Thank you for your reply
I have the same settings as you show in your screen shots but there are no saved passwords
So you have never seen such prompt?
I thought this sounded slightly familiar … I just did a little test. When I tried to screenshot the little key icon which signifies “Saved password” it disappeared with the keyboard!
So as I messed with this, I observed the key icon appear and disappear with the “show password” toggle.
So this key icon is slightly elusive! It appears as if a top line on the keyboard, it is small, it is not a jump out at you popup!
The key icon appears when I am logging in to a site but when I press it there are no passwords in there. There is no prompt to say save password or anything like that
Sorry not to be more help … I have a feeling that it might be a timing thing … I have half a memory of myself going round in circles with this at first!
You might see if you could attempt a brand new login somewhere, but do the login very slowly looking out for a small clue previously missed?
So I just tried my own suggestion. The key icon appeared at the top of my keyboard, but I did not touch it as registration was not complete or authorised.
Now I am registered, but have no Saved password.
After 6 tries I can report that I can reproduce your issue. 1.0-rc-q-20220509184455-dev-a3xelte
thanks for trying to help, glad I am not the only one with the issue then!
Looks like this might be an issue with the version of Bromite that /e/ browser is based on:
From the above it would seem that the bug was patched in 100.0.4896.92.
My version is 100.0.4896.57
Good searching @memgtdg, thank you.
My version is also 100.0.4896.57
A quick attempt to install Bromite from https://www.bromite.org/ failed to install. I should have followed this method Daily tips to gain more privacy from Murena team - #72 by SkewedZeppelin
Hi,
Ive installed this morning using f-droid and can confirm the latest version of bromite works!
Thanks for the info!
No, thank you! As it happens I had now wiped my data and my /e/ Browser no longer had any passwords!
The issue solved for me to in Bromite 102.0.5005.96.
how to update the /e/ browser itself?
Hi,
I have recently installed /e/OS and it’s good to be using a privacy-based OP (that does everything that the native fair phone OP did). Though the ‘e’ native browser isn’t prompting for or storing any passwords. I have checked the settings as per this thread. Is this a known issue? If so, what’s the best workaround?
For example, is there an open-source password manager that can also auto-fill passwords for the ‘e’ browser?
Hi,
I wouldn’t use the native browser. As mentioned above it does not get updated regularly so not good from a security point of view.
I’ve been using Bromite installed via F-Droid for several months but have just today installed Mull. So far it looks really good and has some nice features that Bromite doesn’t seem to have - screenshotting and password saving in private mode and the ability to easily switch between normal and private browsing. It also looks a lot nicer in my opinion
That’s odd as according to the /e/ website "/e/OS is an open-source mobile operating system paired with carefully selected applications. They form a privacy-enabled internal system for your smartphone. And it’s not just claims: open-source means auditable privacy.
But, you suggest the native browser may have security issues? So, if that’s the case, which android browser has the best security?
Privacy browser has a 10\10 privacy rating according to the Applounge. Though it’s a bit confusing. For example. Tor Browser has a 6/10 rating and according to the info includes “google firebase analytics” and two other trackers. I can’t see Bromite or Mull browser on Applounge (at least they don’t show up in the first results (it’s a very long list)
I think this is a valid claim. I say this from the point of view of a naive user seeing that the original proposal was a degoogled mobile phone system which could be deployed over hundreds of devices and look consistently good to new users as little technically informed as me. As for auditability, this is also valid, as it is easy to shoot holes in the security, just as Bromite does for its own product.
Rhetorically, … what is Bromite “redistributing”? … why Chromium! … is it easy to secure Chromium? Note I have now changed the subject. Who makes Chromium? Edit, it is in fact the Open source version of Google Chrome. (Imagined response from Google – ‘we go to great lengths, week by week, to secure Chrome’)
With https://doc.e.foundation/support-topics/advanced_privacy.html users can now start to judge for themselves whether certain behaviours with Apps and Browsers are wise with a highly networked device which is intimately plugged into their lives.
Note that Advanced privacy is still trying to give better Privacy, but in your question I think you are (understandably) more concerned about Security. I feel that this becomes more about choosing the optimum communication systems to meet your needs regarding security.
1 Like
I certainly appreciate \e\OS. It was mainly the remark about the “not good from a security point of view” of the native browser that doesn’t add up with the \e\ ethos. For example, if Bromite and Mull browsers have more robust security, then why not have one of these as the native /e/ browser? I’m a newbie within the context of how \e\OS choosers what apps to include in the vanilla distribution. But, if the native browser “does not get updated regularly so not good from a security point of view” why not swap it out with an open-source browser that has an active dev community?
Aren’t privacy and security essentially the same qualities? In that, what we want to keep private- we want to keep secure (from unwanted prying eyes). Of course, only criminals have something to “hide” (& unfortunately that may be some behaviors of some governments & industries), but that’s not about respecting the right of citizens to have some privacy.
FYI, politically, I think citizen assemblies align with the ethos of the open-source software community.
The native /e/ browser is Bromite. Or rather it is /e/'s fork of Bromite. The normal process is that forked versions of an app need to regularly sync with upstream to pull in the latest changes (including security-related fixes) from the upstream (i.e. the original app from which the are forked - Bromite in this case).
The problem is that /e/ have got behind in this process, and have not (yet) pulled in changes which have been made in upstream Bromite. It is on the /e/ ‘To Do’ list (here), along with a proposal to Automate Browser sync with upstream, but it has not yet been done, probably because other issues have a higher priority for /e/'s limited development resources.
In my opinion, the best way to proceed would be for /e/ to use the upstream app (for Browser, and for all the other apps that they have chosen to fork) rather than to make their own fork, which will inevitably fall behind the upstream. But we’ve had that discussion many times already, and they won’t change. That is (mostly) why I now use my own custom build of LineageOS for Microg rather than /e/OS on my own devices.
3 Likes
While earlier in this thread I reported changing to Bromite as it slowly dawned on me that /e/ Browser had stopped saving passwords, and but at that time continued to use passwords saved from an earlier version, I reported in another thread Feedback for v1.3 - #131 by aibd, that Bromite is reported by Advanced Privacy to leak.
1 Like
From a newbie perspective, it does seem that developing their own fork is inefficient if that fork isn’t keeping up with the latest upstream security implementations.
1 Like
Same issue here with Browser 100.0.4896.57 (version installed with /e/OS 1.6). Didn’t have this issue with the version I used before (/e/OS 0.10). Will have to use a different browser, since saving and recalling passwords is really important for me.