this post was submitted on 18 Jun 2024
59 points (91.5% liked)

Firefox

17902 readers
65 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

I heard around the internet that Firefox on Android does not have Site Isolation built-in yet. After a little bit of research, I learned that Site Isolation on Android was added in Firefox Nightly, appearing to have been added sometime in June 2023. What I can't find, though, is whether this has ever been added to any stable versions of Firefox yet. Does anyone know anything about this?

Update: After further research, it appears that Site Isolation is not currently a feature in stable version of Firefox on Android. I don't know with certainty if their information is up-to-date, but GrapheneOS (A well-known privacy/security-focused fork of Android) does not recommend using Firefox-based browsers on Android due to it's (apparently) lack of a Site Isolation feature. A snippet of what Graphene currently have to say about Firefox on Android/GrapheneOS from their usage guide page, is: "Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface."

On a side-note, they also say about Firefox's current Site Isolation on desktop being weaker, which I wasn't aware of. "Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole."

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 5 months ago (1 children)

I'm not taking sides because I don't currently have time or energy to look into the issues GrapheneOS and/or Micay may or may not have, but I will say that I don't know how you could think (at least based on the information I referenced from Graphene in my post) that they are saying or implying to people that Firefox is less secure. They did say it was inherently less secure on Android, but not in general. They did say that the Site Isolation feature specifically is less secure even on Desktop, but they didn't say that Firefox as a whole is inherently less secure, just that it currently is on Android. I can see how an average reader may interpret that as Firefox being less secure than Chromium as a whole, but that would simply be their own misinterpretation of what's being said.

and "The moment anyone starts calling Firefox insecure, immediately become alert". Why? Anything is capable of being insecure and Firefox equally so. At any given time, Firefox could have security vulnerabilities (as it does), so it's quite ridiculous to automatically assume that anyone calling Firefox out for being insecure in some way is just Daniel Micay or his "minions"

"Micay and GrapheneOS, and fans/members associated like OP are well known for...". Are you accusing me of being associated with Micay and GrapheneOS, or am I misunderstanding you?

[–] [email protected] 1 points 5 months ago (1 children)

Are you accusing me of being associated with Micay and GrapheneOS

Accused you of promoting Chrome monopoly in browser space in this context.

https://discuss.grapheneos.org/d/11831-equivalent-of-vanadium-but-for-desktop

They deleted this thread, but if you scour enough, you will find them shilling Brave and some random Chrome based browser, BUT NEVER FIREFOX.

They did say it was inherently less secure on Android

They say it because they follow or worship Micay, and Micay has personal grudge against Mozilla. He is an evil person wanting people to use Chrome just to satisfy his egoistic hunger of destroying Mozilla.

"The moment anyone starts calling Firefox insecure, immediately become alert". Why? Anything is capable of being insecure and Firefox equally so.

Because that has been the pattern in privacy community for the past 5 years I have investigated, atleast 95% of the time. Rarely have I ever seen legitimate criticism, that does not backtrack to Daniel Micay or madaidan or some Big Tech security shill.

[–] [email protected] 1 points 4 months ago (1 children)

I'm not going to argue with you, because I can see it won't accomplish anything good, so I'll just leave it at this:

No, I did not promote the Chromium monopoly, I simply asked a question, about a security issue with Firefox; this is not the same as promotion. If I wanted to promote the monopoly, this post would have been telling people why they shouldn't use Firefox and I would have posted it on a more broad community about Web Browsers and done so on Reddit for the most impact. I'm against this monopoly, and I intentionally go out of my way to not recommend Chromium-based browsers to people. Discussion about issues with something you love is only healthy, not a promotion of another side.

[–] [email protected] 0 points 4 months ago* (last edited 4 months ago) (1 children)

would have posted it on a more broad community about Web Browsers and done so on Reddit for the most impact

You are already doing it here, considering Lemmy and Fediverse demographic cares about privacy and uses Firefox for reasons you are contradicting.

GrapheneOS itself is snake oil, and you are parroting their nonsense takes on browser security. You can read more here. https://lemmy.ml/post/16947066/11696895

Considering Vanadium itself lacks any fingerprinting protection, it is funny they pretend to care about privacy and anonymity, and make dogmatic claims of privacy and anonymity being extensions of security, even though their version of security has nothing to do with providing privacy or anonymity to users. You cannot even use an adblocker on Vanadium, let alone uBlock Origin. Worthless browser and worthless takes on browsers.