Mastodawn

WebRTC is a peer-to-peer communications protocol for web sites and therefore causes numerous privacy issues through making direct connections between participants. By default our Vanadium browser disables the peer-to-peer aspect by only using server-based (proxied) connections.

Show thread

GrapheneOS Jun 3

Vanadium provides a user-facing setting at Privacy and security > WebRTC IP handling policy.

From least to most strict:

Default
Default public and private interfaces
Default public interface only
Disable non-proxied UDP

For Vanadium, "Disabled non-proxied UDP" is the default.

Show thread

GrapheneOS Jun 3

The tracking technique described at https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/ is prevented by Vanadium's default "Disabled non-proxied UDP" value. It's also prevented by "Default public interface only", which does permit peer-to-peer connections but won't try to use the loopback interface for it.

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

Abuse allows Meta and Yandex to attach persistent identifiers to detailed browsing histories.

Ars Technica

Show thread

GrapheneOS Jun 3

We have a list of most of the features provided by Vanadium at https://grapheneos.org/features#vanadium. There are dozens of additional privacy and security features planned along with data import/export and improved support for system backups. It takes time to implement these things properly.

GrapheneOS features overview

Overview of GrapheneOS features differentiating it from the Android Open Source Project (AOSP).

GrapheneOS

Show thread

lusca

@GrapheneOS Data import/export (particularly bookmarks) is a feature I am eagerly awaiting. Managing hundreds or thousands of bookmarks without a way to export them is not good.