented previously.

User avatar
smaragdus
Posts: 2120
Joined: Sat Jun 22, 2013 3:24 am
Location: Aeaea

Re: BriskBard

#18 Post by smaragdus »

@salvadordf

Thank you for the detailed response. My test last night was brief and superficial. When I have time I will have another look and perhaps I will suggest some improvements too. Now I will suggest only one thing- improvement of speed dial. You may make the usage of the speed dial easier and handier- you may have a look for Vivaldi browser or at a speed dial extensions (speed dial example- Speed Dial 2- Chrome Store, Firefox Store), screen:

Image

I mean that you can add + button to speed dial for easy adding of entries to dial, also you may add more customization for the dial- number of columns, number of entries per column, width, etc. You may also add options to edit entries in speed dial- delete entry, edit entry, refresh thumbnail, etc.

I forgot to mention one good thing- I was able to easily integrate BriskBard with an external download manager (in my case Free Download Manager).

About importing bookmarks- you can add further enhancements- direct import from Firefox (Places, JSON).

About system tray icon- you may add check boxes in 'Configuration' (perhaps in 'General')- show tray icon, minimize to tray, etc. If the program is minimized to system tray you may add commands to tray icon- show, exit.

When I have time I will have another look and may suggest more enhancements. The first thing I did configuring the program was disabling Google services- I do not want protection from Google but protection against Google.

User avatar
salvadordf
Posts: 9
Joined: Fri Nov 03, 2017 7:40 am
Location: Spain
Contact:

Re: BriskBard web browser

#19 Post by salvadordf »

Thank you very much for all those suggestions! :D

I'll add as many as I can in the next version.

Post Reply