If security is the only thing that matters it’s a well written guide. Only modern browser I can think of not mentioned is QtWebEngine which I’m guessing is much worse for security than every single browser mentioned (with the possible exception of Pale Moon) because of it’s using extremely old Chromium versions as a base and backporting some security fixes?
But this is exactly the problem I have with this community. Security isn’t all that matters here and recommending Chrome and Edge makes us sound like anti-FOSS big tech advocates even though those browsers are more secure. Some may want that but I’d hate to see PG give up on valuing privacy and stop caring about open source which already started as soon as they allowed recommending closed source software a few years ago. At that point would it even be “Privacy Guides” anymore? Or “Security Guides”.
Valid reasons why people would want to use Firefox (and forks):
It’s open source (which is beneficial even for non-programmers because it allows forks like LibreWolf, Pale Moon, and Tor Browser to exist)
It’s the only modern browser that doesn’t use an engine forked from KHTML and they oppose Google’s monopoly (even though Firefox has received major funding from Google)
It continues to support Manifest V2 extensions like uBlock Origin (this is like the XUL deprecation for WebExtensions all over again)
Greater customization than Chromium thanks to about:config (and projects like Arkenfox and Phoenix) and userChrome.css (not sure how much attack surface supporting this adds)
My main problems with that guide is that the most part of my day, and where I browse almost everything that I consume, is on Android and Chrome is absolutely a no-go for me. I don’t want to see ads and click on pop-up all over the place for the entire day. Even if you say it’s the perfect security, being redirected to god knows what website just for scrolling a page is not safe.
For desktops, I do think he has a point though.
Anyways, it is a well written guide with a lot of resources to research and learn. It was a good read.
Obtaining privacy isn’t about avoiding Big Tech networks, it’s about limiting data from service providers as a whole, and ad networks will have less information about you as a result.
You can have privacy on Edge and Chrome through group policies.
Chromium is too.
I wouldn’t root for Firefox to be the browser to stand up against Google, both companies basically have a cartel. I would want to support browsers like Ladybird and Servo. Instead of using a browser with less privacy and security than alternatives, we can stand against the Chromium monopoly by spreading the word about Ladybird and Servo, donating, and/or contributing.
Yeah this is the issue I have with the gecko vs chromium argument, lots of mobile browsers based on chromium don’t have adequate native adblocking. I feel like the biggest security threat to average users is malvertising and random sponsored links which, without inbuilt adblocking like brave shields, can only be blocked so much by dns filtering. I understand gecko browsers on android don’t have per site (or was it per process?) isolation, but when you’re able to run noscript and ubo on android gecko browsers, provided it’s a fork that is actively developed/maintained, it’s far more powerful for the typical security threats a normal user would face imo.
But on the flip side we’ve been seeing more and more examples of browser extensions weaving botnets and exfilling data, so there’s also an argument that allowing users of mobile firefox/forks to install literally any extension is also an enormous risk.
On this note, just in case it is out of the radar from people, I just want to comment that from my experience, using Android and a Chromium based browser (Vanadium) I enjoyed combining it with Rethink DNS.
Of course some VPNs, such as Proton, have features that blocks ads as well like NetShield. In case you like to “run” the VPN on for all apps with the “always-on VPN” mode.
But this is exactly the problem I have with this community.
I don’t think I’m representative of the privacy guides community. I’m posting in this thread because it’s about Trivalent, and was asked about alternatives to it on other distros. Given that Trivalent is a security-focused browser, I provided a guide that recommends security-focused alternatives, and given the context and purpose of Trivalent, I think that was a reasonable thing to do
I agree. Obtaining privacy is about avoiding ALL networks, not just Big Tech.
I doubt either browser will ever be a competitor to Chrome but at least Servo is written in memory safe Rust. Unless it’s as secure as Chrome, we’ll be debating on whether or not Ladybird and Servo should even be considered for recommendation and the arguments for and against will be like Mozilla all over again. In other words, few of us will still be standing against the Chromium monopoly.
It always comes down to this whether it’s deprecating XUL or Manifest V2. Is making extensions no longer work a bad thing because we can’t use our advanced adblockers and other cool enhancements anymore? Or is it good because extensions are too risky and banning extensions entirely is good for security and privacy?
I know you aren’t, but it seems like most people here are in favor of Manifest V3 and many would have no problem if PG removed Firefox and only recommended Chromium browsers. It wouldn’t be a much of a problem if we had a security-focused Chromium fork that was open source, supported all major Linux distros, and remained consistently up-to-date, like what Hexavalent could have been. I wouldn’t even have too much a problem if extensions were disabled as long as uMatrix-like functionality was built into the browser or there was an extension like that pre-installed. I’d rather use Pale Moon or some QtWebEngine browser than Chrome or Edge.
Because it’s a fantastic thing not just for security but for privacy as well. Would you use an Android-based system on your phone if you couldn’t restrict permissions on a per-app basis? I’m guessing you wouldn’t, and for good reason. Yet for some reason, the same principle is ignored by some folks for extensions.
extensions were disabled
To be clear, Trivalent disables extension installation by default. If you want to install extensions, there’s a per-profile toggle for enabling extensions in the GUI at chrome://settings/security. A great way to watch youtube without ads using Trivalent, while still keeping extensions disabled for other sites, is to create a separate profile for youtube, enable extensions only for that profile and install ubolite, and finally install youtube as a PWA in that profile. Now you have a separate, ad-free, youtube PWA, while all your usual browsing is free from extensions.
Not if it ruins advanced content blockers like uBlock Origin. They could have banned remotely hosted JavaScript code and made other security improvements without compromising adblockers and other useful extensions like LibRedirect.
I use Linux without flatpaks or any real permission controls on an X11 desktop environment (I’m unable to switch to Wayland due to performance issues) and I haven’t been hacked once since switching to Linux. Either way, I’d use Android over iOS.
Any reason why I shouldn’t use Invidious instead (besides the few public instances being broken much of the time)?
Yes in a failed attempt to end a search monopoly they have consequently caused another monopoly by de-funding the only competitor to Chrome.
MV3 extensions block non-Youtube ads just fine, and there are other solutions for Youtube, like you mentioned. Redirect functionality should be implemented in search engines like it is in SearXNG.
Not blocking as many scripts because of MV3 might seem uncomfortable, but you can’t block every malicious script out there. Browsers can make more progress on protecting against malicious scripts by mitigating the damage a script can do if it is malicious, and this change can help developers focus on doing so.
I personally wouldn’t want the status of me being hacked or not to be the main security standard for recommending software to other people, who have different security circumstances and habits.
Yes you can, with uBlock Origin’s Dynamic filtering + medium or hard mode. This feature doesn’t depend on any blocklist, but applies a default deny rule, so not badness enumeration. This feature isn’t available in the MV3 version, and that is a big downside.
It’s really not a hassle and it’s fairly simple to do. The only issue imo is that the flags and policies are not formatted in a very usable state, so you can either do that manually or use an llm to do it for you.
.