Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Electron framework and privacy

I'm considering developing a cross platform Electron app.

According to the Electron website, Electron uses Chromium, the open-source version of Google's Chrome browser. However, given the privacy concerns regarding Google and Chromium and Electron's implicit use of Google services, I wonder if using a Chromium-based platform would be a good idea.

The eventual app will need to be as secure and private as possible, as it might be used to process sensitive data provided by the user.

Do Electron and/or its Chromium components track users in any way? Do they make any Internet connections by themselves? Do they collect and send data to third parties? Is it possible to run Electron while offline (see these reports)? Is the Electron framework appropriate for designing privacy-focused apps?

like image 343
Allan Ripley Avatar asked Jan 06 '19 15:01

Allan Ripley


1 Answers

Electron does not track your users, it uses mainly the Content Module for rendering HTML/CSS and executing JS and a set of chromium features, anything telemetry/privacy related only gets executed when you also provide a google API key, and at the moment that is only for the "geolocation" API.

The good thing is you can search the whole codebase, there is nothing from electron itself that could be a concern for privacy, except you add a Google API key.

But that does not include stuff you add to the app later on, if you start loading external web pages like a browser, you're defenseless agains them tracking your users.

like image 102
Hans Koch Avatar answered Oct 03 '22 14:10

Hans Koch