Hi everyone, I’m currently trying to switch to Linux, so I’m trying to follow the philosophy of “less is better". I currently have two separate browsers: Firefox, which I use for daily tasks like social media checking (just Mastodon), Invidious video watching, ProtonMail checking, NextDNS logs, and streaming. Then I use Brave to explore some forums (including some shady ones, for research purposes). I never download anything or click on malicious links, and I’m always behind a double VPN for that.
My question is: I know it’s more secure and private to use two separate browsers, but is it really that bad if I use two separate Firefox profiles for that and completely get rid of Chromium-based browsers? Thanks in advance everyone!
Like @lordhomeless said, a single web browser will be a single point of failure. As unlikely as it may be, setting up two different browsers ensures you can easily switch to Brave if something happens to Firefox. But if you’re adamant about being independent from Chromium, I wouldn’t say it’s ”bad” to just use Firefox with multiple profiles. It’s just the risk of using one browser that you have to be aware of and how you can mitigate the risk into your threat model.
I will never download anything malicious or browsing something that could compromise I think, also because I have hardened Firefox enough with Arkenfox+uBlock aggressive settings, plus I added NextDNS with some blocklists that blocks “weird” and “unusual” connections and I check logs so I will know if there is anything weird, for the double VPN I mean the Secure core of ProtonVPN in case one is not enough.
I like the choice to use Tor and I would have used it as well if it weren’t for the issue that logs me out every time I close it, I need to stay logged in.
What I wanted to say, in terms of privacy and security, is that I know it’s better to use separate browsers for security, but is it really that necessary? Do separate profiles have the same level of “separation” in terms of fingerprinting?
From this perspective, running two separate FF profiles is not much different running two different FF instances. The one issue I can think of is that if you care about minimizing risk of fingerprints between the two being linkable, then of course running two instances of the same browser looks more different than using a different one.
You can of course also have some other Mozilla-based browser(s) on the side - Mullvad Browser, LibreWolf, Konform Browser, Tor Browser, FF ESR. Then you get the fingerprint difference without having to use chromium (:
Another thing to check out if you haven’t is Firefox “Multi-Account Containers”. This one is less isolated than the profiles or separate browsers but can be convenient to combine and also allows you to use separate HTTP/SOCKS proxies for each container if you want. So just like you can configure a tor-specific profile, you can configure a tor-specific container. Containers have differently colored tabs inside the same browser window.
What’s the kind of failure scenario you’re having in mind here? That the browser becomes unavailable, can’t start and you can’t reinstall it? I really don’t think this is a such a relevant concern or useful advice.
More of a real concern is that of a security issue in a browser leading to everything from a bit of metadata leakage to some form of sandbox escape and some bad website or extension doing naughty stuff on your machine. There is a non-zero risk that an issue in one leads to compromise of the entire system.
With two different browsers, now you’ve approximately doubled that risk, no? You might be pwned if either is exploited. Sure you can get some isolation and “hedge your bets” by separating but overall I think that the smaller number of different apps you ingest untrusted data with and expose online, the lower your risk of compromise.
I agree with @CommanderKen, that’s exactly why I asked this question, btw thanks all of you for your feedback, I will think about it before the switch, thanks again!
I’m curious too!