Privacy Browsing
40 replies
0 attachments
Started >30d ago
0 attachments
Started >30d ago
Recommended browsers
GrapheneOS: Vanadium
Stock Android: Google Chrome
iOS: Safari
Windows 11: Microsoft Edge (the default and only browser with defense-in-depth)
macOS: Chrome or Safari
Secureblue: Trivalent
You should use the default browsers most of the time because installing additional browsers adds more parties to trust.
Avoid non-Chromium browsers and browsers which support Manifest V2.
Additional tips
Do not install any extensions. Instead of insecure, privacy-compromising adblockers (uBlock Origin), use the reader mode.
GrapheneOS: Vanadium
Stock Android: Google Chrome
iOS: Safari
Windows 11: Microsoft Edge (the default and only browser with defense-in-depth)
macOS: Chrome or Safari
Secureblue: Trivalent
You should use the default browsers most of the time because installing additional browsers adds more parties to trust.
Avoid non-Chromium browsers and browsers which support Manifest V2.
Additional tips
Do not install any extensions. Instead of insecure, privacy-compromising adblockers (uBlock Origin), use the reader mode.
Glowie alert
JEW! JEW! JEW! JEW! JEW! JEW! JEW! JEW!
JEW ALERT!
microcock edging
>2 posts in this thread
>FUCK OFF FED
>the aforementioned fed: Anonymous 2 posts in this thread
false flag operation
SUCK MICROCOCK
micro di pi leaks its erection in high hd
Follow this guide written by an actual expert.
https://github.com/RKNF404/chromium-hardening-guide
Reasons to NEVER use extensions (not even "trusted" permission-less Manifest V3 ones like uBlock):
https://support.google.com/chrome/a/answer/9897812
https://mattfrisbie.substack.com/p/spy-chrome-extension
https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css
https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/
https://palant.info/2020/02/25/mcafee-webadvisor-from-xss-in-a-sandboxed-browser-extension-to-administrator-privileges/
https://en.wikipedia.org/wiki/Device_fingerprint#Browser_extensions
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rilide-a-new-malicious-browser-extension-for-stealing-cryptocurrencies/
https://arxiv.org/pdf/2308.16321.pdf
https://www.bleepingcomputer.com/news/security/malicious-browser-extensions-are-the-next-frontier-for-identity-attacks/
https://palant.info/2025/01/13/chrome-web-store-is-a-mess/
https://github.com/RKNF404/chromium-hardening-guide
Reasons to NEVER use extensions (not even "trusted" permission-less Manifest V3 ones like uBlock):
https://support.google.com/chrome/a/answer/9897812
https://mattfrisbie.substack.com/p/spy-chrome-extension
https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css
https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/
https://palant.info/2020/02/25/mcafee-webadvisor-from-xss-in-a-sandboxed-browser-extension-to-administrator-privileges/
https://en.wikipedia.org/wiki/Device_fingerprint#Browser_extensions
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rilide-a-new-malicious-browser-extension-for-stealing-cryptocurrencies/
https://arxiv.org/pdf/2308.16321.pdf
https://www.bleepingcomputer.com/news/security/malicious-browser-extensions-are-the-next-frontier-for-identity-attacks/
https://palant.info/2025/01/13/chrome-web-store-is-a-mess/
>https://github.com/RKNF404/chromium-hardening-guide
>https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css
absolute gems, thanks for sharing these
>https://github.com/RKNF404/chromium-hardening-guide#popular-options
>Fedora disabled CFI again
The top goys at
https://bugzilla.redhat.com/show_bug.cgi?id=2425338
https://src.fedoraproject.org/rpms/chromium/blob/rawhide/f/chromium.spec
Bonus:
Most distros compile firefox with many hardening options disabled or misconfigured (like CFG/CFI and LTO), check them
Bonus 2: Tor browser (from the torbrowser-launcher) doesn't use FORTIFY_SOURCE, stack clash protection, stack protector, uses an outdated rust version. Avoid tier.
TL;DR: "Privacy" (and secure) browsing is a spook.
> actual expert
what makes that person more actually an expert?
Chrome isn't a monopoly. It's a standard.
Avoiding it is like using gopher to avoid the http "monopoly" or plaintext to avoid the html "monopoly".
For security reasons, you must avoid using Linux at all costs. People only use it because ideologies, to support the underdog, or Microsoft and Apple are the evil boogeymen.
Avoiding it is like using gopher to avoid the http "monopoly" or plaintext to avoid the html "monopoly".
For security reasons, you must avoid using Linux at all costs. People only use it because ideologies, to support the underdog, or Microsoft and Apple are the evil boogeymen.
For PRIVACY I would say mullvad browser is probably the sanest anti-detect browser that is FOSS right now (it's pretty much tor browser bundle, literally it is tor browser bundle but it shoves shit up mullvad (or your own choice of proxy)
Now if you're going to roll your own, which you probably should, I would say run with https://github.com/enetx/surf
this is gonna get you past 99% of the cancer of the internet if you learn to use this fucking library. heavily depends on you learning it, though. this little nigger can spoof JA4/JA3 and spoof chrome pretty good, but you might need also some other libraries in whatever it is you are building a client for
ultimately your vision should be to replace websites with software clients written for your desktop and to remove the web browser from your workflow imho
to this end, maybe RSS can also be useful.
now, i will also say to the point of using surf there's probably one group of retarded faggots who i can forward you to, and they might just make you some money too
BlackHatWorld
these retards know everything there is to know about scraping
Now if you're going to roll your own, which you probably should, I would say run with https://github.com/enetx/surf
this is gonna get you past 99% of the cancer of the internet if you learn to use this fucking library. heavily depends on you learning it, though. this little nigger can spoof JA4/JA3 and spoof chrome pretty good, but you might need also some other libraries in whatever it is you are building a client for
ultimately your vision should be to replace websites with software clients written for your desktop and to remove the web browser from your workflow imho
to this end, maybe RSS can also be useful.
now, i will also say to the point of using surf there's probably one group of retarded faggots who i can forward you to, and they might just make you some money too
BlackHatWorld
these retards know everything there is to know about scraping
Another /g/ verbatim repost
> For PRIVACY I would say mullvad browser is probably the sanest anti-detect browser that is FOSS right now
https://desuarchive.org/g/search/text/For%20PRIVACY%20I%20would%20say%20mullvad%20browser%20is%20probably%20the%20sanest%20anti-detect%20browser%20that%20is%20FOSS%20right%20now%20/
LMAO
>reposting from /g/ is fine but FUCK YOU if you notice it!
lol