The final push to start using Firefox over Chrome on Android might finally be thanks to the enormous selection of add-ons (Firefox’s version of extensions) coming out next month. Chrome doesn’t offer native support for extensions in its mobile app. Also, better security.

  • Genghis@monero.town
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 year ago

    I would use Firefox on Android but I’m waiting until the security is on par with Chromium such as having internal sandboxing and site isolation.

    Also since Firefox doesn’t have a WebView implementation, it has to be used with the Chromium based one so it doesn’t make sense for me to use two browser engines.

    • smeg@feddit.uk
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I made a similar comment on this article in [email protected] - for anyone who is blindly downvoting thinking this is some Google psyop, this is the explanation from GrapheneOS (who fortunately provide their own de-googled chromium-based browser Vanadium):

      Avoid Gecko-based browsers like Firefox as they’re currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn’t have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox’s sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn’t happening for their Android browser yet.

      https://grapheneos.org/usage#web-browsing