Index > Browser Recommendation and Addons

All mainstream browsers include spyware and sell our online habits and details to various third-parties for advertising and other revenue-generating purposes. This is an aggregious betrayal of consumer trust by tech companies, and so it's important to show this is not acceptable by switching to a browser that doesn't commit such actions. Here are a couple web browsers that you can trust aren't keeping tabs on your comings and goings.

Some browsers claim to remove spyware only to add their own. A comparison of various browsers is available at the Spyware Watchdog's Comparison of Web Browsers page.

Librefox

Pros:

• Patched from Mozilla Firefox.
• Disables spyware present in Firefox and does not include any new spyware.
• Available for all major platforms.

Cons:

• Some features are still experimental and require manual configuration.
• Not available in package managers, requires manual download to update.

Librefox is a patched version of Mozilla Firefox with a large collection of privacy enhancements built on top of a cleaned bundle of Firefox.

Various privacy-related preferences are set and locked by default to prevent unintentional or malicious alteration. This can be manually overridden by the user.

Librefox starts off with no addons bundled in, allowing you to start with a clean slate and install what you want, and only what you want. Its homepage lists a selection of addons that they recommend.

GNU IceCat

Pros:

• Patched from Mozilla Firefox.
• Disables spyware present in Firefox and does not include any new spyware.
• Makes some privacy settings more accessible and easily toggleable.

Cons:

• Only easily available for GNU/Linux.
• Rarely available in package managers, often requires manual download to update.
• Does include some addons that make browsing clunky and awkward out of the box.

GNU IceCat is a patched version of Mozilla Firefox with all of the telemetry, spyware, and extra features either disabled or removed.

IceCat goes so far as to come bundled with addons that force the browser to block “non-trivial” javascript, or request permission from the user each time third-party content is accessed. I actually recommend disabling all the builtin addons, as they continually interrupt browsing in pursuit of strict purity. These can be replicated by addons with much better user interfaces, such as uMatrix.

In addition IceCat has a nice “Privacy Settings” section on a blank home page. One caveat is that these are browser settings, affecting all visited sites. Where desired, I disable the browser feature and have addons replicate that functionality but on a per-site basis.

Recommended Addons

• Canvas Blocker

  Canvas Blocker helps prevent browser fingerprinting through the javascript API.

• Cookie AutoDelete

  Automatically delete cookie set by sites after you leave the site.

• HTTPS Everywhere

  Automatically connect to sites via HTTPS if it's known to do so by the configured rulesets.

  I would love to replace this with Smart HTTPS but get corrupt file warnings and a zero byte file when I try to download it.

• Proxy SwitchyOmega

  A handy quick-toggle menu allowing you to switch proxies without having to dive into browser preferences every time. It can also automatically set proxies on browser startup, or on a by-site basis.

• uBlock Origin

  Filter out advertising, trackers, and other clutter from the websites you visit. Will have some overlap with uMatrix, below, depending on configuration.

• uMatrix

  Allows the user to whitelist what types of media or third-party data a site can request. Blocks anything the user does not explicitly add to the whitelist. Also has some other privacy features, such as blocking mixed-content or spoofing referer headers to prevent tracking.

  By default allows anything from the site you're viewing and blocks third-party requests. Removing Javascript or other types from the first-party whitelist can be done if you'd rather not trust first-party sites with them.

  In the Assets tab of the uMatrix preferences there is a list of host file blacklists. These blacklists are also filtered by uBlock, so I keep them activated in uMatrix and disabled in uBlock, so only one of them is downloading updates.

about:config Options

There are plenty of guides on the Internet with different recommendations for switches to set in about:config, often for old versions of Firefox. Icecat and Librefox have some switches already set to disable various features you probably don't want or need, such as geolocation, webgl, etc. There may still be a few to keep an eye out for:

• browser.cache.disk.enable set to false
• browser.cache.disk_cache_ssl set to false
• browser.privatebrowsing.autostart set to true
• media.peerconnection.enabled set to false
• security.ssl.require_safe_negotiation set to true
• security.ssl.rsa_des_ede3_sha set to false

The following are optional, and may make browsing less convenient.

• browser.sessionhistory.max_entries set to 2

  Limits your history to two items, your current page and your last page, to prevent snooping via Javascript.

• dom.storage.enabled set to false

  Will prevent various methods of tracking, but will also completely break various websites, such as imgur.com.

• general.useragent.override set to Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0

  Makes your browser use the same useragent as the Tor Browser Bundle. Some sites will complain you're using an old version of Firefox. Not foolproof for prevention of fingerprinting, as sites can also use Javascript to check your browser identification, which this does not override.

• media.autoplay.enabled set to false

  Stops videos and gifs from playing automatically. You can click on videos to start them when you're ready. Gifs will only display the first frame and will not play when clicked, but they will still be fully downloaded by the browser so gif-heavy sites will still load slowly.

• security.tls.version.min set to 3

  Requires the most modern version of TLS, but there are some sites that don't support it yet.