The amount of questions that I got on my last post here made me want to create a full on guide for internet privacy based on my experience, so let’s begin:
Browser
yeah it’s gotta be firefox or a fork that you deem trustworthy
These are my settings:
- first go to about:config and set “privacy.fingerprintingProtection” and “privacy.resistFingerprinting” to “true”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2fjcrlnh.png
- go to firefox settings “privacy and security” tab and set “enhanced privacy protection” to “strict”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2f8koui0.png
-
right under that there is “website privacy preferences” and “Cookies and site data” under privacy preferences turn on these two options: “Tell websites not to sell or share my data”, “Send websites a “Do Not Track” request”
-
Under “Cookies and site data” check “Delete cookies and site data when Firefox is closed”. Don’t worry you can set exceptions for the websites that on you want to stay logged in
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2f5qqceq.png
- Under History tab turn on “Clear history when Firefox closes”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2fh2c1au.png
-
Under Permissions enable: “Block pop-up windows” and “Warn you when websites try to install add-ons”
-
Disable all telemetry under “Firefox Data Collection and Use”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2fqxgkvc.png
-
Under “Deceptive Content and Dangerous Software Protection” enable all three options
-
Under Certificates enable: “Query OCSP responder servers to confirm the current validity of certificates”
-
enable “https only mode”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2f30cod4.png
- under “Dns over https” enable maximum protection and pick a hostname suitable to your needs from here: “https://mullvad.net/en/help/dns-over-https-and-dns-over-tls” I use “https://base.dns.mullvad.net/dns-query”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2f7nq4uc.png
- in the search tab disable search suggestions
Addons:
Important Notice: addons make your fingerprint more unique so try to be conservative about using too many addons
-
My essentials are “ublock origin, noscript and libredirect” optionally “skip redirect”
-
My Noscript settings are pretty simple: in it’s settings page I have it’s default preset set to only allow “noscript” and “other”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2f3iah8c.png
-
For ublock origin things get a little more complicated. My ublock origin blocking mode is set to “medium” which means it blocks all 3rd party scripts aswell as adds. More on that here: https://github.com/gorhill/uBlock/wiki/Blocking-mode
-
I have also enabled every single filter minus the country spesific ones enabled on the filters tab of the ublock origin settings plus two custom lists, that are: “https://github.com/DandelionSprout/adfilt/discussions/163”, “https://github.com/yourduskquibbles/webannoyances”
https://lemmy.kya.moe/imgproxy?src=files.catbox.moe%2f6uz1ss.png
Search Engine:
-
The one I am using is called “Startpage” it scrapes results from google and it respects your privacy. I avoid DuckDuckGO because I remember it getting involved with cencorship in results at some point and I don’t like it’s results.
-
Startpage’s majority shareholder is an Adtech company but I trust it due to this quote from privacy guides:
“Startpage’s majority shareholder is System1 who is an adtech company. We don’t believe that to be an issue as they have a distinctly separate privacy policy. The Privacy Guides team reached out to Startpage back in 2020 to clear up any concerns with System1’s sizeable investment into the service, and we were satisfied with the answers we received.”
- find the right privaccy search engine for you here: https://www.privacyguides.org/en/search-engines/
VPN:
-
To quote privacy guides once again: “Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.”
-
I use and reccomend “Proton VPN” as an always connected vpn with a killswitch. I have heard good things about “Mullvad” though and have some friends that swear by it
-
Interview with the Proton CEO: https://yt.artemislena.eu/watch?v=Dp7ght2fMR4
Privacy Friendly Frontends:
-
I like spesifically Freetube and Libreddit which the Libredirect extention can redirect to
OS:
-
Let’s face it, propertiary operating systems like Windows and MacOS collect your data and invade your privacy just by you using your computer, so swapping them out for alternatives is very helpfull in terms of protecting your privacy
-
Main players in the game are “Linux” and “FreeBSD”. I find “Linux” to be MUCH more usable than freebsd though. Seriously just stick with linux unless you want to deal with a lot of issues.
-
Reccomened distros: I am a big fan of Fedora and KDE so I am gonna reccomend “Fedora KDE spin” to the regular user. “Mint” is well liked among beginners but I tend to find it’s old ubuntu LTS base infruiating. For gaming I reccomend “Nobara” which is what I use. It is based on fedora and uses KDE as it’s DE and has optimizations for the gaming usecase. PopOS is also a great option for gaming but I belive it is based on ubuntu LTS aswell which I do not like. Finally “EndavourOS” is based Arch but installation is made simple and I belive is actually beginner friendly
Disclaimer about the EFF “Cover your tracks test”:
https://coveryourtracks.eff.org/
- the test will not load with Mullvad DNS due to it blocking tracker domains so switch to nextdns instead while running the test
Sources: https://www.privacyguides.org/en/tools/, https://github.com/mendel5/alternative-front-ends, https://github.com/arkenfox/user.js/wiki/4.1-Extensions
Much appreciated!