missing-root
I dont think they referred to Vanadium but normal Chromium. I have verified, that without changing the code, Linux Chromium contacts Google all the time, with all possible settings (including flags) and policies applied.
No, the topic is Vanadium.
They have no namespace sandboxing using zygote, as they dont have a fork server at all. This is an issue.
This is not how things work.
But Firefox uses seccomp-bpf for isolating processes, so "no sandboxing" is not true.
It has no sandboxing on mobile. You're completely wrong and your claims are baseless.
There should be no reason why FF mobile shouldnt be able to use seccomp-bpf on Android.
It's not used as a sandbox by Firefox but rather only basic kernel attack surface reduction. It is possible to use seccomp-bpf for sandboxing which they've never done and certainly don't do on Android.