This is the case with nearly every browser. Tor is the only browser which effectively mitigates fingerprinting, but even that is not perfect and is less than ideal from a security perspective.
2 Likes
(Accidentally deleted this post when looking for the edit button)
Thatās true but some other browsers on this list can still do better than Vanadium. Cromiteās anti-fingerprinting measures were sufficient to protect against fingerprint[.]comās methods in my test, for example. Some fingerprinting protection is still preferable to none, even though none of them are comprehensive.
Vanadium behind my own DNS server (I use Hageziās blacklists to filter ads and malware domains). Use NewPipe if you want to block YT ads.
I never said IronFox should be avoided.
It is definitely one of the better Android offerings compared and stands above the rest at the current state of things (Mozilla not shipping Fission on Android after 6 years).
But the selective toggling of RFPTargets per site for compatibility (which I understand is to help the user) is something I donāt like, I want my browser to be using either FPP or RFP, not something in between.
Brace is effectively just my .dotfiles easily packaged in-case shtf with Fedora, it is absurdly opinionated and has probably <100 users total.
I donāt like accounts being in critical places.
Extensions are a hazard, Iāve said this for years, they are directly harmful to users.
AI in its current state is largely harmful to users (and creators) and just a cash-grab for companies. Mozilla is no exception here.
Thank you, I fixed this here: Tree/index. For a.
I also pulled in your ETP Strict fix, it works well: The "buffers" command.
Are you sure? Tor Browsers are supposed to all look the same. Removing NoScript and installing UBO isnāt a small change.
1 Like
Our lord and savior GOS says that all gecko-based browsers should be avoided. I keep linking this, but I trust GOS and I think their reasoning is sound: Usage guide | GrapheneOS
Are people here distrusting GOS? If not, who is the target audience for IronFox?
IronFox is a hardened Firefox, While chromium is more secure and it will be on Mobile, For those insisting on Firefox, that is basically the browser to get
Chromium, especially Vanadium with CFI and MTE, is objectively more secure than any Gecko browser.
But at the same time the modern web is a cesspool of predation without uBlock Origin.
That is my personal recommendation, you should account for your own personal threat model if that meshes.
I never said to remove NoScript, that would be quite bad since the security slider relies on it.
Both Mullvad Browser and Tails include uBO, hopefully one day vanilla TBB will too with a unified/lockstep approach.
3 Likes
I was also gonna say when did you mention removing noscript, and if you did thatās a big no no but good itās a misunderstanding
Because I otherwise completely agree on adding uBlock origin, the tor project needs to add it as standard (I even have uBlock on the desktop for browser, because as much as I wanna avoid installing it on the desktop one it is just unbearable to surf the modern internet without it, I at least block third parties doe and manually added which one are needed for functionality eg. And this is an eg. I allow Amazon to just communicate itself and the media(dot)amazon(dot)com but all other communications get blocked and usually I have to allow inline scripting and/or first party scripts but otherwise they can work without for some sites
Tangential: We literally got uBOL on Safari and still donāt have it on Android Chromium.
I thought about this a lot recently and every reason shows Google will never allow it because: a) $$$ and b) extensions are a hazard, we already see them tightening their grip on Play, why would they loosen it on Chrome?
1 Like
I think your comment is slightly tongue-in-cheek but you are unintentionally misrepresenting what has been said. The context here is a usage guide for GrapheneOS. Essentially, please preface every section with the usage guide with: in order to achieve very good privacy/security on GrapheneOSā¦
Anyway, the GrapheneOS project has acknowledged previously that Mull (DivestOSās Firefox project) is a privacy-hardened browser, but they implement no restrictions in the OS on what browser you can use and as an anti-authoritarian project they have no intention of doing so. Whether you want to use a similar/inspired application (IronFox) is always completely up to you.
2 Likes
I misunderstood. I assumed one wouldnāt want two extensions with similar functionality.
Yeah no, noscript is essential to tor/mullvad browser
For me I use Safer preset with Ublock to control what scripts (most sites they usually need inline scripting and/or first party scripts) and communications get allowed
1 Like
Iām not trying to be a contrarian, but I donāt understand the points you 3 are trying to make.
Iām not sure what youāre saying. IronFox is just for Android. Chromium-based browsers are more secure, yes. So IronFox is the best browser for users that are dead set on making the bad decision (from a security standpoint) of using gecko-based browsers on Android? Thatās the target audience?
I think DNS-based blocking works pretty well for most things as long as the ads/bad stuff are not coming from the not-blacklisted hosts (ex. youtube servings ads from its own host). uBO is also great for getting rid of some annoying web stuff (ex. cookie banner), yes, but this is not uxguides.net and by using gecko/IronFox youāre sacrificing security for a slightly better UX. Thatās what youāre saying? Is that a reasonable compromise to make?
No, I am not misrepresenting the linked guide. Chromium-based browser are more secure on any version of Android, GOS or not. The guide reads that beside the sandboxing disadvantages, gecko-based browsers donāt provide nor replace the Android webview, so youāll essentially be running two web engines on your phone which will increase your surface area to attacks and worsen your security. Any privacy-hardening enhancements that mull/ironfox may bring to the table at that point are completely irrelevant, as security is the base pillar for privacy. As I user, I donāt care if mull/ironfox can fool 10% of naive fingerprinting scripts if I get hacked by a gecko 0 day.
I may as well jump in with my current browser setup on GrapheneOS.
Brave for signed in sites. I do my best to avoid doing any searches or clicking links with this browser. Syncs with Brave Linux.
Ironfox with uBlock Origin. Used for general surfing. Deletes on close. Syncs with LibreWolf through a Mozilla account. Sometimes I run these browsers without JavaScript until that becomes annoying.
Tor Browser on both machines. Itās a recent addition so havenāt figured out a good usage yet.
1 Like
Itās not a big deal. I only wanted for you to understand that
going against a strong recommendation from GrapheneOS on how to get the best out of GrapheneOS is not ādistrusting the projectā. Itās simply making a personal choice based on factors beyond the projectās current scope. See docs/Limitations.md Ā· dev Ā· IronFox OSS / IronFox Ā· GitLab and docs/FAQ.md Ā· dev Ā· IronFox OSS / IronFox Ā· GitLab.
3 Likes
IronFox is not a bad decision within the right threat model, highly recommended the limitations and faq crafted by @celenity the dev above as linked by @privacyisconsent for better understanding of the type of threat model
For my threat model for example, IronFox fits right in just fine and for similar I would just recommend IronFox over any other firefox mobile browser
we need to stop with the thought that privacy and security is black and white, it is a spectrum, period
5 Likes
maybe tor browser for a general browsing that donāt need accounts to be used?
My ideal setup is honestly:
Brave: for sites that need some form of account or whatever
IronFox: For opening links with uBlock origin and LibRedirect with as many public instances for decentralization
Tor Browser: Anything non big tech platform or otherwise and maybe for research that I dont wanna use either for.
but for minimalism sake I actually just use vanadium and on my iPhone its both brave and safari
1 Like
Interesting.
I looked into this. Apparently, the Tor project is looking at the fingerprintability of the Tor Browser with UBO installed.
Not wanting to wait, I installed UBO and went to fingerprint.com several times. Got a different fingerprint each time.
Thanks for the inspiration to try this.
Note: these are my opinions and I am not trying to start a flame war. Web browsers can be quite political and it seems like most people have a strong opinion about them. Picking a web browser is complicated.
I personally really like how Firefox works but I dislike their move to āaiā stuff. Ironfox is my go to on the phone because it is āhardened.ā
I will not use Brave because of their leadership (Brenden Eich is not a good person). Chrome/Edge/Opera/Vivaldi are also a hard no because they are not FOSS.
Vanadium has been a good experience on GrapheneOS but it still uses Chromium, which is inferior to Firefox in ad blocking (Manifest V3), though I am sure it has other advantages.
Tor Browser is great, however, my threat model does not require such extreme anonymity.
I also had a good experience with Fennec and Iceraven but Iām not sure why you would use them over vanilla Firefox.
1 Like