So, I have always just used one browser, Firefox, with javascript and cookies turned off and whitelisted sites that I needed to use that required javascript or cookies or both to actually work.
My threat model isn’t the tightest and could best be described as “I don’t see why they should have my data if I am blocking the ads they use it to try to deliver to me”. This browser setup coupled with tracking blocking at the DNS level has made me feel comfortable that while some of my data is being collected I am stopping most of the collection.
With the advance of fingerprinting and the recent change of a certain browser’s terms of use it is probably time to review this setup.
I believe that it is usually advisable to use two different browsers. One where you are identifying yourself by logging in and one where you are just browsing. As logging into sites usually involves javascript and cookies I was going to use Librewolf with javascript and cookies turned off for general browsing and Mullvad browser as it comes for sites that require javascript and cookies.
I feel as though I have read a thousand discussions on this subject over the years so I apologise. Does anyone have any suggestions for a more private setup browser-wise? Tracking blocking at DNS level will continue and I’m on debian-based linux.
Thanks for any help in advance.
Have you tried LibreWolf ?
Does anyone have any suggestions for a more private setup browser-wise? Tracking blocking at DNS level will continue and I’m on debian-based linux.
My worries sound similar to yours but my approach is a bit different.
- I switched from Mac to Linux (Arch, then Debian and for the last 4 years, Mint).
- I use EU services as much as I can instead of the US ones.
- I do block as much tracking and ad crap as I can. Still use javascript on a few sites.
- I use different browsers for different activities.
But I also consider this a lost cause. Sadly.
- I consider anything I do online (read, write, watch, listen to,…) is at risk of being tracked, and exploited, mined or whatever and somehow linked to the real me (not to one of my pseudonyms).
- With an increasing speed and willingness to destroy any remaining rights to privacy we may still have, I’m also expecting my country (France) to sooner than later make it illegal to use real encryption, to use a VPN, or even to use a pseudonym instead of my real name—all of that for my own good and for the protection of little kids which is obviously something that I as a law abiding citizen would not ever dare question.
So, instead, I do as much things as I can offline. Reading, writing, watching stuff, listening to stuff, communicating with people.
your setup looks good to me
It seems like an interesting setup. I don’t really have too much to say other than nitpicks.
Why not use Mullvad browser for both scenarios. Mullvad with security level safest should block all JS. You could create a 2nd profile for safest only mode.
Using Linux .desktop launcher scripts, you could:
- Create a .desktop launcher (in ~/.local/share/applications/) for each profile
- Edit default desktop launcher to always prompt to choice profile on start (using the launch option
-P) - Edit the default launcher to offer a menu option for each profile.
Related to your choice of host OS, I personally avoid Debian for desktop because it is slow to adapt (cus its Debian). I know it isnt directly applicable to situation since your main concern seems to be anti-fingerprinting, but a secure base is important. I’d like to know your reason for picking it. I don’t dislike Debian and I still use it for different things (mostly VMs and some dev work).
What host os do you use?
I recommend Fedora or openSUSE Tumbleweed.
