12bytes: Note that Firefox sandboxing was strengthened in version 99.
Firefox is sometimes recommended as a supposedly more secure browser because of its parent company's privacy practices. This article explains why this notion is not true and enumerates a number of security weaknesses in Firefox's security model when compared to Chromium. In particular, it covers the less granular process model, weaker sandboxing and lack of modern exploit mitigations. It is important to decouple privacy from security — this article does not attempt to compare the privacy practices of each browser but rather their resistance to exploitation.
12bytes: I don't think there's much of an argument regarding privacy. Google loses, plain and simple, and it is my understanding that no amount of Google Chrome (or Chromium) tweaking can circumvent some of the risks in the privacy department. The security problems are worrying however, especially for us Linux users, though it must be considered that the exploits mentioned seem to depend on having JavaScript enabled globally which is perhaps the biggest no-no both privacy and security wise, regardless of what browser one chooses. It is also unknown how browser configuration may play into the exploits mentioned in the article. For example, does enabling network partitioning/dFPI mitigate any of this?
I tend to doubt the situation with browser development concerning security, regardless of the brand, will get any better. I think the problem here is the web itself and the pace at which it is developing, or devolving, depending on your POV. Things were so much simpler in the days of HTML and CSS, however Big Tech, being the collection of ethic-less woke idiots it is at the upper levels, has bloated the web with often unneeded and unwanted technologies and JavaScript and 3rd party fonts and dependencies on Content Delivery Networks and libraries and frameworks and the problem keeps getting bigger and bigger. Many of us see the problem of turning the web into a collection of trendy so-called "apps", but corporations simply don't care and the web developers that work for them seem to be largely poorly educated cookie cut-outs with a degree and a lust for shiny things.
Certainly there needs to be more real competition in the browser market beyond configuration files and forks but the problem, because of what the web has become, is that a web browser has to deal with whatever garbage is thrown at it and this requires a massively complex beast with 10's of millions of lines of code, much of it potentially exploitable. I don't think such an undertaking is doable with a small team, hence why i do not recommend Waterfox, Pale Moon, etc.. As such i think it's entirely possible that all future browsers will be delivered by large corporations which, like Mozilla, don't seem to give much of a crap about privacy at the corporate level. While the story is perhaps significantly different at the developer level, for now, i think we can all see a potential train wreck at the end of the tunnel.
As for me, i'm willing to roll the dice and stick with Firefox (and the 'arkenfox' user.js and my custom tweaks) for the time being, regardless of my disdain for the woke clowns which have infected Mozilla.
more...