• baseless_discourse@mander.xyz
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    10 months ago

    GrapheneOS is security first, but not so privacy focused in terms of their browser. In fact, they state that explicitly in the usage guide:

    Vanadium was previously primarily focused on security hardening but we plan on adding assorted privacy and usability features. In the near future, we plan to add support for always incognito mode, content filtering (ad blocking, etc.), improved state partitioning, backup/restore and many other features.

    The only reason they dont recommend firefox is because it adds attack surface (of course, every app you use, adds some attack surface) and it dont have pre-site process isolation. This is NOT a privacy feature, but a exploit protection feature. Until a exploit has been discovered, with or without isolation, websites cannot interfere with each other.

    Read about their browser and web browsing recommendations here: https://grapheneos.org/usage#web-browsing

    Their Vanadium is, in fact, middle of the road in terms of data isolation and don’t have any tracker blocker or fingerprint resistant. It is a tradeoff they made between privacy and usablity. If you want to read more: https://divestos.org/pages/browsers

    I personally do agree with them that the “privacy theater” approach is not a long term solution, and we need more principled approach to privacy with proper threat model. However, currently, without more substantial research, messy privacy theater unfortunately seems to be the way to go; just like most corporations do use a anti-virus, even when they are not the way to archive “decent security”.

    GrapheneOS has a tendency to market their security/privacy choices as arbitrary to its users, probably to make them easier to understand. This is unfortunately enhanced by several GrapheneOS YouTubers.

    Many times recommendations from GrapheneOS are strictly better than they competition, sometimes their advantage are not necessarily strict, but a tradeoff. I believe for Vanadium, their recommendation leans towards later.

    Personally, I use grapheneOS with Mull.