Advice Request Privacy Possum and Privacy Badger together?

Please provide comments and solutions that are helpful to the author of this topic.

oldschool

Level 81
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,044


This is an old reddit post about these two extensions, which I found to be the most in-depth explanation and comparison of Privacy Possum and Privacy Badger. I'm trying them both together for a while with Edge Dev's built-in tracking prevention feature to check performance, etc. Please be aware that this post preceded Privacy Badger's latest 2019 update with its claimed feature improvements. Let me know your thoughts.

______________________________________

Hi! Privacy Badger dev here.
First of all, Privacy Badger doesn't send back any data to EFF automatically. The only time it contacts us at all is to download a new version of the yellowlist, once a day -- and that request doesn't contain any information about you at all. Of course, you can use the dialog within the extension to file an error report, but it should be pretty clear that you mean to contact us in that case. We don't do any kind of telemetry otherwise.
Privacy Possum is more of a complement to Privacy Badger than a replacement. It doesn't use the same heuristic-learning model that Badger does, and it doesn't usually block requests outright. Once Privacy Badger learns that a domain is a tracker, it will block all third-party traffic to that domain, which prevents harder-to-stop tracking methods like TLS session resumption. Privacy Badger also stops many ads from loading, since ad companies tend to be the biggest trackers. I believe Privacy Possum looks at every request individually and decides whether to take an action like stripping cookies or modifying headers. Privacy Possum blocks certain kinds of fingerprinting that Badger doesn't, yet, but we've found those methods to be quite rare in the wild.
Privacy Badger also offers several features that Possum doesn't, including link unwrapping on Facebook and Google, and widget replacement that stops things like Facebook like buttons from tracking you until you decide to click on them. PB lets you decide to block or allow individual domains, so you can customize your experience and debug issues on the fly. We're working on blocking tracking e-tags, too!
At the end of the day, they're different tools with different priorities. There are some things that Privacy Badger blocks that Possum won't, and vise versa, but I think both of the dev teams are trying our best to block as much tracking as possible without breaking the web. Try browsing with both installed and see how things go. If you want to go for completeness, I recommend using uBlock Origin as well.
I disagree with the commenter below who said it's better to have just one tool; in general, tracker blockers require minimal resources and any performance hits should be vastly outweighed by the performance (and privacy!) gains they provide. The biggest issue with installing multiple extensions is that it makes it harder to narrow down the culprit when a site breaks. I use both Privacy Badger and uBlock in my own browser. But if you do want to use just one tool, I still recommend Privacy Badger :)
Hope that helps!
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
My take

Privacy Possum is zero config with only a switch-off button when it might brake something. It works great along's Firefox and Edge-chromium anti-tracking (set to most strict option).

Privacy badge is intended for zero config also, but the dev's of Privacy Badger are ambivalent in their user interface/user experience implementation, so they offer power options, like show third-party references which don't seem to be tracking you and show you the list of trackers with a user set filter but a faulty (unusable) scroll mechanism. When people complain about the scroll mechanism not working properly at their forum, they reply by teling Privacy Badger is intended to use without user interference. My take (or better what I learned at UX-design in my study) when you don;t want users to fiddle with something, don't provide options to tweak the settings.

That said (rant ended against Privacy Badger UX-designers), I have Privacy Possum on my girlfriend's PC and use Privacy Badger myself (when Bitdefender tells me I have a tracker I dsiable that domain manually in Privacy Badger). So as with many overlapping software, it is better to discuss what fits best from the prospective of the user (a Porsche 911 is a great sport car, but a KIA SUV is much more practical when you have two kids).
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
I use now for a few weeks AdGuard Desk with a few implementation in Stealth & Advanced & understandably it did not get on with Possum at all, so really at this point finding out what is the best solution - Before AdGuard I had few problems with Possum though.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Did you mean Bitdefender TrafficLight extension?
Sorry, yes should have been more specific. For URL-blocking and download protection I use
a) QUAD9 DNS
b) Windows Defender Network protection
c) Windows Defender SmartScreen
d) Bitdefender Traffic Light extension

For advertisement and tracking protection I use
a) Set Edge-chromium tracking protection to strict
b) Build-in Chromium Ad-blocking (and popup) blocking enabled
c) Privacy Badger (set to show trackers who don't appear to follow me)

Additional I have tweakes Edge-chromium to
a) Block javascript, set an allow rule for File:///* and HTTPS://*
b) Enabled experimental flag: #treat-unsafe-downloads-as-active-content

As now inactive user Windows_Security always made clear: look at VX-vault 90% of the malware comes from from HTTP websites, so disabling executable content download and javascript on these websites reduces the attack surface substantially. I can only speak for the Netherlands, but sicne HTTPS certificates became available cheap (free) all serious websites are on HTTPS, so crippling website functionality on HTTP websites does not seem to impact Dutch websurfers. I am a bit less convinced as W_S because depending on your surfing habits and HTTPS usage for your region, it depends whether virtually crippling HTTP websites is a good idea.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Sorry, yes should have been more specific. For URL-blocking and download protection I use
a) QUAD9 DNS
b) Windows Defender Network protection
c) Windows Defender SmartScreen
d) Bitdefender Traffic Light extension

For advertisement and tracking protection I use
a) Set Edge-chromium tracking protection to strict
b) Build-in Chromium Ad-blocking (and popup) blocking enabled
c) Privacy Badger (set to show trackers who don't appear to follow me)

Additional I have tweakes Edge-chromium to
a) Block javascript, set an allow rule for File:///* and HTTPS://*
b) Enabled experimental flag: #treat-unsafe-downloads-as-active-content

As now inactive user Windows_Security always made clear: look at VX-vault 90% of the malware comes from from HTTP websites, so disabling executable content download and javascript on these websites reduces the attack surface substantially. I can only speak for the Netherlands, but sicne HTTPS certificates became available cheap (free) all serious websites are on HTTPS, so crippling website functionality on HTTP websites does not seem to impact Dutch websurfers. I am a bit less convinced as W_S because depending on your surfing habits and HTTPS usage for your region, it depends whether virtually crippling HTTP websites is a good idea.
If this setup works for you then that's great :emoji_ok_hand:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top