I am currently doing a deep dive into whether or not Chromium is more secure than Firefox, and I will make a very long and comprehensive Lemmy post outlining my findings with specific sources. I expected this to take a few days, maybe a week, but after finding out many of the claims for both sides give no real sources, I expect this to take a month or longer. I will be reaching out to multiple first-party sources (Mozilla, GrapheneOS, etc.) to get their detailed statements on the matter. I want to provide something that actually covers the full picture of the issue with up to date sources, to hopefully put this to rest for anyone who doesn't want to do the research.
I'm making this post in case anyone wants to provide any extra resources they have about the issue. Do not fight about this issue in the comments, save that until after I am able to release my work. I'm tired of the constant back and forth about this with little to no direct sources. This means that my other project, Open Source Everything, will be put on pause. The FAQ section of that very project is what sparked this, because I realized the issue was far more complex than I outlined in there. (Don't trust the information in the FAQ just yet: it is still in the works.)
As always, don't just give blind support to this just because I am making promises, but if you feel your support is needed then by all means go for it.
If any of you want me to turn this post into an update log, let me know and I will.
Beyond technicalities, there are social and political issues. Is it secure for the long term of humankind to use a browser which is one of the tentacles of one of the biggest conpanies in the world, which monopolizes the internet and relies on selling private people's data?
Let me save you a lot of time and effort:
- No, it isn't.
Your findings will either be an incredibly lengthy wording of that, or they will simply be wrong. It's not a complex question.
first off, I have serious doubts that any one dude - or even a group of those for that matter - can ascertain the security of such a complex system; a browser is essentially an operating system, with all the layers and complexities that entails.
even if you're somewhat successful in such an endeavor, I don't really care if it potentially is. chromium comes from those shitmakers and I'm not willingly using anything they had their nasty fingers in. they threw one shovel of shit too many on the heap and they are now forever on my ignore list. if that means that I don't get to access certain domains, sites, and/or apps - so be it, I'll make do without.
Are you a single person or a group of people? Do you have any credentials that you'd like to share that might give some context to your research?
Where is the quote in your bio from?
When you start studying a topic like this, you need to define some terms clearly. For example, if hackers grab your passwords, is that a breach in privacy, security or both? If Google is stalking you and knows your every move, desire and plan, what does that violate?
Once you have clear definitions for these things, it would be more helpful to see how different browsers compare on this scale.
I agree, and this is no easy task. For now, I am hoping I can gather information and let some of the pieces fall together before I can begin making hard decisions.
You are probably already aware of this, but it is worth noting that categorisation needn't have hard boundaries, e.g. Lack of Privacy may not translate to lack of Security for everyone, but for example, a whistleblower, that can literally mean getting Boing'd
This may be a useful starting point. A few years old now but well researched and referenced.
Ultimately, in terms of security, you're likely to find that both are similarly good.
What makes Firefox desirable over Chrome is that it's not beng developed by massive corporation that gets the majority of its profits selling user data and delivering targeted adverts.
The other thing that may act as a deciding factor is the "MacOS doesn't have viruses" effect. Wherein that because firefox has such a small userbase in comparison to chromium, it's far more profitable to find exploits in chromium.
What makes Firefox desirable over Chrome is that it’s not beng developed by massive corporation that gets the majority of its profits selling user data and delivering targeted adverts.
This is a separate issue of being able to trust developers, which is not being covered here. Projects like ungoogled-chromium exist, after all. I will be inspecting the software as a whole, and not any future interference that may happen.
So you're taking the best aspects of any fork you can find? Trust in the developers is an essential part of the question.
If a piece of software passes every audit in the whole world, but is developed and maintained by the NSA, you'd be stupid to leave your data with it.
It would be no suprise if chromium is more secure but Firefox is more private.
AFAIK, the main difference is that Firefox's process isolation on Linux specifically is incomplete. They're working on fixing that.
This is allegedly also true for Firefox on Android, which I will be investigating in this topic.
Doesn't chromium get security updates like every week? Firefox just got one but it was a while before that.
