mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-12-22 06:05:11 -05:00
9e35e2ef8a
Signed-off-by: Daniel Gray <dngray@privacyguides.org>
263 lines
16 KiB
Markdown
263 lines
16 KiB
Markdown
---
|
|
title: "Desktop Browsers"
|
|
icon: material/laptop
|
|
description: Firefox and Brave are our recommendations for standard/non-anonymous browsing.
|
|
---
|
|
|
|
These are our currently recommended desktop web browsers and configurations for standard/non-anonymous browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead. In general, we recommend keeping your browser extensions to a minimum; they have privileged access within your browser, require you to trust the developer, can make you [stand out](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), and [weaken](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) site isolation.
|
|
|
|
## Firefox
|
|
|
|
!!! recommendation
|
|
|
|
![Firefox logo](assets/img/browsers/firefox.svg){ align=right }
|
|
|
|
**Firefox** provides strong privacy settings such as [Enhanced Tracking Protection](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop), which can help block various [types of tracking](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop#w_what-enhanced-tracking-protection-blocks).
|
|
|
|
[:octicons-home-16: Homepage](https://firefox.com){ .md-button .md-button--primary }
|
|
[:octicons-eye-16:](https://www.mozilla.org/privacy/firefox/){ .card-link title="Privacy Policy" }
|
|
[:octicons-info-16:](https://firefox-source-docs.mozilla.org/){ .card-link title=Documentation}
|
|
[:octicons-code-16:](https://hg.mozilla.org/mozilla-central){ .card-link title="Source Code" }
|
|
[:octicons-heart-16:](https://donate.mozilla.org/){ .card-link title=Contribute }
|
|
|
|
??? downloads
|
|
|
|
- [:simple-windows11: Windows](https://www.mozilla.org/firefox/windows)
|
|
- [:simple-apple: macOS](https://www.mozilla.org/firefox/mac)
|
|
- [:simple-linux: Linux](https://www.mozilla.org/firefox/linux)
|
|
- [:simple-flathub: Flathub](https://flathub.org/apps/details/org.mozilla.firefox)
|
|
|
|
!!! warning
|
|
Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug.cgi?id=1677497#c0) in downloads from Mozilla's website and uses telemetry in Firefox to send the token. The token is **not** included in releases from the [Mozilla FTP](https://ftp.mozilla.org/pub/firefox/releases/).
|
|
|
|
### Recommended Configuration
|
|
|
|
Tor Browser is the only way to truly browse the internet anonymously. When you use Firefox, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.
|
|
|
|
These options can be found in :material-menu: → **Settings** → **Privacy & Security**.
|
|
|
|
##### Enhanced Tracking Protection
|
|
|
|
- [x] Select **Strict** Enhanced Tracking Protection
|
|
|
|
This protects you by blocking social media trackers, fingerprinting scripts (note that this does not protect you from *all* fingerprinting), cryptominers, cross-site tracking cookies, and some other tracking content. ETP protects against many common threats, but it does not block all tracking avenues because it is designed to have minimal to no impact on site usability.
|
|
|
|
##### Sanitize on Close
|
|
|
|
If you want to stay logged in to particular sites, you can allow exceptions in **Cookies and Site Data** → **Manage Exceptions...**
|
|
|
|
- [x] Check **Delete cookies and site data when Firefox is closed**
|
|
|
|
This protects you from persistent cookies, but does not protect you against cookies acquired during any one browsing session. When this is enabled, it becomes possible to easily cleanse your browser cookies by simply restarting Firefox. You can set exceptions on a per-site basis, if you wish to stay logged in to a particular site you visit often.
|
|
|
|
##### Search Suggestions
|
|
|
|
- [ ] Uncheck **Provide search suggestions**
|
|
|
|
Search suggestion features may not be available in your region.
|
|
|
|
Search suggestions send everything you type in the address bar to the default search engine, regardless of whether you submit an actual search. Disabling search suggestions allows you to more precisely control what data you send to your search engine provider.
|
|
|
|
##### Telemetry
|
|
|
|
- [ ] Uncheck **Allow Firefox to send technical and interaction data to Mozilla**
|
|
- [ ] Uncheck **Allow Firefox to install and run studies**
|
|
- [ ] Uncheck **Allow Firefox to send backlogged crash reports on your behalf**
|
|
|
|
> Firefox sends data about your Firefox version and language; device operating system and hardware configuration; memory, basic information about crashes and errors; outcome of automated processes like updates, safebrowsing, and activation to us. When Firefox sends data to us, your IP address is temporarily collected as part of our server logs.
|
|
|
|
Additionally, the Firefox Accounts service collects [some technical data](https://www.mozilla.org/en-US/privacy/firefox/#firefox-accounts). If you use a Firefox Account you can opt-out:
|
|
|
|
1. Open your [profile settings on accounts.firefox.com](https://accounts.firefox.com/settings#data-collection)
|
|
2. Uncheck **Data Collection and Use** > **Help improve Firefox Accounts**
|
|
|
|
##### HTTPS-Only Mode
|
|
|
|
- [x] Select **Enable HTTPS-Only Mode in all windows**
|
|
|
|
This prevents you from unintentionally connecting to a website in plain-text HTTP. Sites without HTTPS are uncommon nowadays, so this should have little to no impact on your day to day browsing.
|
|
|
|
### Firefox Sync
|
|
|
|
[Firefox Sync](https://hacks.mozilla.org/2018/11/firefox-sync-privacy/) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices and protects it with E2EE.
|
|
|
|
### Arkenfox (advanced)
|
|
|
|
The [Arkenfox project](https://github.com/arkenfox/user.js) provides a set of carefully considered options for Firefox. If you [decide](https://github.com/arkenfox/user.js/wiki/1.1-To-Arkenfox-or-Not) to use Arkenfox, a [few options](https://github.com/arkenfox/user.js/wiki/3.2-Overrides-[Common]) are subjectively strict and/or may cause some websites to not work properly - [which you can easily change](https://github.com/arkenfox/user.js/wiki/3.1-Overrides) to suit your needs. We **strongly recommend** reading through their full [wiki](https://github.com/arkenfox/user.js/wiki). Arkenfox also enables [container](https://support.mozilla.org/en-US/kb/containers#w_for-advanced-users) support.
|
|
|
|
## Brave
|
|
|
|
!!! recommendation
|
|
|
|
![Brave logo](assets/img/browsers/brave.svg){ align=right }
|
|
|
|
**Brave Browser** includes a built-in content blocker and [privacy features](https://brave.com/privacy-features/), many of which are enabled by default.
|
|
|
|
Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues.
|
|
|
|
[:octicons-home-16: Homepage](https://brave.com/){ .md-button .md-button--primary }
|
|
[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" }
|
|
[:octicons-eye-16:](https://brave.com/privacy/browser/){ .card-link title="Privacy Policy" }
|
|
[:octicons-info-16:](https://support.brave.com/){ .card-link title=Documentation}
|
|
[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" }
|
|
|
|
??? downloads annotate
|
|
|
|
- [:simple-github: GitHub](https://github.com/brave/brave-browser/releases)
|
|
- [:simple-windows11: Windows](https://brave.com/download/)
|
|
- [:simple-apple: macOS](https://brave.com/download/)
|
|
- [:simple-linux: Linux](https://brave.com/linux/) (1)
|
|
|
|
1. We advise against using the Flatpak version of Brave, as it replaces Chromium's sandbox with Flatpak's, which is less effective. Additionally, the package is not maintained by Brave Software, Inc.
|
|
|
|
### Recommended Configuration
|
|
|
|
Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.
|
|
|
|
These options can be found in :material-menu: → **Settings**.
|
|
|
|
##### Shields
|
|
|
|
Brave includes some anti-fingerprinting measures in its [Shields](https://support.brave.com/hc/en-us/articles/360022973471-What-is-Shields-) feature. We suggest configuring these options [globally](https://support.brave.com/hc/en-us/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings-) across all pages that you visit.
|
|
|
|
Shields' options can be downgraded on a per-site basis as needed, but by default we recommend setting the following:
|
|
|
|
<div class="annotate" markdown>
|
|
|
|
- [x] Select **Prevent sites from fingerprinting me based on my language preferences**
|
|
- [x] Select **Aggressive** under Trackers & ads blocking
|
|
|
|
??? warning "Use default filter lists"
|
|
Brave allows you to select additional content filters within the internal `brave://adblock` page. We advise against using this feature; instead, keep the default filter lists. Using extra lists will make you stand out from other Brave users and may also increase attack surface if there is an exploit in Brave and a malicious rule is added to one of the lists you use.
|
|
|
|
- [x] (Optional) Select **Block Scripts** (1)
|
|
- [x] Select **Strict, may break sites** under Block fingerprinting
|
|
|
|
</div>
|
|
|
|
1. This option provides functionality similar to uBlock Origin's advanced [blocking modes](https://github.com/gorhill/uBlock/wiki/Blocking-mode) or the [NoScript](https://noscript.net/) extension.
|
|
|
|
##### Social media blocking
|
|
|
|
- [ ] Uncheck all social media components
|
|
|
|
##### Privacy and security
|
|
|
|
<div class="annotate" markdown>
|
|
|
|
- [x] Select **Disable non-proxied UDP** under [WebRTC IP Handling Policy](https://support.brave.com/hc/en-us/articles/360017989132-How-do-I-change-my-Privacy-Settings-#webrtc)
|
|
- [ ] Uncheck **Use Google services for push messaging**
|
|
- [ ] Uncheck **Allow privacy-preserving product analytics (P3A)**
|
|
- [ ] Uncheck **Automatically send daily usage ping to Brave**
|
|
- [ ] Uncheck **Automatically send diagnostic reports**
|
|
- [x] Select **Always use secure connections** in the **Security** menu
|
|
- [ ] Uncheck **Private window with Tor** (1)
|
|
|
|
!!! tip "Sanitizing on Close"
|
|
- [x] Select **Clear cookies and site data when you close all windows** in the *Cookies and other site data* menu
|
|
|
|
If you wish to stay logged in to a particular site you visit often, you can set exceptions on a per-site basis under the *Customized behaviors* section.
|
|
|
|
</div>
|
|
|
|
1. Brave is **not** as resistant to fingerprinting as the Tor Browser and far fewer people use Brave with Tor, so you will stand out. Where [strong anonymity is required](https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-) use the [Tor Browser](tor.md#tor-browser).
|
|
|
|
##### Extensions
|
|
|
|
Disable built-in extensions you do not use in **Extensions**
|
|
|
|
- [ ] Uncheck **Hangouts**
|
|
- [ ] Uncheck **WebTorrent**
|
|
|
|
##### IPFS
|
|
|
|
InterPlanetary File System (IPFS) is a decentralized, peer-to-peer network for storing and sharing data in a distributed filesystem. Unless you use the feature, disable it.
|
|
|
|
- [x] Select **Disabled** on Method to resolve IPFS resources
|
|
|
|
##### Additional settings
|
|
|
|
Under the *System* menu
|
|
|
|
<div class="annotate" markdown>
|
|
|
|
- [ ] Uncheck **Continue running apps when Brave is closed** to disable background apps (1)
|
|
|
|
</div>
|
|
|
|
1. This option is not present on all platforms.
|
|
|
|
### Brave Sync
|
|
|
|
[Brave Sync](https://support.brave.com/hc/en-us/articles/360059793111-Understanding-Brave-Sync) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices without requiring an account and protects it with E2EE.
|
|
|
|
## Additional Resources
|
|
|
|
We generally do not recommend installing any extensions as they increase your attack surface. However, uBlock Origin may prove useful if you value content blocking functionality.
|
|
|
|
### uBlock Origin
|
|
|
|
!!! recommendation
|
|
|
|
![uBlock Origin logo](assets/img/browsers/ublock_origin.svg){ align=right }
|
|
|
|
**uBlock Origin** is a popular content blocker that could help you block ads, trackers, and fingerprinting scripts.
|
|
|
|
[:octicons-repo-16: Repository](https://github.com/gorhill/uBlock#readme){ .md-button .md-button--primary }
|
|
[:octicons-eye-16:](https://github.com/gorhill/uBlock/wiki/Privacy-policy){ .card-link title="Privacy Policy" }
|
|
[:octicons-info-16:](https://github.com/gorhill/uBlock/wiki){ .card-link title=Documentation}
|
|
[:octicons-code-16:](https://github.com/gorhill/uBlock){ .card-link title="Source Code" }
|
|
|
|
??? downloads
|
|
|
|
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/ublock-origin/)
|
|
- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm)
|
|
- [:simple-microsoftedge: Edge](https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak)
|
|
|
|
We suggest following the [developer's documentation](https://github.com/gorhill/uBlock/wiki/Blocking-mode) and picking one of the "modes". Additional filter lists can impact performance and [may increase attack surface](https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css).
|
|
|
|
##### Other lists
|
|
|
|
These are some other [filter lists](https://github.com/gorhill/uBlock/wiki/Dashboard:-Filter-lists) that you may want to consider adding:
|
|
|
|
- [x] Check **Privacy** > **AdGuard URL Tracking Protection**
|
|
- Add [Actually Legitimate URL Shortener Tool](https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt)
|
|
|
|
## Criteria
|
|
|
|
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
|
|
|
|
!!! example "This section is new"
|
|
|
|
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
|
|
|
|
### Minimum Requirements
|
|
|
|
- Must be open-source software.
|
|
- Supports automatic updates.
|
|
- Receives engine updates in 0-1 days from upstream release.
|
|
- Available on Linux, macOS, and Windows.
|
|
- Any changes required to make the browser more privacy-respecting should not negatively impact user experience.
|
|
- Blocks third-party cookies by default.
|
|
- Supports [state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning) to mitigate cross-site tracking.[^1]
|
|
|
|
### Best-Case
|
|
|
|
Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
|
|
|
|
- Includes built-in content blocking functionality.
|
|
- Supports cookie compartmentalization (à la [Multi-Account Containers](https://support.mozilla.org/en-US/kb/containers)).
|
|
- Supports Progressive Web Apps.
|
|
PWAs enable you to install certain websites as if they were native apps on your computer. This can have advantages over installing Electron-based apps, because you benefit from your browser's regular security updates.
|
|
- Does not include add-on functionality (bloatware) that does not impact user privacy.
|
|
- Does not collect telemetry by default.
|
|
- Provides open-source sync server implementation.
|
|
- Defaults to a [private search engine](search-engines.md).
|
|
|
|
### Extension Criteria
|
|
|
|
- Must not replicate built-in browser or OS functionality.
|
|
- Must directly impact user privacy, i.e. must not simply provide information.
|
|
|
|
[^1]: Brave's implementation is detailed at [Brave Privacy Updates: Partitioning network-state for privacy](https://brave.com/privacy-updates/14-partitioning-network-state/).
|