Privacy

39507 readers

652 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Official Brave F-Droid repository now available (brave.com)

submitted 2 days ago by chrand@lemmy.ml to c/privacy@lemmy.ml

66 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Core_of_Arden@lemmy.ml 11 points 1 day ago (5 children)

Oh, so where is Firefox subpar? Please elaborate?

[–] oaklandnative@lemmy.world 3 points 1 day ago* (last edited 1 day ago) (3 children)

I have used FF based browsers for a long time and still do. I recently saw this from the GrapheneOS developers, which kinda freaks me out and has me considering switching to a Chromium based browser:

https://grapheneos.org/usage#web-browsing

Chromium-based browsers like Vanadium provide the strongest sandbox implementation, leagues ahead of the alternatives. It is much harder to escape from the sandbox and it provides much more than acting as a barrier to compromising the rest of the OS. Site isolation enforces security boundaries around each site using the sandbox by placing each site into an isolated sandbox... Browsers without site isolation are very vulnerable to attacks like Spectre...

Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn't have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn't happening for their Android browser yet.

EDIT: I really hope Ladybird turns out to be amazing.

[–] Core_of_Arden@lemmy.ml 4 points 1 day ago (1 children)

Feel free to freak out. That doesn't worry me at all. I guess you prefer getting tracked and monetized over having a little weaker security in hypothetical problem areas...

You know, I've worked with, and helped people with issues on primarily Windows, but also Mac and Linux, since the 90s, and I can't remember one single time, where the problem were bases on this kind of vulnerability. So please, do live in a hypothetical world - I'll stick with what works and keeps me from being monetized.

[–] dRLY@lemmy.ml 4 points 1 day ago

Same here. I prefer to avoid Chromium-based browsers whenever I can. A lot of them are better than Chrome, and I do like to mess with them from time to time to stay aware of features and test things. But Firefox on my phone has access to uBlock Origin and all my other extensions, after activating the hidden debug menu/dev mode that you turn on in a similar way as activating Dev Mode for the Android OS. I only mention that last part because it seems a lot of FF Android users don't know about it and allows for installing xpi files just like you can with desktop. Freaking game changing for me. It really sucks that the main-line Chromium-based browsers don't support extensions, even in the limited options way FF used to before allowing more to officially work (even without the debug menu/dev mode trick.

For those that might want the instructions for the hidden debug menu/dev mode. Some extensions still might not work correctly as they might not play nice with the UI/layout of the Android version. I would imagine that some of these might be things like the third-party tab-tree extensions for example.

Open Firefox App

Go to the settings menu.

Enable Developer Settings: You need to tap on the Firefox logo five times. This action will unlock an additional debug menu.

Find “Install extension with a file” option in Settings

Look for the option to install an extension from your own storage. And pick the xpi file. Also will just work using the extensions page on the FF site.

load more comments (1 replies)

load more comments (2 replies)