1y ago

If you use Graphene OS, what web browser do you use?

Honestly the lack of ad blockers in Vanadium pushes me towards Firefox even though the devs say that Firefox is far less secure. So many web sites are just hard to use on mobile without an ad blocker so I'm curious what the rest of you are doing.

59 comments

Mull

I have the same reasons for using mull (Firefox fork). I love having an adblocker along side my VPN's ad block. I also hate the chromium UI/UX, mostly because the search bar is on the top of the screen.

I like Mull the best. It’s pretty much just Firefox+arkenfox for mobile
- Except for gecko mobile not having per-site process issolation (Fission) I get it though, its has good anti fingerprinting, isnt chromium, and has compatibility with Firefox addons (you can get around the mobile only requirement by importing a custom collection, which iirc requires Dev mode)
  
  The amount of Firefox fanboys who will get mad at you for mentioning Android Firefox missing per-site process isolation. I've basically made the choice to not mention it anymore because I always get harassed whenever I do lol...
  Firefox on desktop is awesome, Mobile should be avoided.

You could use DNS and stick with Vanadium. AdGuard, nextdns, decloudus, Mullvad.. all good for ad blocking and probably more effective as it’s system wide
- DNS blocking is different than content blocking. A content blocker like ublock can block more than just domains by injecting scripts into DOM (iirc im not a webdev)
- This is what I ended up opting for and it works very well

Bromite before it died, RIP :( Vanadium now with regular dns adblocking where security matters, Fennec where it doesn't.
- There is a fork of Bromite, called Cromite, if you're interested.
  
  This one looks cool, but I am so used to having a sync service that I can't enjoy it fully :/

Mull with ublock origin, always on VPN to my house with pihole for DNS.
I use Firefox for the "installed" web pages for quick access to internal things like Sonarr since Mull would log me out fairly often.

Mull with Adblock plus, Ghostery and Decentral eyes. Btw. I hope they soon update their icon to be Material theme compatible.
- Honest question: is using those 3 addons better than sticking to just uBlock Origin?
  I have read multiple times that the best is to just uBlock Origin and nothing else, since other addons are redundant and together will make your fingerprint easier to recognize.
  
  Honest answer, I don't know. I will for sure not install another extension. What I like from Ghostery is the "auto decline cookie banner" funktion.

I flip between Mull and Cromite.
- What's cromite ?
  
  Prettt sure it's the updated Bromite fork

really want to like vanadium, but it's giving me a unique fingerprint... So I am currently using Brave

Mull, Fennec on mobile and Librewolf on laptop

You could just keep vanadium and change the DNS of your phone for mullvad DNS for exemple to block the ads in (nearly ) every app.

Fennec, Firefox from the f-droid-store
- The most insecure Android stack
  Edit: Because people will just blindly down vote this, here is some references to help you make more informed choices
  https://privsec.dev/posts/android/f-droid-security-issues/
  https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/
  https://bugzilla.mozilla.org/show_bug.cgi?id=1565196
  
  I disagreed particularly with:
  Furthermore, F-Droid doesn’t enforce a minimum target SDK
  While yes, this may be a bad thing for some, certain apps, like termux (terminal emulator, even lets you make a linux chroot, some ppl play games using wine in it) only work properly on sdk's older than a certain version, since newer versions can be somewhat locked down.
  I don't want to say that that article is "google good, f droid bad", but that's what a lot of what it's points are. It completely neglects to mention the downsides of google's various security models, especially for a foss community like this one. App bundles, for instance, are secure yes. But they are also an advanced form of drm (at least when made by google), must be compiled server side for each device, and other things that make them not work for the foss community.
  And criticizing f Droid because it has multiple repos? That criticism is completely incompatible with the common FLOSS ideas that things should be less centralized.
  Don't get me wrong, some of the points it brings up are valid, but they are biased, only focusing on on one side.
  And I also don't feel the need to be alarmed by these points. What does it matter that google signs everything (in a supposedly better way) when "everything" includes malware?
  As usual, no app or product can replace human discernment. Security is a process, not a product.
  
  🤡

Mull with ubo

Hardened Firefox-based browser like Mull or Klar.

Been using duck duck go or Firefox focus personally
- Stop using the DDG Browser.

Use to use forefox, switched to just Vanadium as per Graphenes guidelines

Vanadium for when I need to log in and Cromite for daily browsing.

Mostly Mull. A little Firefox and a little Vanadium

Iceraven from GitHub, it's fork of Firefox but more privacy + add-ons Ghostery & uBlock origin & Bitearden. I don't need more than one browser.

I use Vanadium and sometimes DDG or Tor. Mulls a good, hardcore browser as well.
And for vanadium, I use an ad blocking DNS, which is https://dns.adguard.com/dns-query
Isn't perfect but it blocks some ads

Vanadium and Adguard home

I use Fennec and Brave.
- This!

i was using Mull for a while but currently trying Fennec. both are firefox forks on fdroid

I use Firefox for most trusted browsing, largely due to its bookmark sync and extension support. It has also been my desktop browser of choice for decades. I always browse in private mode on mobile, and with strict protection enabled (no 3PC), so essentially no cookie or data retention once the app is closed. FF sync for bookmarks only, no search suggestions, autocomplete, etc., except for search bookmarks. DDG as default engine.
Passwords are managed with KeePass autofill, and synced to many other devices via Syncthing.
I love that Vanadium is the default WebView browser though, due to its support for site isolation and other hardened features.
Fingerprinting is still virtually impossible to prevent until/unless the overall web browser model changes.

I use Vanadium with a custom DNS in system settings - NextDNS. It doesn't get rid of every ad but it's pretty good and blocks nearly all of them. You can choose adblock filter lists as well with NextDNS.

Navi download manager that has a built-in web browser combined with AdAway.

Fennec, basically Firefox forked. uBlock Origin + ClearURLs. In uBlock Origins I have every single filter enabled except the language ones. Also dark Reader is nice and synced with my system theme, something that doesn't work in Mull because fingerprint resistance blocks that by design.
I can't do Mull for day-to-day stuff, too many things break for me. Web apps like my work stuff, financial stuff, medical stuff, all those heavily use JavaScript and aren't the best coded so they don't like Mull very well. Fennec with uBlock Origin "just works" and very rarely do I ever have to turn off uBlock, usually disabling cosmetic filter on it fixes all my problems.
Also if you run a Firefox variant, you can enable NoScript and enable "Temporarily set top-level sites to trusted" and it will enable a lot of js websites to work without tweaks while still offering very powerful protection.
If I website doesn't work, opening it I'm Vanadium is a nice way to check if the issue is Firefox or not.

NextDNS with Vanadium.
To me, being able to use Vanadium in webview is a huge benefit.
Using DNS to block ads is relatively simple these days.

59 comments