Privacy: Securing Your Browser
Your browser is your gateway to the internet in most cases, and therefore is worth securing properly. Generally speaking, on the user end, most of them operate roughly the same, so it's worth making the switch if one can offer you significantly more privacy or security. Currently Chrome is the most popular browser out there, but what's popular isn't always right. Chrome is very fast and secure, but it's basically just spyware, even going so far as to turn on your microphone and eavesdrop on you while you browse. Instead, you can get almost identical performance and security with a massive improvement in privacy by switching to Brave or Firefox. In this section, I'm going to walk you through some setting changes and plugins you can set up in Firefox to improve your privacy and security. While it may not seem as important as freezing your credit or payment masking, securing your browser will change almost nothing in your day-to-day life but will offer an immense amount of privacy and security in return, therefore I consider this to be a critically important and worthwhile step.
Browsers are one of those things that inspire fierce loyalty. No matter what browsers I suggest, people will always say that I should've considered another one. Some of thse arguments are valid. Both Brave and Mozilla (the developer of Firefox) have made questionable business decisions. Brave's criticisms mostly revolve around their use of BAT, a cryptocurrency they developed to allow site owners and content creators to get paid based on visits and time spent on their site. You can read more about that here. Such decisions included collecting payments on behalf of a creator who claims he never got paid and injecting affiliate links into browser traffic so Brave made more money. These mistakes have been fixed. For Mozilla's shortcomings, they regularly draw criticism for making their telemetry opt-out rather than opt-in, making Google the default search engine, and paying their CEO over $3 million USD per year while struggling to be financially solvent. I don't think there is a perfect solution in this space, so I will leave it up to my readers to decide who they consider to be the more ethical company and the right browser for their needs.
Let's start with plugins. I think this is where users will get the most bang for their buck. Let's begin by installing uBlock Origin, a powerful, lightweight ad- and tracker-blocker. Once installed, open the plugin and open the settings. Be sure to enable "Prevent WebRTC from leaking local IP addresses" and "Block CSP reports." Now click on the tab “Filter lists” and enable everything under “Built-In,” “Ads,” "Privacy," “Malware domains,” “Annoyances,” and "Multipurpose." I would also recommend checking the "Regions, languages" section if you live outside North America and enable for your location, too.
The next plugin is LocalCDN. LocalCDN is a plugin that will replace a lot of third-party libraries like JQuery, Google, and Microsoft and inject them locally from privacy-respecting alternate sources. These third party libraries and CDNs can be used to track you, so this plugin helps to reduce tracking. If all that went over your head, just know that this blocks a large number of trackers without any configuration or interaction required on your end. Just install it and let it run.
The final plugin will be ClearURLs, is a plugin that removes tracking links from URLs that you share. One of the many ways that companies track people on the internet is with tracking links. For example, if I send you a link on Facebook, that link contains a bunch of useless crap that exists only to tell Facebook about you: what device you opened the link with, your IP address, your operating system, apps that were installed, and much more. This plugin helps to automatically remove many of those junk links and strip them down to only the necessary parts, helping respect the privacy of your friends as you share with them.
If you are using Brave, disable all the options under "Social Media Blocking" and change your default Search Engine to DuckDuckGo (or a custom search engine by navigating to that site then checking your settings). Under "Additional settings," make sure that third-party cookies are blocked under "Privacy and Security," and then under the "Security" sub-option, enable "Use secure DNS" and select "With: NextDNS" from the dropdown menu.
If you are using Firefox, start by going to the first tab, “General,” and scroll all the way to the bottom where it says “Network Settings.” Open this by clicking the gray “Settings” button, scroll to the bottom, and change "Cloudlfare" to "NextDNS." Click “Okay” then go to the "Search" tab. Under "Default Search Engine," select "DuckDuckGo." Finally, visit the “Privacy & Security” tab. The first section is “Enhanced Tracking Protection.” Click the second option, “Strict.” I have never seen this cause any site breakage before, but if it does you can set it back to "Standard." Last but not least, scroll to the bottom, under "HTTPS-Only Mode" and click "Enable HTTPS-Only Mode in all windows."
Both Brave and Firefox have some usage-reporting settings that are enabled by default. These statistics are reported to Brave/Mozilla for the purpose of improving the browser. However, if you are uncomfortable submitting that data - and I totally understand - you can disable it. For Brave, simply uncheck "Automatically send completely private product analytics to Brave" under the "Additional settings" -> "Privacy and security" section. For Firefox, uncheck all four boxes located under "Privacy & Security" -> "Firefox Data Collection and Use."
That's it. We're done, we've created a reasonably secure browser, and to top it off, this concludes the "Most Important" section of the book/site. If you've done all this, you can rest easy knowing you've made yourself a fairly difficult target to compromise digitally and moved yourself into the top tier of private and secure internet users.
Honorable Mention: Tor Browser
The Tor Browser is actually a very common daily browser for many privacy enthusiasts for a few reasons. If you're unfamiliar with Tor, check out this link. The Tor browser routes only your browser traffic through the Tor network and not all app traffic, which is probably a good thing anyways if you're using an operating system like Windows or Mac. The telemetry those operating systems send back home can quickly identify you and lose the anonymity benefits of Tor. Because Tor comes pre-packaged with HTTPS Everywhere and a more advanced content blocker called No-Script, it has the same potential to block ads and trackers as a modified Firefox browser. The Tor Browser also isolates each tab and changes your relay path with every new website you visit to help further protect your anonymity. I think using the Tor Browser as your main browser is a great idea, but keep in mind that many legitimate websites such as banking and e-commerce sites block known Tor addresses to prevent abuse and fraud, so you'll want to keep a copy of Brave/Firefox on hand as well for when that happens. Additionally, it should go without saying, but using the Tor Browser alone does not make you truly, 100% anonymous, so don't do anything illegal. Finally, because all nodes are volunteer-run and therefore work on an "honor system," be sure to check that any site you login or transfer personal data across is using HTTPS and is the actual, real site.