I just found this for Chrome - Don't track me Google Yeah, I know, trying to remain private while using Chrome is an oxymoron, but there's no harm in trying.
Lol, yeah. As a rule I'm immediately apprehensive of any Google service but I'm also a huge fan of telling The Man to shove it in as many small ways as I can - if nothing else at least it's one more drop in the bucket. My main issue with Chrome/Opera is that they store LSOs and from what I was able to find online there's no way to delete them. Major dealbreaker for me, which sucks because I liked Opera's interface a lot.
I see the developer of Don't track me Google also has a Firefox version Does anyone know if there is any difference or advantage over Google search link fix? They both look to do the same thing.
Sorry, I didn't test free services so I can't recommend you any. Maybe some other member can give you some advice.
They do both the same but there is only a small difference: Don't track me Google * It works on Google Search Pages * It has an option to remove the referrer: "Clear HTTP referrer (this prevents other sites from seeing your Google search terms)" Google Search link fix * It works on Google and Yandex Search Pages
I always use StartPage with Firefox which is a lot more private than anything that Chrome can offer. Not sure why you would consider Chrome if you value your privacy. In fact you won't go far wrong if you adopt the other privacy features that @TomeiNingen has listed on page 1.
@Cache - Thanks! @Krusty13 - Cache raises an interesting point; why use Chrome? I've never really understood the appeal (Google's panopticon creeps the bejeezus out of me.)
Well with Windows 10 Chrome is safer with AppContainer enabled. Security vs privacy. Code: chrome://flags/#enable-appcontainer
1- disabled what i can in Win10 settings 2- O&O shutup 10, disabled what i don't need 3- Adguard For Desktop , all stealth options activated 4- HMPA keylogging protection. 5- SecureFolders to "hide" some folders 6- Appguard to block access to some folders. 7- Veracrypt , created a Container 8- GpG4win, to encrypt files 9- Simple DNScrypt , for DNS encryption 10- SoftEther VPN Gate, for VPN Using Tor/L2P, Signal, protonmail for communication of sensitive datas; and some anti-prism tools i won't mention In case of "extreme" needs i load Linux Tails. I know all those are surely useless because i use Windows mostly
For me personally it performs much better than Firefox. Chrome is built on Chromium (which is open source) so users can use that instead of Chrome and disable all privacy related options. Here is a thread about Chromium release which I'm using: https://www.wilderssecurity.com/threads/chromium-privacy-focused-builds.389051/
Windows 10 LTSB BitLocker VeraCrypt for individual containers Firewall only grants network access to specific applications Hosts file http://someonewhocares.org/hosts/ VPN Firefox - NoScript, HTTPS everywhere, Ghostery MacOS FileVault 2 VeraCrypt for individual containers LittleSnitch Hosts file (link above) VPN Firefox - NoScript, HTTPS everywhere, Ghostery
Tho I understand ppl tend to add 'more, and even more' security/privacy addons it should be noted that adding addons itself can be both security and privacy risk even when it is security/privacy addon. Recent WoT fuss is just an another example, there've been other examples (sorry but lazy for search, but a problem on HTTPS Everywhere and past Chrome bypass abusing vulnerable extension may be interesting). Also if you care fingerprinting, only sure way is use separate VMs (or even separate PCs/OSes) w/ different profiles (and ofc IPs). There were long discussion about it and one persuasive opinion of that is if you hide too much, this itself is quite unique characteristics. I don't expect every fingerprinting to use simple Canvas technique only. BTW, BetterPrivacy is not needed unless you want individually manage LSOs and don't want to remove all browsing traces by firefox's own function.
I'd definitely agree with you if the user hasn't properly configured their system and if there aren't other mechanisms in place to mitigate fingerprinting via plugins and the like. I believe the No Resource URI Leak protects against this, correct[1]? Spoofing useragents and plugins on a per-session (or intra-session) cycle should offer a reasonable degree of protection, no? And wasn't WOT's hubbub centered around selling userdata? I don't really see how that has anything to do with browser fingerprinting, though I may be misinformed. What's this about HTTPS Everywhere, though? I've had some reservations with them and I'd be interested to learn more. Quick note on BetterPrivacy - Bearing the above in mind and conceding the greater attack surface, I would generally encourage redundancy. [1] See: https://addons.mozilla.org/en-US/firefox/addon/no-resource-uri-leak/
Smart thinking! I was doing it manually before coming across this add-on but the other references I had (including Mozilla's dedicated wiki...) were depressingly outdated. Your approach is clever; kudos! In light of @142395's comment, I created a thread with my configuration recommendations for the add-ons I mentioned - I'm still tweaking it but I've reduced my browser fingerprint drastically. Any input would be appreciated!
This is an outstanding post, but I take issue with this part. Ok, so you end up on a list- for what? Using Tor is not illegal. Wanting corporate and government interests to not have access to your IP is not illegal. If we allow them to control us for fear of ending up on some stupid watch list, self-censorship and compliance has already began. Its a shame we've let them influence us this way. The government does not have the right to know anything about its private citizens without a court-ordered warrant; if technologies that aim to conceal our identities or information result in a list, then the agencies responsible for that list are going too far. We cant stop using technologies because they try to suggest its "suspicious" or because we have "something to hide" about our purchasing habits/interests/etc- we need to use them more and more to give them less useful data, and to make a statement.
I'm in agreement with you; we can't stop using technologies because we're made to believe that they implicate suspicious or nefarious activity. Any chilling effect is one we have a responsibility to fight back against on principle alone. That said, bearing in mind that we're in a forum dedicated to preserving privacy (as opposed to debating its merit, which is a subject I presume we're all in agreement on), I'll tweak that line of thinking a little and ask you to reflect on why we should use any such technology. I'd argue that that's a function of its efficacy - and if a given technology isn't effective then we shouldn't be investing energy in it. Given TOR's Big Brother roots (much like SELinux), I hesitate to suggest that there's any redemption to be had and would argue that an alternate means to those ends need to be developed. Personally, I'm not exploring privacy technology because I want to tell the powers that be that I'm not down with how they're conducting business or with how far they're going - that's a given. They know people are perturbed and they don't care. I'll protest elsewhere and through other means. I'm exploring this area because I don't want to worry about being categorized, profiled, or placed into some bubble that some doofus at Google deigns appropriate. I'd love to bore them to death with my browser history and mundane pornography for sh!ts and giggles, but frankly it kills my buzz. I'm not interested in privacy technologies because I have anything of note to hide, nor am I trying to suggest that all TOR users are either - quite the contrary, in fact. I'm generally more worried by marketers and data aggregators than I am by spooks (an arbitrary distinction?), but I'm not trying to make my job any harder by inviting scrutiny either. As for self-censorship or compliance, that's precisely why I don't use it. I'm more worried about that while using TOR than not. I just don't have a use for it, frankly. There are better ways to fly under the radar and privacy is ultimately the name of the game. Right? Is any of the above fair? Nope. Reality? Yerp. P.S. I appreciate the kudos!
This is a fair point for sure- why should we have to hide crap when they shouldnt be collecting it in the first place? I agree. I am different than you in that I focus on the fact we dont know how or when our searches/data now will be used against us in the future. So, 15 years from now they could have made publicly available our data to... employers? Government? The public? It seems a good choice to me to not contribute to some database somewhere about all my interests and the contentious subjects I might research to prevent it being permanent public knowledge in the future. Again I agree I shouldnt have to do so, but we've already seen it progressively get worse and who knows how far it will go. I wanted to bring this part out alone. We already saw from the Snowden leaks that the NSA doesnt really have a reliable way to crack Tor. We do know here and there they and the FBI find holes/exploits from time to time, but cant consistently. In my case, I'm not doing anything illegal so I dont care if they crack me (even though I dont agree with their right to do so)- assuming most of the time they dont at least (if things get worse with collection) they wont have some massive file on all my web patterns. Of course, the only other possibility is that Snowden is actually some kind of trick- that is, he was told by the .gov to leak this data for the purpose of creating self-censorship and compliance in the population. Given his speeches, the random things he says, etc I dont think its the case but I dont know. Do you think this is so? You seem to have little faith in the technology. That said, I agree with SELinux. I havent personally the knowledge to understand how, but many more knowledgeable folks have stated that poorly written SELinux policies can actually introduce holes- I would assume the NSA knew all about various mistakes people would make? I agree- this is yet another reason I use Tor every so often. I dont use it all the time, though my VPN I use most of the time. I figure as long as I switch up IPs and browser configs and browsing times etc, I can cause enough trouble for websites/google/whoever from making a complete picture about me. I too care more about companies tracking me than I do about the .gov. Again, I am too more worried about marketers and data aggregators. That said, what better way is there to "fly under the radar" than to conceal your very IP address? The only other way I can see not popping up on their radar is self-censoring what you search for, assuming again you search for anything that could be considered "contentious." I agree its prolly not needed if you're just trying to break up a profile for advertisers...
Oh, trust me, that point isn't lost on me! The persistence of data on such a scale is an absolutely unprecedented concern that more people should be wary of. I'd hesitate to put that much confidence in Snowden's revelations. I'd also hesitate to discredit the ability of the NSA/FBI to do anything and everything they'd like to do; I'm of the opinion that if the gov't wants to get you, by hook or by crook they're going to get you. The asymmetry of resources is just too great - hoarding zero-days, legal influence over manufacturers, massive technological capacities/sophistication... Doesn't mean I'd like to make it any easier, though . It's certainly a possibility I wouldn't rule out, but I'm disinclined to go that far. He could very well be a plant or a "useful idiot", but I think the chilling effect would be more of a silver lining than the result of a plot; given the political fallout and that the interest in anonymization tech has only increased in the general population as a result of the leaks, I'd say the likelihood of it being a ploy is low. But hey, Uncle Sam definitely loves him some false flag ops; they could just be trying to smoke out people of interest and/or herd people into tech they exercise greater control over ¯\_(ツ)_/¯. Ay, there's the rub! Still working that out. You've got to go wayyy deeper than the browser, though. Like, flashing firmware on a custom machine, using a secure OS and building from source deep. I salivate at the thought of a day when I can truly place my confidence in a machine but I'm not even close yet. Speaking of, I'd love an extra set of eyes over here - I'm building a tutorial/wiki of sorts for this purpose and I'd be in your debt for any contributions. It's in its infancy but with any luck it'll take off in the near future. Some decent general resources that might be of interest: https://cpj.org/reports/2012/04/journalist-security-guide.php http://www.tcij.org/resources/handbooks/infosec https://www.shadowserver.org/wiki/
Windows 7 x64 uBlock Origin KB SSL Enforcer Sandboxie (delete all locally stored data when browser is closed) CCleaner DNSCrypt & OpenDNS Tunnello VPN (used occasionally) Keyscrambler encrypts all my keystrokes Hosts File + Peerblock with lots of lists that helps with privacy Spybot Anti-Beacon Windows 10 x64 I disable all privacy related options in settings uBlock Origin KB SSL Enforcer CCleaner DNSCrypt & OpenDNS Tunnello VPN (used occasionally) Hosts File + Peerblock with lots of lists that helps with privacy Spybot Anti-Beacon + O&O ShutUp10
I just opened the Privacy Settings extension in FF to see if anything had changed since updating to v50 and I noticed that browser.safebrowsing.enable was set to false. I hadn't disabled that so I checked Cyberfox and sure enough, it was disabled on it too. I then checked my other two machines and found the same thing on them. I don't know if the update to v50 caused this, whether the latest HitmanPro.Alert update caused it, or whether the latest Norton update caused it, but it seems highly unlikely either HMP.A or Norton would cause this. Norton does not even support Cyberfox. Anyone else notice this?
Rename browser.safebrowsing.enabled to browser.safebrowsing.phishing.enabled https://bugzilla.mozilla.org/show_bug.cgi?id=1025965 https://cat-in-136.github.io/tags.html#tag_pref diff
@Krusty: My pleasure. I'm glad some users are checking things. There are quite a few changes of interest in FF 50.
