Hey everybody. I’m somewhat new to the field of privacy, but I am eager to learn. Right now I am wondering what mobile web browser to use for everyday activities. I’m running GrapheneOS. Options that often come to mind:

  • Tor
  • Firefox Focus (= Firefox Klar in German)
  • IronFox (formerly Mull Browser)
  • Cromite
  • Vanadium

I feel like I simply don’t know enough about the underlaying mechanisms to elaborate which might be better and which might be worse. Feel free to teach me!

  • hirihit640@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 day ago

    Ironfox, though the main issue with all mobile browsers imo is no letterboxing, so if you enable Javascript, your phone screen size can be detected and used for fingerprinting

  • sudoer777@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 days ago

    Right now I use IronFox for browsing and Vanadium for websites I stay logged into. But the best one depends on your threat model.

    • stoicEuropean@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      3 days ago

      Considering that already. Do you experience any problems or limitations with that? Like being flagged as a bot, or sites returning errors?

      Edit: thank you for the suggestion!

      • tired_fedora@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 day ago

        Rarely. I would say that about 19/20 pages work as expected. I do keep a manually hardened Firefox install on my device for the rare site that I do want to visit but that doesn’t load in IronFox for some reason. In my experience, VPN breaks the internet more than IronFox does. And I still want to use VPN.

      • hexagonwin@lemmy.today
        link
        fedilink
        arrow-up
        3
        ·
        3 days ago

        i haven’t really used ironfox, i use iceraven. i actually also use numatrix alongside ublock origin.

        i do see more captchas compared to common browsers like google chrome.

  • Voxel@feddit.orgBanned from community
    link
    fedilink
    arrow-up
    12
    ·
    3 days ago

    I recommend Fennec by F-Droid, a FOSS fork of Firefox out of the options listed. I would adjust the settings within the GUI, such as setting tracking protection to Strict, and install uBlock Origin.

    IronFox is, sadly, somewhat extreme and not suitable for non-tech-savvy users and those who don’t want to deal with regular breakage.

    Vanadium sadly lacks a proper content blocker integration.

    • freijon@lemmy.zip
      link
      fedilink
      arrow-up
      1
      ·
      3 days ago

      I’m using this unofficial Helium build. It’s basically Vanadium + Helium patches with Extension support. Ublock Origin works like a charm.

      • Voxel@feddit.orgBanned from community
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        2 days ago

        From the linked GitHub webpage:

        All builds are experimental, so unexpected issues may occur. Helium Browser for Android only attempts to improve security and privacy where possible. For better protection on Android, you should instead use GrapheneOS with Vanadium, which additionally integrates patches into Android System WebView and provides significant kernel and memory management hardening on the OS level.

        I wouldn’t recommend browsers in an experimental state developed by a single person; this is partly why I don’t recommend Cromite.

        The original Vanadium is great, but the lack of proper content-blocker integration is a big privacy trade-off, in my opinion. Vanadium only provides a per-domain blocker solution, which is based on the very small EasyList.

        A good Chromium-based alternative is Brave, as it has a solid content blocker that attempts to recreate the full feature set of uBlock Origin.

        • freijon@lemmy.zip
          link
          fedilink
          arrow-up
          3
          ·
          3 days ago

          I get your point. But if you check the source you’ll notice that they don’t add any code themselves, they simply take Chromium and apply patches from Vanadium (Helium is commented for now) and build an apk. Yes, they call it experimental. Use at your own risk. I have had a very good experience so far - but you may disagree. However, there may be other people like me out there who think it’s a good value proposition.

          • Voxel@feddit.orgBanned from community
            link
            fedilink
            arrow-up
            1
            ·
            2 days ago

            But if you check the source you’ll notice that they don’t add any code themselves, they simply take Chromium and apply patches from Vanadium (Helium is commented for now) and build an apk.

            Quote from the README from the repository it sources the Vanadium patches from:

            It depends on hardening and compatibility fixes in GrapheneOS rather than reinventing the wheel inside Vanadium. For example, GrapheneOS already provides a hardened malloc implementation so there’s no need for Vanadium to replace it. Similarly, it can deploy security features causing breakage on other operating systems due to the ability to fix compatibility problems in the OS.

            However, there may be other people like me out there who think it’s a good value proposition.

            I’m sorry, but it’s an objectively bad recommendation. Vanadium is currently held intentionally exclusive to GrapheneOS by its team because of the reasons quoted above. Taking Chromium, applying Vanadium patches and extension support, and having one stranger maintain it is not a viable option. Even when he doesn’t write code himself, regular updates are a must, and if he discontinues or can’t keep up with updates for one of many possible reasons, all the people who relied on it will experience a massive security decrease if they don’t migrate to another browser. Real examples would be: Mull, Mulch and Bromite.

            It’s something fun to check out and play around with, but no one should use it as a daily driver unless they fully understand all the risks and can act accordingly.

          • stoicEuropean@lemmy.mlOP
            link
            fedilink
            arrow-up
            3
            ·
            3 days ago

            A discussion like this is exactly the reason I love this sub. I am learning more and more every day. Thanks to both of you guys.

            • Voxel@feddit.orgBanned from community
              link
              fedilink
              arrow-up
              2
              ·
              2 days ago

              You’re welcome, I encourage you to check out my latest reply.

  • Einhornyordle@feddit.org
    link
    fedilink
    arrow-up
    5
    ·
    3 days ago

    I recently switched from regular Firefox to Ironfox. So far, I didn’t notice anything different, which is probably a good thing because that means everything still works as expected.

  • Voxel@feddit.orgBanned from community
    link
    fedilink
    arrow-up
    8
    ·
    3 days ago

    IronFox is not formerly Mull Browser; it uses a different basis (Phoenix instead of Arkenfox), is maintained by different people, etc.

    • stoicEuropean@lemmy.mlOP
      link
      fedilink
      arrow-up
      5
      ·
      3 days ago

      Mostly big corporate, big tech, and the US gov’t and its intelligence services. I am already in the process of migrating my digital environment towards Linux + self-hosting, but browsing remains a challenge to me.

      Basically: I don’t want my devices location, metadata and telemetry to be tracked by anyone.

      • plyth@feddit.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        You could use a VPN and then make sure that your fingerprint is common. But if the VPN is compromised you will reveal your browsing behaviour. You also stand out when you use it.

  • Griffus@lemmy.zip
    link
    fedilink
    arrow-up
    3
    ·
    3 days ago

    On my phone I currently have the standard eOS browser, IronFox and Fennec installed. Only Fennec came with a new tracker after install, so that is going out again. Have used IronFox for at least the last year until I recently bought a FairPhone with eOS, so can recommend that as a daily driver.

  • hneerqe@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    3 days ago

    Use Vanadium. On android, any Firefox based is lacking either in the sandbox or fingerprinting mitigation, plus extentions make you more fingerprintable and can possibly track you. Even on desktop they’re behind. Chromium based is much more optimized and secure.

    I saw on GrapheneOS forum Vanadium is the better option, with Brave a second alternative. Also tor browser on android is not officially from the tor project and suffers from firefox android implementation. Browsers are extremely complex, they’re made to run external code in the wild securely. Quite an endeavor.

  • birdwing
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 day ago

    Why not Librefox Librewolf? As far as I recall it’s basically hardened Firefox.