• Chemical Wonka@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    6
    ·
    10 months ago

    Dear Mozilla, we really appreciated your intentions but we don’t need more extensions but Gecko Webview to compete against Google’s monopoly in this area. Chrome-based browsers are far ahead when it comes to security, see for example the GrapheneOS team of developers who preferred to adopt a Chromium-based browser rather than adopting Firefox as the default browser, they don’t even recommend using it

    • Contend6248@feddit.de
      link
      fedilink
      arrow-up
      27
      ·
      edit-2
      10 months ago

      GrapheneOS isn’t a benchmark, it’s a choice of a random distro essentially, others choose differently.

      If you think Chromium is safer or more secure than Firefox, you are mistaking, just take a look at the changelogs of both

      • Undertaker@feddit.de
        link
        fedilink
        arrow-up
        3
        ·
        10 months ago

        Changelog is not the point but the fundamental concepts and techniques. And unfortunately Chromium is far ahead.

        Graphene as the most hardened OS is the benchmark. It’s not random. Please inform.

    • HotPurplePeach@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      10 months ago

      I’m not a security expert so I can’t say if your right on that point, but somehow I trust the Mozilla foundation much more than Google. Isn’t the whole point of their browser to allow them to spy on you?

    • baseless_discourse@mander.xyz
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      10 months ago

      GrapheneOS is security first, but not so privacy focused in terms of their browser. In fact, they state that explicitly in the usage guide:

      Vanadium was previously primarily focused on security hardening but we plan on adding assorted privacy and usability features. In the near future, we plan to add support for always incognito mode, content filtering (ad blocking, etc.), improved state partitioning, backup/restore and many other features.

      The only reason they dont recommend firefox is because it adds attack surface (of course, every app you use, adds some attack surface) and it dont have pre-site process isolation. This is NOT a privacy feature, but a exploit protection feature. Until a exploit has been discovered, with or without isolation, websites cannot interfere with each other.

      Read about their browser and web browsing recommendations here: https://grapheneos.org/usage#web-browsing

      Their Vanadium is, in fact, middle of the road in terms of data isolation and don’t have any tracker blocker or fingerprint resistant. It is a tradeoff they made between privacy and usablity. If you want to read more: https://divestos.org/pages/browsers

      I personally do agree with them that the “privacy theater” approach is not a long term solution, and we need more principled approach to privacy with proper threat model. However, currently, without more substantial research, messy privacy theater unfortunately seems to be the way to go; just like most corporations do use a anti-virus, even when they are not the way to archive “decent security”.

      GrapheneOS has a tendency to market their security/privacy choices as arbitrary to its users, probably to make them easier to understand. This is unfortunately enhanced by several GrapheneOS YouTubers.

      Many times recommendations from GrapheneOS are strictly better than they competition, sometimes their advantage are not necessarily strict, but a tradeoff. I believe for Vanadium, their recommendation leans towards later.

      Personally, I use grapheneOS with Mull.