Privacy for the web #1
Written by Anachron on 2022-07-31
Read the article or go back.
- General suggestions for the web
- Picking the right browser
- Hardening the browser
- Using an external media player
- Fingerprinting using HTML canvas
I’ve come to the conclusion that the web by default is unsafe.
Not only that, but it’s very dangerous to be unaware of all the hidden technologies that track us, try to rob our last security we have and sell our data for no other reason than profit.
So in the future you will find a series of blog posts with varying length based on the privacy of current web. This includes issues/problems and hopefully whenever possible solutions to combat this.
# General suggestions for the web
Below you can see a list of “quick” steps to make your setup both more secure and also faster.
# Picking the right browser
Without a doubt choosing the right browser is a very important step into the right direction.
While I do see some people still have to use Chrome or Edge, I can only recommend trying to use https://www.mozilla.org/en-US/firefox whenever possible.
Not because firefox is completely secure or has no tracking/security issues inside, but because it’s the least offending browser and is yet the most easy to remove all these issues from.
(This may be updated in the future)
# Hardening the browser
I highly recommend to use a
user.js file to update the firefox settings to be more secure and privacy aware by default.
I use a modified version of https://github.com/arkenfox/user.js .
# Using an external media player
There is a lot of fingerprinting and tracking involved whenever media is played, especially when using popular services like youtube.
I’m using mpv and the firefox plugin https://addons.mozilla.org/en-US/firefox/addon/ff2mpv/ to play media outside my browser to circumvent some of the issues.
This requires something like https://github.com/yt-dlp/yt-dlp to be set up.
# Fingerprinting using HTML canvas
I’ve come to known that it’s possible to fingerprint users by using the HTML canvas:
For this reason, I’ve disabled HTML 5 canvas whenever possible and only allow it on exceptions.