Trivalent: security v. privacy

Hi,
So secureblue ships with Trivalent, which is a hardened chromium. As a result, Trivalent, which had its own adblocking, only has MV3 extensions, meaning uBlock Origin Lite, but no uBlock Origin (which up till now, i was using extensively and aggressively).
By contrast, Firefox (esp via Flatpak) has limited sandboxing and its overall security doesn’t match Chromium (note: I am no expert and cannot back up this claim but it comes up all the time and does not seem disputed).
What is the most important to you in this scenario, privacy or security? Trivalent with uBOL or Firefox with Arkenfox and full uBO?

1 Like

Brave seems like a balanced option imo

I guess to get the best out of both worlds, you can use Brave in Private Browsing for general browsing, and use Trivalent when logged in to websites. Fingerprinting doesn’t mean anything when you’re logged in if you don’t have anonymity.

I appreciate the proposals but unfortunately, i have tried Brave and just don’t like it. More generally I don’t like chrome-based browsers (currently using hardened Firefox and Mullvad Browser) and only trying Trivalent as I test out secureblue.

1 Like

What is the most important to you in this scenario, privacy or security?

The way I see it, it is a choice between:

  1. Reasonable security + Great privacy & a high level of control
  2. Theoretically better security + reasonable privacy

As an individual not at high risk of being specifically individually targeted by a sophisticated adversary I very strongly prefer #1.

I feel that for me and my threat model, privacy is more important, and more relevant to me, the security differences are more theoretical/hypothetical and less likely to be relevant to me in the wild. I perceive any security difference to be further mitigated by having (1) decent browsing habits, (2) uBlock Origin in medium mode.

3 Likes

Thanks @xe3 that’s my feeling too. This is more of a privacy journey for me and I feel like I got a strong balance pruvacy-wise with FF for logged in sites and Mullvad for everything else. I think I will stick to that on secureblue too. It is just not easy for me to assess the importance of comments such as “browsers installed from flatpaks are less secure because the flatpak decreases the sandboxing”. Sounds serious and I don’t know what to make of it vis-a-vis my privacy concerns.

You could also install the non-Flatpak Firefox version.

1 Like

You’re right. And that’s better than flatpak. But still not as secure as chromium and I am still not sure what to make of it.

This comes down to threat modeling.
What are you planning on doing with the browser? What websites are you visiting? Is the extra provided security from secureblue enough for you, or do you need Trivalent for the extra security?
Maybe a compromise could be to use Firefox-based browsers for sites where you want privacy benefits and Trivalent when security is more important.
Remember, privacy is not always about limiting yourself to one approach; if your workflow requires multiple methods, use each to its best advantage.

Sorry for the messy wall of text; I hope you understand what I mean.

1 Like

I do, and I appreciate. Like I said, I don’t do anything fishy, so I think privacy is more important to me. I already try to have a flexible approach by using different browsers based on different needs, but it’s mostly ff and MB, with exceptions specific websites. I think i want to keep that setup under secureblue as well and its security is enough for me.

imo the main reason to choose firefox is freedom, customization, etc, not really privacy. For privacy it’s better to use mullvad browser or tor browser.

Personally I prefer to not use chromium based browsers after mv2 deprecation.

2 Likes

If you feel safe enough using Firefox with Arkenfox and uBO, then go ahead and don’t worry too much. If your threat model doesn’t include targeted attacks with zero-day exploits in Firefox, and you practice good browsing habits, you should be fine.

1 Like