Best browser/ user setup?

sirnose

I'm very new to Graphene OS, so please forgive my complete ignorance!

I've gathered that it's not a bad idea to create different users for different purposes - i.e. work vs 'private matters'. I think I've done this in settings, but it's a little easier to switch user than I'd anticipated. I assumed I'd have to boot the phone up into one user or the other, but it seems I can just switch via the settings app. Are the two different users completely isolated?

I also wanted to know the most private broswer options on the OS. Is Vanadium basically a more secure version of Chrome? Please explain!

I assumed some kind of Tor Browser setup would be more private? Is this possible/ recomended on Graphene OS?

Thank you for your patience and support!

Cdc

sirnose These are valid questions and it should be tagged as "Novice" or "beginner" because I myself switched to GOS a few days ago as well.

Profiles are supposed to be completely isolated in my opinion. In fact, any app I've installed in other profiles have no access to anything, anywhere.

What's not "completely" isolated are connections like WiFi from what I can tell right now. What I have problem with is that I have to switch Open VPN connect every time after switching to new profile whilst WiFi is already running. I believe it could potentially be set up in owner profile somehow.

There's a lot what Vanadium can do and it's been explained many times. However, I am not sure what are differences between that and the Brave exactly. I hope that someone can explain more in detail.

Also, I have no idea about benefits using TOR in comparison with VPN. Please someone explain this too.

thmf

Here's what official documentation says:

sirnose Are the two different users completely isolated?

Security and privacy
(starting with paragraph 5)

sirnose I also wanted to know the most private broswer options on the OS. Is Vanadium basically a more secure version of Chrome? Please explain!

Web browsing

mmobder

sirnose you may find some relevant info in this thread https://discuss.grapheneos.org/d/16754-pls-help-to-collect-inputs-only-that-influence-users-scheme-setup-in-a15

you're welcome to contribute on your findings re limitations etc

trilogy6202

sirnose

Regarding User profiles:
First let me remind you that Android 14 or 15 introduced "Private Space" which is similar to a user profile in that apps are completely separated from the apps running on your owner profile but has the added convenience that you can access them from the owner profile. This is imo one of the biggest new convenience features in Android in a very long time.

As I see it the two main use cases for Private Space / User Profiles is:
1) You have apps that you need but don't trust so you want to prevent them from communicating with other apps on your daily driver profile, and/or
2) You don't want google play service on your daily driver profile but you have certain apps that require google play to function.

Regarding browser privacy:
This is a really deep rapid hole and privacy while browsing is a very complex subject. Modern user tracking on/across web sites rely on creating a persistent fingerprint of the users device and browser. Therefore blending in with other users is probably the best weapon to fight fingerprinting.

Therefore I would assume that Brave is probably more private than Vanadium IF you set it up like the majority of other users set it up simply because Brave on android have a much lager user base and therefore it will be easier to blend in.

Vanadium on the other hand is probably the most secure browser on android.

As far as I remember the Tor project is working on an official Android version but I don't know the time line. There is the Onion browser which is using Onion routing but as far as I know it have some security and/or privacy problems and are generally not recommended in here.

dhhdjbd

Profiles can also be switched in the drop down menu
(one of the circles on the bottom)

Cdc

What I have problem with is that I have to switch Open VPN connect every time after switching to new profile whilst WiFi is already running.

i not sure what you mean, each profile has its own vpn (and has to be setup seperately) as far as i know.
i have mullvad, and when i switch profiles, they are already connected to the vpn (when the profile runs in the background) / vpn behaves like it does after first unlock?

Cdc

dhhdjbd i not sure what you mean, each profile has its own vpn (and has to be setup seperately) as far as i know.

Yeah, I know right. I just tried it again and it happened again.

I have switched to the owner's profile with no apps at all and then switched back in a matter of seconds to the secondary profile with running VPN. Wi-Fi obviously works straight after switching to the secondary profile but Open VPN connect was disconnected with notification message "Disconnected from always-on VPN (Change network or VPN settings". Perhaps my VPN settings isn't right.

When I tapped on it I got a pop up window "Can't connect to always-on VPN" with other copy and a link to a VPN settings where I can see OpenVPN connect as always on.

I didn't try my VPN provide dedicated app though.

To me, it seem like either OpenVPN connect bug, GOS bug, or my settings isn't correct. I'm going to try dedicated app now a will get back with another update.

Cdc

thmf Thanks for both resources attached. Much appreciated! However, according to this using Brave mobile shouldn't have any impact in terms of privacy as far as my knowledge goes. Please share your opinions. Thanks!

thmf

Cdc according to this using Brave mobile shouldn't have any impact in terms of privacy as far as my knowledge goes.

The links I've shared in my post don't mention Brave mobile browser, so I can't arrive to the same conclusion.

Also, it's good to remember that you can have security without privacy, but you can't have privacy without security. Here's a quote from the link above:

Chromium has decent exploit mitigations, unlike the available alternatives. This is improved upon in Vanadium by enabling further mitigations, including those developed upstream but not yet fully enabled due to code size, memory usage or performance. For example, it enables type-based CFI like Chromium on the desktop, uses a stronger SSP configuration, zero initializes variables by default, etc. Some of the mitigations are inherited from the OS itself, which also applies to other browsers, at least if they don't do things to break them.

So, Vanadium has further mitigations, which I think Brave mobile may not have. I don't know if Brave mobile team goes an extra mile to fork Vanadium's mitigations on top of what they do. Also, there's the WebView part that's very much important. Brave won't provide WebView for your phone, so if you using Brave, you're actually using Vanadium WebView, too. At least for your apps. Maybe 'don't put all your eggs in one basket' approach can be mentioned here and is relevant for your threat model.

Cdc Please share your opinions.

I use Brave browser on desktop only, because I don't know of better alternatives from security and privacy (combined) points of view. Tor browser will give you anonymity if you use it right, at least to some extent, but no security since it's unfortunately, Gecko based. As for mobile, Vanadium is my best friend.
With that said, I recall some regular community members mentioned in GrapheneOS chat rooms that Brave is fine as long as your threat model agrees with it.
Hope this helps.

dhhdjbd

Cdc
(if you have a vpn in your owner profile on, and another profile, and both using the same account, then your subscription plan has to support multiple connections, just saying)

my vpn settings are , "always on" on (yours are too), and "block all connections" on (in grapheneOs settings). I dont think there are any other Os vpn (necessary) settings.. In the mullvad app, in settings, it says that for autoconnect i have to enable the "always on" setting, and for lockdown mode the "block connections without vpn" setting (both the Os ones). Mullvad doesnt have settings for this itself in the app. Maybe your app has a extra setting for this?

also, how does your vpn in the owner profil (just one profile) behaves after reboot, is it the same (disconnected) or does it work in this case?

And does it make a difference, if you have "running in the background" On/ off (for the user profile, you want to use the vpn in)?

if it doesnt, you could also test if the vpn atleast stays on after you switched somewhere else (user to owner) (if you have all connections blocked), by triggering something jn the user profile, that should give you a notification (like let someone send you a whatsapp message, and whatsapp is in the user profile).
Sry, maybe someone else can then help younmore with that information

Cdc

dhhdjbd
Thanks for suggestions! I am using OpenVPN app as I have two VPN providers to choose from (multiple instances allowed on both).

I solved this issue using a different app. Well, sort of. I have replaced OpenVPN Connect for OpenVPN for Android and it's working perfectly now. No more hassle with disconnected VPN after profile switching. (My VPN settings-> Always on and block connections without VPN.

Apparently, OpenVPN connect is well-known with these kind of issues with connections.

Cdc

I've got a little update to my VPN setup. It's been working aka reconnecting on auto mode as it should whilst connected to a WiFi at workplace. Once I got back home it wasn't working on any of two profiles - I've been offline as I've set that up to block connection without VPN).

I checked log report in OpenVPN for Android app to understand what is wrong. The message there said something about "...Compression depreciated...", so I switched it off and I've been able to make it work.
However I'm not 100% sure if this helped as I can't remember exactly what I've done in terms of switching on and off in VPN settings either in app during trying to make it work.

I'll get back with more updates later so others searching for this topic can join the discussion here as well.

I obviously have a chance to download official app from both providers and try that as well. But I didn't have good experience. On app wasn't doing well and it always blocks connection when not in use for a long time like for example overnight. Their support suggested OpenVPN app. However, I had no idea there are two apps available.

amusement_grievous292

There is also a loophole where apps in different profile can communicate via localhost if they both have the network permission. Further, it seems quite easy for maliciously invasive apps to know they are being installed on the same device. See https://discuss.grapheneos.org/d/19484-unique-drm-id