In the coming months Mozilla will launch support for an open ecosystem of extensions on Firefox for Android on addons.mozilla.org (AMO). We’ll announce a definite ...
About time. I’m tempted to switch back to Mull from Bromite, but I’m worried about the security of Firefox compared to Chromium (that’s why I switched in the first place), I’ve heard that particularly Mobile Firefox has awful sandboxing and bad security, I’m pretty sure it was the GrapheneOS team saying this? I’m no security expert though…
Yes it was the GrapheneOS team who said that. See the paragraph just above Camera. I literally just skimmed their guides and saw this yesterday while considering getting a Pixel.
I use Mull and Vanadium on Graphene OS, and the experience on Vanadium is just okay by comparison. It is true that not having extensions does decrease the attack surface, and Vanadium does have a built in ad blocker, but it simply isn’t as all encompassing as ublock’s list.
I use Mull mainly but don’t log into anything with it, and have noscript extension on by default.
I also turn off JS by default in Vanadium. Both browsers have ways of making exceptions for certain sites in this case, but NoScript has more granular control.
I remember reading on reddit a convo that basically the GrapheneOS team was much more concerned with security than privacy. This isn’t to say they don’t care about privacy at all, just that they will always prioritize security first.
This makes sense considering their decision to only officially support the Pixel line of devices. You still are supporting Google by giving them your money (and a bit of your data in the process of purchase). Additionally, the decision to default to using the Google Play Store and sandbox the apps, rather than use the Aurora Store, also points to these underlying values.
Yeah, I can tell this just from skimming their FAQ and Usage Guides. When they talk about the applications they offer, they always sell it as the most secure thing ever. I still personally care more about privacy than security though.
Posted this above, but it might interest you as an alternative to Vanadium:
Bromite hasn’t been updated in a while, so you should at least switch to Cromite if you’re not switching to Mull. It’s a fork by a previous Bromite contributor and includes some improvements, like a bottom toolbar and adblock plus (so normal block lists, not Bromite’s less customizable ad blocker.
They’re different, but according to its readme, Cromite includes “security enhancement patches from GrapheneOS project”, so I assume it contains Vanadium’s changes as well as other improvements.
Bromite hasn’t been updated in a while, so you should at least switch to Cromite if you’re not switching to Mull. It’s a fork by a previous Bromite contributor and includes some improvements, like a bottom toolbar and adblock plus (so normal block lists, not Bromite’s less customizable ad blocker.
About time. I’m tempted to switch back to Mull from Bromite, but I’m worried about the security of Firefox compared to Chromium (that’s why I switched in the first place), I’ve heard that particularly Mobile Firefox has awful sandboxing and bad security, I’m pretty sure it was the GrapheneOS team saying this? I’m no security expert though…
Yes it was the GrapheneOS team who said that. See the paragraph just above Camera. I literally just skimmed their guides and saw this yesterday while considering getting a Pixel.
I use Mull and Vanadium on Graphene OS, and the experience on Vanadium is just okay by comparison. It is true that not having extensions does decrease the attack surface, and Vanadium does have a built in ad blocker, but it simply isn’t as all encompassing as ublock’s list.
I use Mull mainly but don’t log into anything with it, and have noscript extension on by default.
I also turn off JS by default in Vanadium. Both browsers have ways of making exceptions for certain sites in this case, but NoScript has more granular control.
I remember reading on reddit a convo that basically the GrapheneOS team was much more concerned with security than privacy. This isn’t to say they don’t care about privacy at all, just that they will always prioritize security first.
This makes sense considering their decision to only officially support the Pixel line of devices. You still are supporting Google by giving them your money (and a bit of your data in the process of purchase). Additionally, the decision to default to using the Google Play Store and sandbox the apps, rather than use the Aurora Store, also points to these underlying values.
Yeah, I can tell this just from skimming their FAQ and Usage Guides. When they talk about the applications they offer, they always sell it as the most secure thing ever. I still personally care more about privacy than security though.
Posted this above, but it might interest you as an alternative to Vanadium:
Is Vanadium just Bromite under the hood? I thought they were separate projects…
They’re different, but according to its readme, Cromite includes “security enhancement patches from GrapheneOS project”, so I assume it contains Vanadium’s changes as well as other improvements.
Thanks for the clarification! I’ll investigate.
Bromite hasn’t been updated in a while, so you should at least switch to Cromite if you’re not switching to Mull. It’s a fork by a previous Bromite contributor and includes some improvements, like a bottom toolbar and adblock plus (so normal block lists, not Bromite’s less customizable ad blocker.
Thanks, I hadn’t noticed it wasn’t updating
There’s a good comparison here.