I have never used Macos so excuse my naive question.
Does Lockdown Mode apply for non-Safari browsers on Macos like Firefox and Brave browser?
Does it really work for increasing the security of the browser or i can achieve similar results on Linux by tweaking settings like disabling V8 in Brave or tweaking the about:config in Firefox?
I am trying to decide if switching to Macos will greatly increase the security of my browser. Right now i am using Linux. I see that browser zero days that are being exploited in the wild are increasing as time goes.
While true, keeping your browser updated if you’re using them everyday will mitigate if not fully eliminate this concern. Lockdown Mode just for this purpose may not be necessary but it doesn’t hurt to safeguard your OS too so might as well enable. It has limited downsides.
Such is the nature of exploits and their fixes. Updating may be the only actionable thing that you can do on the browser-side.
It also helps a lot if you avoid the more shadier places on the internet. Consolidating sites and services has a lot of downsides but ironically keeping yourself to the most popular sites online is very good at keeping yourself safe. I mean there are still issues but at least the bigger ones have proper cybersecurity teams with NOCs.
No. It does on iOS because all browsers are required to use the WebKit engine behind the scenes, but this is not the case on macOS.
Lockdown mode entirely disables JIT, which cannot be said for the V8 toggle in Chromium browsers. Lockdown mode also disables a bunch of other stuff, like third-party fonts, which leads to a lot of breakage.
You have two good options for browser security on macOS. Either Safari – which will benefit from Lockdown mode – or Chrome, which can be configured to have great security and reasonable privacy. Personally, I prefer Chrome, but you can’t really go wrong either way.
Lockdown mode honestly doesn’t really do all that much on macOS unless you use a lot of Apple apps and services like Safari, iMessage, FaceTime, etc. I would recommend enabling it since you probably won’t experience many, if any, differences, and it really can’t hurt.
This is incorrect. Malware and exploits can only be fixed once they’ve been detected and reported. The point of lockdown mode and features like memory tagging is to prevent many of these exploits from working in the first place by decreasing attack surface.
They’ve added a memory safe font parser so I believe now much more third party fonts should work. At least it’s much better now than it used to be.