I wish the article would talk a bit more about security. Here's what the GrapheneOS project has to say about Firefox [1]:
> Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn't have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn't happening for their Android browser yet.
If you're someone who's taking GrapheneOS' thread model into account, a locked down native browser is definitely better.
Chrome has a whole bunch of cool security tricks that definitely outshine many other browsers, but I find it all rather inconsequential when the using Chrome leads to such a terrible, privacy-hostile experience.
I use Graphene OS and I like it a lot, but 1) I have the feeling that, with Android's Decree coming, they are counting their days left to live. Unfortunately they built an amazing OS on very shaky foundations, it's not their fault, it's the mobile OS ecosystem that sucks. And 2) They (or, better, their benevolent dictator) tend to be very silly when it comes to threat modeling, as in "my way is the only one that makes sense". Personally, I prefer to use a browser like Firefox that allows me to block every annoying ads and to customize my experience as I want, rather than a super-secure fully isolated browser like Vanadium that a) does not replace Chrome anyway for many websites that require strong attestations (e.g. Wise's verification works on GOS with Chrome but not with Vanadium), and b) it's still based on Chromium, so still built on shaky Google foundations. With Mozilla's questionable choices over time, I keep my fingers crossed for Ladybird or Servo, or similar.
True, but what are the alternatives? Bloated Brave? Bare Chromium without a proper adblock (I mean unlock of course)? Firefox is still the best browser there is, even with these flaws.
Imagine a browser where the user can actually read and edit the source code and compile it themselves, in seconds
How many users read the Firefox or Chrome/Chromium-based browser source code and compile it themselves
Not every use of the www requires a large, complex graphical web browser. It's useful to have browsers that are suited for non-commercial uses such as text retrieval
Firefox mobile was basically the only option I considered for a long time just because it lets you install Ublock origin . Not sure if other mobile browsers have that now too or not. I'm a firefox user on desktop anyway so I love having tab sharing between my phone and all my pcs. They also added a nice feature recently that optionally requires an additional login (fingerprint) to access private tabs. I have found no reason to switch.
I noticed google cloud console runs extremely slow (practically unusable) on Firefox Android while there're no issues with Chrome. No issues with any other site which I find strange.
I don't run Android anymore, but when I did (about two years ago) I uninstalled Firefox because, as far as I could tell, it didn't properly background tabs when the app was closed. I didn't realize this initially, so I was unsure why my battery life was terrible and my phone as always hot. Being able to install extensions was neat, but not worth it for killing my battery.
Suffice to say, I do not agree that it's the "best mobile browser" on Android.
I'm using Firefox mobile since it's release and haven't observed this issue. For years now I have so many not-closed tabs that FF just shows infinity sight instead of a number, so it's not that I'm limiting my browser use in any way. And I never force close any of my apps ever.
I did encounter memory leaks on my desktop Firefox and every single time it was a particular shitty site (for example the latest one is our corporate Jenkins). I suggest you check your sites, find and close the offender. Do you maybe use some fat portals like mail or chats in the browser? They may request OS to stay in memory to provide user a service of constant up to date communication.
My mobile Firefox consistently has an infinity icon instead of a true count of the tabs (presumably because there are so many. Likely hundreds) and I notice no slowdown or battery issues whatsoever
Yeah and your experience is 2 years out of date. Especially in recent months the firefox for android experience got better exponentially.
I am a tab hoarder (a few thousand open tabs) and 2 years ago firefox needed 15 seconds on a fresh start to load. It's instantanious now.
Firefox for android tried to force "inactive" tabs down my throat (I'm sure it helps, but no I don't want it. You can easily disable it in the tabs settings btw). Tabs that didn't get used for 2 weeks get put in an "inactive" state.
A few months ago switching to an open tab took a few seconds up to a minute. For a month or two it's now instantanious.
There are way more optimizations done and I can often tell right away when something got better or worse.
Suffice to say your "experience" is so much out of date it is not even funny. Comparing firefox 2 years ago today is a joke and firefox feels completely different (user interface and speed) and your comment only spreads FUD. Anybody reading this that hasn't tried firefox for android - give it a try!
I'm sorry, but I don't think you understand what "the app was closed" means. A lot of people think that all processing goes to the visible foreground app, but that hasn't been true since the late DOS era. Please learn what's what in the system you're using. Clearly it was running in the background because you onlly had another app or the home acreen open.
I've been using it for years and it is really great. I haven't had to open Chrome for a non-working website in quite a while. Adblock is really something -- you _really_ notice it if you have the misfortune of using a different browser.
The only equivalent to this for iOS is Orion by Kagi. I'm not sure how, but they've managed to avoid drawing apples ire while providing access to both Chrome and Firefox's plugin ecosystems.
I've been using Firefox on desktop for decades and really want to like it on mobile, but I just can't get used to the behavior of new tabs . After just a bit of browsing, it opens 10+ new tabs and there's no way to configure this differently. It's such a shame.
I’m often surprised how little people talk about the iOS Orion browser on here and it’s ability to let you use both Firefox and chrome extensions. I’ve been using it for a while now and it’s been great. It’s a little bit buggy sometimes, but nothing that would make me switch.
Maybe the plugin ecosystem can paper over some of the deficiencies, but Firefox is slowly taking away user agency and privacy in the name of simplification / whatever Chrome does.
The recent windmill against which I am tilting: Firefox no longer shows you the complete URL. Either in the address bar or long pressing a link. This is incredibly hostile to those of us with technical proficiency which can inspect a URL to see if it is a bad domain or embedding tracking information we would like to strip.
My other long standing annoyance is that on mobile, I can no longer protect cookies. Always keep the cookie to say my HN login, but allow me to bulk delete everything else. Instead, I am forced to manually go through the cookie page (like 10 at a time) and delete everything I do not want.
I am eccentric. Perhaps consequently, I am unable to understand how a conversation on the subject of Firefox as a mobile browser can exclude the inexplicable removal of about:config.
Yes, Nightly.
But I fear an example of incrementalism here, where it is brightly illustrated how the aperture into which we have the dongle of creeping suckage repeatedly inserted, lubricated by the existence (deterrent) of Chrome, continues to widen.
At the rate which options are disappearing (I think of gnome/gtk), when we excoriate the final and last one, a consummate advertisement platform will have been coded into our DNA, where we not just watch and listen to the perpetual groping of avarice, but feel it existentially.
Brave is my favorite, though I prefer Firefox on my laptops. Brave mobile: excellent ad-blocking, download videos for offline viewing. No tinkering needed to make it excellent. It’s excellent out of the box.
Mobile Firefox constantly gets bugged and stops rendering pages until you restart it. It also has issues with scrolling on some pages where it won't let you scroll sometimes. Github is notoriously bad, you can't read code if you can't scroll through the file. As a developer not being able to use Github is a deal breaker. The browser itself is also missing features like webgpu. While extentions are nice, the browser engine itself being this broken for years makes it a painful choice.
This is not applicable on iOS. The Firefox app remains a wrapper built on Apple’s WebKit engine rather than a fully native implementation. However, with the recent release of uBlock for iOS, Safari has become significantly more tolerable. I’ve tried many so‑called “browsers” (acknowledging they’re all essentially WebKit wrappers), but none match Safari’s energy efficiency or the seamlessness of its sync features.
TIL about UBlock on IOS. Is it good? I've just switched to IOS and have been trying the free version of 1Blocker but it wasn't removing stuff like pop ups.
NextDNS has proven effective for me on iOS. On mobile devices I have the app and my home router is configured to force all DNS requests to use NextDNS servers.
The browser with the best content blocking options is the best browser and at this moment that means Firefox ends up on top. Now that Mozilla is slow-walking towards doing ad-related things themselves I'm no longer running the branded versions but choose F-Droid's Fennec instead. If ever a browser with better content blocking shows up I'll give it a good look and might switch if it turns out to be at least on the same level as Firefox/Fennec.
That's telling for the state of the web but alas, that's where we are. You give them an inch (-high banner ad) and they'll take a mile (-wide page-covering all-encompassing data-slurping javascript monstrosity).
[+] [-] LucasOe|5 months ago|reply
> Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn't have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn't happening for their Android browser yet.
[1]: https://grapheneos.org/usage
[+] [-] jeroenhd|5 months ago|reply
Chrome has a whole bunch of cool security tricks that definitely outshine many other browsers, but I find it all rather inconsequential when the using Chrome leads to such a terrible, privacy-hostile experience.
[+] [-] lollobomb|5 months ago|reply
[+] [-] GeekyBear|5 months ago|reply
Government agencies have been recommending everyone use an ad blocker for years now.
[+] [-] attendant3446|5 months ago|reply
[+] [-] 1vuio0pswjnm7|5 months ago|reply
Links built from source on Termux does not use Gecko
Attack surface is smaller than GrapheneOS browser based on Google Chromium
https://web.archive.org/web/20250503001331if_/http://links.t...
No Javascript, no ads, no pixel tracking, etc.
Imagine a browser where the user can actually read and edit the source code and compile it themselves, in seconds
How many users read the Firefox or Chrome/Chromium-based browser source code and compile it themselves
Not every use of the www requires a large, complex graphical web browser. It's useful to have browsers that are suited for non-commercial uses such as text retrieval
[+] [-] jamienicol|5 months ago|reply
[+] [-] hxorr|5 months ago|reply
I like the browsing experience a lot but there are a few rough edges for sure.
[+] [-] mmmpetrichor|5 months ago|reply
[+] [-] randomNumber7|5 months ago|reply
Who is voluntarily browsing the internet without adblock?
[+] [-] sirfz|5 months ago|reply
[+] [-] EasyMark|5 months ago|reply
[+] [-] internet2000|5 months ago|reply
[+] [-] snielson|5 months ago|reply
[+] [-] neilv|5 months ago|reply
The article says simply "Ublock", but the screens show "uBlock Origin".
"uBlock" and "uBlock Origin" are two different projects.
"uBlock Origin" is the good one.
https://en.wikipedia.org/wiki/UBlock_Origin#uBlock
[+] [-] kelvinjps10|5 months ago|reply
[+] [-] tombert|5 months ago|reply
Suffice to say, I do not agree that it's the "best mobile browser" on Android.
[+] [-] Yizahi|5 months ago|reply
I did encounter memory leaks on my desktop Firefox and every single time it was a particular shitty site (for example the latest one is our corporate Jenkins). I suggest you check your sites, find and close the offender. Do you maybe use some fat portals like mail or chats in the browser? They may request OS to stay in memory to provide user a service of constant up to date communication.
[+] [-] jddj|5 months ago|reply
[+] [-] BlackLotus89|5 months ago|reply
[+] [-] rf15|5 months ago|reply
[+] [-] mmastrac|5 months ago|reply
[+] [-] ramon156|5 months ago|reply
I sometimes have to help my mother out with her chrome and I can't fathom how she can navigate anything
[+] [-] fny|5 months ago|reply
[+] [-] Nursie|5 months ago|reply
[+] [-] arunc|5 months ago|reply
[+] [-] bikelang|5 months ago|reply
[+] [-] glimshe|5 months ago|reply
[+] [-] tombert|5 months ago|reply
[+] [-] doodoowy|5 months ago|reply
[+] [-] brtv|5 months ago|reply
[+] [-] dogman123|5 months ago|reply
[+] [-] 3eb7988a1663|5 months ago|reply
The recent windmill against which I am tilting: Firefox no longer shows you the complete URL. Either in the address bar or long pressing a link. This is incredibly hostile to those of us with technical proficiency which can inspect a URL to see if it is a bad domain or embedding tracking information we would like to strip.
My other long standing annoyance is that on mobile, I can no longer protect cookies. Always keep the cookie to say my HN login, but allow me to bulk delete everything else. Instead, I am forced to manually go through the cookie page (like 10 at a time) and delete everything I do not want.
[+] [-] 26thCreator|5 months ago|reply
[+] [-] eth0up|5 months ago|reply
Yes, Nightly.
But I fear an example of incrementalism here, where it is brightly illustrated how the aperture into which we have the dongle of creeping suckage repeatedly inserted, lubricated by the existence (deterrent) of Chrome, continues to widen.
At the rate which options are disappearing (I think of gnome/gtk), when we excoriate the final and last one, a consummate advertisement platform will have been coded into our DNA, where we not just watch and listen to the perpetual groping of avarice, but feel it existentially.
[+] [-] christophilus|5 months ago|reply
[+] [-] charcircuit|5 months ago|reply
[+] [-] mrbonner|5 months ago|reply
[+] [-] CapitaineToinon|5 months ago|reply
[+] [-] comprev|5 months ago|reply
[+] [-] raw_anon_1111|5 months ago|reply
[+] [-] linuxhansl|5 months ago|reply
[+] [-] hagbard_c|5 months ago|reply
That's telling for the state of the web but alas, that's where we are. You give them an inch (-high banner ad) and they'll take a mile (-wide page-covering all-encompassing data-slurping javascript monstrosity).
[+] [-] cubefox|5 months ago|reply
- Dark Reader (force dark mode on websites that don't have it, like Hacker News)
- Unhook (remove various addictive or annoying elements from YouTube.com)
[+] [-] baal80spam|5 months ago|reply