=================
== stopsky.net ==
=================

Browser Security

security browser

Note: since this was originally published, Mozilla released an updated Terms of Use that appears to grant them a license to slurp your data into an AI, and removed key provisions formerly committing them to not selling your data.

See here for the dicussion. For now, I’m striking it out of recommendations in favor of one of its forks until the implications of this change are either fully clarified or reversed.

I’ve also been reminded that there are many reasons to think that Brave is not actually privacy-friendly, and there are others (political, governance that make it less attractive than I originally implied. So I’m striking it out of the recommendations.

Browsers are a common vector for attack and source of privacy loss, mostly because we spend a lot of time in them. There are also structural problems: most modern web apps depend on the ability to run code in the browser and there is a plugin and extension architecture and ecosystem to contend with.

Think about how this works: you have one program (the browser) you use to access lots of different services that ideally you’d like to keep separated (email, social media, banking, dating apps, online learning, video). You run third-party plugins that can have access to every window. Your browser might have access to passwords for all of these things.

You trust your browser to tell you when a connection is “secure”, that you’re not being excessively profiled by companies, that your individual apps can’t steal information from each other. It’s a lot to ask of a single program.

a drawing of a web browser user interface

image by Muhammad Rafizeldi, CC Attribution-Share Alike 4.0 Int

There are a lot of browsers available and they all make some claim to supporting privacy in various degrees. As with other technologies, having optimal security is a mix of tool choice, assessment of your particular concerns and your behavioral choices around usage. But there are some general mitigations that will potentially help anyone using a browser.

Easy & Cheap

Some mitigations are easy and cheap, so let’s start with:

Updating Your Browser

a drawing of a web browser user interface

Keeping your browser up-to-date is important, since updates will include the latest security fixes. Some browsers update automatically by default (e.g. Firefox); in most browsers, see “About->Help” or check for a guide similar to this one that includes your browser. If your browser doesn’t automatically update, see if you can reconfigure it so that it does.

Diversifying Your Browsers

It’s 2025 and some browsers are still better than others when it comes to security and privacy. While Chrome dominates the market, it is not the best choice for someone concerned about security, as it does extensive activity tracking out of the box, including FLoC, and is tightly coupled with the rest of the Google ecosystem. You could continue to use a mainstream browser for work (Chrome) and experiment with other browsers for different tasks. Here are some choices to add to your toolset:

  • Waterfox fork of Firefox; same configuration recommendations apply
  • TOR Browser based on Firefox, but more than just a browser as it incorporates onion routing for your traffic, enhancing privacy. As a browser it is also (at the time of this writing) somewhat better than standard Firefox at mitigating browser and device fingerprinting.
  • Firefox is a decent choice, as it’s open source and made and maintained by a 501(c)(3). It can be hardened for strong privacy with little effort (e.g. turn off telemetry, add uBlock origin, or use a hardened variant)
  • Others: I have not tested these but they have decent reputations around security and privacy: Brave (DQ’d upon further research) | LibreWolf | Mullvad

Switch Search Engines

Ever noticed that search engines suck more than ever? It’s been a slow degradation so you might not have even noticed. Even with the advent of “AI” chatbots, web search is still a fundamental tool you need when trying to work online. It used to be that we traded a bit of ad space for relevant search results. Monetizing good, relevant results with ads is how Google got their start. But if we’re not even getting good results anymore, why are we still paying them with our attention and insight into our searches?

affiliate link rates for different search engines

Bevendorff et al Is Google Getting Worse? A Longitudinal Investigation of SEO Spam in Search Engines. In Nazli Goharian et al., editors, Advances in Information Retrieval. 46th European Conference on IR Research (ECIR 2024), volume 14610 of Lecture Notes in Computer Science, pages 56–71, March 2024

You can switch to a privacy-forward search engine or aggregator. While they may not be much better in terms of search relevance, at least they purport not to track you:

You can always jump into Google or Bing if you feel like you’re getting good results, but anecdotally, I’ve not had any recent problems using DuckDuckGo as my default search in my browser, my desktop operating system, and my phone operating system, and I’m happy to have some assurance that my search behavior is not as easily tracked.

Hard Mode

There are some more involved changes you can make to improve browser privacy and security

Password Management & Sync

You have the option of using a third-party password sync tool. While most browsers will save site passwords and credit cards for you, there are several reasons this is not ideal

  • access to passwords is tied to a multi-purpose login/account
  • sync system tied to the specific browser
  • passwords stored in cloud of browser vendor
  • encryption strength varies

Using a third-party password management & sync tool solves most of these problems; self-hosting a tool solves all of them. Here is a (non-exhaustive) list of options that support browser extensions and self-hosting:

You can always start with a cloud option to get most of the benefit, if self-hosting doesn’t make sense for you. The hard part is migrating all your existing passwords out of your browser(s). The last step after migrating and cleaning passwords out of your browsers would be making sure your browsers stop prompting you for passwords.

Bookmark Management & Sync

You have the option of using a third-party bookmark sync tool.

This is especially useful if you use more than one brand of browser, or if you don’t want your browser vendor being in the business of managing your link collection any more than you want them knowing your browser history. This abstracts away additional details about your browsing habits and preferences.

Use an RSS/Feed Reader for Periodical Content

Use a self-hosted or trusted RSS/Atom feed system for periodical content aggregation. Why? Because alorithmic manipulation is a huge problem that you might not even realize you have. Algorithms affect how we interact with markets, news, information, and other people, and not always in ways that help us.

Everyone imagines themself to be a critical thinker. Most people are! But let’s be real: it’s hard to be switched on all the time; and we are all vulnerable to being manipulated in moments of weakness, fatigue, or burnout. A feed reader is a way for you to manage the bias and spin in your information in a premeditated way, so that when you are overcaffeinated and anxious, your info inputs can be better aligned to what you want for yourself when you’re in that state, not what profit-seekers want for you and from you. If you want more of the self-help angle see Escape the Algorithm!; if you like the anticapitalist angle see: You should be using an RSS reader.

diagram of marionette puppet hardpoints

Public Domain: US Patent 2,202,677: marionette design improvements by Stasys Ušinskas

Algorithms are not inherently bad. But for those situations where they are a net negative for your mental health or info hygiene, a reader can insulate you from the algorithm by letting you curate your own biases, experience and information intake. Is it a lot of work to set up? Sure. Is it worth it? I think so. Try it gradually!

Feed readers can manage a lot of different content: newspapers, magazines, blogs, podcasts, video, municipal announcements. They can be cross-cut by category and arranged in ways custom to your quotidian habits. And all while providing some isolation from the algorithmic nudges you get on content aggregation platforms like Spotify, Twitter, Youtube, Facebook, etc. The goal is to have much more control over what you see and when.

The hard part is moving from one mode of use:

jumping between big platforms and letting them curate for you in real time

to the new mode of use:

opening one reader and using your own choices, curated by you on your own time

You also have to do some work trimming your feeds and finding interesting things to add without the algorithm foisting them on you. But remaining in deliberate control is a good trade-off for most people.

Moving is mostly a one-time job and maintenance is very minimal. Some email clients have feed readers. There are also browser plugins. I prefer to host or use a separate web service, so that’s what I’m recommending; the below list of options is not exhaustive.

Hosted

Self-hosted

Review Your Extensions and Plugins

This recommendation deals with what is maybe the most risky part of the browser: Add-ons, extensions and plugins. These are super useful for adding functionality to your browser, but it is third-party code that introduces potential risk:

  • sometimes request more permissions than they need
  • are written by third-parties (usually not the professionals writing your browser)
  • can often access every site you visit
  • you rely on the author/provider of the extension to behave

Some plugin ecosystems have evolved to offer security oversight of available plugins, but the coverage and rigor of this oversight is inconstent across browser ecosystems. Mozilla provides a good general guide on reviewing your extensions. Google has a decent summary on evaluating Web Store reviews and quality control.

It would be wise to periodically review your installed add-ons/plugins/extensions to be sure that none of them are misconfigured, compromised, unnecessary, or otherwise undesirable, and prune the ones that you don’t want.

Tweak Your Browser Settings

I hesitated a bit to include this section because these kinds of recommendations quickly become obsolete. This is being written in February 2025; by the time you read this, some or all of this information may no longer be relevant or accurate.

EFF’s Cover Your Tracks tool provides a way for you to test your browser, tweak your settings, then test again to see how your changes affect your privacy profile.

  • Restrict 3rd-Party Cookies Browsers increasingly have saner defaults for this, but it’s worth confirming that third-party cookies are as restricted as you can stand. Cookie restrictions can break some site functionality, so it should be used with caution

  • Enable HTTPS-Only Mode Regardless of server config, this tells the browser to only use HTTPS. Some eavesdropping and fake content attacks rely on forcing a downgrade to plain HTTP; this is a fix. Some sites don’t offer HTTPS, so this setting will break them.

  • Disable Telemetry You might not want to send usage data to the browser vendor

  • Disable Autofill Pursuant to the recommendation to use a third-party password/card manager

  • Add Privacy Extensions Especially if you have a mainstream browser like Chrome uBlock origin | EFF Privacy Badger | Local CDN

  • Change Browser DNS Your browser often uses its own DNS settings, but you can switch to use a more privacy-minded source of domain name -> IP address lookup

Anything Else?

If I missed anything crucial or notable here, please let me know: mastodon | email