Hi all newbie here.
Wishing to seek advise on how fellow GOS users here compartmentalized their internet browsing?
Vanadium is a good secure browser. But from what I have read on various forums, not as fingerprint resistant as some would want.
Tor obviously is very fingerprint resistant, but I see on Android, Firefox browsers suffer from weak security implementations.
Brave (love or hate it) does seem to have a good balance of privacy and security.
So would it make sense to do day to day browsing with Brave for activities that I’m not logged in for. That way I can take advantage of fingerprint resistance to reduce what companies can collect on me?
Then use Vanadium for sites that I have to log into with my accounts details?
Open to advice and suggestions.
I have no crazy threat model.
Just wanting to reduce as much of my data to surveillance capitalism, as well as being generally more private and secure than the mainstream population.
Brave’s fingerprinting protections have significant gaps, making them effectively useless. It is still trivial to fingerprint a Brave user, and there are various tools demonstrating this, like https://fingerprint.com/.
You should use Vanadium, and if you need anti-fingerprinting, then use Tor in a VM.
How did you come to that conclusion? Brave offers similar protection against naive fingerprinting as you would get with the currently recommended Firefox settings.
Thanks for your answer. What is your take on Firefox security on Android? GOS devs and forums seem to strongly discourage anything Firefox based.
I am not gonna pretend I understand all the ins and outs. I can understand the benefits of sand boxing to a certain extent, but the finer technical details not so much.
I do use Gecko/Firefox based browsers on android but they are just for general usage and are set to remove all browsing data when closed. The browser for this currently is Ironfox. It syncs with Librewolf on my laptop through a Mozilla account.
For logging into accounts, I use Chromium based (Brave until something I like more comes along) due to their better security. This also syncs with Brave on my laptop.
Using Vanadium is not great for anti-fingerprinting but should not be too terrible either. You should generally look roughly the same as other Vanadium users with the same device model and a trustworthy VPN to hide your true IP.
OP asked to reduce their data collection to surveillance capitalism. Your advice is to not use Brave since its protections have gaps? Its current protections are good enough for what OP’s goals are and just saying “use Tor Browser in a VM” when this clearly is not the kind of protection they were asking for misses the point.
Tbf no it isn’t, unless you use forgetful browsing and a VPN and even then, It can be tricky to fool things like fingerprint.com, blending in is obviously the best way.
Now this doesnt mean using Chrome but basically and ironically even brave on mobile with a VPN can let you blend in with users and so does Vanadium. Assuming the way you blend in is by having the same things as other users which basically leave default content filtering among other things
We don’t have to force beginners into Vanadium
@The_Learner if you choose to use Brave none’s stopping you for it it should effectively offer similar result to vanadium with the added benefit of tricking naïve fingerprinting (and for non naive ones basically blending in with other brave mobile users and hide your IP)
I wish to remain as secure as I can for casual browsing on mobile.
For me Tor browser makes the most sense for casual browsing for blending in and reducing surveillance capitalism.
I do then have to consider Braves use of Chromium. From what I have understood has much more secure sandboxing. But obviously Brave is no Tor, so the security benefits don’t mean much if your activity can be linked back to you.
Although as I write and think about this, I suppose I could use all three and break down my activity even further.
Vanadium for accounts, Tor for no logged in browsing and Brave maybe for less trustworthy sites and who might block Tor connections?
Brave won’t make you meaningfully more private, whereas Vanadium will make you meaningfully more secure. It’s not a difficult evaluation to make.
The fact that websites like fingerprint.com have no problem identifying Brave users across sessions, incognito mode, and different VPN IP’s already proves that their anti-fingerprinting doesn’t work.
I think the option you just chose is very good and it’s the one I usually follow. Brave has the advantage that you can synchronize bookmarks with other devices.
Additionally, Brave has the option to delete cookies and all browsing information when closing the application. In Vanadium you can achieve the same thing through its incognito mode. Brave also blocks ads better.
As @phnx mentions, Vanadium is more secure, but I think Brave performs satisfactorily.
However, fingerprint.com doesn’t identify me between different sessions if I change location on my VPN, I don’t know why it does for some people. In any case, no chromium browser protects effectively against fingerprinting in a realistic way, as @phnx points out.
EDIT: now fingerprint.com does identify me even though I change my VPN location. A few months ago it didn’t.
Though their methods are not open source, the fingerprint.com product demo website appears to compare new browsing data to previously stored patterns. It gives extra weight to factors like how long it’s been since the demo site was last visited. This approach creates an impressive-looking demo but is less effective for real-world scenarios where users visit sites over multiple days.
We also suspect that the demo prioritizes generating “consistent” fingerprints over accuracy. This means many users could be assigned the same fingerprint, leading to a high false-positive rate. While this is acceptable for Fingerprint.com’s use cases, like anti-bot and anti-abuse tools, where a CAPTCHA or login request can handle errors in recognition, it makes their system unreliable for tracking individual users across sites and over time. These issues are amplified on larger platforms and websites.
How do you blend in using Vanadium? If I were to flash GrapheneOS on the same Pixel model and keep everything else the same, I would still produce a different fingerprint on each.
I have to guess by every GrapheneOS user sticking to defaults (maybe with the exception of adlocker, hopefully everyone turns on as it is unberable to browse the internet without it) they can blend in with other users, kinda like the whole point of Tor or Mullvad which is to be able to blend with other users using the browser
if your goal is security I definetely recommend vanadium, even for least trusted sites, or reverse where brave is for your accounts and vanadium for least trusted sites if you insist that is
