Hey everybody. I’m somewhat new to the field of privacy, but I am eager to learn. Right now I am wondering what mobile web browser to use for everyday activities. I’m running GrapheneOS. Options that often come to mind:
- Tor
- Firefox Focus (= Firefox Klar in German)
- IronFox (formerly Mull Browser)
- Cromite
- Vanadium
I feel like I simply don’t know enough about the underlaying mechanisms to elaborate which might be better and which might be worse. Feel free to teach me!
Ironfox, though the main issue with all mobile browsers imo is no letterboxing, so if you enable Javascript, your phone screen size can be detected and used for fingerprinting
Right now I use IronFox for browsing and Vanadium for websites I stay logged into. But the best one depends on your threat model.
curl via Termux
IronFox and Vanadium.
I recently switched from regular Firefox to Ironfox. So far, I didn’t notice anything different, which is probably a good thing because that means everything still works as expected.
I recommend Fennec by F-Droid, a FOSS fork of Firefox out of the options listed. I would adjust the settings within the GUI, such as setting tracking protection to Strict, and install uBlock Origin.
IronFox is, sadly, somewhat extreme and not suitable for non-tech-savvy users and those who don’t want to deal with regular breakage.
Vanadium sadly lacks a proper content blocker integration.
I’m using this unofficial Helium build. It’s basically Vanadium + Helium patches with Extension support. Ublock Origin works like a charm.
From the linked GitHub webpage:
All builds are experimental, so unexpected issues may occur. Helium Browser for Android only attempts to improve security and privacy where possible. For better protection on Android, you should instead use GrapheneOS with Vanadium, which additionally integrates patches into Android System WebView and provides significant kernel and memory management hardening on the OS level.
I wouldn’t recommend browsers in an experimental state developed by a single person; this is partly why I don’t recommend Cromite.
The original Vanadium is great, but the lack of proper content-blocker integration is a big privacy trade-off, in my opinion. Vanadium only provides a per-domain blocker solution, which is based on the very small EasyList.
A good Chromium-based alternative is Brave, as it has a solid content blocker that attempts to recreate the full feature set of uBlock Origin.
I get your point. But if you check the source you’ll notice that they don’t add any code themselves, they simply take Chromium and apply patches from Vanadium (Helium is commented for now) and build an apk. Yes, they call it experimental. Use at your own risk. I have had a very good experience so far - but you may disagree. However, there may be other people like me out there who think it’s a good value proposition.
But if you check the source you’ll notice that they don’t add any code themselves, they simply take Chromium and apply patches from Vanadium (Helium is commented for now) and build an apk.
Quote from the README from the repository it sources the Vanadium patches from:
It depends on hardening and compatibility fixes in GrapheneOS rather than reinventing the wheel inside Vanadium. For example, GrapheneOS already provides a hardened malloc implementation so there’s no need for Vanadium to replace it. Similarly, it can deploy security features causing breakage on other operating systems due to the ability to fix compatibility problems in the OS.
However, there may be other people like me out there who think it’s a good value proposition.
I’m sorry, but it’s an objectively bad recommendation. Vanadium is currently held intentionally exclusive to GrapheneOS by its team because of the reasons quoted above. Taking Chromium, applying Vanadium patches and extension support, and having one stranger maintain it is not a viable option. Even when he doesn’t write code himself, regular updates are a must, and if he discontinues or can’t keep up with updates for one of many possible reasons, all the people who relied on it will experience a massive security decrease if they don’t migrate to another browser. Real examples would be: Mull, Mulch and Bromite.
It’s something fun to check out and play around with, but no one should use it as a daily driver unless they fully understand all the risks and can act accordingly.
A discussion like this is exactly the reason I love this sub. I am learning more and more every day. Thanks to both of you guys.
You’re welcome, I encourage you to check out my latest reply.
Edge: It has native privacy tools others don’t, sane default settings that can be changed, a curated extension store that is more effective than mv3, it still supports uBlock Origin, it’s not from some shady company like Mozilla or fly by night F-Droid garbage. F-Droid won’t even notify you if an app is abandoned, not updated as fast as elsewhere or give ratings from users.
Edge? From microslop?? You realize how laughable it is to call Mozilla shady while recommending MICROSOFT in a privacy community??
You must be ragebaiting
Sorry, do you have an actual argument? Even LiGNUxers often know Mozilla is shady af. Decades ago told us they can only exist because of our donations while using those donations for politics while making bank off Google. The only more scandalous browser I’m aware of is Brave. -But go ahead with your lol, teehee type responses if that’s your bag.
Not worth engaging with ragebait
i’d just use ironfox with ublock origin
Considering that already. Do you experience any problems or limitations with that? Like being flagged as a bot, or sites returning errors?
Edit: thank you for the suggestion!
Rarely. I would say that about 19/20 pages work as expected. I do keep a manually hardened Firefox install on my device for the rare site that I do want to visit but that doesn’t load in IronFox for some reason. In my experience, VPN breaks the internet more than IronFox does. And I still want to use VPN.
i haven’t really used ironfox, i use iceraven. i actually also use numatrix alongside ublock origin.
i do see more captchas compared to common browsers like google chrome.
IronFox is not formerly Mull Browser; it uses a different basis (Phoenix instead of Arkenfox), is maintained by different people, etc.
Thank you for correcting me on that :) I’ll remember it.
Would be nice if you could correct it in your original post too.
Vanadium on grapheneOS and using a privacy-preserving VPN.
On my phone I currently have the standard eOS browser, IronFox and Fennec installed. Only Fennec came with a new tracker after install, so that is going out again. Have used IronFox for at least the last year until I recently bought a FairPhone with eOS, so can recommend that as a daily driver.
What’s your threat vector? From whom do you want to be concealed?
Mostly big corporate, big tech, and the US gov’t and its intelligence services. I am already in the process of migrating my digital environment towards Linux + self-hosting, but browsing remains a challenge to me.
Basically: I don’t want my devices location, metadata and telemetry to be tracked by anyone.
You could use a VPN and then make sure that your fingerprint is common. But if the VPN is compromised you will reveal your browsing behaviour. You also stand out when you use it.
Why not Librefox? As far as I recall it’s basically hardened Firefox.
I think you meant librewolf ? And if so, I believe it is desktop only.
There is LibreLynx Lite on F-Droid, but it is very bare bones. Do not recommend, especially while IronFox exists.
Use Vanadium. On android, any Firefox based is lacking either in the sandbox or fingerprinting mitigation, plus extentions make you more fingerprintable and can possibly track you. Even on desktop they’re behind. Chromium based is much more optimized and secure.
I saw on GrapheneOS forum Vanadium is the better option, with Brave a second alternative. Also tor browser on android is not officially from the tor project and suffers from firefox android implementation. Browsers are extremely complex, they’re made to run external code in the wild securely. Quite an endeavor.
I do like Fennec since it’s available on F-Droid and updated, ublock origin mandatory in any case.
I use Fennec becaue it was the only Firefox fork that played nice with all my extensions
