Xombrero (originally released in 2010 under the name xxxterm) is a discontinued, open-source minimalist web browser designed specifically for users seeking advanced security and lightweight performance. Developed primarily by OpenBSD users, it aimed to provide a highly secure environment where security features were natively designed into the software rather than bolted on later via extensions. Key Features of Xombrero
Designed-In Security: It disabled risky default behaviors like DNS and link prefetching. It also featured a colorful address bar to instantly indicate HTTPS certificate validity.
Strict Script and Cookie Controls: It provided robust, per-session and persistent toggle switches for JavaScript, cookies, and plugins. Users could browse in a blocked mode by default and easily “whitelist” trusted sites using quick commands.
Vi-Like Keyboard Interface: While it maintained a basic, traditional graphical user interface (GUI) with tabs, it was heavily optimized for power users. It utilized vi-like keybindings, allowing completely mouse-less navigation for switching tabs, entering URLs, and scrolling.
Minimal Resource Footprint: Written entirely in C and built on the WebKit rendering engine and GTK+3, Xombrero was designed to run smoothly on low-spec hardware.
Proxy and Tor Integration: It featured built-in, simple configuration tools to route traffic seamlessly through Tor or alternative web proxies. Current Status
Xombrero is retired and is no longer maintained. The project officially stalled around 2017 because it relied on an older legacy port of the WebKit engine. Updating the software to support modern, secure WebKit libraries proved too difficult for the small development team. Because the unmaintained engine contains severe unpatched security vulnerabilities, OpenBSD removed Xombrero from its ports tree in February 2017.
Note: Due to these ancient unpatched vulnerabilities, Xombrero is completely unsafe to use for modern day-to-day web browsing. Modern Alternatives
If you are looking for a functional browser that replicates Xombrero’s blend of keyboard-driven minimalism and security, consider these active projects:
qutebrowser: A highly active, python-based minimalist browser with native vim-style keybindings and a modern QtWebEngine base.
Luakit: A fast, lightweight browser framework extensible by Lua, designed for power users who want total configuration control.
Leave a Reply