Tutorial Using two browsers with (browser) Apps for maximum security and privacy

Disclaimer:

This two browser setup has been organically developed with some of my elder family relations. I use two types of setups for elderly relatives, the ones who know how to operate a smart phone (know how to whats app and make video calls with messenger for instance) and the (older) ones who don't know how to operate a smart phone. This two browser setups using browser apps works very well for my elderly relatives who know how to use a smartphone.

---------------------------------------------------------------------------

How does it work: I use Edge (default blue) and Firefox (with Qiyu Red theme).

I have created browser apps with (Edge on default settings for maximum compatibility) and added them to a dedicated program group (see below), using Edge password manager (may be not the best, but the certainly the easiest to use for elderly relatives). I have also installed WindowsApps and put them in group.
1626609870000.png


I installed Firefox and made it the default browser with Pyllyukko user.js and only installed two extensions: uBlockOrigin and BitdefederTrafficlight. I think privacy is a lost case, so maximum privacy is nothing more than applying Pyllyukko user.js in relaxed mode.

I noticed that these elder relatives somehow got the feeling that the internet was full of risks and they had no control over it. So I disabled javascript in uBlockOrigin and told my relatives to only enable Javascript when BDTL showed a green Icon. See below
1626609474000.png


When I checked (a few weeks later) whether they understood this Apps and one-two-trust action I expected a lot of websites to be whitelisted. But most of the relatives only had a dozen or so websites whitelisted, because most websites function well (stylesheets, subframes, images are allowed) as passive websites. After asking why only a few news websites were whitelisted, they told me that they liked movies on "the news websites" (like they used to see on TV), but they were annoyed and often surprised when websites started to play multimedia out of the blue and quite liked this silent read only mode (especially the picture in picture mode was confusing to them). They also did not mind the hassle of two clicks to make a website fully functional, because it gave them a sense of control over the new digital world.
 
Last edited:

plat1098

Level 25
Verified
Sep 13, 2018
1,424
Thanks for putting this together--looks easy enough to set up and utilize. I was surprised javascript could be disabled to that extent without more general breakage.

You mentioned browser-based password managers as something that seem second-best and for "elder relatives" who aren't tech-savvy. Using the browser PMs no longer has the stigma it used to have. Browsers run in various degrees of isolation nowadays, at least the main ones do--plus if you use add'l isolation like Sandboxie--even better.

I've always used the browser PMs myself out of laziness and unwillingness to add un-ncessary third party software. If there were any breaches, I've found that every single one occurred on the other end, not mine. At some point, we have to trust and let come what may.

Password Managers.
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
@plat1098

Thanks for your reply. You are hitting the nail. When an application has a slightly different user interface, it is often considered (by most of my elderly relatives) as "having to learn something else/new". So keeping 3rd party to a minimum on every aspect is something which really makes ICT easier to understand (I guess this applies to all people not only my elderly relatives).

I also learned that something simple as a two color scheme (Edge with blue and Firefox with red theme) helps a lot to understand how to behave (red = danger). Even something trival as Bitdefender's extension name traffic light helps (green is go ahead, red is stop).

Regards /L
 
Last edited:

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
Settings

General

- hide placeholders ENABLED
- show the number of blocked requests ENABLED
- advanced mode DISABLED

Privacy
- disable pre-fetching
- diable hyperlink
- prevent WebRTC
- block CSP reports

Default behavior
- Disable javascript ENABLED


My Filters

Built in

- uBlock filters
- uBlock filters - Unbreak

Custom
- EasyList (Optimized)
- EasyPrivacy (Optimized)
 

Gandalf_The_Grey

Level 50
Verified
Trusted
Content Creator
Apr 24, 2016
3,915
Settings

General

- hide placeholders ENABLED
- show the number of blocked requests ENABLED
- advanced mode DISABLED

Privacy
- disable pre-fetching
- diable hyperlink
- prevent WebRTC
- block CSP reports

Default behavior
- Disable javascript ENABLED


My Filters

Built in

- uBlock filters
- uBlock filters - Unbreak

Custom
- EasyList (Optimized)
- EasyPrivacy (Optimized)
I would go with the default (full) EasyList and EasyPrivacy.
With the optimized lists not all trackers are blocked on this page:
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
I got 98% only Yandex and Samsung were not blocked.

I will add Yandex although it has a near zero market share in Western Europe (I think is Samsung only relevant for Samsung webbrowser on mobile devices).

metrica.yandex.com$third-party
yandexadexchange.net$third-party

I also changed the $removeparam to be more specific and limited to google for two reasons

uBlock does not handle removeparam as wel as AdGuard (performance wise, therefore made them more specific) and I missed a discount when buying a course on Udemy (yep the URL-parameter trackers are not all bad :) )

!
! Deal with Google annoyances
!

! Inject javascript to blur Google FLOC interest tagging
*##+js(no-floc)

! Block switch to Chrome popop on google domains (search, maps, etc)
||ogs.google.*/widget/callout$all

! Block Google search URL paramater tracking
||google.*/search$removeparam=biw
||google.*/search$removeparam=bih
||google.*/search$removeparam=dpr
||google.*/search$removeparam=sa
||google.*/search$removeparam=source
||google.*/search$removeparam=aqs
||google.*/search$removeparam=sourceid
||google.*/search$removeparam=ei
||google.*/search$removeparam=gs_lcp
||google.*/search$removeparam=gclid

! youtube.com
||youtube.com/subscribe_embed?$third-party
||youtube.com/subscribe_widget$third-party
||gstatic.com/youtube/img/promos/*.jpeg$image,domain=youtube.com
youtube.com###alert-banner > .ytd-browse > .yt-alert-with-actions-renderer
youtube.com###mealbar\:3 > ytm-mealbar.mealbar-promo-renderer
youtube.com###notification-footer
youtube.com###secondary-links
youtube.com###yt-feedback
youtube.com###yt-hitchhiker-feedback
youtube.com###yt-lang-alert-container
youtube.com##.yt-consent
youtube.com##.ytd-banner-promo-renderer.style-scope.ytd-banner-promo-renderer-content
youtube.com##.ytd-banner-promo-renderer.style-scope.ytd-banner-promo-renderer-background
youtube.com##.ytd-primetime-promo-renderer
youtube.com##.ytd-statement-banner-renderer
youtube.com##.ytp-ce-playlist
youtube.com##.ytp-pause-overlay
youtube.com##.ytp-title-channel
youtube.com##+js(json-prune, *.playerResponse.adPlacements)
youtube.com##+js(json-prune, *.playerResponse.playerAds)
youtube.com##+js(json-prune, 2.playerResponse.adPlacements playerResponse.adPlacements playerResponse.playerAds adPlacements playerAds)
youtube.com##+js(json-prune, 2.playerResponse.adPlacements)
youtube.com##+js(json-prune, playerResponse.adPlacements)
youtube.com##+js(json-prune, playerResponse.playerAds)
youtube.com##+js(set, ytInitialPlayerResponse.adPlacements, null)
youtube.com##div[class^="ytd-consent"]
youtube.com##ytd-popup-container > .ytd-popup-container > #contentWrapper > .ytd-popup-container[position-type="OPEN_POPUP_POSITION_BOTTOMLEFT"]
youtube.com#@##consent-bump
 
Last edited:
Top