Nostr Web Client

Replying to

final [GrapheneOS] 📱👁️‍🗨️

For the people wishing to see on Nostr the features #GrapheneOS Vanadium browser has:

- Type-based Control Flow Integrity enabled

- Hardware memory tagging (MTE) enabled for the main allocator

- Strict site isolation and sandboxed iframes

- JavaScript JIT disabled by default with per-site override option

- Native Android autofill implementation to avoid needing sandboxed Google Play for autofill support

- WebGPU disabled for attack surface reduction

- WebRTC IP handling policy toggle to control peer-to-peer WebRTC mode

- Compiler hardening: automatic variable initialization, strong stack protector, well defined signed overflow

- High performance content filtering engine using EasyList + EasyPrivacy with a per-site override option

- More complete state partitioning without origin trial opt-out

- High entropy client hints replaced with the frozen user agent values to avoid leaking device/OS info

- Battery API always shows the battery as charging and at 100% capacity

- Trivial subdomain hiding disabled

- Consistent browser behavior across users without usage of feature flags and seed-based trials

- Nearly all remote services disabled by default or removed. Only connects to GrapheneOS servers by default. There are only 2 default services: component updates such as certificate authority and certificate revocation updates and DNS-over-HTTPS connectivity checks when enabled

- Web search and global search intents to replace the need for an OS search app

- Option to always open links from other apps, custom tabs and search intents in Incognito mode

Better default settings, including non-user-facing flags:

- Reduce Accept-Language header by default (only available via chrome://flags)

- Third party cookies disabled by default

- Payment support disabled by default

- Website background sync disabled by default

- Sensors access disabled by default

- Protected media (DRM) disabled by default

- Hyperlink auditing disabled by default

- Do Not Track enabled by default mainly to avoid users differentiating themselves from others by enabling it since it has no real value

- WebRTC IP handling policy set to the most private value by default instead of the least private value (turned into a user-facing option by Vanadium)

nostr:nevent1qqstu7eafcpguaqfplrvh88vu5ked4ke6kcxh7svrllastrdh9vgnnspz3mhxue69uhkummnw3ezummcw3ezuer9wcpzps26tfjesmn6ksf5mm36hpf9fkjut49sfeutfutvs2phrykn25v9qvzqqqqqqyyjcwrn

AU9913 1y ago

Any chance there is a comparison between vanadium and brave

Reply to this note

Please Login to reply.

Discussion

final [GrapheneOS] 📱👁️‍🗨️ 1y ago

Brave is currently the only other browser we recommend. It keeps the same security as mobile Chromium while adding additional state partitioning, anti-fingerprinting improvements and the most advanced content filtering engine. Content filtering is the best on Brave. Vanadium needs to improve on some of these but we also have state partitioning and we discuss our approach to anti-fingerprinting a little different to how Brave does it. Brave randomizes data while we reduce the data that could be used and make all Vanadium users look the same as each other where possible.

However, Vanadium is more secure and has greater security enhancements and exploit mitigations than Brave. Vanadium is the only browser incorporating Memory Tagging in production for Pixel 8 and later. Vanadium also has Control Flow Integrity which is disabled upstream and other browsers like Cromite tried to enable and failed. Vanadium is designed to be extremely resistant to exploitation, JS JIT is off by default and has a toggle while Brave doesn't have.

As work on Vanadium uplifts continue we hope to improve the content filtering. Vanadium to Chromium is what GrapheneOS is to AOSP. Brave is solid as a browser but I cannot make a result on their services as I refuse to use them.