I don’t agree with the proposal in its exact form, but I do think including Mull in some form would have a positive effect – if done right. I will untangle some of what imo needs to be considered, and then adjust the initial proposal accordingly.
Recommending Brave only
As @jonah correctly pointed out, Brave being the only option for Android isn’t optimal. However, that’s really only where the problems begin. Just by its nature as a Chromium browser, Brave fundamentally has and will have a problematic status in large parts of PGs target audience. The scandals from years ago made an already non-ideal situation worse. Be it Brave’s cryptocurrencies, its advertising strategies or that people would really like Firefox to be the obviously better option and are frustrated that it isn’t – Brave is a controversial topic.
In my experience, this has resulted in lots of hate against Brave, and people often quite mindlessly recommending worse alternatives. To be clear: I don’t mean Mull, I mean literally any Gecko-based browser, no matter their issues or state of decay after at times years without maintenance. The criticism Brave (definitely!) deserves for some things is overshadowed by the amount of criticism it regularly gets. Or at least that’s the case for arguments about immediate security and privacy, as well as basic usability. To be honest, I think the main difficulty here is that many of the most outspoken critics of Brave refuse to use it for non-privacy and -security reasons.
And this is just fine, there are lots of perfectly understandable reasons to use something else instead. Not every decision has to be laser-focused on security and privacy. It just has to be honest, should be grounded in some understanding of security differences and fit the users’ personal requirements and subjective priorities. PG makes a recommendation based on factors that don’t always apply, people are allowed to not always come to the same conclusion, especially if they are just not that concerned about security.
Simply recommend Mull?
But there’s yet another layer to this. We’re all fully aware that many people, no matter their reasons, will not use Brave, irrespective of it being the recommended option. Morally, this might fall under their responsibility, but that doesn’t make it that much better. PG exists to help people in this regard, and ignoring all the harm that will come out of this on a long enough timeline doesn’t feel right. For this reason, Mull should be included as best Chromium-alternative. Why not simply recommend it?
I think under no circumstances should PG start taking the convenient route on topics like this. Nobody here has really argued that Brave doesn’t currently provide better security, so this assessment should remain as it is. I also don’t think just placing Mull behind Brave in the article makes this clear enough. Changing the criteria to open a loophole just to be able to recommend something besides Brave would be outright worrying. This heavily creates the impression that the requirements and criteria are mostly there to place a professionally sounding framework around a decision that’s already been made based on personal preference. That’s exactly not what I hope PG is. People can decide based on personal preferences without any help. What PG should (and imo largely does) focus on is providing the privacy/security evaluations that can then serve as a base for readers to make a well-informed decision.
Proposed Solution
Luckily, there is a solution that doesn’t require the criteria to be changed, doesn’t just abandon anyone not going with Brave and is even already well implemented elsewhere for somewhat similar reasons. @Lukas summarized it very well:
This would provide a great basis for people to make an informed decision. It would likely do quite a bit of harm-reduction by causing more people to go with the next best thing instead of whatever alternative they first run into. It would still be honest and encourage them to use Brave if they want to put security and privacy considerations first. Including something like
We do not currently recommend Gecko-based browsers like Mull for anyone that wants the best security available.
leaves no doubts, but plenty of room for a “However, …”
Also: Recommend Vanadium!
Finally, I’ll repeat a proposal that’s already been made here.
If there is indeed a need for something besides Brave, it makes very little sense to me to exclude a possibly more secure option because it’s “only” usable on the primarily recommended mobile OS – while at the same time including a less secure option from a non-recommended source. Vanadium coming from the same devs that make its OS gives it unique opportunities in comparison with most browsers. I won’t go into further detail here, but I hope we can agree that Vanadium is at the very least a perfectly good alternative to Brave security-wise.
TLDR
- Brave should remain recommendation #1
- Vanadium should be recommendation #2
- Additional Chromium-based browsers fitting the criteria, if available (idk much about Mulch)
- Mull should explicitly be not recommended, but still be mentioned as the best chromium alternative
- Both the security risk Mull brings and some reasons in favor of Mull should be explained to provide readers with great conditions to make an informed decision fitting their individual priorities.
- The criteria should remain untouched.
This is far from an easy decision. I hope that whatever PG chooses in the end, it will be well thought-out and adhere to PGs values, even in spite of what many of its readers might want to hear.