I heard around the internet that Firefox on Android does not have Site Isolation built-in yet. After a little bit of research, I learned that Site Isolation on Android was added in Firefox Nightly, appearing to have been added sometime in June 2023. What I can’t find, though, is whether this has ever been added to any stable versions of Firefox yet. Does anyone know anything about this?

Update: After further research, it appears that Site Isolation is not currently a feature in stable version of Firefox on Android. I don’t know with certainty if their information is up-to-date, but GrapheneOS (A well-known privacy/security-focused fork of Android) does not recommend using Firefox-based browsers on Android due to it’s (apparently) lack of a Site Isolation feature. A snippet of what Graphene currently have to say about Firefox on Android/GrapheneOS from their usage guide page, is: “Avoid Gecko-based browsers like Firefox as they’re currently much more vulnerable to exploitation and inherently add a huge amount of attack surface.”

On a side-note, they also say about Firefox’s current Site Isolation on desktop being weaker, which I wasn’t aware of. “Even in the desktop version, Firefox’s sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole.”

  • TrickDacy@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    6 months ago

    Yeah, the graphene people hate Firefox, but I don’t really put too much stock in their opinion because there are places where they mention it in an alarmist way imo

    • sunzu@kbin.run
      link
      fedilink
      arrow-up
      1
      ·
      6 months ago

      While I respect the work that they have done, leader handling of Lois rossmann was out of line.

      I am not really sure what his deal is or was, but he should stay away from making public appearances until he learns to behave in public facing situation. The spazzing was uncalled for.

      • LWD@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        6 months ago

        I don’t like to speculate, but I think it was mental illness, which may have started during the CopperheadOS days (the predecessor to Graphene).

        Unfortunately, that does call into question the recommendations on that page, which I already had a little worry about because Vanadium is their thing, of course they’re going to recommend it.

        But I do genuinely want to know how significant of a risk this lack of isolation and sandboxing causes.