What about using extensions with Ironfox?
It’s possible, just like any gecko based android browser
I installed uBO(im not sure? maybe it’s installed by default) and immersive translation. Worked prefectly fine
My plan is to configure uBlock Origin on Ironfox with the same settings that I use on Firefox. Other than that, how is Ironfox more hardened than a fully configured Firefox?
1 Like
Afaik, not really
So basically if I configured Firefox and uBlock Origin’s settings correctly, then it’ll be as harden as Ironfox for the most part?
Yes, I think so.
Six months have passed since this thread was created. Last release was four days ago. Still very consistent in its updates.
1 Like
Have you considered looking into the documentation first?
- Your uBlock Origin configuration is likely less tailored for use on Firefox for Android than IronFox’s defaults for this add-on. See
uBlock/assets.main.jsonin the IronFox repo on GitLab. - IronFox has hundreds of settings built in, to mitigate fingerprinting and increase security, some of which aren’t exposed to the user, even from within
about:config. Just have a look at the documentation here for descriptions of the “patches” made (AFAIK this website is still WIP). For more specific info, see patches/preferences/* for the customized settings. Also, since the bulk of these IronFox settings is based on the Phoenix project, that wiki (codeberg.org/celenity/Phoenix/wiki) is also a treasure trove of information. - By default, the Safe browsing component is proxied, so no connections are made to Google’s servers, unlike Firefox’s defaults.
5 Likes
I think all this talk of “requirements” in terms of how long for an app should have “proven itself” is completely arbitrary.
I also think that problems incurred when needing to switch browsers if anything would happen to this one is rather exaggerated in this topic. This holds especially for Firefox-based browsers, because it’s easy enough to synchronize the settings without having to worry about privacy (E2EE data and you can even self-host Firefox Sync).
What matters a lot more in my opinion is how well-documented it is, the way issues are dealt with and how questions are answered. I’ve rarely seen devs go out of their way as much as celenity to deliberate on the choices that were made and to answer all questions thrown at them. And even if I didn’t agree with a choice made, they were receptive to critique and sought for a solution where possible, or betterment in handling such issues in the future.
Privacy Guides could (and in my opinion should) be instrumental in making IronFox a lot more useful in terms of fingerprint mitigation, because the simple fact remains that it is now a niche product. By recommending it and the influx of new users that would follow, the uniqueness of the browser configuration would dwindle. This is pretty much the only thing Tor Browser relies on in terms of pursuing anonimity, while IronFox (intended for regular browsing use) adds a lot more than that in terms of reasonable defaults and a curated (and pre-installed) uBlock0.
3 Likes
I agree, Privacy Guides already takes so much time as it is to finalize a recommendation there is no need to add an additional “wait and see” requirement.
I don’t think Privacy Guides is popular enough for this to make any difference at all.
1 Like
It’ll still help.
4 Likes
Updates seem consistent. I really think there’s no point in not recommending it anymore. It’s, at the very least, equal to the other recommended browsers or arguably better.
1 Like
I’m with you on that. I think two years is crazy. I’d say maybe a year…maybe…
3 Likes
What are you all thinking now that a month has passed? I see no problem with recommending it just like before. What is everyone else’s consensus?
1 Like
I think it should be recommended but with a warning saying that it is a small project run by a few people so its longevity cannot be guaranteed. I would apply the same approach with Cromite.
I agree, that seems like the most reasonable thing to do.
To give this some context, Cromite came onto our radar in july 2023, and was added on 14 november 2024, so thats 17 months including the the fact that its current maintainer was a major contributer to the Bromite project which we used to list before this.
In any case we are still monitoring this project, once we believe the updates are done jn a timely an reliable manner, we can move on to discuss whether in todays software landscape, we still want to recommend a firefox based browser on the android platform.
We used to recommend on, but tech moves quickly, and we should monitor if anything changed since that last consensus.
2 Likes
For reference, here are some other recent discussions over Firefox’s security and/or PG recommendation status
1 Like
Why do you keep pushing this so hard despite the big security concerns with FF-based browsers on Android?
Cromite is pretty much run by 1 person, not 4 like IronFox. uBlock Origin is pretty much run by 1 person. To my knowledge, Addy.io is run by 1 person. The same goes for RethinkDNS, VeraCrypt and so many more projects on PG that don’t have this warning.
If bus factor really is an issue for PG, which makes sense, then the entire site should be overhauled.
Why do you keep pushing this so hard despite the big security concerns with FF-based browsers on Android?
@Niek-de-Wilde
I my opinion these “big” security concerns are vastly overstated, primarily by GrapheneOS employee(s) and groupies, and outdated. Plus, IronFox has a lot more in terms of security than regular Firefox by simply shipping a pre-configured uBlock Origin that blocks more malicious scripts than any Chromium based browser to begin with and by enabling additional security like Fission by default. It’s a trade-off and hackers vs. inherent browser app security, and (uBlock0) blocklist use are both a cat-and-mouse game, but I’d rather use a uBlock-enabled browser with protection against practical threats than a theoretically more secure browser that fails the necessary tools to browse the web to begin with.
4 Likes