FIREFOX LEAKING BROWSING HISTORY?!

TarBall

When trying out Brave, I found that you can import browsing history, passwords, etc., from Firefox to Brave.
I press the button out of curiosity, and surprisingly, NO AUTHENTICATION is required. My browsing history was just sent to Brave like that. No confirmation from Firefox, no confirmation from MacOS, just like that. So that means that ALL OTHER APPS can access my browsing information without me knowing. This is terrifying, so I am now back to Safari, where data is protected at the OS level. Am I right?

MyBlood

TarBall interesting question. I would like to hear opinions about it

Asparagus3929

Firefox history is stored in your local files, as an unencrypted SQLite database. Most browsers do the same, so yes, an application that has access to your local files can read the database that contains Firefox's history (and many other things like cookies, or data from other apps.

In my opinion, the problem is not a Firefox problem, but a storage isolation problem. Most of the applications we run on our computer are not isolated at all and therefore have very wide access to the system, unlike Android for example, where everything is isolated by default (and the applications need permissions to access personal data).

This comes from the very design of the operating systems, but this is changing. For example, UWP apps on Windows (most apps from the Store) requires declaring data they access. On Linux, both Flatpak and Snap allow isolating applications in containers and control their access (with Flatseal for example). Some distributions go even further, like Fedora Silverblue, which is an immutable os where everything runs in a container.

This transition will take time, but isolation is the best way to ensure the security of our data.