Web Browsers
Web browsers are very useful but choosing the right one and using one safely isn’t always easy. A lot of people today use computers and a large portion of their time is spent in the browser so people should be careful. Thank you to @pleo:matrix.org for recommending this topic to write about.
Browser Choice
There are many browsers to choose from even if a majority use the same engine (chromium). Techlore has a page listing some desktop and mobile web browsers to choose from. For the minimalist type, you may prefer to go with something like the surf browser or a CLI browser such as w3m or lynx.
I myself use a few including bromite, the tor browser, chromium, firefox-esr and a few others at times. There isn’t a single perfect browser to do everything so you should use what works best for you.
Navigating The Web
You should be careful what websites you visit and how much information you give to them. A lot of people click on random links, view malicious pdfs, run binary executables from random places, get a notification to update their flash player (I fell for that one on my first ever computer) and so on. You can lose a lot by being so low on security.
You may choose to use some extensions and separate out activities and use tools like the tor browser for your own safety and anonymity. A good website to test your fingerprint is cover your tracks.
Something a lot of people do is they keep their browser with many tabs open forever. You should instead use browser bookmarks and delete browser history on a regular basis.
Hardening / Settings
Different browsers list these options in different places so find them in your settings. On firefox browsers, a lot of the settings are in about:config. A few nice settings to have are listed below.
- Disable JS (breaks many websites)
- HTTPS only mode
- Disable or manage location tracking
- Using DNS over HTTPS (with a provider such as quad9 or UncensoredDNS)
- Update your browser regularly
- Limit information displayed on your browser homepage especially for shared computers
- Change your search engine to one you have trust in
- Disable search suggestions
- Set privacy protection to a higher level in your browser settings (for example “strict” on firefox)
- Setting to automatically delete cookies and site data when browser is closed (may get annoying)
- Disable all forms of telemetry of your browser in your browser settings
- Disable password management done in your browser and use a password manager like keepassxc instead. My passwords post.
- Send a website a “Do Not Track” signal
- Don’t sign into a browser account
There is some level of browser isolation by default in browsers like firefox today but you can do more. Separating different activities into containers on the browser can limit cross-site tracking. firefox example.
There are so many other settings that this post will go on forever and be outdated in a few months which is why I didn’t list everything. Different browsers have some different options so explore your settings and search on the internet for recommended changes for your specific browser.
For firefox based browsers, you may be interested in using a custom hardened user.js such as arkenfox which include a lot of browser setting configurations so you don’t have to set so many manually. It helps a lot regarding fingerprinting. However, your best option to combat fingerprinting is using a browser like the tor browser in highest security mode but it is still only as safe as you use it.
Extensions
You should be careful when it comes to installing browser extensions so make sure to look into one before installation.
A few extensions I use regularly are noscript, uBlock Origin, User-Agent Switcher and Manager and snowflake. There are some other extensions you may be interested in listed on the arkenfox wiki.
Conclusion
Most people don’t want to bother with any of these things but if you don’t want to face issues with things such as your data being collected by people you don’t trust or your computer being used as a part of a botnet, you have to care at least a little. You don’t have to make all the changes in the world for your browser but make some.