henfredemars

joined 1 year ago
[–] henfredemars 1 points 1 year ago

I want to write thank you so much for posting this. I really care about this data, and not many people get as excited about following it as I do.

[–] henfredemars 7 points 1 year ago (1 children)

Not at all. There are quite a few cheap e-readers out there. I've had the pleasure of owning a few, and I'm afraid I never wished Android would run on one.

[–] henfredemars 9 points 1 year ago

KeePassDX

Woo for KeePassDX! Love it so much I donated.

[–] henfredemars 10 points 1 year ago* (last edited 1 year ago) (3 children)

As a security researcher, running each site in its own process isn't enough. Chrome has a much stronger multiprocessing model on most platforms. For example, Chrome on Android sandboxes between processes whereas Firefox simply relies on the built-in Android sandbox, which provides limited protection between these processes. It's much easier to break out of the sandbox in Firefox because it's easier to move laterally, for one. Those processes have to communicate with each other at some point.

But, don't believe me just because I claim any sort of credential on the Internet. It's such a difference in security that GrapheneOS strongly discourages using Firefox for its weak implementation in addition to the link I provided above. From the link:

Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole.

I love Firefox. I use it anyway. It's not insecure. But it's absolutely not as secure because it lacks modern exploit mitigations. Running process per site is an improvement but it's still less secure than the architecture used in Chrome.

EDIT: Sound less entitled.

[–] henfredemars 7 points 1 year ago (1 children)

This is why I use Firefox! For freedom.

[–] henfredemars 28 points 1 year ago (1 children)

I'm tired for paying for insurance that doesn't do anything.

[–] henfredemars 2 points 1 year ago

It's like when I've finally gotten so ugly people can't look away instead of trying not to look.

[–] henfredemars 18 points 1 year ago* (last edited 1 year ago) (8 children)

Great, now implement modern exploit mitigations and sandboxing like Chrome uses. Firefox is objectively less resistant to exploitation. Some Firefox security has improved since the article was written, such as some sandboxing on Windows, but it's definitely not as mature.

I'm not writing that Firefox is insecure. Security is very important to Firefox! However, Chrome has had more work done in the realm of browser hardening.

[–] henfredemars 5 points 1 year ago

Google intentionally gimps what they serve to their competition to make them look worse. It's definitely an anticompetitive practice, and they're walking a fine line about it to not get in legal trouble.

[–] henfredemars 32 points 1 year ago* (last edited 1 year ago) (1 children)

They do, but Chrome is actively trying to remove support for most advanced ad-blocking capabilities. Further, Google has no financial incentive to make their browser hospitable to ad blockers as Google makes most of their money from advertising.

Google has pushed some half-baked ideas for how the web could work without having to block ads. Ad blocks aren't best buddies with Google.

[–] henfredemars 2 points 1 year ago

Perhaps the replacement battery was manufactured a while ago?

[–] henfredemars 8 points 1 year ago* (last edited 1 year ago) (1 children)

On the Internet, nobody knows you're a dog.

I'm onto you.

view more: ‹ prev next ›