• WardPearce@lemmy.nz
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    As I said I not a fan of Brave (mostly because of the crypto stuff), calling it spyware you could say is hhmmmm “misinformation”. Yes security and privacy are different concepts but they are closely linked. If your browser fails to stop malicious code from being executed, you might find this impacts your privacy.

    Matter of facts is, Android Firefox lacks site isolation. Yes you can enable a highly experimental version of site isolation what will break your browser (admitted by your source) and may even fail to isolate sites altogether. Android Firefox doesn’t use isolated processes, a functionality what can’t be enabled.

    I’m not sure what your goal is with this discussion, but obviously you don’t have any regard for privacy or security. Your arguments over semantics are obviously in bad fair (and not even accurate to the original discussion).

    To reiterate for the millionth time, feel free to use Firefox on Android, I’m avoiding using Firefox due to large security concerns. Once Mozilla finishes implementing site isolation and process isolation, I’ll be the 1st one to move off Brave and into Firefox.

    But for your own future reference, actually source articles what support your statements. Otherwise don’t get upset when someone points that out.

    • TheAnonymouseJoker@lemmy.mlM
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      Firefox Android DOES NOT lack site isolation. It lacks process isolation turned on by default. Firefox fully isolates site data. These are 2 different things. This is the fact that is being pointed out to you. If you are buying into nonsensical security theater claims being made by a bunch of Big Tech Security™ believers, that is YOUR fault.

      Stop misinterpreting the article’s table purposely to fit your claim. Just so that people do not get lost here, this is the article: https://divestos.org/pages/browsers Per-site data isolation, tracking protection and per-site process isolation are separate features.

      Any browser that cannot run uBlock Origin (or similar granular script blocker) with the ability to manually toggle scripts and set their own script/domain rules is an insecure browser. This makes Firefox on both desktop and Android incredibly more secure than any Chrome based browser out there, period.

      You are free to use your favourite Chrome based browser with no uBlock Origin style capabilities and Google’s security that disregards user’s privacy and security against random website scripts. But you may not promote this here, or the nonsense about Firefox’s site isolation for website data, which factually exists on Android.

      • WardPearce@lemmy.nz
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Per-site process isolation is a powerful security feature that seeks to limit exposure of a malicious website/script abusing a security vulnerability. Firefox calls per-site process isolation Fission and is enabled by default on desktop. Fission is not yet enabled by default on Android, and when manually enabled it results in a severely degraded/broken experience. Furthermore Firefox on Android does not take advantage of Android’s isolatedProcess flag for completely sandboxing application services.

        Obviously Firefox has it own data isolation, but this doesn’t matter if someone can execute bad actiing code due to lack of process isolation.

        • TheAnonymouseJoker@lemmy.mlM
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          Chrome literally lacks content/script blocking and allows executing every single random JS script, iframes and other components. Any Chrome based browser is insanely insecure, simply because one can use uBlock Origin easy mode on Firefox (not even medium, hard or nightmare modes). Chrome based browsers lack protection against fingerprinting, making you an easy target for hackers.

          Data isolation is site isolation. Process isolation is another aspect, but indirect to website itself. If I can just use uBO on Firefox, the “bad acting code” problem gets solved because I can restrict any scripts I want, and it also employs malware domain blocking lists. This is not possible on Chrome based Android browsers except Kiwi.