this post was submitted on 21 Nov 2023
2087 points (98.6% liked)

Technology

59651 readers
4232 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

• Firefox offers better privacy and security than Chrome, with upcoming support for 200 new add-ons. • While Chrome dominates, Firefox gains ground with user-friendly browsing experience and open-source model. • Mozilla's focus on user privacy and transparency challenges Google's ad-centric approach, making Firefox a viable alternative.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (2 children)

Have they addressed the security issues with sandboxing and site isolation and added a web view on android yet? I'd love to use Firefox on my phone too, but those issues were big enough for GrapheneOS to recommend against gecko-based browsers (though fortunately they provide their own de-googled chromium-based browser Vanadium):

Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn't have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn't happening for their Android browser yet.

https://grapheneos.org/usage#web-browsing

[–] [email protected] 5 points 1 year ago (1 children)

I love GrapheneOS and they tried everything to make Chromium less shitty, but Vanadium still lacks fingerprinting protection as well as support for ad blocking. That's why I use Mull, a hardened fork of Firefox, for everything except banking.

[–] [email protected] 2 points 1 year ago (1 children)

Sadly there's often a tradeoff between privacy and security (even though you often get one with the other), and GrapheneOS has always prioritised security

[–] [email protected] 2 points 1 year ago

I like Graphene as an OS, they also make great privacy improvements, e.g. they hide all unique device identifiers from apps in order to make you anonymous. You don't have to use their pre-installed apps, I use Mull and Firefox Focus for everything except banking and other stuff that requires me to interact with payment processors, as they often flag or even suspend your account when using hardened Firefox.

[–] [email protected] 2 points 1 year ago (2 children)

I'm using jerboa, and any links open in a firefox webview, with an option to (ninstantly, without reloading) opening the page in the firefox app directly

[–] [email protected] 2 points 1 year ago
[–] [email protected] 1 points 1 year ago

Nice, maybe it has been fixed since that doc was written?