I’m currently using LibreWolf (a Firefox fork) as my primary browser, with uBlock Origin set to block scripts by default on all but a few sites. When i need to use a site that’s not one of these trusted ones and refuses to work without JS (for example, forums.linuxmint.com), is it better for my privacy to temporarily allow JS or to open the site in a different browser like FF or Vivaldi?
Does switching browsers actually make it harder to track me, especially ones that don’t have full modern CSS and JS support like Dillo, Links2, Alhena, and NetSurf?
I usually allow websites to run their first-party scripts on their own domain without much of a second thought (using NoScript on Firefox). But my threat model is likely more lax than yours.
I wish more people used Anubis instead of Cloudflare, I am a little concerned with how often I have to allow the latter to run their script to even access a website…
If you’re worried about cross-site tracking, specifically, take a look at Cromite, the browser.
Going beyond Adblock, it’s stuffed with “anti fingerprinting” measures like randomizing your resolution and time, your hardware and drivers, JS execution speed, anything that could be used to try and uniquely identify your PC. It’s SOTA at that as far as I know.
Sounds like exactly what you need as a “backup browser”, as its designed to anti-fingerprint with JS enabled, neutering certain JS feature’s by default.
…But that’s just one form of privacy. If you are worried about any entity logging your visited IPs, you use a Tor browser or something like Mullad.
something like mullad
Mullvad* Browser
I’ve been a two browser person for over 20 years. It might not be for everyone, but I do all my browser activity that has an information risk (banking certain types of ordering, health access, etc.) on one browser with a specific security profile to protect those sessions, and all my other browsing on a FireFox variant locked down with NoScript, Privacy Badger, uBlock Origin, etc.
This means that I always reach for the properly configured tool when doing something online, and attempts at phishing have one more hurdle to clear. Default browser points to a fully locked down profile, so any stray clicks will do minimal damage. Sites I know are sandboxed and not allowed to access anything on the rest of the Internet.
This configuration isn’t for everyone, but I’ve been on the Internet for over 35 years and still seem to have a reasonable amount of privacy and security.
Small advice, uBlock origin already does what NoScript can do and more. And privacy badger should not be used.
NoScript: Redundant with uBlock Origin
Privacy Badger: no longer uses heuristics by default, and enabling it makes you easily detected
Got this info from the ArkenFox Github
For sites you visit occasionally, it’s better to enable tab isolation (use the containers feature) and then enable JS only for that domain (note the difference between allowing JS from that domain in any tab, vs only allowing that tab with that domain to use JS, you should do the latter)
https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
If you’re switching to a different browser you may as well use the same browser but a second clean profile and use private tabs so it doesn’t retain history. Using private tabs in your main browser profile does also help but isn’t perfect because there’s still some metadata leaks occasionally.
Using a different browser could ironically make you easier to track - how unique you are is the main signal used to track you (user agent, OS, language, etc), and going for an even more rare config will help their tracking even if you delete session cookies. Especially if they have a tracker across multiple domains you visit from different browsers from the same IP, with similar device fingerprinting results across browsers. That’s a strong signal those sessions are linked. You want to NOT stand out to maintain your privacy.
Aprivate tab protect nothing, it only prevents that other with access to your PC see which pages you have visited, the web pages see the same with or without privat tab. It’s often misunderstood what private browsing mean. If you want to browse private, there isn’t any other as using an Proxy or VPN, using Portmaster, Glasswire or Pi-Hole on desktop, adjust the site permissions in the privacy settings in your browser, than you can browse more or less private, if you also use an search engine which don’t log your activity. You can visit Browserleaks, there you can see how private you are.
His main point wasn’t private tabs, it was firefox containers. He only mentioned private tabs for deleteting cookies after closing those tabs.
Temporary Containers was really good for that, but it hasn’t been updated in years.
Private browsing also gives you a seperate cookie store. In 2025, this probably isn’t enough- but websites do not “see just like without private browsing”
Why not go for an even more hardened browser like Mullvad or Tor if you are so worried about privacy while browsing regular stuff?
LibreWolf is my primary browser as well, so it’s for daily, non-sensitive, use, so I have JS enabled because, well, non-sensitive stuff, and it’s just a main-online identity, but I do use other browsers for other stuff, and change my VPN when I’m going for other “identity” too.A browser is only a secudary problem in privacy, if you use another than Chrome or Edge, it’s mainly the search engine you use the problem, the sites you visit, the mail you use, the data you publish, your common sense online, there are the main privacy holes.
Tracking from WHOM and thus WHY should be the question.
It’s different to be tracked for profit, e.g. Google or Meta, versus for political or corporate espionage purposes.
The former is basically volunteering information through bad practices. Those companies do NOT care about “you” as an individual. In fact they arguably do not even know who you are. Avoiding their services is basically enough. It might be inconvenient but it’s easy : just do not.
The later is a totally different beast. If somehow the FSB, because you criticized Putin, or NSO Group, for something similar or because you have engineer something strategic to a business competitor who is a client of theirs, then you will be specifically targeted. This is an entirely different situation and IMHO radically more demanding. You basically don’t have to just care about privacy good practices, which is enough for the former, but rather know the state of the art of security.
So… assuming you “just” worry about surveillance capitalism and hopefully live in a jurisdiction benefiting from the Brussels effect with e.g GDPR related laws, either way is fine.
Treating Google and Meta as apolitical in contrast to the scaaaary foreign entities - when they are currently aiding genocide and more-spectacular-than-usual immigration cruelties - is a particularly funny example of how liberal rhetoric rapidly ages out of relevance to its own premises. If you ever read about the Cold War and wonder why people were so easily duped by McCarthyism, just examine your own thought processes. Little changed.
On a more practical note, most people are concerned with personal safety, not ideology, so entities that will block you & have you arrested for political reasons e.g. Microsoft, Meta, and Google are far from ideal for Americans. If your beliefs are still outside that expansive group of reasons just sit tight you’ll probably care in time. Russians should avoid Russian services. You get the idea
Treating Google and Meta as apolitical …
I didn’t.
Well I think that saying the main threat is their negligent practices is downplaying the situation when they literally have the CIA camped out in their HQ like any US tech company. The US is the principal cyberattack force in the world not only taking shit down, deniably, plus physical penetration like torturing people and cutting undersea cables, they get coins like 15 years later if they have to, no they’re running most of the Tor nodes too
How is the main danger from Meta and Google that they’re just transparent? They’re malefactors. There is strong albeit circumstantial evidence that Meta and Google have been physically sabotaging their African ISP competitors in the pursuit of their offshore cable encirclement projects. They directly cut people off from services like email for inscrutable reasons - doesn’t take being an ICJ judge. You can get cut off from regular acct services, cloud rentals, & the monopoly marketplace that much of the internet subsists on, and they will always be reimbursed bc they are backed by US inter-agency racket + finance + M.I.C. to the point where it is necessary to consider Google and other western tech companies as central arms of the people driving the worst shit in the world. Who gives a fuck about the Russians? The Russians aren’t the ones trying to impoverish the entire globe. They’ve never been offered a buy-in to the neocolonial system. Google literally represents the preeminent threats to life on earth and is personally, invasively running illegal psychological experiments on you. They are going to exterminate every fucking squirrel. GOOGLE IS LITERALLY A MORE EFFICIENT THREAT TO HUMAN LIFE THAN THE THIRD REICH (in relative manpower terms, like number of kills per employee) IT MUST BE DESTROYED
US tech companies are literally operating with treasure secreted away by the Japanese imperialists. The purpose of a system is what it does (infinite human torture).
