this post was submitted on 06 Oct 2023
164 points (93.6% liked)

Privacy

32120 readers
514 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Warning to all Brave Browser Users

Blocking variations.brave.com which is used for A/B testing could potentially break Brave's functionalities. For me did Brave's "forgetful browsing" feature broke which seems to be disabled by default if you block this domain.

#brave #bravebrowser #privacy @privacy @privacyguides

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 108 points 1 year ago (5 children)

Anyoneserioius about privacy should not be using a chromium browser, and should definitely not be using brave.

[–] [email protected] 54 points 1 year ago (4 children)

Firefox is safer and tbh, has probably the best UX and aesthetics out of anyone. Brave is garbage.

[–] [email protected] 27 points 1 year ago (2 children)

For incognito browsing I recommend Librewolf, a firefox fork. If you want anything more secure, you should start looking into tor

[–] [email protected] 9 points 1 year ago (1 children)

Why is librewolf superior to our of the box Firefox? Or mullvad browser for that matter?

[–] [email protected] 12 points 1 year ago

It has included some privacy measures to resist fingerprinting like letterboxing and has more privacy focused search engines as default like searx. Also it takes out some firefox utilities like pocket which I don't really use

As for Mullwav browser I'm not really sure, it seems to be another reinforced firefox like librewolf

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (3 children)
[–] [email protected] 2 points 1 year ago

Btw, here is a detailed, technical review. It is in German, but with transtae and all the code, it should be understandable.

TLDR: It's good.

[–] [email protected] 1 points 1 year ago

i prefer to use librewolf as my everyday browser, while using mullvad as my browser for other things that dont require tor i like to keep things separated, personally

[–] [email protected] 1 points 1 year ago

I'm not really sure, I haven't used it. In fairness, I only use librewolf for incognito searches, not as a daily driver

[–] [email protected] 3 points 1 year ago (2 children)

As a Firefox user, the only thing Brave does that I wish Firefox would copy is their fingerprinting resistance. I know Firefox does have fingerprinting resistance but it's nowhere near the same level as Brave.

[–] [email protected] 4 points 1 year ago

Use privacy badger extension

[–] [email protected] 2 points 1 year ago (1 children)

No. Firefox with RFP, Arkenfox user.js, Librewolf or Tor-Browser unifies your fingerprint. Its universal among users. Brave scrambles it, while some may say that is actually not a real fingerprint and can be detected, making you stand out extremely

[–] [email protected] 2 points 1 year ago (2 children)

Just to be clear, are you saying Firefox with fingerprinting resistance used in conjunction with Arkenfox user.js provides fingerprint unification, similar to what Tor browser does? I'll have to check that out.

I think both approaches are valid tbh. Having a unique fingerprint obviously uniquely identified you, but if it's randomised then your browsing sessions can't (in theory) be linked.

[–] [email protected] 2 points 1 year ago (2 children)

Yes. Arkenfox to my knowledge is 1:1 Tor configs. Librewolf is similar to arkenfox, no real differences afaik.

For regular browsing though, this means that everything is always deleted. So if you may change some configs, you mayyy be fingerprintable.

Good thing though, different from Tor-Browser is, that it deletes everything without using the private browsing mode. This means, that it has way more capabilities, and saving session for example has no fingerprinting effect really, as favicons and cache can be cleared.

The problem with randomized UserAgent is afaik, that in firefox it cant really fake a complete, real browser, fonts and all. So it would be very nice 90% of the time, but big tracking sites would know exactly who you are

[–] [email protected] 1 points 1 year ago

I'll look into this. Thank you for the information.

[–] [email protected] 1 points 1 year ago (1 children)

So if you may change some configs, you mayyy be fingerprintable.

You are fingerprintable either way unless you go all out. Going full on Arkenfox/Librewolf mode (with all settings enabled that decrease convenience) you can at most fool naive fingerprinting. For the more advanced one you need Tor.

And even for naive fingerprinting, unless you use Tor or a VPN (which you would have to trust) your IP alone + the fact that you use FF (which a few % of people worldwide do) along with some other basic info about your PC will make you very unique.

[–] [email protected] 1 points 1 year ago

A good VPN is a must of course.

[–] [email protected] -2 points 1 year ago (1 children)

The Chameleon extension could solve some of the fingerprinting issues as it can randomize the browser and OS info that is sent.

[–] [email protected] 2 points 1 year ago

If anyone who downvotes wants to jump in and explain why instead of doing drive-bys that would be appreciated. I don't see any reason why this browser extension wouldn't be an effective tool if it does what it says.

[–] [email protected] 2 points 1 year ago (1 children)
[–] [email protected] 7 points 1 year ago (1 children)

Brave is just a shill for Google mothership. Firefox is leading privacy and security through browsers.

[–] [email protected] 4 points 1 year ago (1 children)

Firefox has a weaker sandbox than chromium and less mature site isolation and therefore has lower security. privacy is a different story, but remember you're only as private as you are secure so Firefox is inherently not that private assuming a malicious site escapes the sandbox.

I'm fully against chrome's growing monopoly as well as Google surveillance capitalism but let's not be so dramatic with the "google mother ship" nonsense.

using chromium as a base does not equal data being sent back to Google, just like using Android as a base doesn't inherently send data back to Google.

[–] [email protected] -5 points 1 year ago (1 children)

Source: madaidan

Anything you say is as informative and coherent as a baby's babble, if you believe him or any of the closed source shilling "security zealots" in FOSS community.

[–] [email protected] 2 points 1 year ago

what the fuck are you even talking about my guy? do I have to say "oh I use Firefox btw" for you to decide to not be a brick wall?

[–] [email protected] -1 points 1 year ago

i disagree ahola looks better but i still use iceraven on my phone and firefox on pc

[–] [email protected] 8 points 1 year ago (3 children)

I disagree. Firefox is fine, but saying chromium is spyware because its primarily maintained by google is like saying android is spyware.

Additionally chromium browsers are arguably more secure than Firefox, and has more advanced sand boxing. So much so that graphine OS used chromium instead of Firefox for their vanadium browser.

Only thing I agree with is not using brave.. Cause well.. They fishy.

[–] [email protected] 12 points 1 year ago* (last edited 1 year ago) (4 children)
[–] [email protected] 4 points 1 year ago

Those who don't know about it go and read GNU replicantOS blog and wikipedia page

[–] [email protected] 3 points 1 year ago (1 children)

Android is not a single OS (?)

[–] [email protected] 2 points 1 year ago (1 children)

It is. Custom roms modify very little of the code and they are all based on aosp(it is open source but google controlls the changes). The whole point of aosp is to create the illusion of choice but if you really want to avoid using google spyware you have to give up on most apps or go to extreme lenghts to use an alternative. The grapheneos project is really cool and usefull but it only patches the inherent (intended)problems of android and doesnt provide a real solution.

[–] [email protected] 1 points 1 year ago

I'm unsure you have any idea what you're talking about.

[–] [email protected] 1 points 1 year ago (1 children)

And I'm sure you only use twofish because the NSA backdoored AES when they standardized it.

[–] [email protected] 5 points 1 year ago (1 children)

what does it have to do with Google's business model being mass-surveillance, and/or them being caught several times collaborating with the NSA, the US army, etc.?

I agree that the NSA backdooring stuff is a problem too... (or even a different facet of the same problem...) Yet, one doesn't invalidate the other...

[–] [email protected] 2 points 1 year ago (1 children)

I'm just saying that collaboration with or association with spooks or glowies isn't in itself a red flag.

Many privacy and freedom granting software is made by these people.

Take Tor for example, made by the navy to hide information from the public and anonymously attack networks of adversaries.. Yet now is the NSA's biggest obstacle in mass surveillance.

[–] [email protected] 3 points 1 year ago

I beg to disagree: the global interception capacities of the NSA in 2012 (as showed in the very few 2013 documents from Ed. Snowden that were made public) clearly were enough to routinely de-anonymize tor. By owning a certain percentage of the global internet traffic, you de facto own tor (can very precisely correlate what comes in and what goes out, and do that retrospectively when needed).

and that was 10+ years aog....

Association with spooks is a red flag, for the multiple, endless ways they have been doing their shitfuckery, endangering the general public, the exceptional US citizens, and information/communication security at large... by weakening standards, by corrupting corporations to introduce (or leave open) some bugs, by infiltrating development teams, by pressuring operators to grant full access, by breaking and entering, etc..

Anyone who doesnt see that as a problem has to be considered as part of it. Simple, basic rule.

[–] [email protected] -3 points 1 year ago

...no? AOSP is very well free of Google code, and if Android is spyware, then Linux might as well be spyware, going by this logic. And even with GMS installed phones, it is very easy to disable and neuter GMS with a computer and 15 minutes of time. At best, Android has Google DNS as default unless you set a different one in Private DNS or with your firewall, which is also true for systemd's network checks in Linux distros.

Western corporations working on collaborative FOSS products cannot be treated in the same way as closed source products. Any analysis of type of malware capabilities must be based on technical merit analysis, and not feelings, even if Western Big Tech does disgusting things.

[–] [email protected] 2 points 1 year ago

I truly appreciate the perspective of this post. I would like to switch fully to Firefox and support the cause. Unfortunately I have a PWA addiction and that is the only thing keeping me living my shameful hybrid browser life.

Is it a weak reason? Probably. But it's an honest one. If Mozilla hopped on PWAs, I'd be totally fine bouncing from Brave and joining the Chromium rebellion.

[–] [email protected] -1 points 1 year ago (2 children)

But they’re the only ones blocking ads on YouTube for iOS 😞

[–] [email protected] 4 points 1 year ago

You can add something like AltStore to an unjailbroken iPhone and sideload a YouTube app with adblock built in.

[–] [email protected] 4 points 1 year ago (1 children)

The only reason I still use it. I like Orion but it’s not quite there yet. Not really sure what other iOS alternatives there are to chose from.

[–] [email protected] 1 points 1 year ago

YouTube ads are served on the same server as the video.. So they would have to filter it through one of their servers and block the elements and stream it to you.

So if you're using them for privacy.. you better trust them a lot because they would have equivalent info as google.

[–] [email protected] -1 points 1 year ago

Ungoogled Chromium would be an exception in my book. I am pretty principled.