Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
>Seems like a lot of them at least are active.
I wouldn't trust the last updated time, many of those have stale commits. But yeah there do seem to be a few that are actively tracking upstream, so not sure. Maybe it's the combination of that _and_ providing binary releases?
 
Screenshot at jun 04 08-30-12.png
 
  • Like
Reactions: MacFoxG4
Hello everyone,

I discovered Chromium Legacy just yesterday and can confirm that the GitHub/blueboxd page is right there, with all its contents.

I've got an old 2008 MacBook running 10.11, I've installed the latest stable version (124.0.6367.207.1) and the result is very good: pages open very fast and Chromium Legacy gives me back access to some lost sites, when the other open source browsers I've tested (Pale Moon, SeaLion, Basilisk, BrassMonkey) fail. Thanks to everyone who took part in this great job.

A quick question - sorry if the answer is already in this 17-page thread: I will lose my bookmarks when I manually update to the next stable version by trashing the previous one. Is there a way to transfer bookmarks to the new version? And does the updater presented on the blueboxd page integrate this transfer (it's not specified in the features)?

Thanks !
 
Updating the version shouldn't cause the loss of your bookmarks. In fact, from my albeit limited experience updating, everything, not just bookmarks, should remain. "Everything", as in the Chromium Default folder - where your user info is stored - in ~Library/Application Support. That is, your user Library, not the system Library.

Note, no experience with the stand alone updater, which doesn't work for me in High Sierra 10.13.6. Although I suspect it should behave similarly.
 
Last edited:
Thank you for the Chromium folder location. I will make a copy of it before using the updater in due course.
 
Just to be clear, that's the Default folder inside the Chromium folder, in your user Library/Application Support. Not the Default Chromium folder, which I wrote earlier and which may be misleading.

Screen Shot 2024-06-06 at 4.41.33 PM.png
 
I will lose my bookmarks when I manually update to the next stable version by trashing the previous one.
No you won't! As @RK78 mentioned, this stuff is saved in ~/Library/Application Support/Chromium. You don't even need to manually back it up before updating.

However, I have two addendums:

  • I actually recommend manually deleting this folder once a year or so. https://github.com/blueboxd/chromium-legacy/discussions/138
  • Your cookies will occasionally be lost between versions, meaning you need to log into websites again. This usually only happens when downgrading, but I have very rarely had it happen when upgrading as well. (I know for sure it happened at least once.) This has something to do with how Google attempts to prevent cookies from tampering.
 
Last edited:
An idea is to save the Default folder (cf. @RK78) before the deleting, and reinstall it inside the Chromium folder recreated by the restart.
Yes but I don't understand why. Just don't touch the folder and everything will work.

Is it related?, I don't know...
It's probably not. They happen. I am curious if the glitches sound like this issue (please check if the mailbox message is in chrome://gpu).
 
Last edited:
  • Like
Reactions: RK78
I am curious if the glitches sound like this issue (please check if the mailbox message is in chrome://gpu).
Background color with large rectangles : yes, that's what I've seen. Didn't happen again after I deleted the Chromium folder and restarted fresh. If it happens again, I'll check in chrome://gpu.
 
Last edited:
Question re. stable versions/builds, does Chromium-Legacy usually follow the releases for Chrome Mac Desktop?

As of now, the latest stable release for Chrome, on 6/13/24, was 126.0.6478.61/.62 for Windows, Mac.

Does this mean that we can expect a new Legacy release in the near future?

 
Last edited:
Question re. stable releases, does Chromium-Legacy usually follow the releases for Chrome Mac Desktop?

As of now, the latest stable release for Chrome, 6/13/24, is 126.0.6478.61/.62 for Windows, Mac

The stable branch of Chromium Legacy follows the Google Chrome stable releases, yes. However, new Chromium Legacy builds sometimes take a few months to come out.
 
EDITED

Realize that Bluebox must be doing the best he can, but if it can take a few months does that leave us potentially exposed to serious security vulnerabilities left unpatched during that time?

Or is that "few months" related more to the meandering pace of Google's roll out than to Bluebox? Note, never bothered much before with Chrome, my main experience with a chrome based browser has been with Brave, where updates are implemented immediately, and even incessantly.

"This update, which will roll out over the coming days and weeks...."

 
Last edited:
I think it's mostly okay to be a few months behind. Getting remote code execution with e.g. the issues in the page you linked would require a lot of focused effort.
 
The stable branch of Chromium Legacy follows the Google Chrome stable releases, yes. However, new Chromium Legacy builds sometimes take a few months to come out.
When did that change by the way? Didn't it use to be that it automatically built binaries of Chromium Legacy nearly daily?
 
If you are worried you can always disable v8 optimizations for untrusted webpages, and block webassembly + webgpu/webgl which is where most of the attack surface is
 
If you are worried you can always disable v8 optimizations for untrusted webpages, and block webassembly + webgpu/webgl which is where most of the attack surface is
Not sure I understand much of that, mostly above my head. But do you think by running a script blocker, with uBO, plus Malwarebytes Browser Guard, which I do, that I can pretty much limit my exposure?
 
Screenshot at jun 17 07-04-42.png



Chromium's 127 (130 Bluebox) already has those patches. But I think we are too obsessed with patches. A good firewall (Vallum) and Adguard, well configured, secure internet connection via proxy https localhost port 3128 and there is no one to do anything. I have been like this for years, be it Yosemite, Capitan, Hight Sierra and I use Vivaldi completely outdated and I operate with complete peace of mind
 
You only need uBO, it can disable javascript.
Realize that uBO can disable JS, but at least before digging in further to set permissions per script, that appears to be all or nothing. Not good. For example, if all allowed, that would potentially permit doubleclick or googletagmanager, which I would never want to allow.

Have been running uBO with NoScript for years on Firefox (functions the same in Chromium Legacy). Use uBO to see what scripts should or shouldn't be allowed (plus filter lists).

Note, quite often only the domain itself needs to be allowed, but for others which won't work properly until all scripts are evaluated, allowed or blocked, this becomes quite important.

For example, politico, just to take one at random.

politico noscript.pngpolitico uBO.png

Also @davigarma, the Bluebox 127.0.6494.0 (1303823)
is unstable. We had been discussing the stable channel releases. In any case, will give that a try to see how it behaves.
 
Last edited:
Just a reminder that there have been no reports of these exploits being used in the wild. I really wouldn't recommend spending energy worrying about this.
 
Off topic, but perhaps you can help. Just tried making a donation to Bluebox, but no matter how I enter the billing information - and I've tried every which way - keep getting "address entered is invalid."
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.