#Question about web browsers

I'm sure you've read this section of GrapheneOS's FAQ:
https://grapheneos.org/usage#web-browsing

I personally use Trivalent for most of my browsing, with the occasional Tor Browser in between.

personally I wouldn't recommend Brave given their history of basically acting as adware: https://en.wikipedia.org/wiki/Brave_(web_browser)#Controversies

Brave has received negative press for diverting ad revenue from websites to itself, collecting unsolicited donations for content creators without their consent, suggesting affiliate links in the address bar and installing a paid VPN service without the user's consent.

my understanding is that Brave's supposed "fingerprinting protection" is also still fairly weak—if your threat model requires anonymity in your web browsing activities then you should really be using Tor Browser (possibly via Tails or Whonix depending on your other security considerations), as it ensures that all Tor Browser users have an identical fingerprint

Dont use Mullvad browser and only use Tor in a VM

I mean Tor should only be used in a VM if you intend to use it, otherwise it is security risk

Mullvad, and any other Firefox based browser for that matter, is less secure than any Chromium based browser, granted if both are up-to-date

Mullvad is considered private, not secure. Biggest twist up people make when choosing browsers

well, poor security can result in poor privacy

such is the case with FF browsers

the issue with brave isn't "bloat"

fingerprinting protection

"anti-fingerprinting" is 90% snakeoil and marketing

it's like saying "all-natural" or "health food"

doesn't actually carry any weight

the only way to actually prevent fingerprinting, despite its faults, is with Tor Browser

If you want companies not to learn information about you without using Tor Browser, your best option is to simply not use their services

what does Trivalent not have that you want?

right

you can just use ublock origin lite for that

chrome://settings/security

enable extensions

extensions and settings are also per-profile

Or you could use Piped or Invidious

so you can make a separate profile just for Youtube

and then install ubo lite

and then install youtube as a PWA

voila, trivalent Youtube PWA in its own profile 🙂

also looks cool

fingerprinted by extensions

i have no idea what you mean

"fingerprinting" isn't a real concern

it's a marketing scheme

that unfortunately a lot of people fall for

it would be a harmless charade if it didn't also give people a false sense of security

which is dangerous since it makes people ignore actual security concerns

like poor sandboxing, poor site isolation, etc etc

also WASM/JIT vulns

etc

https://www.youtube.com/watch?v=AtK_YsVInw8

anyways though the point of profiles is isolating your workflows

so i can for example have my personal stuff in one profile and my work stuff in another

they aren't comparable and it doesn't have security features from Tor Browser

Tor Browser is not a secure browser

it's an anonymity browser

so it's not at all a mixed bag. you'd be far better off with any chromium based browser, Chrome, Edge, etc

😄 i think of this bit every time i hear the words "fingerprinting" and "privacy"

@waxen oar Having PWAs in a separate profile might make sense too so you dont accidentally delete your cookies including the data of your pwas right?

it's one of the oldest professions: selling cures for problems they don't have so you convince them they do

https://www.youtube.com/watch?v=LI_Oe-jtgdI

it is in the sense that you can only reduce security for specific applications by putting insecure stuff in a single profile

for example discord calls need a less secure WebRTC setting

so you can have a separate profile for discord

so that the default is still the most secure option

or this song 😛

"River City ain't in any trouble"

"Gonna have to create some "

can't you instead just enable webrtc on a per-site basis? I still haven't found the need to make multiple profiles, I just go with secure default settings and only downgrade them on a per-site basis as needed

maybe not a great example then

allowing extensions in one profile

not to mention Firefox forks claiming they're a highly secure browser option 😛

same thing with extensions though, I only allow extensions on a per-site basis

oh like UBO-lite?

yeah that's true

i just prefer to only install it in its own profile since i only need it for youtube

great movie btw

a classic