Per-site process isolation is a powerful security feature that seeks to limit exposure of a malicious website/script abusing a security vulnerability.
Firefox calls per-site process isolation Fission and is enabled by default on desktop. Fission is not yet enabled by default on Android, and when manually enabled it results in a severely degraded/broken experience. Furthermore Firefox on Android does not take advantage of Android’s isolatedProcess flag for completely sandboxing application services.
Obviously Firefox has it own data isolation, but this doesn’t matter if someone can execute bad actiing code due to lack of process isolation.
Chrome literally lacks content/script blocking and allows executing every single random JS script, iframes and other components. Any Chrome based browser is insanely insecure, simply because one can use uBlock Origin easy mode on Firefox (not even medium, hard or nightmare modes). Chrome based browsers lack protection against fingerprinting, making you an easy target for hackers.
Data isolation is site isolation. Process isolation is another aspect, but indirect to website itself. If I can just use uBO on Firefox, the “bad acting code” problem gets solved because I can restrict any scripts I want, and it also employs malware domain blocking lists. This is not possible on Chrome based Android browsers except Kiwi.
Obviously Firefox has it own data isolation, but this doesn’t matter if someone can execute bad actiing code due to lack of process isolation.
Chrome literally lacks content/script blocking and allows executing every single random JS script, iframes and other components. Any Chrome based browser is insanely insecure, simply because one can use uBlock Origin easy mode on Firefox (not even medium, hard or nightmare modes). Chrome based browsers lack protection against fingerprinting, making you an easy target for hackers.
Data isolation is site isolation. Process isolation is another aspect, but indirect to website itself. If I can just use uBO on Firefox, the “bad acting code” problem gets solved because I can restrict any scripts I want, and it also employs malware domain blocking lists. This is not possible on Chrome based Android browsers except Kiwi.