Page 1 of 1 [ 8 posts ] 

Kitty4670
Veteran
Veteran

User avatar

Joined: 18 Nov 2014
Gender: Female
Posts: 8,586
Location: California,USA

05 Apr 2024, 1:45 am

Does private browsing mode really private?



kokopelli
Veteran
Veteran

User avatar

Joined: 27 Nov 2017
Gender: Male
Posts: 3,779
Location: amid the sunlight and the dust and the wind

05 Apr 2024, 2:33 am

Not really. It basically just aims to avoid storing history and cookies on your local computer.

You can improve things with a good VPN that focuses on privacy. I have a paid ProtonMail account and use the ProtonVPN included with it.

Use both the VPN and the private browsing.

I don't really need it, but just for fun my cell phone is almost always using the VPN and routes the traffic through both Iceland and the US.

One time just for grins, I used it to route my path for an ssh connection to a computer across the hall from my office through both Stockholm, Sweden and Tokyo, Japan. It was definitely slower than just using the office network, though.


_________________
[email protected]

(The above is a valid, but temporary, e-mail address that is relayed to my real e-mail. If it starts getting spammed, I'll just remove it and create a new one and change the signature block. If you want to send me an e-mail, feel free to do so, but be aware that unless you are using something like this, your e-mail address will be exposed to me.)


ElmersTrueLove
Veteran
Veteran

User avatar

Joined: 8 Feb 2024
Age: 21
Gender: Female
Posts: 538
Location: Elmer Fudd's Cupid form

20 May 2024, 10:26 am

You CAN clear incognito history, but you have to use chrome. I'm still trying to find out how to on Silk Browser. (I was never allowed a phone until a few years ago and had to use a tablet)


_________________
Someone: You attract what you fear.‬
‪Me: I'm terrified of Elmer Fudd.

Elmer's wife since 2022

.。*゚+.*.。 ゚+..。*゚+


ToughDiamond
Veteran
Veteran

User avatar

Joined: 15 Sep 2008
Age: 71
Gender: Male
Posts: 11,955

20 May 2024, 11:36 pm

I'm no expert, but my current belief is there's at least one major privacy weakness in all traditional browsers - they always tell the websites you visit what your IP address is, and they might also tell them your device profile. And I was surprised to read that they also tell the website the previous page you were on, though I hope that's a myth. No idea why, if those things are true, they don't allow you to turn them off in settings. Is it something to do with the website needing your IP address so that it knows where to send its page data?

Maybe the Tor browser is more private?



ProfessorJohn
Veteran
Veteran

User avatar

Joined: 26 Jun 2014
Gender: Male
Posts: 1,153
Location: The Room at the end of 2001

20 May 2024, 11:45 pm

From what I have learned from the limited research i have done in this area, about the only way to get privacy on the internet is to use a VPN. Even then you need to do some research on which VPNs are the most private. I have heard good things about Nord VPN. I tried Surfshark but it slowed some things down too much. The best offense is a good defense. Don't post anything on line you don't want to government to know about you.



ToughDiamond
Veteran
Veteran

User avatar

Joined: 15 Sep 2008
Age: 71
Gender: Male
Posts: 11,955

20 May 2024, 11:55 pm

ProfessorJohn wrote:
From what I have learned from the limited research i have done in this area, about the only way to get privacy on the internet is to use a VPN. Even then you need to do some research on which VPNs are the most private.

That's my feeling too. And I tried a VPN once - most websites were fooled about my IP address, but some of them saw through the trick.



kokopelli
Veteran
Veteran

User avatar

Joined: 27 Nov 2017
Gender: Male
Posts: 3,779
Location: amid the sunlight and the dust and the wind

09 Nov 2024, 9:06 pm

One browser you might want to try out is called LibreWolf.

It is a version of Firefox that emphasizes privacy.

I admit that i haven't used it much. I just ran across it a week or so ago. I'm using it right now for this connection.

One thing that it tries to do is to mislead websites about what you are using. I'm on a computer running Fedora LInux 41, but if I understand correctly, it tells the websites that I'm using Firefox on a Windows 11 computer.

Their website is https://librewolf.net/


_________________
[email protected]

(The above is a valid, but temporary, e-mail address that is relayed to my real e-mail. If it starts getting spammed, I'll just remove it and create a new one and change the signature block. If you want to send me an e-mail, feel free to do so, but be aware that unless you are using something like this, your e-mail address will be exposed to me.)


kokopelli
Veteran
Veteran

User avatar

Joined: 27 Nov 2017
Gender: Male
Posts: 3,779
Location: amid the sunlight and the dust and the wind

09 Nov 2024, 9:15 pm

Here is the features list from the LibreWolf pages:

Quote:
Privacy

Delete cookies and website data on close.
Include only privacy respecting search engines like DuckDuckGo and Searx.
Include uBlockOrigin with custom default filter lists, and Tracking Protection in strict mode, to block trackers and ads.
Strip tracking elements from URLs, both natively and through uBO.
Enable dFPI, also known as Total Cookie Protection.
Enable RFP which is part of the Tor Uplift project. RFP is considered the best in class anti-fingerprinting solution, and its goal is to make users look the same and cover as many metrics as possible, in an effort to block fingerprinting techniques.
Always display user language as en-US to websites, in order to protect the language used in the browser and in the OS.
Disable WebGL, as it is a strong fingerprinting vector.
Prevent access to the location services of the OS, and use Mozilla's location API instead of Google's API.
Limit ICE candidates generation to a single interface when sharing video or audio during a videoconference.
Force DNS and WebRTC inside the proxy, when one is being used.
Trim cross-origin referrers, so that they don't include the full URI.
Disable search and form history.
Disable form autofill.
Disable link prefetching and speculative connections.
Disable disk cache and clear temporary files on close.
Use CRL as the default certificate revocation mechanism, as it is faster and privacy oriented. For security and usability reasons, the browser might fall back to OCSP in some instances: when that happens, OCSP will be stapled to preserve privacy.

Security

Stay up to date with upstream Firefox releases, in order to timely apply security patches.
Enable HTTPS-only mode.
Enable stricter negotiation rules for TLS/SSL.
Always force user interaction when deciding the download location of a file.
Disable scripting in the built in pdf reader.
Protect against IDN homograph attack.
Implement optional extension firewall, which can be enabled manually.
Revert user-triggered TLS downgrades at the end of each session.
Set OCSP to hard-fail in case a certain CA cannot be reached.

Annoyances

Prevent window resizing from scripts.
Disable autoplay of media.
Disable search suggestions and ads in the urlbar.
Remove all the distracting and sponsored content from the home page.
Remove the Pocket extension at compile time.
Remove Mozilla VPN ads.
Disable Firefox Sync, unless explicitly enabled by the user.
Disable extension recommendations.

Others

Completely open source and community driven.
Easy and Docker-based build process, so that everyone can build from source in few steps and without local dependencies.
LibreWolf specific UI that exposes the most important privacy and security settings, to allow you to easily control them.
Completely disable telemetry, including crash report, normandy, studies and personalized recommendations.
No data collection ofany kind. In fact, as stated in our privacy policy, we wouldn't even have the infrastructure to do that, making it impossible from a technical standpoint.
Disable Google Safe Browsing, over censorship concerns, and in an effort to prevent Google from controlling another aspect of the internet. This would also make a developer key a requirement to build from source, which is something we are not comfortable with.
Disable DRM, as it is a limitation to user freedom.
Avoid making unnecessary changes that increase the fingerprint without giving any privacy gain.
Only allow outgoing connections that are not privacy invading.
Disable built-in password manager and suggest more robust options.


_________________
[email protected]

(The above is a valid, but temporary, e-mail address that is relayed to my real e-mail. If it starts getting spammed, I'll just remove it and create a new one and change the signature block. If you want to send me an e-mail, feel free to do so, but be aware that unless you are using something like this, your e-mail address will be exposed to me.)