Securing Your Browser
Why Should I Change my Browser?
Currently Google Chrome has the most users, but it’s basically spyware, even going so far as to turn on your microphone and eavesdrop on you while you browse. Instead, you can get almost identical performance and security with a massive improvement in privacy by switching to Brave or Firefox. Changing browsers may take some getting used to at first, but is critical for improving your privacy.
Brave vs Firefox
Browsers are highly controversial. No matter what browsers I suggest, people will always say that I should’ve considered a different one or shouldn’t have listed one I did. To see my criteria for why I selected these browers to list, check here. In the interest of transparency, I do want to acknowledge that both Brave and Mozilla have made questionable decisions. Brave’s criticisms mostly revolve around their use of BAT, a cryptocurrency they developed to allow site owners and content creators to get paid based on visits and time spent on their site. You can read more about that here. Such decisions included collecting payments on behalf of a creator who claims he never got paid and injecting affiliate links into browser traffic so Brave made more money. These situations have since been corrected. For Mozilla’s shortcomings, they regularly draw criticism for making their analytics opt-out rather than opt-in, making Google the default search engine, and paying their CEO over $3 million USD per year while struggling to be financially solvent. I also want readers to be aware that Firefox has been found to be issuing a temporary, one-time tracker that shares some data with Google when you download and install the program for the first time on Windows or Mac, so if you go this route I suggest you turn off your internet during the installation until you have a chance to disable analytics (discussed below).
While I don’t think there is a perfect solution in this space, I personally recommend Brave for most people. It is the most Chrome-like so most users will find the transition easy, using the Chromium engine will make you “blend in” more with other chrome users, and it is extremely privacy-friendly “out of the box” without having to make a lot of advanced tweaks. Having said that, a lot of people feel very strongly about Brave as a company, the BAT token, and the idea of giving Google too much power by having too many users dependent on the Chromium engine. Therefore, I will leave it up to my readers to decide which company they consider to be more ethical and which browser is right for their needs. If you still find yourself on the fence, it’s worth noting that Chromium-based browsers tend to have better security, however as long as you’re using good online habits the difference should be minimal for most casual web users (Source).
Regardless of which browser you decide to go with, there is one extension you should add to dramatically improve your privacy and security. This is uBlock Origin, a powerful, light”weight” ad- and tracker-blocker. Officially, uBlock Origin is ready for use “out of the box.” However, there’s a few things I prefer to add to it to improve the protections it has to offer. First, I enable every option under the ”Privacy” section. I then click on the tab “Filter lists” and enable everything under “Built-In,” “Ads,” “Privacy,” “Malware domains,” “Annoyances,” and “Multipurpose.” I would also recommend checking the “Regions, languages” section if you live outside North America and enable for your location, too. In my experience, enabling all the features has never presented any significant site breakage. However, if you find yourself repeatedly running into issues with a lot of sites not working correctly, you can easily go back to the developer’s recommended settings by clicking “Reset to default settings” on the main Settings page.
There are two additional extensions that I think are worth adding if you feel so inclined. The first is your password manager’s official extension. Many password managers offer browser extensions to help make logging in easy and safe. There are numerous advantages to these, like protection against phishing and keyloggers, and as such I consider these okay to install if you want to. The other is Snowflake (this is optionally included in Brave, see the recommended settings below). This is a project to help certain internet users in foreign, repressive countries bypass censorship. This should not cause any kind of legal risk to you. Both of these extensions are optional, but I believe they are safe to use. I strongly advise against installing any other extensions unless absolutely necessary. The more extensions you install, the more easily your browser can be fingerprinted, making it easier to track you across the web despite any other privacy-enhancing changes you make to your browser or browsing habits.
- Show autocomplete in address bar: disabled
- Always show full URLs: enabled (1)
- Social media blocking: disable all
- Privacy and security:
- Allow privacy-preserving product analytics (P3A): disabled
- Automatically send daily usage ping to Brave: disabled
- Clear browsing data: On exit: check all (2)
- Cookies and other site data: Clear cookies and site data when you close all windows: enabled (3)
- Security: Always use secure connections: enabled
- (Skip this setting if using a VPN) Security: Use Secure DNS: With a DNS provider from this list.
- Private window with Tor: disabled
- Volunteer to help others connect to the Tor network: enabled (this is a built-in integration of the Snowflake extension discussed above)
- Hangouts: disabled
- Additional settings:
- Autofill: disable all (2)
1: This allows you to see the full URL and help defend against phishing attacks.
2: There is malware capable of swiping data stored in your browser, including history and saved passwords, credit cards, and even multi-factor authentication cookies. You can choose to leave cookies and other sign-in data and history if you want, but know that it is a security risk.
3: This will sign you out of everything and reset any settings. See Note 2 for more information.
- After downloading but before installing, disconnect from the internet.1
- (Skip this setting if using a VPN.) General: Network Settings: Enable DNS over HTTPS: Custom: Select a DNS provider from this list.
- Home: Firefox Home Content: Shortcuts: Sponsored Shortcuts: uncheck
- Home: Firefox Home Content: Recommended by Pocket: Sponsored Stories: uncheck
- Search: Default Search Engine: Pick a privacy-respecting search engine.
- Privacy & Security: Enhanced Tracking Protection: Strict2
- Privacy & Security: Cookies & Site Data: Delete cookies and site data when Firefox is closed: checked3
- Privacy & Security: Logins and Passwords: uncheck all3
- Privacy & Security: Forms and autofill: uncheck all3
- Privacy & Security: History: Never remember history
- Privacy & Security: Address Bar - Firefox Suggest: Suggestions from the web: disabled
- Privacy & Security: Address Bar - Firefox Suggest: Suggestions from sponsors: disabled
- Privacy & Security: Firefox Data Collection and Use: uncheck all
- Privacy & Security: HTTPS-Only Mode: Enable HTTPS-Only Mode in all windows
1: Mozilla issues a temporary, one-time tracker that utilizes Google Analytics to understand the relationship between downloads and installations. This will be disabled in later settings.
2: I have never known this setting to cause any website breakage, however you can always change it back to Standard or Custom if you do.
3: There is malware capable of swiping data stored in your browser, including history and saved passwords, credit cards, and even multi-factor authentication cookies. You can choose to leave cookies and other sign-in data and history if you want, but know that it is a security risk.
LibreWolf does not technically qualify to be listed on this site because it is not capable of auto-update on Mac and Windows. However, I believe LibreWolf is still worth a mention. LibreWolf is a pre-hardened fork of Firefox, offering pre-configured improvements like no telemetry, private default search options, and it comes with uBlock Origin already installed. Truthfully, LibreWolf is out-of-the-box ready to use in terms of privacy and settings. However, there are two drawbacks.
First, you should beware that LibreWolf’s hardened settings may result in some website breakage. In my experience this hasn’t been an issue, but I also don’t use a lot of popular websites that many people do. Your results may vary. Second, as mentioned, LibreWolf does not auto-update except on Linux. You can get around this by installing the LibreWolf Updater extension in the browser. This is an unofficial extension, but it is officially recommended in the documentation, and therefore is likely safe. It will not auto-update the browser, but it will alert you every time a new version is available and make it easy for you to download it. From there you have to run in the install as if it were the first time. If this is a convenience tradeoff you’re willing to make, then consider LibreWolf.
Between the extensions and the settings changes suggested on this page, you will greatly reduce the ability of websites to track you as you go from site to site. However, it should be noted that browser fingerprinting - one of the most common forms of online tracking - is incredibly complex and ever evolving. While these changes have dramatically reduced your fingerprint, you should not assume - as with any of the advice I give on this site - that you are totally invisible or untrackable. If you want to achieve maximum privacy and/or anonymity, consider using the Tor Browser.
The Tor browser is a somewhat common daily browser among privacy enthusiasts for a few reasons. If you’re unfamiliar with Tor, check out my Tor Crash Course video. The Tor browser routes only your browser traffic through the Tor network and not all device traffic. The Tor browser also comes pre-packaged with a more advanced content blocker called No-Script which can be used to block ads, as well as many other unseen, powerful tracker-blocking features. The Tor browser also isolates each tab and changes your relay path with every new website you visit to help further protect your anonymity. Using the Tor Browser as your main browser is a great idea, but keep in mind that many legitimate websites such as banking and e-commerce sites block known Tor addresses to prevent abuse and fraud, so you’ll want to keep a copy of Brave/Firefox installed for when that happens. Additionally, using the Tor Browser in a truly, 100% anonymous way is incredibly difficult and requires very intentional browsing habits, so don’t do anything illegal. Finally, because all nodes are volunteer-run and therefore work on an “honor system,” be sure to check that any site you login or transfer personal data across is using HTTPS (the lock icon at the beginning of the address bar) and is the actual site and not a fake phishing site designed to look like the real thing.
If you’re still unsure what browser is right for you, Privacy Tests and Cookie Status compare a few of the more popular choices.