Most Secure and Private Browser for Mobile | Vanadium

published 2023-01-02 · updated 2023-01-02 #browser #privacy #grapheneos
Good privacy starts with great security. Vanadium, a Chromium-based browser, offers the best sandbox implementation among the competition.

Transcript

Please excuse any grammatical errors. I used a tool to generate the transcript and haven't had a chance to read through it yet.

If you've been following my channel for any length of time, then you know that I use graphene OS on my mobile device. My browser of choice is the one that's bundled with it, which has vanadium. In addition to being bundled with the OS, there are a few other reasons I really like it, which I'll cover in today's video on graphene OS vanadium is the user facing browser that's included with the OS and the provider of web view, which is used by other apps to render content. Now you might be asking what is what view. So as an example, let's take a look at mastodon. Now there's a post on Mastodon with a link included with it. And I selected, we can see that the page was opened, but I wasn't actually taken outside of the Mastadon app to my web browser. Instead, the app displayed the link using web view. So even though you might not think you're using vanadium, if we select the three dots in the upper right-hand corner, we can see at the bottom running in vanadium. So, that's what web view is, as the name implies, that lets you view the web vanadium is a chromium-based browser, which means it provides the strongest sandbox implementation available for browsers at this time. Among other security features like exploit protection and site isolation. Vanadium actually improves upon these features, so you get even more protection as compared to using the standard Chrome browser.

Another important feature is that by default, JavaScript JIT is disabled. I'm pretty sure it's pronounced a JIT and not J. It just like iOS is not ios. But I could be wrong. While JIT is meant to improve performance on load times, it also increases your vulnerability to browser-based exploits. And an article by Microsoft, they noted that looking at CVE data after 2019 shows that roughly 45% of the CVE issued for V eight, which is Chrome's JavaScript engine, were related to the JIT engine. So blocking JIT by default means that you greatly reduce your vulnerability to browser-based exploits. I hope to go into more detail in the future on topics like sandboxing, JIT and exploit mitigation. When I figured out a decent way to explain and demonstrate them, there was one feature I wish this browser had, and that is a built in ad blocker. The section on graphene os.org that discusses web browsing does mention that they have plans in the near future to add content filtering. Luckily, there are still two popular ways to block ads. The first is if you use a VPN, typically they have an option for ad blocking. This is done via DNS where they filter out any known ad domains. It's not great, but it works. Another similar method, which uses the same DNS filtering technique is using the secure DNS option and vanadium and specifying a DNS server that filters ads, one that I like to use as the mullvad ad blocking DNS server, research any recommendations before blindly trusting a YouTube stranger? It's what I like to use, but it might not be the best for you.

Besides adding the custom DNS server, there's a couple other changes that I like to make under passwords. I don't use medium for passwords, so I disabled that. Same under Payment Methods addresses, disable that as well. Under privacy and security. I disable autocomplete searches and URLs I've mentioned in the past, but I don't like autocomplete in my browsers, I only want my data to be sent when I click Submit, I enable open External links and incognito. I like this feature. Let's say your friend sends you a link and you click it. Instead of that link being opened in a normal tab. It's now opened in an incognito tab, I leave Do Not Track enabled because it's enabled by default, disabling it would just set you apart from the others using the default settings. And then the last option I change if we go back, I turn off the homepage. This is just personal preference. And then one other tip that I see some people have questions on it. Let's say you want to use a different search engine such as start page, you don't see it in the list here. What you need to do is first go to start page.com Once you get there, if you click Set as Default the instructions explain the steps, but what you need to do is go into the Start Page Settings, Settings. Scroll down to the section labeled HTTP request method. Change that to get save your settings confirm and now if we make a search and go back into our browser settings search engine. We now see recently visited start page we can select that and now when we run a search, we can see that start page is used by default.

If you use vanadium or thinking about using vanadium, check out the web browsing section on graphene os.org. It has a lot of great information