Advice Request Choose your browser carefully

Please provide comments and solutions that are helpful to the author of this topic.

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
This article isn't specifically about privacy issues only, it's about promises that are being broken, which might be about privacy. It is also about the lack of user freedom, as in the choice to enable or disable features, such as automatic updates, or forced usage of third party services, or software that the user generally is unaware of or don't have a say about.

Privacy as a subject regarding the usage of services on the Internet is a very difficult subject to deal with. Not only can it be difficult to actually define privacy, but it also requires a balance between freedom of choice by the users, security and usability. Naturally you need to be able to use the browser on the Internet and as such you will always leave some kind of trail behind, and this article is not about how you can hide your tracks. What I am addressing in this article are browsers that are either promoted as "privacy-respecting" by the developers, or in general are considered to be so (mostly due to misunderstanding or misinformation), while it is very clear they are not.

Some browsers either directly violate users by collecting telemetric data without consent, or you have to opt-out rather than opt-in, or they bounce around the Internet visiting places in the background without you knowing (using dns-prefetch or automatic updates etc.), using third party services that operates with a privacy policy you either cannot trust, or that are directly violating your privacy, or they have integrated third party software that do some of these things.

I will try to keep this article updated with relevant information as much as possible. I know several other browsers exist, but if they are not mentioned on this list I have either not had a change to investigate them, they are closed source and completely irrelevant (such as Microsoft Edge or Opera), or they are not actively maintained, or they cannot perhaps be trusted for some reason or another.

Please note that I have not considered each browsers resistance to fingerprinting in this article as that is something you can tweak yourself in various ways. With the exception of Librewolf and the Tor Browser, none of the other browsers does anything relevant to protect you against fingerprinting.

I will also not be looking at browsers that only work on Microsoft Windows or macOS, even if they are Open Source. Both Microsoft Windows and macOS are highly controversial and completely untrustworthy operating systems.

Also please note that just because the developers of a browser are promising that their browser is privacy-respecting doesn't mean that you can trust the information. As you will see with the examples of some of the browsers below even developers some times compromise user privacy perhaps without even thinking about it.

I also want to make a strong advice to people recommending browsers to other people without investigation or knowledge. The privacy related channel on Reddit is filled with wrong recommendations regarding privacy-respecting browsers and many people are merely guessing or blindly trusting the information the browser producers are publishing. Neither Mozilla Firefox, Google Chrome or Chromium, Brave, Waterfox, or several of the other recommended browsers truly respect privacy. They all do some form of telemetry and/or privacy-compromising actions without the user consenting to it or even knowing about it.

Also, privacy doesn't mean that you simply pull out telemetry from Firefox, rebrand it, and then ship it. Privacy is more than that. Unless the browser is automatically checking for an updated version, and the website isn't logging that request, it cannot be considered truly private if the browser starts bouncing around on the Internet visiting all kinds of places without the user has done anything more than open the browser up! Every time the browser makes a DNS request, that DNS request is in most cases logged unless the user actively does something to mitigate that - such as using a trusted VPN or non-logging DNS service etc. Furthermore, the Mozilla add-on CDN is logging user activity, as is Amazon Cloudfront, so if the browser visits these places without the user explicitly pushes a "check for updates" option, the browser is compromising user privacy. The point I'm trying to make is that the user needs to have the choice and that nothing happens until the user actively do something.
This is a very long article so read below for more


Privacy compromising browsers
  • Mozilla Firefox
  • Google Chrome and Chromium
  • Brave
  • Palemoon
  • Waterfox
  • GNOME Web (Epiphany) and Eolie
  • Midori
  • Librewolf
  • Other problematic browsers
Privacy respecting browsers
  • Tweaking Firefox - the best solution
  • Controlling Firefox's DNS over HTTPS
  • Blocking DoH via a firewall
  • Falkon
  • qutebrowser
  • GNU IceCat
  • ungoogled-chromium
  • Tor Browser
  • Other okay browsers
Recommended extensions
  • uBlock Origin
 
Last edited:

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
The niche browsers are nice to play with, you get an interesting user agent which can be handy, but they are not fit for daily use. Today everything is in the browser, so speed of security updates and bug fixes are paramount. Until MV3 becomes standard across browsers I think Edge/Chrome/Firefox/Brave/Vivaldi with uBlock Origin or AdBlock is the way to go. Security wise they are all pretty good with patches/bug fixes, but privacy wise your milage may vary.
 

Orchid

Level 1
Jan 27, 2023
43
@HarborFront, Nice find. I have always wondered what was the best privacy-respecting browser out there. Some of which I have never heard of before except GNU IceCat and ungoogled-chromium. I've tried both of these, and based on my research: GNU IceCat is unusable, all webpages would not load, and the browser would crash. Ungoogled-chromium working without issues, despite some inconveniences of installing extensions into the browser, which I have resolved.
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Regarding LW

Quote from article

I am sorry, but this is just not good enough.

Of course we need to keep our block lists and what not updated, but the problem is that the user isn't provided with a choice. Not all users want these things fetched automatically, sometimes for good reasons (e.g. a temporary failure in a VPN connection that reveals the true IP address - and thereby the location - of the user).

All update features needs to be opt-in only and not something that is enabled by default if Librewolf is to be regarded as truly privacy respecting.

The best solution is still to tweak firefox with Arkenfox user.js because that will not only give you the same privacy as you get with Librewolf, but you also get to disable any automatic outgoing connections and a ton more.

Furthermore, Librewolf is usually behind with security updates - which is not ideal. When you choose to run with a tweaked version of Firefox, you not only get the best privacy, but you also get timely updates.

Unquote

In LW you can enable/disable update add-ons automatically

1679057853570.png




And as for late LW updates. Which fork is not behind its updates? LW, UG, Brave, Edge etc?
 

Attachments

  • 1679057812398.png
    1679057812398.png
    2.3 MB · Views: 113
Last edited:
  • Like
Reactions: vtqhtr413

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Another summary write-up of browsers
Thanks for this. I had some bad experiences with brave, they are abusing their shield, it pretends to be disabled, yet it is still enabled.
But after reading this, I am done with their search. I will keep Brave for youtube, since they are as bad as google itself, but that is it.
 
  • Like
Reactions: HarborFront

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
Interesting read HarborFront. Thanks.

Though neither of my browsers were mentioned, Safari or DuckDuckGo, his review of ProtonMail in his email equivalent article was very interesting.

Nothing to stop me from using it and a little out of date but quite revealing.

Cheers.
 
  • Like
Reactions: HarborFront

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Downloading Android apps from sources outside the Google Play store is taboo to many, so use your best judgment
Google Play Store itself is unsafe even with its Play Protect

I have been sideloading apps from

F-Droid
Droid-ify
Apkmirror
Apkpure

without issues so far. Choose your apps carefully. Your android AV should detect and block the malicious app either during download or during install
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top