If you use Graphene OS, what web browser do you use?
If you use Graphene OS, what web browser do you use?
Honestly the lack of ad blockers in Vanadium pushes me towards Firefox even though the devs say that Firefox is far less secure. So many web sites are just hard to use on mobile without an ad blocker so I'm curious what the rest of you are doing.
Mull
35I have the same reasons for using mull (Firefox fork). I love having an adblocker along side my VPN's ad block. I also hate the chromium UI/UX, mostly because the search bar is on the top of the screen.
24I like Mull the best. It’s pretty much just Firefox+arkenfox for mobile
13Except for gecko mobile not having per-site process issolation (Fission) I get it though, its has good anti fingerprinting, isnt chromium, and has compatibility with Firefox addons (you can get around the mobile only requirement by importing a custom collection, which iirc requires Dev mode)
6
FF
11Bromite before it died, RIP :( Vanadium now with regular dns adblocking where security matters, Fennec where it doesn't.
9There is a fork of Bromite, called Cromite, if you're interested.
20This one looks cool, but I am so used to having a sync service that I can't enjoy it fully :/
3
Mull with ublock origin, always on VPN to my house with pihole for DNS.
I use Firefox for the "installed" web pages for quick access to internal things like Sonarr since Mull would log me out fairly often.
8Mull with Adblock plus, Ghostery and Decentral eyes. Btw. I hope they soon update their icon to be Material theme compatible.
8Honest question: is using those 3 addons better than sticking to just uBlock Origin?
I have read multiple times that the best is to just uBlock Origin and nothing else, since other addons are redundant and together will make your fingerprint easier to recognize.
11
You could use DNS and stick with Vanadium. AdGuard, nextdns, decloudus, Mullvad.. all good for ad blocking and probably more effective as it’s system wide
8DNS blocking is different than content blocking. A content blocker like ublock can block more than just domains by injecting scripts into DOM (iirc im not a webdev)
2This is what I ended up opting for and it works very well
1
Mull with ubo
7really want to like vanadium, but it's giving me a unique fingerprint... So I am currently using Brave
6Fennec, Firefox from the f-droid-store
6The most insecure Android stack
Edit: Because people will just blindly down vote this, here is some references to help you make more informed choices
https://privsec.dev/posts/android/f-droid-security-issues/
https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/
-8I disagreed particularly with:
Furthermore, F-Droid doesn’t enforce a minimum target SDK
While yes, this may be a bad thing for some, certain apps, like termux (terminal emulator, even lets you make a linux chroot, some ppl play games using wine in it) only work properly on sdk's older than a certain version, since newer versions can be somewhat locked down.
I don't want to say that that article is "google good, f droid bad", but that's what a lot of what it's points are. It completely neglects to mention the downsides of google's various security models, especially for a foss community like this one. App bundles, for instance, are secure yes. But they are also an advanced form of drm (at least when made by google), must be compiled server side for each device, and other things that make them not work for the foss community.
And criticizing f Droid because it has multiple repos? That criticism is completely incompatible with the common FLOSS ideas that things should be less centralized.
Don't get me wrong, some of the points it brings up are valid, but they are biased, only focusing on on one side.
And I also don't feel the need to be alarmed by these points. What does it matter that google signs everything (in a supposedly better way) when "everything" includes malware?
As usual, no app or product can replace human discernment. Security is a process, not a product.
1
You could just keep vanadium and change the DNS of your phone for mullvad DNS for exemple to block the ads in (nearly ) every app.
6Mull, Fennec on mobile and Librewolf on laptop
6Firefox nightly for bleeding edge updates and also hardened it a bit through the about:config menu, regular Firefox when I need proper security for banking and whatnot, and Vanadium in case something does not work underneath Firefox which is very very rare.
5I dont think regular (also not really privacy friendly) Firefox is more secure than hardened Firefox nightly.
Btw Mull from FDroid is a prehardened version of nightly.
2
Been using duck duck go or Firefox focus personally
4Stop using the DDG Browser.
1
Hardened Firefox-based browser like Mull or Klar.
4Mostly Mull. A little Firefox and a little Vanadium
3Vanadium and Adguard home
3Iceraven from GitHub, it's fork of Firefox but more privacy + add-ons Ghostery & uBlock origin & Bitearden. I don't need more than one browser.
3Vanadium for when I need to log in and Cromite for daily browsing.
3Use to use forefox, switched to just Vanadium as per Graphenes guidelines
3I use Vanadium and sometimes DDG or Tor. Mulls a good, hardcore browser as well.
And for vanadium, I use an ad blocking DNS, which is https://dns.adguard.com/dns-query
Isn't perfect but it blocks some ads
3I use Fennec and Brave.
3This!
0
I use Vanadium with a custom DNS in system settings - NextDNS. It doesn't get rid of every ad but it's pretty good and blocks nearly all of them. You can choose adblock filter lists as well with NextDNS.
2i was using Mull for a while but currently trying Fennec. both are firefox forks on fdroid
2I use Firefox for most trusted browsing, largely due to its bookmark sync and extension support. It has also been my desktop browser of choice for decades. I always browse in private mode on mobile, and with strict protection enabled (no 3PC), so essentially no cookie or data retention once the app is closed. FF sync for bookmarks only, no search suggestions, autocomplete, etc., except for search bookmarks. DDG as default engine.
Passwords are managed with KeePass autofill, and synced to many other devices via Syncthing.
I love that Vanadium is the default WebView browser though, due to its support for site isolation and other hardened features.
Fingerprinting is still virtually impossible to prevent until/unless the overall web browser model changes.
2NextDNS with Vanadium.
To me, being able to use Vanadium in webview is a huge benefit.
Using DNS to block ads is relatively simple these days.
1Fennec, basically Firefox forked. uBlock Origin + ClearURLs. In uBlock Origins I have every single filter enabled except the language ones. Also dark Reader is nice and synced with my system theme, something that doesn't work in Mull because fingerprint resistance blocks that by design.
I can't do Mull for day-to-day stuff, too many things break for me. Web apps like my work stuff, financial stuff, medical stuff, all those heavily use JavaScript and aren't the best coded so they don't like Mull very well. Fennec with uBlock Origin "just works" and very rarely do I ever have to turn off uBlock, usually disabling cosmetic filter on it fixes all my problems.
Also if you run a Firefox variant, you can enable NoScript and enable "Temporarily set top-level sites to trusted" and it will enable a lot of js websites to work without tweaks while still offering very powerful protection.
If I website doesn't work, opening it I'm Vanadium is a nice way to check if the issue is Firefox or not.
1Navi download manager that has a built-in web browser combined with AdAway.
1