SECURITY: Complete oldschool's config 2021

Last updated
Oct 8, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS edition
Pro
Login security
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Local account
Primary user
Standard user - Limited permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Third-party router
Real-time protection
Microsoft Defender
VoodooShield Pro
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
ConfigureDefender @ Default +
VoodooShield | Smart Mode | Aggressive
Malware testing
No malware samples
Periodic security scanners
EEK
HitmanPro Free
Secure DNS
Quad9 DOH
VPN
None
Password manager
Brain.exe
Little Black Book
Browsers, Search and Addons
Edge
strict tracking prevention
µBO hard mode
Brave search

Firefox
strict tracking | total cookie protection
µBO hard mode
Brave search
Privacy features enabled via settings
about:config tweaks for usability and privacy Firefox Privacy or: How I Learned to Stop Hardening and Love Strict Tracking Protection and
Yet Another Firefox Hardening Guide | Chris Xiao

Brave
Brave shields @ aggressive + per-site switches
Brave search
All internal privacy settings enabled
Maintenance and Cleaning
Windows built-in
Personal Files & Photos backup
External - Free Agent drive
Personal backup routine
Manual (maintained by self)
Device recovery & backup
Aoemi Backupper Pro
Restore points as needed
Device backup routine
Manual (maintained by self)
PC activity
  1. Browsing the web. 
  2. Emails. 
  3. Shopping. 
  4. Downloading software. 
  5. Multimedia. 
  6. Streaming. 
Computer specs
Lenovo l340 i3 8145U CPU @ 2.10 GHz 2.300 GHz 8GB DDR4 RAM 1 TB HDD
Personal changelog
7-1-21 Updated config as above
7-10-21 Switched out µBO & ClearURLs for Trace
7-13-21 Switched ClearURLs for Trace in Brave
7-16-21 Updated config as above - Edge as main browser
7-18-21 Brave uninstalled
7-21-21 Reverted to µBO as sole extension in browsers.
Updated Firefox search engines
Replaced Adguard DNS with Cloudfare DNS
8-24-21 Replaced µBO with Privacy Badger
8-28-21 Configured three browsers for compartmentalization
8.30.21 Back to µBO hard mode all three browsers
9.29.21 Back to Microsoft Defender and NextDNS
10.1.21 Added VoodooShield Pro
Feedback Response

General feedback

SecureKongo

Level 22
Verified
Feb 25, 2017
1,160
I'm now using Edge as my main browser because I'm tired of Brave devs not including or fixing some basic Chromium features, e.g. cookie exceptions that work. Also, I'm a bit tired of the feature bloat. Plus, I tested Trace in Brave and its etag filtering doesn't work which I attribute to the way Brave is built because it works fine in Edge. I guess love isn't always eternal! 🤔😀

Edit: Also using µBO in Easy Medium mode as suggested by @Lenny_Fox in both Edge and Firefox.
Didn't the Trace developer stop updating Trace? I am quite sure that someone said it's discontinued for now.
 
F

ForgottenSeer 85179

I'm now using Edge as my main browser because I'm tired of Brave devs not including or fixing some basic Chromium features, e.g. cookie exceptions that work. Also, I'm a bit tired of the feature bloat. Plus, I tested Trace in Brave and its etag filtering doesn't work which I attribute to the way Brave is built because it works fine in Edge. I guess love isn't always eternal! 🤔😀

Edit: Also using µBO in Easy Medium mode as suggested by @Lenny_Fox in both Edge and Firefox.
Welcome to the dark side.
we have Cookies 🍪
 

CyberTech

Level 36
Verified
Nov 10, 2017
2,501
I'm now using Edge as my main browser because I'm tired of Brave devs not including or fixing some basic Chromium features, e.g. cookie exceptions that work. Also, I'm a bit tired of the feature bloat. Plus, I tested Trace in Brave and its etag filtering doesn't work which I attribute to the way Brave is built because it works fine in Edge. I guess love isn't always eternal! 🤔😀

Edit: Also using µBO in Easy Medium mode as suggested by @Lenny_Fox in both Edge and Firefox.

If you have any problem with Edge or whatever that might happen so change to FF as main browser first ;)
 

silversurfer

Level 75
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,439
I'm now using Edge as my main browser because I'm tired of Brave devs not including or fixing some basic Chromium features, e.g. cookie exceptions that work. Also, I'm a bit tired of the feature bloat. Plus, I tested Trace in Brave and its etag filtering doesn't work which I attribute to the way Brave is built because it works fine in Edge. I guess love isn't always eternal! 🤔😀

Really, so we can never read again from you: "Stay safe and stay Brave" :LOL:

Seriously, Your decision is fully understandable, Edge works overall almost perfectly 👍
 
F

ForgottenSeer 85179

DuckDuckGo Tip:
https://safe.duckduckgo.com/ is DuckDuckGo with enforced strict mode.

You can add it as search engine too. Just change the path in search engine browser settings to this domain so the result is:
https://safe.duckduckgo.com/?q=%s
 

ErzCrz

Level 10
Verified
Aug 19, 2019
454
DuckDuckGo Tip:
https://safe.duckduckgo.com/ is DuckDuckGo with enforced strict mode.

You can add it as search engine too. Just change the path in search engine browser settings to this domain so the result is:
https://safe.duckduckgo.com/?q=%s
Nice tip! I'm trying to move over to DDG but still end up using Google but with all that consent nonsense with Google, it's making the switch easier.
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
@oldschool

When you delete history etc with firefox and chrome, the URL parameters tracking is a little hyped up. Even when you have set all privacy options to a minimum on your phone and your PC, tracking is still possible when websites use agent profiling and pixel tagging (despite using clear URL's). Parameter tracking is usually only session related. When you sign up for a website, you also agree with the terms of usage and these terms often include interest based tracking to provide you with better services :).Tracking is not all bad, it helps to find what you want to buy and help you with post sales services (e.g. order history).

As long as you don't login to your browser on your PC and smartphone the tracking across devices is limited due to the increasing government regulations in regard to privacy. Privacy is a lost case, relative privacy is a constantly evolving due to money and risks involved in regard to public health (Covid19) and public safety (terrorism).

I also use strict tracking blocking in Firefox (with Pyllyukko relaxed user.js) and Adguard's optimized Easylist filter with a few extra rules in Myfiles to deal with Google annoyances. On Edge I use default tracking with Kees1958 most common list only and also below rules.

!
! Deal with Google annoyances
!

! Inject javascript to blur Google FLOC interest tagging
*##+js(no-floc)

! Block switch to Chrome popop on google domains (search, maps, etc)
||ogs.google.*/widget/callout$all

! Strip Google click identtifier and Google search location parameter from URL parameters
*$removeparam=gclid,domain=google.*
*$removeparam=gs_lcp,domain=google.*

! youtube.com
||youtube.com/subscribe_embed?$third-party
||youtube.com/subscribe_widget$third-party
youtube.com###alert-banner > .ytd-browse > .yt-alert-with-actions-renderer
youtube.com###mealbar\:3 > ytm-mealbar.mealbar-promo-renderer
youtube.com###notification-footer
youtube.com###secondary-links
youtube.com###yt-feedback
youtube.com###yt-hitchhiker-feedback
youtube.com###yt-lang-alert-container
youtube.com##.yt-consent
youtube.com##.ytd-banner-promo-renderer.style-scope.ytd-banner-promo-renderer-content
youtube.com##.ytd-banner-promo-renderer.style-scope.ytd-banner-promo-renderer-background
youtube.com##.ytd-primetime-promo-renderer
youtube.com##.ytd-statement-banner-renderer
youtube.com##.ytp-ce-playlist
youtube.com##.ytp-pause-overlay
youtube.com##.ytp-title-channel
youtube.com##+js(json-prune, *.playerResponse.adPlacements)
youtube.com##+js(json-prune, *.playerResponse.playerAds)
youtube.com##+js(json-prune, 2.playerResponse.adPlacements playerResponse.adPlacements playerResponse.playerAds adPlacements playerAds)
youtube.com##+js(json-prune, 2.playerResponse.adPlacements)
youtube.com##+js(json-prune, playerResponse.adPlacements)
youtube.com##+js(json-prune, playerResponse.playerAds)
youtube.com##+js(set, ytInitialPlayerResponse.adPlacements, null)
youtube.com##div[class^="ytd-consent"]
youtube.com##ytd-popup-container > .ytd-popup-container > #contentWrapper > .ytd-popup-container[position-type="OPEN_POPUP_POSITION_BOTTOMLEFT"]
youtube.com#@##consent-bump
||gstatic.com/youtube/img/promos/*.jpeg$image,domain=youtube.com
 
Last edited:

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
Also don’t forget Server side Tracking which can’t be blocked and don’t forget that every blocking end in higher fingerprinting
True, but ...

Technically server side tracking systems still needs client side user identifiers. So they can't track you cross domain, but they do offer a more in depth view on first party tracking and anonymous tracking during a session and even over sessions.
 
Last edited:
F

ForgottenSeer 85179

True, but ...

Technically server side tracking systems still needs client side user identifiers. So they can't track you cross domain, but they do offer a more in depth view on first party tracking and anonymous tracking during a session and even over sessions.
They can as every client send more than enough identifiers. Just use Facebook or Google as example
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
They can as every client send more than enough identifiers. Just use Facebook or Google as example
Not the place to discuss here, maybe you better have a deeper look into server side tagging. This is a nice read explaining the new server side Google Tag Manager (link)

"... The main reason is that this way you can incorporate the server-side data collection endpoint that you own in your first-party domain namespace. Having the endpoint in your first-party domain namespace means you can do things like set first-party cookies with Set-Cookie headers and thus avoid Safari expiring them within 7 days of being set.

This becomes significant when you consider things like Intelligent Tracking Prevention. You might want to make use of cookies in the incoming requests, but if the Server container is hosted on a domain that is different from where the requests are sent (such as your site), these cookies will be considered third-party cookies and thus dropped by many browsers ...."

Key take away: use a browser which clears all data when closing (Edge/Firefox) and/or closes a tabs and clears data when it is inactive for some time (Firefox/Safari). I don't mind server side tracking on websites on which I log into to buy, book or view stuff (like amazon, booking.com and netflix). This type of interest based tracking is where server side tagging is build for.
 
Last edited:
Top