Browser Comparison Table
All of the available browsers have each of their own faults as documented in the table below.
While DivestOS includes a Gecko based browser for privacy reasons, Chromium based browsers have many security advantages. It is up to the user to choose their preference.
Fennec based browsers should not be considered for use, as upstream no longer receives security updates. Please use a Fenix based browser instead.
Fennec F-Droid is Fenix based, not Fennec based despite its name.
Both lists are sorted by order of recommendation, closer to the top the more we'd recommend.
For more detailed privacy related technical information please reference the PrivacyTests website.
Extra reading on mobile browsers, an overview of fingerprint-resistance approaches, an in-depth security comparison of the leading engines, and a fun webcomic against the Chromium monoculture.
Release comparisons are also available for Firefox and Chromium.
Disclosure: Mull and Mulch, noted below, are projects of DivestOS.
Disclosure: DivestOS helps maintain `Fennec F-Droid` and has small contributions (commits) to Firefox, FOSS Browser, and Lightning.
Last updated: 2022/11/23
What is per-site process isolation?¶
Per-site process isolation is a powerful security feature that seeks to limit exposure of a malicious website/script abusing a security vulnerability.
Firefox calls per-site process isolation Fission and is enabled by default on desktop. Fission is not yet enabled by default on Android, and when manually enabled it results in a severely degraded/broken experience. Furthermore Firefox on Android does not take advantage of Android's isolatedProcess flag for completely sandboxing application services.
Standalone Chromium based browsers strictly isolate websites to their own process.
The lack of per-site process isolation means a successful exploit is likely able to gain more access (to other site data/browser settings/passwords) without needing a second exploit. It would still need an Android system/kernel exploit to further escape the system sandbox. It is an important hardening feature, but the browser isn't completely insecure without it assuming it is up-to-date and that you aren't on the receiving end of targeted/zero-day attacks. Furthermore (in Chromium) with isolated renderer processes there is still some inherent attack surface of the main process that can allow a single exploit, just like in Firefox.
What is per-site data isolation?¶
The goal of per-site data isolation is to prevent say a third party script from being able to store data and use that to track you across many websites, instead any data set will be keyed to the website it was set from. This concept is further detailed here.
Firefox calls per-site data isolation first party isolation (FPI) or enhanced tracking protection (ETP) strict/dynamic FPI. Focus enables dFPI by default. Fenix 111 and higher supports dFPI but ETP strict must be enabled by the user for it to be activated.
Chromium calls per-site data isolation (network) state partitioning.
Full Fledged Browsers
Gecko Based Browsers¶
Note: uBlock Origin is not included by default and must be installed by the user. No other extensions are recommended per the reasoning here.
Name | Free and Open Source | Per-Site Data Isolation (Privacy) | Per-Site Process Isolation (Security) | Fingerprinting Protection (Privacy) | Content Blocker (Privacy) | Maintained (Security) |
---|---|---|---|---|---|---|
Mull ★ | Yes: 1, 2 | Strong | No | Strong | Basic + uBlock Origin | Within a week |
Tor Browser ★ | Proprietary Libraries: 1, 2 | Strong | No | Strongest | uBlock Origin | Within a month |
Fennec F-Droid (Fenix) | Yes: 1, 2 | Strong (with ETP strict) | No | Very basic | Basic + uBlock Origin | Within a week |
Firefox | Proprietary Libraries | Strong (with ETP strict) | No | Very basic | Basic + uBlock Origin | Yes |
Firefox Focus/Klar | Proprietary Libraries | Strong | No | Very basic | Basic | Yes |
Iceraven | Proprietary Libraries: 1 | Basic | No | Very basic | Basic + uBlock Origin | Within two months |
Icecat (Fennec) | Yes | No | No | No | uBlock Origin | 4+ years behind |
Chromium Based Browsers¶
Name | Free and Open Source | Per-Site Data Isolation (Privacy) | Per-Site Process Isolation (Security) | Fingerprinting Protection (Privacy) | Content Blocker (Privacy) | Maintained (Security) |
---|---|---|---|---|---|---|
Brave | Proprietary Libraries: 1 | Strong | Strong | Strong | Strong | Yes |
Bromite | Yes: 1 | Strong | Strong | Basic | Basic | Within two months |
Mulch | Proprietary Libraries | Strong | Strong | No | No | Within a week |
Chromium | Proprietary Libraries | Basic | Strong | No | No | Yes |
WebView Browsers¶
These browsers must be combined with an up to date WebView provider to be secure.
If you are on stock/OEM version of Android or have Google Apps installed, you are likely using the Google/Chrome WebView with extra telemetry.
While WebView browsers utilize the Chromium WebView, they cannot offer any per-site process isolation.
Using any WebView-based browser is largely not recommended.
Name | Free and Open Source | Per-Site Data Isolation (Privacy) | Fingerprinting Protection (Privacy) | Content Blocker (Privacy) |
---|---|---|---|---|
Privacy Browser | Yes | Very basic | No | Basic |
FOSS Browser | Yes | Very basic | Very basic | Basic |
DuckDuckGo Browser | Yes | Very basic | No | Strong |
Lightning | Yes | Very basic | No | Basic |
Jelly | Yes | Very basic | No | No |