Feature #1050
closed
[SECURITY] Why not use Chrome render engine instead of WebView?
Added by divest os 12 months ago.
Updated 12 months ago.
Description
The #DivestOS is badmouthing your browser here:
"you are likely using the Google/Chrome WebView with extra telemetry"
"browser is largely not recommended as they are inherently limited due to the WebView merely being a widget for adding web content to an app and are not intended to create a full browser experience."
https://divestos.org/pages/browsers.html#webview
Personally I use Bromite but since it's outdated - I would try this browser if only it uses Chrome engine not webview.
And that page ranked FOSS browser higher than Privacy browser
because Privacy browser's "Fingerprinting Protection" is "No."??
- Status changed from New to Closed
I have discovered that most websites that pretend to understand security either don't or have ulterior motives. Hence, I don't pay much attention when they get things wrong. Rather, I just focus on building the best browser I can and assume that the internet's understanding will eventually catch up.
Regarding the general idea, Android's WebView is build from a subset of the codebase that builds Chromium. The full Chromium code has a lot more privacy-invading problems than WebView does, although neither is perfect, which is why I am going to release Privacy WebView in the 4.x series.
There is some further information on a tangential subject at https://www.stoutner.com/geckoview/.
Regarding the file access question, it is highly antiquated and not applicable as the entire ecosystem has move on (notice how it is talking about Android 4.2). But the short answer is yes, and the slightly longer answer is that, with the change to the Storage Access Framework, all access to files outside of Privacy Browser's private directory are handled by content:// URLs.
There is more information at https://www.stoutner.com/privacy-browser-3-7/.
Also available in: Atom
PDF