TheGodfather Mullvad Browser with Mullvad VPN is what I use for standard navigation, without the VPN, it compares with Firefox + Arkenfox, which can only protect against naive scripts, with the VPN, it compares with Tor Browser where anti-fingerprinting is more significant. I'm aware of its inherited safety weaknesses, I use servers running Wireguard in my time zone. I use Vanadium on GrapheneOS where the VPN is not systematically connected because I don't really like the idea of having a centralized connection.
I relied on primary sources to read Google's proposals for Privacy Sandbox, I wanted to understand for myself rather than blindly read third-party sources, I found some ideas really interesting while I misunderstood other proposals, at least I misunderstood how they are an improvement, the real problem seems to be that his proposals support a business model that we should most likely abandon.
TheGodfather Don't forget that fingerprinting is a statistical form of tracking. So you don't need to look like everyone else. But you need be in a big enough crowd to hide in.
That's right.
TheGodfather Sure. It's one additional data point for tracking. So is your DNS server and DNS filter lists. And of course don't forget the most important and most reliable way of tracking: browser state (e.g. cookies). That's why you need state partitioning and delete state often.
I constantly use the DNS server provided by the network, as you write, simply changing DNS can be enough to make you stand out even more, browser data deleted on closing is something I've been doing for quite a long time, although I sometimes make exceptions.
TheGodfather I would assume that the most used browser is Chrome on Windows. The problem with fingerprinting on desktop is that especially the hardware, but also the software (especially on Linux) is so inhomogeneous. This makes fingerprinting mitigations more important than on smartphones to make these differences less exploitable. Neither Chrome nor Edge have meaningful fingerprinting mitigations. Tor browser and Mullvad are good choices in that regard on desktop.
I agree. Edge can be a good choice for Windows because it supports hardware isolation, provided you use Application Guard mode. This is a really interesting security feature, but it doesn't make Edge a privacy-friendly browser. It also supports JIT disabling and Google Chrome now lets you disable the V8 optimizer, I wish Firefox supported this without having to go to about:config.
Tor's security is pretty weak, which means its privacy protection is too, so I'd choose a configuration like this: VPN -> Tor Browser -> Internet, using a trusted VPN as a first hop makes more sense than some people think because most of the time, your VPN's exit nodes won't be actively malicious.
Here's a good article on Tor's weaknesses : https://medium.com/@thegrugq/tor-and-its-discontents-ef5164845908