Categories
Resources

Web Browsers

You should use a secure browser that protects your privacy, and keep your personal data secure. Most browsers don’t come with all the bells and whistles to protect your privacy online.

Modern web browsers are complex programs with JavaScript and Browser engines — Apple, Google, and Mozilla have created their engines to render web pages:

CompaniesBrowser EngineJavaScript Engine
AppleWebKitJavaScriptCore
GoogleBlinkV8
MozillaGeckoSpiderMonkey
Different Browser Engines and JavaScript Engines.

Chromium is the open source browser project, powered by Blink and V8, that powers a huge host of browsers like Google Chrome, Microsoft Edge, Brave, Opera, etc.

Just like Chromium, there are browsers like Waterfox, GNU IceCat, Pale Moon, etc. that are powered by open source Mozilla Firefox, which uses Gecko and SpiderMonkey.

Your browser contains a lot of private information like:

  • Browsing and download history: all the web pages you have visited and things you have downloaded
  • Login credentials: all your usernames and passwords that are saved in the browser
  • Cookies and site data: files that contain your preferences, used to identify your browser on the websites
  • Cached images and files: images and files that are downloaded when you visit a website
  • Autofill information: all kinds of site data like names, addresses, emails, etc
  • Hosted app data: data from apps you’ve downloaded

All of this personal data combined with attacks from spyware, malware, cryptominers leaves your browser with a pretty large attack surface.

That’s not all — there are severe privacy and security exploits like browser fingerprinting, WebRTC leaks, WebGL based attacks. Your browser also sends lots of data voluntarily every time you visit a website, you can check all of that by going to DeviceInfo.me.

In this browser privacy and security guide, I’ll be covering pretty much everything you need to know to have a more private and secure browsing experience:

Table of Contents

  1. Browser Compartmentalization
  2. Browser Fingerprinting
  3. How to choose Secure and Private Web Browsers?
  4. Secure and Private Web Browsers
  5. Mozilla Firefox
  6. Brave Browser
  7. Tor Browser
  8. Alternative Browser Forks
  9. Issues with Popular Default Browsers
  10. Issues with Other Browsers
  11. Browser Add-ons for Privacy and Security
  12. Secure and Private Browsers for Phones
  13. Secure and Private Browsers Summary

Browser Compartmentalization

As already discussed in Firefox privacy and security guide, You should be using different browsers for different scenarios.

Compartmentalization is the key to taking control of your online identity.

I recommend using different browsers for online accounts and web browsing so that you can stay logged in without getting tracked online.

Here’s what i propose:

  • 1st Browser: preferably a Chromium-based Brave so that you can use things like Skype, Hangouts, and Google Earth for accessing online accounts like your Mail, Calendar, Social Media, etc
  • 2nd Browser: preferably Mozilla Firefox for general browsing where no cookies and history is being stored
  • 3rd Browser: preferably Tor Browser for extreme privacy and security.

You can also use Firefox Multi-Account Container along with User-Agent Switcher which lets you create different containers where websites in one container won’t be able to track you over to the next container and spoof your browser type and operating system.

Or, you can go all crazy and create virtual machines using Virtual Box or just use QubesOS.

Browser Fingerprinting

As already discussed in Firefox Privacy and Security Guide, before you choose a browser and tweak its settings or install an add-on, You should consider your browser’s fingerprint (or device’s fingerprint).

Device Fingerprinting or Browser Fingerprinting was initially developed for security purposes, is a tracking technique capable of identifying individual users based on their browser and device settings.

This is done in order for websites to display correctly, every time you visit a web page, your browser voluntarily sends information about its configuration like operating system, browser type, available fonts, screen resolution, language settings, add-ons and a lot more. These details essentially make up the ridges of your digital fingerprint.

Check out this post on Mozilla to learn more about browser fingerprinting. You can check for browser fingerprinting by visiting Panopticlick by Electronic Frontier Foundation.

The problem is that if this combination of information is unique, it will facilitate identification without any tracking tools like cookies.

The ironic aspect of this is that the more measures you take to avoid tracking, the more unique your browser fingerprint becomes.

More is not always better. You don’t need to use every add-on and tweak I am recommending here, the more you configure, the unique your browser fingerprint gets.

This is the reason why it is strongly discouraged to install new add-ons, or change settings on Tor browser as this will make your Tor Browser unique from others, and hence defeating the whole point of using Tor.

How to choose Secure and Private Web Browsers?

Here are a few things I look for while choosing browsers that provide utmost privacy and security:

  • Privacy practices: Look for browsers that have clear and easy-to-understand privacy policies. Check what data they collect and why? How well the browsers defend your personal data from getting leaked?
  • Security practices: Look for browsers that have built-in features to defend your browsing experience from attacks from hackers, malware, vulnerabilities, etc. Check how secure is the browser from cryptominers, and other online exploits?
  • Updates frequency: Look for browsers that are frequently updated with the latest security patches.
  • Business Model: The Business Model or Sources of revenue tells you a lot more about the Browser. Look for the ones that don’t rely on personal data collection.
  • Open Sourceness: Look for browsers that are open source. This allows anyone to look around the code to find vulnerabilities and privacy holes independently by experts today and in the future.

Secure and Private Browsers

Alright, here are my recommendations for the most secure and private web browsers:

Mozilla Firefox

Firefox is a fantastic web browser from Mozilla that checks all the boxes of privacy, security, updates, and open sourceness.

It can be easily customized, comes with lots of strong privacy features, gets frequent updates and is completely open source.

I recommend following this Firefox privacy guide to get the most hardened state of privacy and security on Firefox.

Firefox comes with Enhanced Tracking Protection with three levels: Standard, Strict and Custom.

Mozilla Firefox's Built-in Enhanced Tracking Protection
Mozilla Firefox’s Built-in Enhanced Tracking Protection

Firefox supports tons of great browser extensions and add-ons, there is a Recommended Extensions Program which lists all the safest, highest quality extensions.

There are numerous privacy and security features that Mozilla has baked into the browser like DNS over HTTPS, multi-account containers, etc.

Why Firefox is great for Privacy and Security:

  • Powered by Mozilla — a non-profit dedicated to open and healthy internet.
  • Open source code that has been audited by third parties
  • Frequent security patches and updates
  • Highly customizable for better privacy
  • Awesome developer tools
  • New privacy features like DNS over HTTPS, Multi-Account containers, Firefox Lockwise, etc.
  • Abundance of great add-ons
  • Privacy-focussed version — Firefox Focus for Android and iOS.

Check out this Firefox privacy guide for privacy customizations.

Brave Browser

Brave is the best chromium-based browser that is fast, open source and comes preconfigured with all the best privacy, and security settings.

It is created by Brendan Eich, co-founder of Mozilla project. Brave blocks all kinds of ads and trackers, and has built-in protection against browser fingerprinting.

Brave browser’s built-in protection by Brave Shields.
Brave browser’s built-in protection by Brave Shields

Brave works flawlessly on websites like Google Earth, Hangouts, Skype online, etc as it is powered by chromium, instead of Blink engine of Firefox. There is a Private browsing option with Tor that will give you even better privacy.

Why Brave is great for Privacy and Security:

  • Based on Chromium open source project
  • Built-in ad and scripts blocker
  • Protection against Fingerprinting
  • Enhanced Private browsing with Tor
  • Secure enhancement to HTTPS using HTTPS Everywhere
  • Abundance of great add-ons thanks to chromium
  • Option to help your creators with Brave Rewards

Brave gives you options to support your favorite publishers with Brave Rewards, or get compensated for paying attention to Brave Ads.

Both Brave Rewards and Brave Ads are completely voluntary. You can use one, the other, both, or neither.

Tor Browser

Tor Browser is epitome of privacy and security online. It is a hardened version of Firefox, designed to run on the Tor Network — modified to provide you extreme privacy and security.

Since all other Tor Browsers have the same secure configuration, it will help prevent browser fingerprinting.

Tor Browser'built-in protection for Privacy, Security, and Anonymity Online.
Tor Browser’built-in protection for Privacy, Security, and Anonymity Online.

Tor browser routes your internet traffic over three different secure hops — this helps protect your privacy, and make you anonymous. Your download speed will suffer due to multiple hops, but overall browsing won’t be that much slower.

Why Tor Browser is great for Privacy and Security:

  • Backed by Tor Project — a non-profit committed to advance human rights and freedoms.
  • Powered by hardened version of open source Firefox
  • Built-in ad and tracking protection
  • Protection against Fingerprinting
  • Defense against surveillance by multi-layered encryption
  • Preinstalled with HTTPS Everywhere and No Script Security Suite.

Tor Browser comes preinstalled with two of the most recommended plugins — HTTPS Everywhere and No Script Security Suite.

HTTPS Everywhere upgrades your HTTP connections to HTTPS wherever it is possible, and No Script protects you against XSS, cross-zone DNS rebinding / CSRF attacks, and Clickjacking attempts.

You can also run Tor Browser without connecting to the Tor Network — this will get you a pretty secure browser, without the bottlenecks of multiple hops. I don’t recommend it, but if you are interested you can find multiple sources.

Alternative Browser Forks

There are lots of alternative browser forks from both Chromium and Firefox that focus on speed, privacy, security, customizations, ease-of-use, etc — thanks to the open sourceness.

I don’t recommend using alternative browser forks for most people because of these issues:

  • Most of the alternative browser forks aren’t well maintained as they have small team of developers, which is an issue as they can get fixes for components that are still shared by both codebases.
  • A lot of the browser forks don’t auto-update, and some that support auto-update usually lag behind the proper browser, which is a concern with regard to security updates.
  • Stability is a common concern in most of the alternative browser forks due to the reasons mentioned above, some forks lack functionality like syncing, extensions support, etc.

You may also find hassles in doing regular stuff like installing extensions, updating them, broken websites, crashes, etc. In the end, it’s all about trust, and I just can’t trust such a browser with my financial and personal data.

I am not telling you that all browser forks are the same and bad, there are great alternative forks like the Tor browser and Brave browser — they are quick to fix bugs and have dedicated development teams.

Alright, with all of that out of the way, here are some wonderful alternative browser forks, if you are interested in trying them out:

Ungoogled Chromium Browser

Ungoogled chromium browser as the name suggests is basically raw chromium without google web services and binaries.

ungoogled-chromium is Google Chromium, sans dependency on Google web services.

ungoogled-chromium retains the default Chromium experience as closely as possible. Unlike other chromium forks that have their own visions of a web browser, ungoogled-chromium is essentially a drop-in replacement for Chromium.

ungoogled-chromium features tweaks to enhance privacy, control, and transparency. However, almost all of these features must be manually activated or enabled.

Objectives of ungoogled-chromium

It is basically open source chrome without the privacy issues that comes with it.

Iridium Browser

Iridium browser is a very popular choice among privacy enthusiasts. It is a chromium-based browser, developed by German developers, NETitwork GmbH.

The primary focus of Iridium are Speed, Privacy, and Ease of Use:

Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers.

Overview of Iridium browser

Iridium is an open source chromium modified with better security, privacy, networking and other enhancements, it comes with lots of google services disabled. You can check out how iridium compares with chromium here.

GNU IceCat Browser

GNU IceCat or IceWeasel is an open source rebranded Firefox by GNU free software project.

It gets all the updates just like Firefox, and comes with a lot of security and privacy features like warnings about URL redirection, blocking of non-trivial JavaScript, etc.

Here are some of privacy protection features:

  • LibreJS: blocks nontrivial JavaScript
  • HTTPS-Everywhere: encrypts your communications
  • SpyBlock: blocks privacy trackers
  • AboutIceCat: custom “about:icecat” page with links and information about free software and privacy features of IceCat
  • Fingerprinting countermeasures

It is a great alternative for people who want to use Firefox but without their trademarked artworks, and get privacy and security features too.

PaleMoon Browser

PaleMoon is another firefox fork with the focus on customizability, with the motto: “Your browser, Your way”

Pale Moon offers you a browsing experience in a browser completely built from its own, independently developed source that has been forked off from Firefox/Mozilla code a number of years ago, with carefully selected features and optimizations to improve the browser’s stability and user experience, while offering full customization and a growing collection of extensions and themes to make the browser truly your own.

About PaleMoon Browser

It continues to be highly customizable and has a bit outdated interface from Firefox version 4-28 era. PaleMoon also continued support for XUL, XPCOM, and NPAPI add-ons.

Vivaldi Browser

Vivaldi is another chromium-based partially open source browser, founded by co-founder of Opera software.

It has lots of features like tab management, mouse and keyboard shortcuts, built-in tools like notes, Image properties along with added protection from ads and trackers.

However, the way it determines active users seems concerning to me:

When you install Vivaldi browser (“Vivaldi”), each installation profile is assigned a unique user ID that is stored on your computer. Vivaldi will send a message using HTTPS directly to our servers located in Iceland every 24 hours containing this ID, version, cpu architecture, screen resolution and time since last message. We anonymize the IP address of Vivaldi users by removing the last octet of the IP address from your Vivaldi client then we store the resolved approximate location after using a local geoip lookup. The purpose of this collection is to determine the total number of active users and their geographical distribution.

Vivaldi Privacy Policy

Issues with Popular Default Browsers

You must be wondering why isn’t your default browser is in the list of recommended browsers above. Here are all the reasons why I don’t recommend using browsers other than the ones mentioned above.

Google Chrome Browser

Google Chrome is the most popular browser on the planet, it is pretty secure, and is based on open source chromium project.

But, Google Chrome is a data hogger — It collects vast amounts of personal data like your browsing history, search queries, etc to profile you and serve personalized ads.

Chrome is so bad for your privacy that it has been dubbed as spy software, if you really need to use a chromium-based browser, I would recommend using Brave browser.

Microsoft Edge Browser

Microsoft Edge is a new chromium-based browser developed by Microsoft, it is pretty secure and has some built-in protection against malicious trackers.

And, You may think that Microsoft doesn’t make a lot of money by selling ads so it won’t be tracking you — well, you’d be wrong.

A recent study by Professor Douglas J Leith, Trinity College, Ireland revealed that:

From a privacy perspective Microsoft Edge and Yandex are qualitatively different from the other browsers studied. Both send persistent identifiers than can be used to link requests (and associated IP address/location) to back end servers. Edge also sends the hardware UUID of the device to Microsoft and Yandex similarly transmits a hashed hardware identifier to back end servers.

Douglas J Leith in Web Browser Privacy: What Do Browsers SayWhen They Phone Home?

Edge is better than Chrome but not good enough for your privacy.

Apple Safari Browser

Safari is the default browser form Macs, iPhones, and iPads which claims to be secure and privacy friendly with things like “Intelligent Tracking Prevention”, “Sandboxing”, “Fingerprint defense”, and others.

Apple is considered one of the most private and secure companies, but the sad reality is that it is “equally bad if not worse”, when it comes to your privacy and security.

Safari reportedly stored “deleted” browsing history going back more than a year, found collecting data even in private mode.

recent paper published by Google researchers found numerous flaws in Safari’s Intelligent Tracking Prevention.

iOS Security is f**ked”, said the CEO of Zerodium, a cybersecurity firm that has dropped their prices for bugs in Safari RCE, iOS LPE, or sandbox escapes due to large number of these submissions.

Issues with Other Browsers

Alright, so I’ve covered all the recommended browsers, alternative browser forks, and issues with your default browser. Now, these are some of malicious browsers that aren’t recommended:

Opera Browser

Opera was a wonderful browser, from Norway that initially worked on Presto engine and later moved to Chromium.

But, it has been sold to a Chinese consortium in 2016 for $600 million, this changed Opera’s stand on privacy.

Opera now collects lots of personal data as stated in their privacy policy, there is a free VPN service included which is equally bad — it is basically a proxy that collects user data for targeted ads and promotions.

Comodo Browsers

Comodo is cybersecurity company based in US, that has two browsers — based on Chrome and Firefox.

Comodo Dragon is the freeware based on chromium, which is available in 32-bit only.

During installation, it gives you the option to choose Comodo DNS, and comes with a bunch of add-ons like online security, HTTPS enforcement, etc.

Comodo Dragon asking for switch to Comodo SecureDNS
Comodo Dragon asking for switch to Comodo SecureDNS

Comodo Icedragon is the freeware browser based on Firefox, which does have a 64-bit version available but the homepage still says it isn’t.

Just like dragon, it also comes with add-ons like online security, HTTPS enforcement, media downloader, etc

There has been a serious security issue where comodo dragon was found disabling the same origin policy, hijacking DNS settings, replacing shortcuts with Chromodo links, and more by Google.

Both of the browsers claim to be better than Chrome and Firefox, which may not be the case. But all modern browsers come with safe browsing built-in which will protect you with most of the malicious websites.

I don’t think it is in any way better than using ungoogled chrome or Pale Moon if you are looking for an alternative as there is very little information available about the browser.

One more thing, I couldn’t find source-code of these browsers. You are better off sticking to Firefox or Brave as they also seemed a bit dated.

Epic Browser

Epic is a privacy-centric, chromium-based, closed-source browser, developed by Hidden Reflex.

They claimed it was open source but never revealed the source code, and cited vague issues and reasons since 2014.

Epic comes with a VPN which is basically a proxy routing your traffic through a US proxy server, just like Opera browser designed to collect your personal data.

They also seem to collect personal data:

We do not collect nor store nor share any personal or browsing data from the Epic Browser or usage of it. Except for the video download and proxy services which are web services, the only data that is transferred either to or from your system to our servers are updates of the Epic Privacy Browser.

Epic Browser Privacy Policy

Not recommended, It is not open source and is just plain awful in terms of privacy and transparency.

Waterfox Browser

Waterfox is another open-source fork of Firefox intended to be speedy, and ethical, and maintain support for legacy extensions.

But, it has been sold secretly to System1, a pay-per-click ad company that “has developed a pre-targeting platform that identifies and unlocks consumer intent across channels including social, native, email, search, market research and lead generation rather than relying solely on what consumers enter into search boxes”.

System1 also acquired Startpage, the private search engine. I am not recommending a browser or a search engine owned by an ad-tech company.

SRWare Iron Browser

SRWare Iron is a closed-source chromium-based browser, developed by SRWare a German company, with the aim to eliminate usage tracking and other privacy-compromising functionalities.

But, Iron was found to not provide any extra privacy compared to chromium after proper settings are altered in the latter, and has been dubbed as scamware.

Browser Add-ons for Privacy and Security

There are lots of great add-ons that would do wonders to your privacy and security when used with a secure browser, like the ones recommended in this post.

Here are all the privacy and security add-ons that I recommend:

  • uBlock Origin: It is a wide-spectrum blocker which blocks all kinds of ads, trackers and malware sites.
  • HTTPS Everywhere: An add-on by EFF that upgrades HTTP connections to HTTPS wherever it is possible.
  • Decentraleyes: It emulates CDNs locally hence preventing tracking via Content Delivery Networks.
  • Cookie AutoDelete: It automatically deletes any tracking cookies that are not needed.
  • Privacy Badger: Another add-on by EFF that blocks “Invisible Trackers” by analyzing tracker or ads that violate the principle of user consent.
  • ClearURLs: It removes tracking elements from URLs to help protect your privacy when browse through the Internet.
  • User-Agent Switcher and Manager: It lets you spoof your browser type and operating system.
  • Firefox Multi-Account Containers: This add-on helps you isolate your work, shopping or personal browsing.
  • uMatrix: It gives you ability to filter net request according to source, destination and type, but needs proper configuration.
  • NoScript Security Suite: A Script Blocker that lets you choose which scripts to run, but needs proper configuration.

Check out this updated post with best add-ons for privacy and security.

Don’t install any third-party add-on without doing your research as they may be a spyware and can help make your browser’s fingerprint unique, hence facilitating tracking.

Secure and Private Browsers for Phones

All three of the recommended browsers: Firefox, Brave, and Tor are also available on both Android, and iOS.

Here are some other browsers you may be interested in:

Firefox Focus

A privacy-focussed browser by Mozilla for both iOS and Android, that erases your history after you are done browsing and blocks ads, and trackers.

DuckDuckGo Privacy Browser

An open source browser for both Android, and iOS that has built-in ad and tracker blocking and utilizes ToS;DR to rate the privacy policies of the sites you visit.

Onion Browser

A free and open source version of Tor Browser for iOS, developed by Mike Tigas.

Bromite

A Chromium-based browser for Android with privacy and security enhancements, built-in adblocking and DNS over HTTPS support.

Orbot

A free and open source app that lets you connect to Tor Network, providing privacy and anonymity on the Internet for Android.

Secure & Private Browsers

A secure browser with recommended privacy settings and add-ons is a necessity for a private and secure web experience, and protection of your personal data from preying eyes. I hope you enjoyed reading about these privacy and security tools.

That’s all Folks!

I will be updating this page frequently with more privacy and security tools and information. You can check out Firefox privacy and security guide for more information.

Do let me know of any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!

Leave a Reply

Your email address will not be published. Required fields are marked *