majakovskiy - Tumblr blog

majakovskiy · 1 year

Text

Web browsers and privacy

=== WEB BROWSERS AND PRIVACY===

Okay, so I've got some private messages after I've mentioned somewhere that Chromium, just like Chrome does some sketchy stuff with your data, namely in encrypts some fingerprint data and sends it to google, even if it's an open source software. So how to avoid having your data being sold? I mean it's a weird privacy concern, for some it's important to avoid Google, Microsoft, China, or whoever knowing your location, browsing habits, for others it's a nightmare fuel. So, you can comment that "I don't care about my data being sold, what's the fuss" and I respect that, after all it's your data, but let me remind you, that this is the point: it's your data. Much like your pictures, some people doesn't mind having photos taken of them in a public space, others do. Browsing habits, specific address, your history on the internet, just a few examples that certain companies may learn from your online behaviour, and our primary tool, the web browser is part of this economy. So what sort of niche, underdeveloped geekhaxor browser should you use to avoid your digital shit being sold, on the internet? Well, let's review what each of them does.

==Google Chrome==

According to Statcounter Google's browser has a staggering 63% market share worldwide. "Google knows your data" is not a surprise, after all they have their famous search engine, it has a lot of our data already on Drive, and knows our youtube behaviour as well. But to give you a more or less complete list, of what EXACTLY they gather from their users:- Google Chrome monitors your search history and uploads it to it's search engine. Okay, no surprise here.- Chrome monitors your computer usage: It tracks mouse movement, memory usage, what other programs you have open, and has a pretty detailed picture of what kind of hardware you run this browser on. I'm guessing that the mouse movement and memory usage is something that people are not aware of.

- Google Payment: If you use your bank card in Chrome, guess what, Google now knows who you are, what is your bank account, and what you spend your money on. (At least this can be turned off.)

- Chrome has a "suggestion service" which operates also as a keylogger. You can turn it off, but it's a weird sentiment that google also knows that you almost visited a site but decided in the last minute that you don't want to.

- Google Chrome actually listens to your voice through your microhpone. For long it was an urban legend but it's actually confirmed.

- Google stores your password. Yes, your facebook and other non-google passwords too. Yes, on their servers, not your local machine.

- Chrome has a lot of closed sourced components, and it's also self-updating, which means that the browser you're running can be changed by google while you run it, and having closed source components raises a lot of eyebrows in an era where most browsers are (mostly) open source.

==Safari==

Safari has 19.25% market share (as of the date this post was written). Safari tries to marketing itself as a privacy friendly browser, and actually gives the user a bit more control over the software, and for two years know it has a lof of anti-tracking techniques, especially against fingerprinting and targeted advertisement. But these services are not complete, and also it has it's own trackers inside of it. Apparently Apple wants to sell your data, and they don't want other companies to sell Apple's data. So yeah. Not much better.

==Opera==

Every time you open Opera it starts with a geolocation request with a precise timestamp. It also on it's first run opens a webpage which immediately redirects to the Opera homepage, but also learns your facebook login, makes a request to google analytics, and a bunch of other smaller fingerprinting shit. (my favourite is the HTTP request to yandex.ru which gives you a nice russian unique fingerprinting cookie). Also it makes a lot of requests to CXense which is another data selling company. Opera plays multiple sides apparently. Opera is also closed source, has it's own VPN which learns all your browser history and net traffic, and is bought by a Chinese company not long ago they don't just make money off you, they also report to the Chinese Communist Party.

==Firefox==

Firefox phones home everytime you open it, and every time you visit a new website. Firefox also uses Google Analytics, albeit not to that great lenght as Opera or Chrome. Firefox has a Safe Browsing feature which protects you from malicious websites, but also creates a more descriptive, and longer report on you and your computer and sends it to Google with a unique, hidden cookie. Occasionaly Firefox does a thing called "Health report' which reports your processors, video cards, operating system, and other data of your computer. If you use Firefox Pocket to visit stuff offline on different devices it creates a report so comprehensive about you and your online behaviour that it makes Google blush. It also has automatic updates, changing the browser code without notification, and as of 2019 included most of it's user tracking features to near-Google levels without the Pocket. So yeah. What's important to note here that Firefox's spyware stuff can actually be disabled, so given the necessary time and effort you can configure it in a way that none of this shit applies. PM me for details if interested.

==Vivaldi==

"Better Opera than Opera". It's quite a comfy browser but it uses a lot of google's stuff, and also fingerprints your device and reports it to both Google and Vivaldi servers. This fingerprinting cannot be blocked nor disabled.

==Brave==

The meme privacy respecting browser. It's not. it doesn't block ads, it's replacing some website's adds with it's own. It's protecting your data from other companies so they can sell it themselves. They also have some sketchy cryptocurrency-advertisement-adblock whatever thing going on, I haven't researched it, but it's really suspicious from a browser that advertises itself by being the most privacy respecting stuff ever. In a short sentence: It's a scam.

==Waterfox==

Waterfox has the record of "Most HTTP requests on first run attempt while not even being connected to the internet nor have the user tried to visit any sites." If you're curious, it's 55. Did not investigate any further.

==Chromium==

Yeah, the Open Source Chrome. So it makes about 9 requests to Google Analytics and other Google stuff when you first open it, and makes occasional fingerprinting attempts on your computer and person.

==SRWare Iron==

Developed in Germany, another "privacy respecting browser". Hehh, sorry it beats Waterfox. It makes ~500 unsolicited connections on it's first run on an offline computer with no user interaction. It also redirects your searches through their server. I won't even go to details, they try to be google with way worse technology, and selling everything they can learn from you.

==Pale Moon==

The fallen hero. It's quite comfy, but it's getting old, and actually out of the box it tracks a lot of stuff from you, it's also auto-updating, but like Firefox it can be turned to a really safe one.

==GNU IceCat==

A fork of Firefox. It actually makes no unsolicited connections when you first open it up, could it be the chosen one? It actually has a lot of safety features going for it, cleverly avoids Javascript traps and uses https-everywhere by default. It's a Richard Stallman tier blob of pure "free as in freedom' software and privacy focused autism.

==Tor Browser==

The OG meme. Not really good for everyday use, but then again if you want to reach autism levels beyond Richard Stallman this is the way to go.

==Otter Browser==

Okay, so it's "Better Opera than the one claiming to be Better Opera than Opera." IT ALSO MAKES ZERO UNSOLICITED CONNECTIONS. Fully open source, but not much else to go for it. It's a pretty comfy design, only recently reaching 1.0 so as of now I'm not really sure where are they going apart from apparently being privacy friendly, and nostalgic for an age of Opera it may never had.

OKAY ENOUGH WITH THE PURE AUTISM AND EVER MORE FRINGE UNSTABLE UNDERDEVELOPMENT BROWSER I JUST WANT TO SURF THE INTERNET LIKE A NORMAL PERSON WITHOUT MY SHIT BEING SOLD TO ANYONE. What can I do?

Use Firefox with some recommended modifications, or Pale moon with recommended modifications, or Ungoogled Chromium with some extra steps and you'll be fine. If you feel a bit more wonky, give GNU IceCat or Otter Browser a try.

#privacy browsers

0 notes

majakovskiy · 1 year

Text

BROWSERS, ADBLOCKERS AND OTHER ADDONS

tl;dr: Use LibreWolf and install CleanURLs, or if not, use uBlock Origin and CleanURLs on whatever browser you use.Librewolf : https://librewolf.net/uBlock Origin : https://ublockorigin.com/CleanURLs : https://github.com/ClearURLs/Addon

BROWSERS:

I will not start an argument about the necessity of privacy respecting browsers, I assume if you're reading this rambling of mine about the subject you're at least partially interested in not leaking all your data to the internet. Most browsers you'll encounter are leaky, and they will give your data to 3rd parties, either by poor design or implementation or knowingly and happily for money, but some browsers are just more leaky than others, so your choice of browser matters.

Apart from the ethical issues that uncontrollable data selling raises, online ads, tracking cookies and these tracking methods lead to a slower internet, higher processor and memory requirements, a messy design of webpages, and a plethora of other security issues and opportunities for bad actors ("hackers"). The sheer number of so-called attack vectors that web browsing presents is astounding.

Just to give a brief image of it, visit the site https://privacytests.org/, it will show you a comparison of web browsers on their performance of not leaking stuff to other people. The different tests are performed daily, and the website is rather informative about these tracking methods, attack vectors. Some part may be less important to you (Tor capabilities for example), so not all privacy respecting features are created equal, but this is the closest you'll ever get to an open and easily digestable learning material on browser privacy.

At the time of writing the best option for daily use is LibreWolf, basically a fine-tuned Firefox. It also has a lot of features for advanced users, but is generally easy to use, with built in uBlock Origin, and javascript disabled (which you may want to enable for certain web pages).You may want to know that certain browsers are tracking your movement and build a profile on you without ever visiting any webpage, and this category includes Firefox, and Chromium as well.

ADBLOCKERS:

Most adblockers have long sold their souls to the devil, and they are the ones collecting data on you, and some of them are purposefully not blocking certain ads, go figure. A lot of them are not open source, or not even open on their business pactices. You wouldn't hire a security company to protect your business who has a sketchy and non-transparent working, and who you cannot verify that they are not accepting money from the Chinese Communist Party, would you? The easy answer is to use uBlock Origin, an open source, transparent, free as in freedom software, with a completely transparent working, and verifiable everything. Please note that uBlock and uBlock Origin are not the same adblocker, and the regular uBlock has been bought by - guess what - an advertising company.

CleanURLs: Sometimes when you receive a youtube link, and you click on in, instead of youtube.com/watch?=xxxxxxx you'll get a ten times longer link with fbclid and really long alphanumerical stuff, isn't it weird? Does this link need to be this long to function? Well, the answer is no. It's just one of the tricks how websites track you with even more unnecessary cookies, that try to follow you from site A to site B (for example to figure out which youtube account belongs to which facebook user to make even more targeted ads). You can manually delete all those cross-site tracking stuff from every link you use but it's a tedious, but easily automated task. That's where CleanURLs come in, to do this instead of you. You'll be surprised how many tracking attempts are blocked in a day by this stuff.May these tools bring you a faster and cleaner internet experience.

18 notes · View notes