Lemmy helping Lemmy World browse the web

Noble_Stacking_1337@lemmy.world to Technology@lemmy.world – 103 points –

I thought it would be helpful for all the good people of Lemmy World if we shared our browser setups.

I'm mostly a laptop user when it comes to the Internet. I've been using Firefox with the Ublock Origin addon and it makes browsing the web so much less ad filled.

For youtube specifically I've had the best results with Chrome and an extension called Clear Skies for ad skipping.

Share you own browser setup. What do you use to surf the wild waves of the web to avoid the sharks and the sharp rocks?

64

I call my secretary and she faxes me screenshots, she cuts out the ads.

If you're already using a whole second browser just for YouTube, may I suggest looking into FreeTube? It's a great YouTube desktop client.

Just Firefox/Librewolf with uBlock Origin is enough. The more extensions you add, the larger the attack surface and chance of site breakage. A common mistake many do is to add multiple blockers on top of uBO which will decrease uBO's ability to defuse various anti-adblocks. This also includes addons like Privacy Badger, Ghostery, DuckDuckGo Privacy Essentials, etc. uBO have good enough privacy protection enabled by default. If you want more, enable some other privacy filter lists. And if you know what you're doing, enable hard mode by blocking all 3rd party requests and JavaScript.

If you want to feel more secure when adding more extensions to your browser, then only use Firefox addons that are recommended by Mozilla. Those extensions have gone through a review process to make sure they don't contain anything malicious.

If you're like me and don't care about recommendations and being able to comment, then use Freetube with sponsorblock enabled.

NoScript is missing a lot here. Ublock doesnt really block much tracking, you need to break every site by default and then allow javascript only from trusted origins. This is the opposite of UBlocks badness enumeration, it is manual work and is waaaay more secure and private.

No Browser without noscript to block everything by default, manually allowing all trusted sites, is private. Ublock may allow this but the UI is too slow to use it generally

There only is a lack of a database or something to share such a config. I use it for years so my noscript list is quite big

Phone: firefox android with ublock origin, darkreader, privacy badger, ruffle, and search by image
Laptop: firefox linux with ublock origin, darkreader, privacy badger, ruffle, search by image, multi-account containers, and flagfox

I recommend Mull and Librewolf for the respective platforms. They are way more private.

Flagfox should not be used, it sends every site you visit to random servers of theirs, which is basically really invasive tracking.

This is the way

Firefox mobile works with Jerboa too for web containers

I didn't think the account containers worked on mobile

Firefox
• Multi-Account Containers
• uBlock Origin
• NoScript
• Cookie AutoDelete
• Link Text and Location Copier
• DownThemAll!

I also made multiple Firefox profiles and made desktop shortcuts to launch each profile using these switches:
-P ProfileName
-no-remote

And I’ve got ad-blocking enabled on my UniFi router. Probably set up a PiHole later this year.

On KDE you can create a desktop entry with actions so you can launch a profile using right click and the list, very cool

Desktop: Firefox + uBlock + SponsorBlock (for youtube) + Consent-O-Matic + Tampermonkey w/ YouTube HD script (force 1080p resolution)

Mobile: Fennec (Firefox fork) + uBlock + Consent-O-Matic, for youtube I'm using NewPipe with Sponsorblock

Daily Driver - Vivaldi with any applicable EFF plugins and custom settings aimed at security and privacy.

2nd Daily Driver (usually on a separate screen) - Firefox configured with any applicable EFF plugins and settings put at the most restrictive and forgetful to facilitate privacy and security.

Mobile - Literally the same as above to the extent i have the ability to ^^

Why would you have 2 daily drivers?

Tracking mostly. If i need to visit a site that i want to know the absolute minimum about me or my accounts, i use Firefox. Vivaldi is secured well, but I'm logged in to various accounts for convenience there. I have a 3 monitor set up so it's easy to just have it open on a separate screen.

Just switch user agents

How do you mean?

A user agent is a string it sends the website you're connecting to so it can know what rendering engine you have and which browser you use and so on. But, the dark side of user agents is that websites can use this to track you. So, if you don't want them to do so you can change it either manually or by using a browser extension. I recommend you to make your user agent look like chrome's, as this is the most popular browser and you will not be tracked as easily.

I don't know.. Sounds like I'd have to trust another extension to do the user agent stuff in the background... I'm sure that's a solid solution for a lot of use cases, but i might just keep my method for now.

Instead of forget everything I recommend to keep session and create cookie exceptions for selected sites. So you will stay logged in there and have a normally working browser, that is just as private

Good advice, but for how i have my workflow set up, it makes more sense for me to have it set on full amnesia. Vivaldi is what i use if i need persistence.

You can use profiles if you want different use cases. I dont think "increased attack surface" is the biggest problem, but you have 2 browsers that are both updated, take up RAM etc.

You could just use different Firefox profiles, using a custom desktop entry with actions and one action for every profile, example:

::: spoiler desktop entry

[Desktop Entry]
Name=Firefox
Comment=Web Browser
GenericName=Web Browser
Exec=firefox %u
Type=Application
Icon=firefox
Categories=Network;WebBrowser;
MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;
Actions=Private;Work;PrivateWindow;Insecure

[Desktop Action Private]
Name=Open Private Profile
Exec=firefox -p private %u

[Desktop Action Work]
Name=Open Work Profile
Exec=firefox -p work %u

[Desktop Action PrivateWindow]
Name=Open Private Window
Exec=firefox -p private --private-window %u

[Desktop Action Insecure]
Name=Open Insecure Profile
Exec=mullvad-exclude firefox -p insecure %u

:::

This was so cool to find out, and in KDE (and likely other desktops) you can access those actions using right click.

You can also change such a workflow to do

launch app && rm -rf ~/appdirectory which will enforce to always delete everything without needing to trust that app. I do that for the flatpak app "Decoder" which is great but wants to save a history without an opt-out, and as I use it for password sharing (generate a QR code locally on my phone)

Librewolf/Firefox+Arkenfox

Addons:

  • Ublock origin
  • noscript (default to block everything, trusted still blocks "LAN, other, ping"
    • fingerprint defender (multiple addons)
  • add custom search engine
  • temporary container, multi account containers
  • dark background light text
  • undo close tab
  • simple tab groups
  • offline qr code generator
  • libredirect (updated version of privacy redirect)

Android: Mull with my custom Addon collection and mostly the same addons, Firefox Translate installed manually

Use Profiles for different setups, not different browsers. firefox -p. I have one seperated for Captive portals (doesnt enforce HTTPS) and Netflix (DRM, unhardened because Netflix sucks)

A 1970's dumb terminal dialed up through an acoustic coupler to a mainframe running Lynx...

FF and uBO have been mentioned many times already, so I’ll say use encrypted DNS with blocking on your browser like Mullvad, Aha Blitz, or ControlD.

On Linux Desktop, I generally use Librewolf (although I also use Vanilla Firefox and Ungoogled Chromium depending on the use case). I do also modify Librewolf a bit further in about:config, and have styled it to be much more minimal using userChrome.css.

Some of my favorite Extensions include:

I have others, but these are the ones that have been game changers. I also browse using DuckDuckGo Lite which cuts back on the distractions and loads fast. The use of DuckDuckGo Bangs also allows for very fast browsing and getting the info I need quickly.

On my Android phone, I use the Mull, Vanadium, and Vanilla Chromium browsers for various use cases, with Mull being the go to. There are a more limited set of extensions on Mull, but have managed to get it very similar, using uBlock, NoScript, DarkReader, DDG Lite, and have used this filter list with ublock to get pretty much the same effect as ByPass Paywalls.

Obviously, I generally have a very different experience browsing the web than most, and generally am not bombarded by ads as I also use Invidious, NewPipe, SponsorBlock, and yt-dlp (which has a sponsorblock flag btw) to grab any vids/music I want. Hope these resources help someone out.

1 more...

Mobile: (android) mull browser with ublock origin, adguard adblocker, privacy badger along with privacy settings on strict. Also, access youtube using the app tubular. PC: (windows) : Firefox with ublock origin and privacy badger.

You dont need adguard, just add its blocklist to ublock origin

I run Firefox everywhere. If you care about freedom you, dear reader, should too.

On desktop I have these addons installed:

  • Allow Right-Click
  • Alternate player for Twitch.tv
  • Auto-Sort Bookmarks
  • Buster: Captcha Solver for Humans
  • Bypass Paywalls Clean (D)
  • Chameleon
  • Don't track me Google
  • Download All Images
  • Export Cookies
  • F.B Purity
  • Fakespot
  • FastForward
  • FediRedirect
  • Firefox Color
  • Firefox Relay
  • Form History Control (II)
  • Image Search Options
  • IPvFoo
  • Keep or Delete Bookmarks
  • LibRedirect
  • Linguist - web pages translator
  • LocalCDN
  • MAL-Sync
  • Mastodon - Simplified Federation!
  • Minimal Theme for Twitter
  • open in mpv
  • Plasma Integration
  • Reddit Enhancement Suite
  • Redirect AMP to HTML
  • Return Youtube Dislike
  • Search by Image
  • See On BoardGameGeek
  • Sidebery
  • Silk - Privacy Pass Client
  • Simple Translate
  • Tor Snowflake
  • Terms of Service; Didn't Read
  • Tournesol Extension
  • TwitchNoSub
  • Twitter View Original Images
  • uBlock Origin
  • Violentmonkey
  • Wallabagger
  • Web Archives
  • webcompat.com reporter
  • Wide Github

Violentmonkey scripts:

Librewolf with Ublock + privacy redirect

Libredirect is the updated version of privacy redirect

On mobile, I may actually be using libredirect and just misremembered the name, or I might be due for an update. Thanks

Safari with 1Blocker, Adblock Pro, AdGuard, Consent-o-matic, Ghostery, and Vinegar

Ghostery is extremely shady and should not be used. Also piling up adblockers is really bad, use one and that should be enough.

Look at badness enumeration to understand that reasoning.

PiHole+:

 * Firefox with uBO, Privacy possum, Sponsorblock as primary, BypassPaywallsClean
 * Brave with shields up and fingerprint resist for when I need chrome, with BypassPaywallsClean and privacy badger.

When a site blocks or is otherwise slow on FF, I use Brave. When a site is slow or blocks brave, I use FF. Brave really stays on top their YT ad blocking so they're a good fallback even if I'm selling my soul to them a bit.

I regularly blow away bookmarks in Brave and reimport from FF to keep all my browsers synced.

If a site doesn't work in FF, then it doesn't work in Brave, I'll open it in vanilla Edge to sanity check but I generally don't open edge otherwise.

Desktop (Personal):

  • Browser: Brave
  • Extensions used: uBlock Origin, uBlock Origin Lite, AutoplayStopper, Dark Reader, LeechBlock NG, Cookie AutoDelete, Incognito or Not, Off the Record History, Stylus, Terms of Service; Didn't Read, Unhook, Dictionary Anywhere, Content Blocker, Highlight or Hide Search Engine Results, Indie Wiki Buddy, Uber Simple Bookmark Count, BlockTube, Enhancer for YouTube, ClearURLs, Bypass Paywalls Clean, No Opener, No Phishers, Recipe Filter, Redirect AMP to HTML, Smart HTTPS, Text Area Word-Wrap Fixer, Charcoal: Dark Mode for Messenger, Control Panel for Twitter, Office - Enable Copy and Paste, Return YouTube Dislike, SponsorBlock, and YT Playlist Length - Duration Display

Desktop (Work/School):

  • Browser: Microsoft Edge
  • Extensions used: Cookie AutoDelete, Dark Reader, uBlock Origin, Bypass Paywalls Clean, AutoplayStopper, Grammarly, Incognito or Not, LeechBlock NG, Off the Record History, Return YouTube Dislike, Twemoji for Chrome, Unhook, YT Playlist Length - Duration Display, uBlock Origin Lite, and Uber Simple Bookmark Count

Mobile:

  • Browser: Firefox
  • Extensions used: uBlock Origin and Dark Reader

Desktop: (macOS) Orion Browser with uBlock Origin + Consent-o-Matic + Kagi Search, FF with uBlock origin as fallback. Mobile: (iOS/iPadOS) Orion Browser with uBlock Origin + Kagi Search

Firefox with Ghostery add-on, mostly because its built-in cookie-nag blocker. Also use Bitwarden and Dark Reader. Pretty much the same setup on both desktop and mobile.

desktop: Firefox with ublock origin, privacy badger, and "Alternate Player for Twitch TV" (html5 alternate twitch player with ad block)

mobile: Revanced YouTube, YouTube music , and Twitch. Also Xtra as a twitch back up

I’m an apple luser so I use safari on mobile for voyager PWA and m.lemmy.world on safari on laptop

Waterfox on my laptop, using Rehike for YouTube, uBlock origin, and DuckDuckGo privacy essentials not because it does much more than uBlock, but because of the built in unlimited email aliases. Incredibly useful feature.

On mobile I use stock brave since waterfox for iOS isn't out yet, and it collects no directly identifiable information unlike Firefox which for some reason does.

Kiwi browser (Brave & Firefox on desktop) with: uBlock Origin, Sponsorblock, DeArrow (fights YouTube clickbait thumbs & titles, same dev team as Sponsorblock), Violentmonkey with a few scripts: Google Shut Up, Search cookie auto reject

I came here to post this same setup. uBlock is a classic and trusted name. The people behind SponsorBlock and DeArrow are doing the Lord's work. I can't imagine life without these addins.

Plain chromium with uBlock Origin, Sponsorblock and Return YouTube dislike.

I recommend running googerteller. Chromium, even after applying all degoogle policies, using without account, no google search etc, connect to Google every few seconds. Especially when launching the profile chooser, loading the addons, viewing some settings and your password list.

What kind of data does it leak?

Googerteller just shows connections.

Maybe there is a traffic analysis, you need to install a custom public https certificate for that and intercept using a middle server. MITM attack so to say.

Edge. I simply disable what I don’t use.

And if a site has ads that I can’t ignore, I just close that browser tab.

You really cant rely on GUI settings at all. Edge cannot be made private very likely.

Using Christitus WinUtil you can remove edge entirely, reinstall the webview afterwards its needed, replace it with Librewolf, Brave, thats basically it.

Odd that you trust Brave but not Edge.

I dont, but Brave at least has no Google and MS tracking and their own stuff seem to be possible to disable entirely via bravs:flags or a policy.

They only have Windows docs though and I use firefox with hardening, compiled myself to work with hardened_malloc

What about privacy?

Some people don’t care. This was posted in technology and the post didn’t specify privacy settings.