Privacy

34425 readers

792 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

The question of browsers (lemm.ee)

submitted 2 days ago by ProtozoanDusk@lemm.ee to c/privacy@lemmy.ml

20 comments fedilink hide all child comments

So, I have always just used one browser, Firefox, with javascript and cookies turned off and whitelisted sites that I needed to use that required javascript or cookies or both to actually work.

My threat model isn't the tightest and could best be described as "I don't see why they should have my data if I am blocking the ads they use it to try to deliver to me". This browser setup coupled with tracking blocking at the DNS level has made me feel comfortable that while some of my data is being collected I am stopping most of the collection.

With the advance of fingerprinting and the recent change of a certain browser's terms of use it is probably time to review this setup.

I believe that it is usually advisable to use two different browsers. One where you are identifying yourself by logging in and one where you are just browsing. As logging into sites usually involves javascript and cookies I was going to use Librewolf with javascript and cookies turned off for general browsing and Mullvad browser as it comes for sites that require javascript and cookies.

I feel as though I have read a thousand discussions on this subject over the years so I apologise. Does anyone have any suggestions for a more private setup browser-wise? Tracking blocking at DNS level will continue and I'm on debian-based linux.

Thanks for any help in advance.

you are viewing a single comment's thread
view the rest of the comments

[–] bad_news@lemmy.billiam.net 5 points 2 days ago* (last edited 2 days ago) (1 children)

Tor browser inherently uses tor, as the other comment says, Mulvad offers tor browser sans tor as Mulvad browser. As per the "do you tor over VPN" issue I think we need to first cover some networking concepts...

So your internet works via protocols, UDP provides a basic connection where you can send unordered messages, TCP works on top of UDP to provide linear order. Things like old video chat and bittorrent work over UDP because you don't care about order, you just want the data as you get it, so the video freezes or glitches, but you get the most recent frame of the video. Things like programs and webpages aren't YOLO about data integrity, so they use TCP which enforces order, so you don't get frames from 1 minute later in your Netflix video out of sync. VPNs provide UDP, which is lower level than TCP, which tor provides, so you can tor over VPN but you cannot VPN over tor.

If you use Mulvad browser from your VPN, you will look like everyone using Mulvad browser from your VPN exit point, which may well just be you, it's fairly esoteric. If you use tor browser, you will appear to be exiting from a tor exit node along with hundreds if not thousands of other tor browser users.

[edit: just realized I forgot to actually address the is it worse to tor over vpn question. There is no privacy impact per you and the site, the question is state surveillance. Mentaloutlaw on Odysee says the feds will extra look at things if you tor from a VPN, but I really don't buy that's how anything works, I think most non-Germany state actors would look at ISP-level tor use to lock you up and not deal with the headache of subpoenaing a VPN provider to find out one rando is using tor]

[–] FrostyPolicy@suppo.fi 3 points 2 days ago

You got most things right about UDP and TCP. They both work in the transport layer of the OSI model. They are also completely different protocols, related yes but independent.

UDP is "simpler" as it basically throws data packages in to the network and hope they reach their destination. TCP on the other hand has checks in place that verifies that a data package has actually reached its destination.