Epic Privacy Browser
Tor Browser Bundle
Edit these about:config settings in Firefox you can use my user.js file to apply the settings automatically.
The settings that say 'blank' are meant to be left empty. It does not mean the string 'blank'.
For an explanation of what each setting does, go here.
Edit these settings to disable Google Safebrowsing. Firefox uses Google Safebrowsing's Update API which means Google doesn't know the URLs you visit so disabling it isn't necessary but it still stops connections to google.
Credit to https://gist.github.com/0XDE57/fbd302cef7693e62c769, https://privacytools.io, https://www.thewindowsclub.com/firefox-quantum-disable-telemetry-data-collection and https://2019.www.torproject.org/projects/torbrowser/design for some of these settings.
Install Ublock Origin, NoScript, HTTPS Everywhere, Decentraleyes and Cookie AutoDelete. Cookie AutoDelete isn't really necessary as long as you applied the about:config settings above. Private browsing mode clears cookies at shutdown and first party isolation restricts cookies and other local data to first party domains which makes Cookie AutoDelete partly redundant.
Configure NoScript to not whitelist any domains and not allow anything at blacklist and default settings.
Watch https://invidio.us/watch?v=AC4ALEKZRfg for more information on NoScript.
Configure Cookie AutoDelete to clear local storage.
Go into Ublock Origin's settings and check the "I am an advanced user" user box. Enable all the settings under "Privacy" and the first three under "Default behavior". Go into "Filter lists" and update them. Click on Ublock Origin and block "3rd-party", "3rd-party scripts" and "3rd-party frames" globally.
Watch https://invidio.us/watch?v=2lisQQmWQkY for more information on Ublock Origin.
To increase security you can use apparmor to restrict what Firefox can do. I've made an apparmor profile that you should be able to use with Firefox.
The Tor Browser is the best browser we have to protect our privacy. It includes many security and privacy enhancing patches and forces all traffic in the browser through the Tor network.
Do not change any other setting or add any extensions in the Tor Browser. It makes you stand out from all other Tor Browser users which can de-anonymize you.
Using a VPN with Tor is pointless in most cases. See this blog post from a Tor dev to know why.
See my post on Tor for more information about Tor.
To increase security, you can use AppArmor with the Tor Browser. I recommend Micah Lee's apparmor profiles. You will need to configure it to work with your system.
The Brave Browser is a browser designed to block trackers and ads out of the box. It's based off chromium and strips out Google tracking. It isn't as good as a hardened Firefox or the Tor Browser but it is still great for beginners. You can still harden it even more. Change the flags as shown below.
Restart Brave to enable these flags. Go into the settings and set your search engine to something more privacy respecting like DuckDuckGo.
Disable everything in "Passwords", "Payment methods", and "Addresses and more".
Set the Brave shields to block all ads, fingerprinting and third party cookies. You can set it to block all cookies and block scripts but I prefer to use uMatrix for these as it's a lot more manageable.
Disable hangouts and set brave to open a new tab on start-up. Go into the advanced options. Disable safe browsing and set WebRTC to "Disable non-proxied UDP".
Go into content settings then cookies. Turn on the option that clears local data when you quit the browser.
If English is your main language then switch the langauge to "English(United States)". The US version of English is the most common and will make you less fingerprintable. Set the spell check to the US version too or disable it entirely.
If you want to use uMatrix for scripts and cookie blocking then go to the chrome webstore and add it to your browser.
Go into your extension settings and allow uMatrix to work in incognito mode. Go into the extension options.
Enable every setting under "Privacy" and change the timers if you want. Go into "Assets" then update all the filter lists.
Go onto any website and click the uMatrix icon at the top right. Click the "*" symbol to switch to global mode.
Don't allow all first party stuff or all css and images. Make sure "all" is set to dark red. Allow only first party css and images then click the padlock icon. This will block everything on sites except for first party css and images. This will also break a lot of sites so tweak the settings to your needs and learn how to use uMatrix.
uMatrix should look like this:
Watch this video https://invidio.us/watch?v=TVozpo3zUBk to learn more about uMatrix.
Firefox forks don't improve your privacy. If you use them because of Firefox telemetry then stop. Telemetry can easily disabled in about:config as described here.
Firefox forks get updates later than normal Firefox. This means you can miss out on important security updates.
They're usually made by a small team, sometimes even one person who can stop at any team and you'll be left without a good browser.
You'll stand out more and be easily fingerprinted as not many people use those forks.
Some of them have very poor security. Pale moon is a prime example of this as it doesn't even have a browser sandbox, runs on a very old engine that will contain many bugs and the developers are cocky and have said they defeated Spectre and Meltdown which they obviously didn't.
Brave whitelists trackers from Twitter and Facebook. They do this to stop it from breaking the share buttons on some websites. There was a post on Hacker News that linked this part of Brave's Github repository. The code is:
This whitelists trackers from Facebook and Twitter.
The Brave CTO responded and said this was from the old repository that is not used anymore here. This is only part truth. The code is from an old repostitory but there is also a whitelist in the new repository. He has apologised for not giving a full answer.
The CTO replied to the Hacker News post and said,
The whitelist is now optional and can be disabled in the browser settings.