this post was submitted on 17 Jan 2024
428 points (97.6% liked)
Firefox
17929 readers
70 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
GrapheneOS is security first, but not so privacy focused in terms of their browser. In fact, they state that explicitly in the usage guide:
The only reason they dont recommend firefox is because it adds attack surface (of course, every app you use, adds some attack surface) and it dont have pre-site process isolation. This is NOT a privacy feature, but a exploit protection feature. Until a exploit has been discovered, with or without isolation, websites cannot interfere with each other.
Read about their browser and web browsing recommendations here: https://grapheneos.org/usage#web-browsing
Their Vanadium is, in fact, middle of the road in terms of data isolation and don't have any tracker blocker or fingerprint resistant. It is a tradeoff they made between privacy and usablity. If you want to read more: https://divestos.org/pages/browsers
I personally do agree with them that the "privacy theater" approach is not a long term solution, and we need more principled approach to privacy with proper threat model. However, currently, without more substantial research, messy privacy theater unfortunately seems to be the way to go; just like most corporations do use a anti-virus, even when they are not the way to archive "decent security".
GrapheneOS has a tendency to market their security/privacy choices as arbitrary to its users, probably to make them easier to understand. This is unfortunately enhanced by several GrapheneOS YouTubers.
Many times recommendations from GrapheneOS are strictly better than they competition, sometimes their advantage are not necessarily strict, but a tradeoff. I believe for Vanadium, their recommendation leans towards later.
Personally, I use grapheneOS with Mull.