Your data never leaves your machine. No telemetry, no cloud sync, no tracking. XMethod is built from the ground up to keep your information private β with 15+ security features built into the browser.
Three pillars that guide every decision we make about how XMethod handles your data.
All data lives in ~/.xmethod/ on your machine. Zero cloud dependency. You own your data completely.
No tracking, no analytics, no data collection. We never phone home with your browsing data.
Passwords and secrets secured with AES-256-GCM encryption and Touch ID biometric unlock.
AES-256-GCM encrypted password vault with password generation, auto-fill, breach monitoring via Have I Been Pwned, and strength auditing. Unlock with Touch ID, store TOTP 2FA codes and secure notes, organize with categories, and import from Chrome or sync with Google Drive.
Set a PIN, use Touch ID, or pair your Apple Watch to lock the entire browser when you step away. Screen Lock adds a layer of protection beyond your OS login β preventing anyone with physical access from seeing your tabs, passwords, or app data.
Built-in content blocker that removes ads and trackers across every tab. No extensions to install or manage. The Privacy Panel shows a tracker heatmap and privacy score per site, so you can see exactly what's being blocked.
URL Cleaning automatically strips tracking parameters (utm_*, fbclid, gclid, and more) from every navigation β no extension needed. HTTPS Upgrade auto-promotes all http:// navigations to https://. Mixed Content Blocker prevents insecure sub-resources on HTTPS pages with an amber warning banner.
The Phishing Detector analyzes page content and displays a warning banner when you visit a suspicious site. The Download Scanner shows a confirmation dialog for potentially dangerous file types before you open them.
Open a single Incognito Tab for quick private browsing, or launch a full Incognito Window (Cmd+Shift+N) with a completely isolated session and ephemeral storage. Guest Mode creates a temporary profile with no history, cookies, or data persistence β perfect for shared computers.
Portal authentication with JWT tokens stored in Electron safeStorage. A 7-day offline grace period means you can keep working without an internet connection. Secure session management protects your account at every layer.
Custom permission prompts for camera, microphone, notifications, geolocation, clipboard, and MIDI β never a confusing browser dialog. Per-site settings let you save preferences per domain. Family Profiles add parental controls with screen time limits and content blocking.
Built on the Castlabs Electron fork with Widevine CDM support. Stream Netflix, Disney+, and other DRM-protected content directly in the browser without workarounds.
No server stores your browsing data, passwords, settings, or app data. Everything lives locally in ~/.xmethod/. Google services and iCloud backup are opt-in only β you choose what to connect. Cloud sync is available but always under your control.
Every piece of data XMethod stores, where it goes, and how it is protected.
| Data Type | Location | Protection |
|---|---|---|
| Settings | ~/.xmethod/settings.json | User preferences |
| Passwords | ~/.xmethod/passwords.json.enc | AES-256-GCM |
| Auth Token | ~/.xmethod/api-token | Electron safeStorage |
| App Data | ~/.xmethod/storage/ | JSON key-value |
| Biometric Key | ~/.xmethod/vault-bio.enc | Touch ID encrypted |
| Downloaded Apps | ~/.xmethod/apps/ | SHA-256 verified |
| Screen Lock PIN | ~/.xmethod/storage/ | Encrypted |
| iCloud Tokens | ~/.xmethod/storage/ | Electron safeStorage |
Download XMethod Browser and experience a browser that actually works for you.
Download for macOS