Replying to Avatar final [GrapheneOS] 📱👁️‍🗨️

For the people wishing to see on Nostr the features #GrapheneOS Vanadium browser has:

- Type-based Control Flow Integrity enabled

- Hardware memory tagging (MTE) enabled for the main allocator

- Strict site isolation and sandboxed iframes

- JavaScript JIT disabled by default with per-site override option

- Native Android autofill implementation to avoid needing sandboxed Google Play for autofill support

- WebGPU disabled for attack surface reduction

- WebRTC IP handling policy toggle to control peer-to-peer WebRTC mode

- Compiler hardening: automatic variable initialization, strong stack protector, well defined signed overflow

- High performance content filtering engine using EasyList + EasyPrivacy with a per-site override option

- More complete state partitioning without origin trial opt-out

- High entropy client hints replaced with the frozen user agent values to avoid leaking device/OS info

- Battery API always shows the battery as charging and at 100% capacity

- Trivial subdomain hiding disabled

- Consistent browser behavior across users without usage of feature flags and seed-based trials

- Nearly all remote services disabled by default or removed. Only connects to GrapheneOS servers by default. There are only 2 default services: component updates such as certificate authority and certificate revocation updates and DNS-over-HTTPS connectivity checks when enabled

- Web search and global search intents to replace the need for an OS search app

- Option to always open links from other apps, custom tabs and search intents in Incognito mode

Better default settings, including non-user-facing flags:

- Reduce Accept-Language header by default (only available via chrome://flags)

- Third party cookies disabled by default

- Payment support disabled by default

- Website background sync disabled by default

- Sensors access disabled by default

- Protected media (DRM) disabled by default

- Hyperlink auditing disabled by default

- Do Not Track enabled by default mainly to avoid users differentiating themselves from others by enabling it since it has no real value

- WebRTC IP handling policy set to the most private value by default instead of the least private value (turned into a user-facing option by Vanadium)

nostr:nevent1qqstu7eafcpguaqfplrvh88vu5ked4ke6kcxh7svrllastrdh9vgnnspz3mhxue69uhkummnw3ezummcw3ezuer9wcpzps26tfjesmn6ksf5mm36hpf9fkjut49sfeutfutvs2phrykn25v9qvzqqqqqqyyjcwrn

Avatar
Adarnit 1y ago

What are the chances that Vanadium could be ported over to non #GrapheneOS devices? And if not, what are they reasons it can't be done?

Reply to this note

Please Login to reply.

Discussion

Avatar
final [GrapheneOS] 📱👁️‍🗨️ 1y ago

Vanadium hasn't been developed for other OSes in mind currently, it directly inherits the security enhancements from GrapheneOS like production MTE support and more rather than adding it's own inside Vanadium. MTE is currently exclusive to GrapheneOS since the stock Pixel OS only provides it as a development option with major caveats and Vanadium is the only browser incorporating it in production.

Even for platforms without MTE like other devices not Pixel 8 and later, having Vanadium elsewhere would be downgrade in comparison to Vanadium on GrapheneOS. Vanadium needs more before it could be positively received elsewhere.