After trying different browsers on android I found Privacy Browser to be what I need. It have encrypted backups,Domain settings,jsless by default,Deleting all site data and Most usable UI. Only issue is It is based on webview and I am using system default webview as my device is nonrooted so how secure is to go this way?
From https://divestos.org/pages/browsers : While WebView browsers utilize the Chromium WebView, they cannot offer any per-site process isolation. Using any WebView-based browser is largely not recommended as they are inherently limited due to the WebView merely being a widget for adding web content to an app and are not intended to create a full browser experience. TLDR: Don’t use WebView browsers.
I have readed it earliar but do not see any much efficient alternative. Encrypted backup,nice interface to manage domains and simple ui
Well, your original question in the OP was “how secure is to go this way?” You’ve been given a similar answer of “not very and not recommended” by multiple people. Starting to sound like you just want assurance and will continue to use your current setup.
Sorry for that behaviour and thanks for bigBro advice. I think I should switch to cromite as it give per site isolation. Btw Ff/cromite?
To me fluff doesn’t mean much if the browser is insecure. But you do you.
what do you mean by secure, as far as “is it safe to use this browser” then yes, webview is reasonably secure, it’s still running chrome. you have all of the security benefits and everything else, wont have to worry too much about malware or anything else. however if you mean by private then well, it’s chrome. everything that sketches people out about chrome is all there too
So will it send tracking info to google?
Hmm
It is basically chrome, I use Mulch System Webview
Everyone’s debating the merits of WebView but I find a browser made by CoinBase, Inc who operates a crypto platform advertising 8% APY to be way more dubious than the battle-tested Chromium browser engine.
Link for browser as I cant find it
Link for browser? You’re the one that says you’re using the app Privacy Browser!
If you mean about the 8% APY thing you can find it like so:
https://play.google.com/store/apps/details?id=com.coincircle
I am saying Privacy browser not private browser
Ah I see. My bad! That looks much more reasonable, some cool features.
Webview is whatever version of Chrome you have installed, so not very.
That depends on the ROM/OS. Granted, we’re in the Android community, but GrapheneOS uses a hardened rendering engine, and never Chrome’s/Android’s even if you install them both from the Play Store:
WebView-based browsers use the hardened Vanadium rendering engine, but they can’t offer as much privacy and control due to being limited to the capabilities supported by the WebView widget. For example, they can’t provide a setting for toggling sensors access because the feature is fairly new and the WebView WebSettings API doesn’t yet include support for it as it does for JavaScript, location, cookies, DOM storage and other older features. For sensors, the Sensors app permission added by GrapheneOS can be toggled off for the browser app as a whole instead. The WebView sandbox also currently runs every instance within the same sandbox and doesn’t support site isolation.
Can you install an alternative webview if you have root/magisk?
Yes you can, DivestOS has one, Bromite (no longer maintained) previously did.
Out of curiosity, why would you want to?
I honestly don’t know as rooting and magisk go against the principles of a secure OS that GrapheneOS strives for. At that point, it is no longer GrapheneOS but GrapheneOS-derived, and the devs will not offer support… rightfully so, in my opinion.
Is it possible? I assume it is, but probably very difficult. Has someone gone through the effort to do so? Doubtful as that goes again the target audience of GrapheneOS users.
deleted by creator
This mentality of Google = bad and FOSS = good and secure is harmful.
nah, there are legitimate concerns around chrome’s privacy stuff, a lot of people would be fine if they could run cromite or one of the privacy centric forks. the main issue is that vendors for some reason lock down webview to the google play store provider. I presume this is due to some false security notion around a bad webview being installed. but that would be a lot of steps so…
Android system webview is a different app and chrome is removed from my current user?
Sure thing. 👍
What sure
It’s still Chrome and it’s only technically a different app unless you’ve rooted your phone to replace it.
Got it