de0u As a practical matter, once a device falls out of GrapheneOS support if you have low-security uses for it you might look at some other platforms such as DivestOS.

That is very good advice I think - especially because the dev of DivestOS also recommends GrapheneOS for those who can easily afford new Pixel devices... thanks!

I've always used hardened Brave with Proton VPN but since Proton Pass has been a cluster with Brave on Android I've been using hardened Firefox Nightly. Is it a better practice to use Vanadium with Proton Netshield enabled?

    NightSky that depends mostly on your threat model. On Android, Cromium based browsers are inherently more secure than Firefox based Browsers. I'll leave the details to the pros since my knowledge is far from ironclad here. You're okay with ProtonPass though, which is relatively new and untested (compared to for example Bitwarden or KeePassDX) and can be a security concern as well. So Firefox and ProtonPass could just be right for what you want to achieve. If you're looking for highest security, I assume Vanadium (plus KeePassDX) would be recommended here, compared to Brave or pretty much anything else.

    Let's not forget that this thread is about Brave and Vanadium, so for deeper comparisons to Firefox you might want to open a separate thread.

    2 months later
    • [deleted]

    • Edited

    matchboxbananasynergy The issue with Brave is it may give you a false sense of privacy.

    Hi, I understand your overall position but how can you say, like @Paflechien , that Brave only gives a "false sense of security" while it EFFECTIVELY passes, following privacytests.org,

    • all the state partitioning test
    • blocks all the tracking query parameter
    • Tracker content blocking tests
      ?

    I mean, this is no theories. Brave really does something !

    It really blocks Adobe
    Adobe Audience Manager
    Amazon adsystem
    AppNexus
    Bing Ads
    Chartbeat
    Criteo
    DoubleClick (Google)
    Facebook tracking
    Google (third-party ad pixel)
    Google Analytics
    Google Tag Manager
    Index Exchange
    New Relic
    Quantcast
    Scorecard Research Beacon
    Taboola
    Twitter pixel
    Yandex Ads
    !

      Icecube
      Sadly, using a DoH provider as your only adblocker won't be as effective as using Brave or Cromite.

        • [deleted]

        What I don't understand is why people are still asking questions about safety. Vanadium is installed natively, it's the most secure browser, it has no equivalent on android, you won't find better. All the others are inferior. If you want to block ads, you'd better change the DNS at system level, it's written on the website. After that, you can install whatever browser you want, but they'll only be less efficient.

          • [deleted]

          • Edited

          [deleted]
          What you do not understand is that people like me admit that YES Vanadium is more secure and that YES we know that blocking via DNS level is great for privacy, but not as effective as Brave. Just look at privacytests.org and compare to you own browser privacytests.org/me.html ...

          Icecube
          Its great that it's enough for you, but it's not enough for me sadly.

          I'm using DuckDuckGo for the most part, it used WebView so most of the security should carry over. If you don't want to use a WebView browser there is always Cromite.

          • [deleted]

          [deleted] Refer to Daniel's response here

          Also, Arthur (Who seems to be the main developer of privacytests.org) responded to thestinger's response here.

          a month later
          16 days later

          I tested both browsers for several weeks in a university fingerprinting study (I wanted to leave my fingerprint rather for academical research rather than at fingerprint.com).

          The study measures the browser fingerprint based on e.g. navigator, audio, canvas, screen, plugin, connection, WEBGL, mathematical constants and much more.

          The study determines whether the site:

          • has seen this fingerprint before
          • if you are the only participant with this fingerprint and
          • if you can be tracked uniqueliy over time

          Without Javascript, both browsers performed equally well in my tests according to the standards of the university project.

          With Javascript enabled, both browsers always left a unique fingerprint.

          In the categories "seen fingerprint before" and "can be tracked uniqueliy over time", Brave regularly performed better in my case: Vanadium was trackable over time and could be assigned to my previous fingerprints which was not the case with Brave.

          Better to do your own comparisons than listen to strangers on the Internet: https://browser-fingerprint.cs.fau.de/?lang=en

          So for most things I use Brave, when I open sites where I'm more concerned with security than privacy I use Vanadium.

          10 months later
          • [deleted]

          NightSky how do you harden Firefox nightly out of curiosity? Sorry for reviving an old thread lol.