this post was submitted on 18 Jun 2024
59 points (91.5% liked)

Firefox

17898 readers
98 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

I heard around the internet that Firefox on Android does not have Site Isolation built-in yet. After a little bit of research, I learned that Site Isolation on Android was added in Firefox Nightly, appearing to have been added sometime in June 2023. What I can't find, though, is whether this has ever been added to any stable versions of Firefox yet. Does anyone know anything about this?

Update: After further research, it appears that Site Isolation is not currently a feature in stable version of Firefox on Android. I don't know with certainty if their information is up-to-date, but GrapheneOS (A well-known privacy/security-focused fork of Android) does not recommend using Firefox-based browsers on Android due to it's (apparently) lack of a Site Isolation feature. A snippet of what Graphene currently have to say about Firefox on Android/GrapheneOS from their usage guide page, is: "Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface."

On a side-note, they also say about Firefox's current Site Isolation on desktop being weaker, which I wasn't aware of. "Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole."

you are viewing a single comment's thread
view the rest of the comments
[–] sugar_in_your_tea@sh.itjust.works 2 points 4 months ago (1 children)

Blocking 3rd party scripts and frames

Yes, there are multiple ways to address a given problem, with different tradeoffs. I don't know the specifics of per-site isolation, but I'm guessing it also protects against non-JS attacks like CSS or HTML-processing attacks, which could trigger those same Spectre/Meltdown-style attacks. That's a pretty niche case, but hopefully it shows that even a good plan has potential holes.

Ideally, we could eat our cake and have it too, and hopefully Mozilla is working on that. In the meantime, you need to decide if you want something more configurable (Tor, you, and I seem to prefer this) and accept tradeoffs, or solve for the general case of scripting enabled (e.g. Chromium's isolation). Micay isn't wrong for his preference, and you and I aren't wrong for ours.

there is no privacy without security

That's close to the truth, but it's a system of degrees. You need enough security to make protecting privacy feasible. But they are separate goals, especially if adding Anonymity into the mix. For example:

  • secure, but not private or anonymous - Google services; you can't get much better security than gmail, but it's horrendous for privacy because Google's reading your stuff; or a more tangible example, it's like living in a bulletproof glass house
  • private, but not secure or anonymous - closing the blinds at your house, and not locking doors; nobody can see what you're doing, but home ownership is public record and anyone can walk in
  • anonymous, but not secure or private - counter-protesting - they don't know who you are, but everyone can see and hear you, and they can come beat you up

But there's a lot of overlap too. Really good privacy often requires pretty good security, especially depending on your threat model. Effective anonymity also requires good security and often provides good privacy. So it's not necessarily wrong to say they're extremely closely related, so I could see it being shortened to "no privacy without security" as a general rule of thumb.

The only method to counter their malicious narrative is nullifying their advice and proposed/developed tools

I disagree on all accounts:

  • I don't think their narrative is malicious, I think it's overly simplified, which is what you want in a sales pitch
  • nullifying their advice isn't worthwhile, there's more than one way to solve a problem, and different problems can look similar

Instead of attacking them, I think it's better to provide accurate information that they're omitting. If you aggressively attack something, it puts people who like/support that thing on the defensive (relevant Louis Rossmann video, who you should like because he ripped into Daniel Micay as well). Instead, highlight the benefits of your proposed solution, and limit your criticism of other solutions to only those that negatively impact your target audience.

At least that's my takeaway from various sources (laws of power, how to win friends and influence people, etc).

Fission has existed since many versions as experimental on Android, and I have tried it, but it causes bugs and crashes after using browser for a while.

Yup, it's not ready yet on Firefox, hence why I don't use that experimental feature.

dFPI

Well yeah, Google is an ad company, so they're going to be slow in adopting things that make advertising less effective/gives them less data. I'm guessing they'll implement it once they can effectively use first party cookies to serve ads (would require websites to help).

FPI isn't really a security feature (login cookies and whatnot are first party and thus not sent to third parties), it's a privacy feature. Google doesn't particularly care about privacy, only security.