GrapheneOS do you know if Firefox for android even supports using hardened_malloc instead or jemalloc?
There is a compile argument that allows LD_PRELOAD replacement, and maybe Mull could set that to at least use that security feature. For sure, without sandboxing it will still be less secure.
[deleted] I recently read this years old blog post about security BS and it was very interesting.
Now I understand the concept of badness enumeration, which really is bad, but often helps.
Best example for the opposite is NoScript on... Firefox (or Chromium Desktop, but it is MV2). I block all javascript by default and only allow Domains that need it. It is manual work, but really useful for privacy and security