Heyha !
This is probably going to be long take and it’s late here in europe… So for those who bare with me and are ready to read through my broken English, thank you.
I’m personally concerned about how my data and my identity is used against my will while surfing the web or using/hosting services. Self-hoster and networking enthousiast, I have some entry/medium security infrastructure.
Ranging from self-hosted adblocker, dns, router, vlans, containers, server, firewall, wireguard, VPN… you name it ! I was pretty happy to see all my traffic being encrypted through wireshark and having what I consider a solid homelab.
Also having most undesired dns/ads blocked with adguard in firefox with custom configuration, blocking everything, and changing some about:config options:
I though I had some pretty harden security and safe browsing experience, but oh my I was wrong…
From pixel tracking, to WebRTC leaking your real ip, fonts fingreprinting, canvas fingreprinting, audio fingerprinting, android default keyboard sending samples, ssl certificate with known vulnerabilities…
And most of them are not even some new tracking tech… I mean even firefox 54 was aware of most of these way of fingerprinting the user, and it makes me feel firefox is just another hidden evil-corp hiding with a fancy privacy facade ! Uhhg…
And even if you somehow randomize those fingerprint, user-agent and block most of those things, this makes you stand out of the mass and makes you even easier to track or fingerprint. Yeah something I read recently and it actually make sense… the best way to be somehow invisible is actually to blend into the mass… If you stand out, you are pretty sure to be notices and identified (if that makes sense :/)
This really makes me depressed right now… It feels like a losing battle where my energy is just being wasted to try to have some privacy and anonimity on the web… While fighting against the new laws ringing on our doors and big tech company always having two steps ahead…
I’m really asking myself if it really matters and if it actually make sense to use harden technology or browsers like arkenfox or the tor browser whose end node are mostly intercepted by private institutions and governemental institutions…
I’m probably overthinking and falling into a deep hole… But the more i dig into security and privacy, the more I get the feeling that this is an already lost battle against big tech…
Some recent source:
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
Don’t get stuck into https://en.wikipedia.org/wiki/Learned_helplessness or perfectionism! So :
You can do it, WE can do it! :D
Edit: Crossed out slightly out of date recommendations, see comments.
Do not confuse privacy with anonymity. Your goal is not to defend against governments or other entities with limitless resourced, but against profit oriented companies. By reducing the amount of data you leak and obfuscating what is left, your data becomes progressively worthless as you improve your setup. This is a good thing, because companies will focus their limited resources on areas with a higher profit margin.
Given your description, I think the network side of IT security is pretty much top notch, firmly in the top 0.1% if not 0.01% of users. However most of the tracking happens at the browser level, so it alone does not protect you that much.
Firefox is a solid base, but it is optimized to not break any websites, rather then providing maximum privacy. You can try to tweak settings manually, but I’d rather recommend you to use LibreWolf on PC and Mull on Android. Both are pre-configure, hardened versions of Firefox, that also have proprietary Mozilla features like “Pocket” and some telemetry removed form the source. A standard install has basically no downsides, 99.9% of sites work normally and privacy is quite good.
Librewolf has ublock origin pre-installed and pre-configured with sane defaults. I’d recommend the following additional addons:
Privacy Badger: Prevents some interactive features (disqus comment section, embedded youtube player, etc) from loading until explicitly confirmed with a mouse click. Also prevents some tracking in the background, but that might eb covered by ublock already.If you are willing to do some fine tuning or accept broken sites, consider also:
Canvas Blocker: WebGL powers most of the advanced visuals, and can read out a lot of data that is used for fingerprinting. This plugin can randomized requested data to protect you, but it also brakes sites in weird and unexpected ways. It’s powerful, but I rarely use it these days.And finally consider some obfuscation techniques to throw of the remaining trackers. Right now I only use one, and highly recommend it because of its effectiveness:
All of this throws off the vast majority of trackers, and puts you in the top 0.1% of users. Yes, this also makes you kinda “unique”, because websites may notice the effort you put in to defend yourself. Bad idea if you try to hide from the government, you should be using TOR for that anyway, but great to signal companies that you are not worth the squeeze.
Keep your head up bro. The situation is not as terrible as it may seem, but companies want you to believe that, so that you don’t even try.
Some of your recommendations on extensions are a bit out of date
Thanks for the heads up, my setup is indeed 6-12 months old. My thoughts on the linked list:
Thanks for the summary and edits 🫶