I’m looking for an android browser to open webapps isolated from my general browsing
I’ve been using Mull as disposable browsing and brave for login into places (shopping, social), but I don’t like that if I want to stay logged it also keeps history record. I think it would happen with any browser I use, right? Any suggestions?
What do you mean by this comment?
If you are parroting this nonsense without knowing, it seems even worse. Firefox is not insecure, it is revengeful propaganda invented by Daniel Micay (GrapheneOS). He invented and pushes that agenda to promote Google Chromium based browsers due to this. https://lists.torproject.org/pipermail/tor-dev/2019-August/013995.html
Tor Project avoids Chromium base for both desktop and mobile browsers for multiple reasons, one of them being security. Chromium is incredibly leaky, insecure and anti-anonymity. https://trac.torproject.org/projects/tor/wiki/doc/ImportantGoogleChromeBugs
Retract your statement, considering your comment is the top comment on this post.
I am not parrotting their Propaganda, see my other, longer comment. I attached it to the top one now, and changed the catchy phrasing.
See this GrapheneOS Discuss thread where they deleted or have hidden my comment.
But as you seem to not have read the probably more detailed other comment, please do so.
I dont know what you want to tell me with the “mail thread about hating tom” as I have no idea what I just read.
I guess the beginning of the conversation and especially Tom Ritters mail here most useful.
It is interesting that GrapheneOS community wholeheartedly recommends Brave, claims Flatpak security is bad, claims Firefox security is bad, claims Google things are good and so on. Looks like a cult to me, and one that should not have a place on Lemmy. Probably belongs to Reddit or some toilet paper forum, since 4chan has far higher standards than Reddit. They have their alternative facts about security, which will not be allowed here.
I read your other comment, which was not exactly informative and based in reality. It stems from the nonsense agenda GrapheneOS desires to propagate about Firefox.
Citing Tor Project website versus their tracker has zero differences, and anyone can follow through mailing lists.
You will need to retract your statement, by the looks of it.
I dont get that forum. They dont actually recommend Brave, only some “lower level” people do. Some people that parrot what the others say are often mods and take care of blocking everything. A post I made about that issue was also hidden, I can still see it and likely the mods.
Especially bad if in the same thread misinformation posts are kept. But deleting them is also not fair, as they are partly right.
I understand that you have no time to write about that in detail, but they do. Apart from the Torbrowser thread I read nowhere about the key differences in sandboxing and site isolation.
I also read nothing yet about how “leaky” Chromium is in terms of security. For sure Torbrowser doesnt accept it as it permanently contacts Google. But this is about security. I dont use Chromium anymore after finding out how much it pings Google using googerteller.
But just saying they have superficial opinions like that is not fair.
If you have sources that prove me wrong please add them. I asked Firefox Devs about the security of Flatpak Firefox, also because it seems they dont do anything against their “Firefox is insecure” reputation. For sure, big corps like Microsoft and Google are pushing Chromium, but they simply also add a lot of informative sources for research.
Bullshit. Please cite where this should be the case .
Tbh today was the first day reading a mailing list and its very strange. Their tracker, and the duplicate of that are both nearly empty and have no info, the only info is from that mailing list.
So it seems you are a mod, and if you think I need to do that I want to have at least another mod look at this.
I am critical of GrapheneOS, as clearly demonstrated, but your comment didnt disprove anything I said but you just ranted about how bad they are. I dont think this is very constructive.
mbananasynergy is a high level member in Graphene community, and is a mod at PrivacyGuides, a breeding ground for Graphene shills, as are many others. The one who locked thread also happens to parrot the same nonsense about Firefox, Chromium and Flatpak. Half the thread is filled with Brave recommendations, calling Firefox and Flatpak bad, and every single recommendation being a Chromium based browser. The agenda is clear.
I have gone about it plenty of times, and it has been discussed to death in places like r/netsec, where one of the main propagators of this disinformation, madaidan, was debunked time and again. There is no longer a need to discuss it again, since both the FUD and alternative facts were invented and propagated by security charlatans.
https://web.archive.org/web/20220418212845/https://old.reddit.com/r/netsec/comments/i80uki/theymozilla_killed_entire_threat_management_team/g1703is/
https://web.archive.org/web/20220418213345/https://old.reddit.com/r/netsec/comments/i80uki/theymozilla_killed_entire_threat_management_team/g162g4r/?context=10000
It is not my problem that you choose to not read Tor Project page about Chromium browser leaks and issues.
Tor mailing list has been cited. You did not read.
You recommended it and are not critical of it. Moreover, you wrote GPT style filler paragraphs about Firefox insecurity, misinformation that is up for a day now. No citations, and coincidentally GrapheneOS and Chromium browser recommendations. When it smells funny, it is funny.
This is not Reddit, where closed source stuff and Big Tech stuff gets promoted or recommended, and even rules bended to allow it. Giving a heads up beforehand.
Thanks for the link. I will read through the Tor mailing list and the other parts.
Why would you say something like that? But I will check everything again.
This was about Android, and Firefox had no process isolation to my last knowledge. Looking to find a source against this currently.
Okay? This is about privacy and security, Chromium is fully open source. Yes it is big tech and that may be a problem in many many cases. But this has no effect on its security.
DivestOS maintains a table on browser security and privacy. Firefox is nowhere near what you claimed/parroted, and is much better than any browser besides Cromite, however Cromite leaks a lot of data and has inherited fundamental Chromium issues, as Tor Project says.
https://divestos.org/pages/browsers
Moreover, Firefox can be hardened a lot with custom user.js configurations unlike Chromium browsers, and also happen to have full featured uBlock Origin as advantage.
Chromium security means nothing when it leaks data, is unfit for Tor Project and has privacy and anonymity problems. Firefox does not have those leakage and other issues, and allows full uBO functionality, hence is superior to Chromium browsers, both on desktop and mobile.
I also think the DivestOS project is pretty cool, as I use Mull daily and maintain my own custom addon collection from the time when Firefox didnt allow all installs. (I really have to clean that list up though, it has too many things).
Will look into it.
My knowledge is too that even “ungoogled Chromium” may not send data (so it doesnt have active antifeatures) but it is still not fingerprint protected.
Brave meanwhile is veeery bloated with weird stuff, which totally tells me that their focus cannot be that much on the privacy and security hardening.
Regarding Arkenfox, I maintain a small and pretty messy project to make it usable for daily usage changing only small bits.
I dont know percentages, but I remember most of it being one of these
So it is not mainly a security project but mainly privacy hardening to my knowledge. I agree with it mostly though, it is a great project.
Chromium has some flags and policies which are very limited though. The secureblue project has integrated all of them, and its still way worse than Arkenfox for privacy. There are JIT Exceptions though, not sure if this is available on Firefox, it was very hidden also for Chromium.
I also agree that manifest v3 is central Google control dystopia.
I have to say though
This makes little sense. If a Browser is not as secure as possible, it is not as private as possible. At least if you scale it. “The browser is like pretty secure, not the best available but okay, unless you are not targeted or something”. What statement is that? We dont know if we are targeted.
So I appreciate if people say “this may not be the best for privacy, but we use the most secure base and try to make it privacy friendly” just like I respect people making hardened Firefox more secure.
Anti-fingerprinting on Android is very difficult because of GPU models, display size etc. According to GrapheneOS, Vanadium sends as little data as possible. And I believe them that. Not sure about other vectors of privacy, the lack of NoScript (granular JS control per origin) and UBO makes it unusable for me, along with strange UI for adding search engines or whitelisting cookies while whiping the others.
Daniel Micay of Graphene has… A reputation. At the end of his tenure at Graphene, Micay started increasingly accusing people in many other communities of conspiring against him and harassing him. It elevated to the point of accusing Louis Rossman of being part of the conspiracy. It got swept under the rug for years, but Rossman was the one person to get so pissed off that he eventually outed Micay… And his departure from the organization was swift.
I actually reached out to Micay (IIRC before Rossman outed him) looking for answers. After showing me some incredibly scant “evidence” that amounted to accusations he had written in the past, he started accusing me of being part of the conspiracy too.
I don’t like to claim people have mental illness recklessly, but I can’t think of many other reasons he behaved that way. The only other obvious one is that he was a massive asshole for no reason at all.
But he’s also very technically competent (or at least, prior to stepping down, was very competent), and there’s probably a reason Graphene finds so many Android bugs and gets their patches implemented so regularly. But the whole thing definitely taints the project and some of the pages he most likely wrote.
I dont know if his fears are true and that is not for me to judge.
But he is very active, like still the most active person. It seems that he will always use his own account, but when reporting issues its always him to react.
I cannot imagine what a job that is