I recommend a password manager. I prefer Bitwarden. I also use Multi-account Containers to separate cookies in different domains, although Mozilla continues to bake more of that into Firefox itself.
I gave up on Decentraleyes and PrivacyBadger as mostly redundant.
I do know there’s a bit of an issue in that more add-ons often contribute to a more unique browser fingerprint.
I personally don’t use a password manager add-on, though I do make use of the Secrets app in GNOME.
I just figured this forum probably has people who are much more experienced/educated in these matters than I, so getting some opinions would be nice. Obviously I’ve tried Internet searches as well, but a lot of the resulting articles don’t actually seem that trustworthy
Yep, that’s a concern too. Which one (or maybe two) of these mentioned are most essential? I generally go for uBlock and maybe one or two more, but the fingerprinting issue is really annoying. Supposedly LibreWolf tries to fight that stuff, but for all I know using LibreWolf fingerprints you better because it’s rare…
It’s not like I’m SUPER concerned about being tracked but even taking reasonable measures to discourage these jerks is an unknown.
For a password manager you don’t need an extension, it’s a bit less convenient maybe to use say KeePassX (standalone app), but extensions have their own issues.
I also use addons to redirect common websites to privacy-respecting frontends, like Nitterify, which redirects Twitter links. I use https://addons.mozilla.org/en-US/firefox/addon/redirector/, which can handle any URL pattern you want. I have it set for Imgur as well. Besides those, I use NoScript; although it’s sometimes a pain, the difference it makes for news websites is night and day.
Me too. By “secrets app” did you mean “Passwords and Keys” aka seahorse
? Anyway, I use seahorse
You can of course use Firefox itself as your password manager. However, if it’s the same as Thunderbird, the encryption technology used by Firefox is well short of best practice. Maybe OK for casual web sites like random forums but maybe not OK for internet banking.
For frequently used web sites, I find that wetware works as well as software.
This is the program I was talking about
Might want to avoid this one:
I actually had that plugin installed on a browser used for junk stuff. As soon as that was announced, uninstalled.
Avast LOL no thanks… I mean what possible reason do they have to “buy” a plugin like that? You know something bad is coming, just like when practically any “leader” these days opens their mouth.
That is not one I had used before, but good to know to avoid it in the future.
CanvasBlocker might help with fingerprinting: https://github.com/kkapsner/CanvasBlocker/
I’m surprised nobody has mentioned HTTPSeverywhere: https://www.eff.org/https-everywhere
I also use:
- Location Guard: https://github.com/chatziko/location-guard
- UserAgent Switcher: https://gitlab.com/ntninja/user-agent-switcher
I also find these handy:
- Redirector: http://einaregilsson.com/redirector/
- FastForward: https://fastforward.team/
There’s a setting in Firefox to force https connections.
To be more explicit, Settings / Privacy & Security
scroll right down to the bottom
HTTPS-Only Mode
You can also make specific persistent exceptions if there are some slack web sites that you use frequently and which don’t support HTTPS.
For casual browsing I use Tor Browser. For everything else I use FireFox with
the arkenfox user.js
(refer to https://github.com/arkenfox/user.js). Based
on the recommendations from the arkenfox wiki
(https://github.com/arkenfox/user.js/wiki), I am using the following extensions:
-
uBlock Origin
, to block adds, tracking, and javascript -
Smart Referer
, to sanitize referer information -
Skip Redirect
, to skip intermediary pages -
True Sight
, reveals CDN usage of web pages -
Behave!
, monitors pages for suspicious mischief
Additional extensions:
-
KeePassXC-Browser
, (autofill passwords from KeePassXC, to keep them off the system clipboard.) -
Pinboard WebExtension
, cuz I love me my bookmarks SimpleLogin:Receive & Send emails anonymously
Regarding arkenfox user.js
:
The
arkenfox user.js
is a template which aims to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage (but it will happen).
LibRedirect
or Privacy Redirect
, to automatically re-route links from privacy-invasive sites to more privacy-friendly, less resource-sucking sites, i.e. invidious instead of youtube, nitter instead of twitter, teddit instead of reddit.
Font Contrast
to help make sites readable by humans, used in conjunction with Firefox’s Font controls.* (NoSquint
isn’t working too well these days, so I can’t recommend it.)
*TIP: In FF settings, uncheck “Allow pages to choose their own fonts” and change the default DejaVu fonts to something else if you want to make sure you never again see that wispy, faint, spider-web-thin font that many sites seem to think is so cool, aka DejaVu Sans ExtraLight.
Oh, and Custom Scrollbars
in conjunction with a little CSS magic.
My curiosity: being L5 built with focus on privacy and security, all those mentioned extensions should be not necessary using default browser, right?
It’s like purism browser already has inside itself all privacy and security extractions
The built-in Librem 5 browser does have some baked-in features like adblock and some tracking protection, but it is not as advanced a browser as Firefox, and so if you are really concerned with privacy and security, then I would recommend using something like Tor or Firefox with the Arkenfox tweaks mentioned above.
The L5 browser is just GNOME Web/Epiphany:
https://wiki.gnome.org/Apps/Web
It aims to strike a balance between simplicity and usability for an average user and the privacy/security generally expected from the open source community.
Latest version of upstream epiphany has initial support for extensions. So it will be still take some time but extension support is in the upstream developers roadmap.
Oh, that’s very interesting news! I’ll need to pay more attention to Epiphany’s development
I couldn’t find my stalker-blockers in any post here so I’ll add Canvas Fingerprint blockers. There are 5, CPU, APU, GPU, WebGL, and TXT. The anti-canvas fingerprint programs are capable of replying to the peep with a false canvas fingerprint. (CFP)
For our online Polls,we record the visitor’s IP and CPU and make a 64 character hash that is stored. If the same device wants to vote twice, they can’t. Cookies would work too, but they can easily be deleted to re-vote as often as they want. The fingerprint helps to prevent cheaters. Those using any or all three anti-CFP would only vote once.
Yes, there are ways around each one, but those are much more difficult, and not worth the time, to bother with.
This post assumes you realize this is just for small websites, not the kind of system used for elections in the U.S.
In response to the question, I use
- Ublock Origin 1 and Extra,
- Awesome Cookie Manager
- Disconnect
- 5 Canvas FingerPrint back-at-em
- NoEval.Privacy Badger
- Disallow custom search engines.
- Privacy Badger
Oh yes, and my tinfoil hat.
~f
I use Firefox Multi-Account Containers to help stop tracking cookies across websites.