I am currently doing a deep dive into whether or not Chromium is more secure than Firefox, and I will make a very long and comprehensive Lemmy post outlining my findings with specific sources. I expected this to take a few days, maybe a week, but after finding out many of the claims for both sides give no real sources, I expect this to take a month or longer. I will be reaching out to multiple first-party sources (Mozilla, GrapheneOS, etc.) to get their detailed statements on the matter. I want to provide something that actually covers the full picture of the issue with up to date sources, to hopefully put this to rest for anyone who doesn’t want to do the research.

I’m making this post in case anyone wants to provide any extra resources they have about the issue. Do not fight about this issue in the comments, save that until after I am able to release my work. I’m tired of the constant back and forth about this with little to no direct sources. This means that my other project, Open Source Everything, will be put on pause. The FAQ section of that very project is what sparked this, because I realized the issue was far more complex than I outlined in there. (Don’t trust the information in the FAQ just yet: it is still in the works.)

As always, don’t just give blind support to this just because I am making promises, but if you feel your support is needed then by all means go for it.

If any of you want me to turn this post into an update log, let me know and I will.

  • Godort@lemm.ee
    link
    fedilink
    arrow-up
    70
    arrow-down
    2
    ·
    1 month ago

    Ultimately, in terms of security, you’re likely to find that both are similarly good.

    What makes Firefox desirable over Chrome is that it’s not beng developed by massive corporation that gets the majority of its profits selling user data and delivering targeted adverts.

    The other thing that may act as a deciding factor is the “MacOS doesn’t have viruses” effect. Wherein that because firefox has such a small userbase in comparison to chromium, it’s far more profitable to find exploits in chromium.

    • The 8232 Project@lemmy.mlOP
      link
      fedilink
      arrow-up
      24
      arrow-down
      5
      ·
      1 month ago

      What makes Firefox desirable over Chrome is that it’s not beng developed by massive corporation that gets the majority of its profits selling user data and delivering targeted adverts.

      This is a separate issue of being able to trust developers, which is not being covered here. Projects like ungoogled-chromium exist, after all. I will be inspecting the software as a whole, and not any future interference that may happen.

      • bisby@lemmy.world
        link
        fedilink
        English
        arrow-up
        26
        arrow-down
        2
        ·
        1 month ago

        It isn’t just about ungoogling things though. Having a monoculture in the browser space means that if Google makes a push to favor ads, say by removing certain extension support from their browser engine that everyone uses, then the entire internet suffers. It is effectively a monopoly.

        Mozilla tries really hard sometimes to be unappealing, but there is value in not just letting Google have full control over the internet.

        • brrt@sh.itjust.works
          link
          fedilink
          arrow-up
          2
          arrow-down
          8
          ·
          1 month ago

          So you are saying this should make Firefox exempt from scrutiny when it comes to how its security compares to that of Chromium?

              • BluescreenOfDeath@lemmy.world
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 month ago

                I don’t think anyone is advocating for turning a blind eye to Mozilla. I think the argument being made is that a monoculture for browsers is a concern that can outweigh some blunders Mozilla makes.

                I’m old enough to remember what a shit show ActiveX was for web security.

    • ForgotAboutDre@lemmy.world
      link
      fedilink
      arrow-up
      18
      arrow-down
      2
      ·
      1 month ago

      Chrome excites arbitrary code from google.com (this wasn’t something widely known until recently and appears to effect all the chromium downstream browsers). This sort of back door and the design approach that made google do this means you can never really trust Chrome. The same issue with Firefox would be a bug, in chrome it’s a feature.

      • floofloof@lemmy.ca
        link
        fedilink
        English
        arrow-up
        12
        ·
        1 month ago

        Chrome excites arbitrary code from google.com (this wasn’t something widely known until recently and appears to effect all the chromium downstream browsers).

        I hadn’t heard about that. Can you link me to some info about it?

        • ForgotAboutDre@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          2
          ·
          1 month ago

          No it doesn’t, or at least it didn’t for years if that has changed recently.

          No one that knew about this was talking about it or doing anything about it.

          The reality of the situation is only three organisations are capable of producing fully fledged browsers. Google, Apple and Firefox. Every variant, spin and de-whatever is nothing compared to developing a browser. All the chrome derivatives had this in them, arbitrarily execution of code from google. Code that wasn’t included in the binary when you downloaded or updated it. The sort of thing a virus would do. The sort of tool you would use to compromise the security of a system.

          If you want a de-googled chrome the only option is safari, it’s chrome before google got its hands on it. If you want properly open and accessible browsers you need to use something else entirely like Firefox.

          De-googled chrome is a myth.

    • galileopie@lemmy.ml
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      7
      ·
      1 month ago

      It would be no suprise if chromium is more secure but Firefox is more private.

    • 0x0
      link
      fedilink
      arrow-up
      1
      arrow-down
      2
      ·
      1 month ago

      it’s not beng developed by massive corporation that gets the majority of its profits selling user data and delivering targeted adverts.

      No but it’s largely funded by one, now has “ad technology” and i wouldn’t be surprised if it gets bought by Google sooner or later.

      A fork in the horizon…