I made this post, outlining my verdict about whether or not Chromium is more secure than Firefox. At the very end of the post, I noted “GrapheneOS did not respond to my requests for a comment.”
Well, after weeks with no reply, they finally responded. I don’t plan to do any more research about this topic, but this information is still incredibly valuable. Keep in mind the questions I asked the GrapheneOS team were created before I had done much research about the topic. Here are the questions and GrapheneOS’s replies:
incomplete
no, it’s incomplete and their sandbox is significantly weaker across all platforms, but it varies based on platform
it’s incomplete
there are many ways in which it’s less secure than Chromium, but the weak sandbox particularly that’s entirely not implemented on Android is one of the main issues
Chromium uses full garbage collection for a lot of the C++ objects, has much more hardened memory allocators for native allocation, has the V8 sandbox as another layer of security missing in Firefox before the OS sandbox, has much more fuzzing, auditing, etc. and much more modern exploit mitigations implemented too
Firefox is far behind in nearly every way and laid off a lot of their security people
yes it impacts users because browser vulnerabilities are widely exploited in the wild and the OS sandbox is one of the main defenses against it, as is the V8 sandbox feature entirely missing in Firefox
Google heavily monitors for browser exploits and catches a lot of it happening in the wild
Mozilla / Firefox has little visibility into it
therefore, it’s much more widely reported for Chrome but does not mean it isn’t happening with Firefox regularly
Tails is not a hardened OS at all, that’s a misconception about it, and it has nearly all the problems of desktop Linux
Firefox on desktop Linux has weaker sandboxing than elsewhere
on Android they haven’t even implemented a content sandbox, although the OS provides an app sandbox around it as a whole but that’s not the same thing
it’s not even completed yet, the issue is still open since not everything is isolated yet and there are known ways out
Tor Browser’s anti-fingerprinting is greatly overestimated and does not really work with JavaScript enabled, which it is for most users
Brave’s is not strictly better or worse
neither anti-fingerprinting approach works well
no, but it is awful, they don’t even implement any content sandbox let alone site isolation, and have almost no exploit mitigations or anything implemented
no, but it’s easy for them to do it relative to doing it elsewhere
no, but it would allow them to provide a content sandbox on Android and partial site isolation to the extent they implement it overall
there’s an incomplete implementation, and no, it’s not nearly as secure aside from being incomplete
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
Great work. They haven’t commented on this matter for some time now and its good to see an updated comment on this issue.
I use Graphene OS, but do use Mull. I also use Vanadium and base Chromium. Each for different uses. Mull for general browsing (I have many extensions, but I feel a bit more secure by running NoScript).
Vanadium is for when I need more functionality, and raw Chromium for inspecting responsive design of my own sites.
The GrapheneOS community is a great asset to the Android ecosystem, and their mentality has always seemed to be security above all else (even above privacy), which is a voice that is needed in any organization.
Again, thanks for doing this investigation.
I really wish I could use Vanadium as my main browser, but two downsides are really noticeable: a) adblocking is not as good as with Ublock Origin (for example, on TVTropes the ads themselves were removed but not the HTML elements they used to be in) and b) the multiple-choice search engine turned out to be quite important for me. So a Firefox fork it is.
Use Cromite. Fully open source, adblocking, and security hardened. See this browser table for conparisons: https://divestos.org/pages/browsers
It says the content blocker there is “Basic + Adblock Plus”, and Adblock Plus is known for its not-so-great reputation (like whitelisted “acceptable ads”) compared to UBO.
It does not use adblock plus lists directly. The lists are hosted by Cromite. uBlock Origin is not available for any android chromium browser (other than kiwi I guess). The adblocker works well from my tests. I recommend adding filterlists from https://divested.dev/pages/dnsbl
Ah, okay. I just wanted Vanadium because it came with the OS, but if I were to install another anyway - I am content with a FF fork, where Ublock Origin is indeed available. I was just very surprised that Vanadium did not block the giant element that has “Ad” in its html name…
Lol