scowser
A web browser that actually respects you. Built-in security. Zero telemetry. No compromises.
Scroll to learn more
A web browser that actually respects you. Built-in security. Zero telemetry. No compromises.
Pick your platform and you're up and running in under a minute.
The easiest way to install on macOS. Installs a signed and notarized app.
brew tap scowser/scowser
brew install --cask scowser
Download a DMG for your Mac. Signed and notarized by Apple.
Or browse all releases
Install from source via Linuxbrew. Builds with your system's Qt6.
brew tap scowser/scowser
brew install scowser
Grab an AppImage (just run it) or a tar.gz if you prefer manual installs.
AppImage: chmod +x scowser*.AppImage && ./scowser*.AppImage
For developers or anyone who wants to verify every line. Requires CMake 3.22+, Qt6, and a C++20 compiler.
git clone https://github.com/scowser/scowser.git && cd scowser
cmake -B build -DCMAKE_BUILD_TYPE=Release && cmake --build build --parallel
./build/scowser
Most browsers say they care about your privacy. scowser was designed from the ground up to prove it.
Every tab you open runs in its own isolated sandbox. If one tab gets compromised, it can't touch anything else — not your other tabs, not your files, nothing.
Leverages Chromium's multi-process architecture via Qt WebEngine, with additional OS-level sandboxing (seccomp-bpf on Linux, sandbox_init on macOS). Each renderer process is locked down to minimal privileges.
Ads and trackers are stopped before they even load. No extensions to install, no settings to configure — it just works out of the box. Pages load faster and you see less junk.
Implements EasyList and EasyPrivacy filter lists via QWebEngineUrlRequestInterceptor. Requests are blocked at the network layer before leaving the browser, with zero dependency on third-party extensions.
When you type a website address, your browser has to look it up — kind of like a phone book. Normally, anyone on your network (your ISP, your coffee shop) can see those lookups. scowser encrypts them so nobody can snoop.
DNS-over-HTTPS resolution via Cloudflare (1.1.1.1) and Quad9 (9.9.9.9). All DNS queries are sent over encrypted HTTPS connections, preventing ISP and network-level DNS surveillance. Graceful fallback if DoH is unavailable.
scowser doesn't phone home. Ever. No usage analytics, no crash reports sent to some server, no "anonymous" data collection. The only network traffic is the stuff you actually asked for.
All Chromium telemetry endpoints are blocked at the request interceptor level. No analytics, crash reporting, or data collection infrastructure exists in the codebase. What leaves your machine is only what you explicitly request.
scowser is extra paranoid about the "lock icon" in your address bar. It enforces the strongest encryption standards and double-checks that websites are who they claim to be, making impersonation attacks much harder.
Enforces HSTS preload lists, certificate transparency verification, and rejects weak cipher suites. TLS 1.2 minimum with TLS 1.3 preferred. Implements certificate pinning to detect and prevent MITM attacks.
Websites can be tricked into running malicious code. scowser adds an extra layer of rules that tells the browser exactly what a page is allowed to do — and blocks anything sketchy that tries to sneak in.
Injects and enforces strict CSP headers on pages. Blocks inline script execution on pages without their own CSP. Violations are logged internally and never reported to external servers.
When you close scowser, it's like you were never there. Cookies, browsing history, cached files — all gone. Every launch is a clean slate. You can optionally save a session if you want to pick up where you left off.
Uses an off-the-record QWebEngineProfile with zero disk persistence by default. No cookies, cache, or history survive a session. Optional session persistence is explicitly opt-in per session.
Every line of code is public. You don't have to trust our word — you can read the source, audit it, build it yourself, or contribute to it. Security through transparency, not obscurity.
Apache 2.0 licensed. Built with C++20 on Qt6 WebEngine. CI includes AddressSanitizer, UBSan, ThreadSanitizer, Valgrind, and AFL++ fuzzing to catch bugs before they reach you.