- Edited
Hi fellas,
I'd like to discuss strategies for maintaining privacy from big tech and others tracking entities out there. By no means am I an expert on the topic, nor a developer, so I'll mostly be asking a lot of my own questions and concerns about my own strategies.
My Conclusions
From my time spent researching on this forum, I've come to some conclusions about privacy, security, and anonymity:
(1) Anti-fingerprinting (AF) measures in even the best browsers aren't comprehensive enough to protect against sophisticated fingerprinting techniques [I can't recall if examples were provided by members]
(2) Brave is suggested to have the best AF measures. It scores well on the EFF Cover Your Tracks site, although it has been suggested that that site only covers basic fingerprinting methods.
(3) Firefox-based browsers (FFBBs) lack the security of Chromium-based browsers (CBBs), due to a lack of tab isolation, so they are not recommended to use. I can't recall any other security concerns at this time.
(4) The only FFBB recommended by some for privacy is Mull. Tor is still recommended by most for anonymity, albeit a FFBB.
(5)Vanadium lacks AF as good as Brave, but the GOS team is working on new features.
(6) Some GOS forum users are weary of Cromite, as it's a smaller project, but, to me, at least it is a CBB, which could prove useful. I also recall it having slightly better AF score on the EFF site than Vanadium, for whatever that's worth.
Anti-fingerprinting: choose a browser with strong anti-fingerprinting, or isolate with multiple browsers? Or both?
So, my current usage looks like this:
-Always on a VPN.
-Brave, on the merits of (2), for sites that require logins, like banking, online learning, or forums.
-Cromite, on the merit of (6), for anonymous browsing, never logging in to anything.
-Vivaldi for logging into a "fake" Facebook account I use to look things up. The account is in no way connected to my real identity.
-Tor, on the merit of (4), for researching extremely sensitive topics. Honestly, I run Tor through/over my VPN, mainly because I don't like the idea of disabling "block connections without VPN" in android settings. I trust my VPN more than my ISP.
-Mulch for connecting to Google video/voice calls for an online group I am involved with.
My concerns and questions, and self-critiques
I am wondering if I should streamline my approach and do more on Brave, given its good AF. However, given (1), I am hesitant to do so. On that note, I am heavily considering taking advantage of some apps rather than their equivalent websites, to avoid being browser fingerprinted. However, on Graphene, as secure and degoogled as it is, I don't know how much I'm opening myself up to being further fingerprinted. For example, to avoid browser fingerprinting by Udemy or my bank, should I download their apps instead? Udemy's Exodus report shows 9 trackers, including Facebook Analytics and Facebook login. As long as I don't have the official Facebook or Instagram apps installed/logged-in on the same user profile as Udemy, no data would be linked, right? And, even if I were hypothetically logged into Facebook on their app, am I correct in thinking that GOS would protect me from these apps talking to each other? If so, how can a person tell how GOS isolates apps from one another unless the user wants? Is this functionality a false presupposition of mine? Lastly, with these trackers, would Udemy actually be sharing my info with Meta, Facebook/Instagram account or not?
Similarly to the above paragraph, I'm wondering how I should enjoy YouTube. Currently, I use Tubular, but can't take advantage of personalized, recommended videos. If I'm able to make a YouTube account with a burner phone number, would anyone recommend using the actual YouTube app or similar, like Vanced [I know Vanced is gone now]? With the regular YouTube app, I'd lose adblocking and sponsorblock. So, what about using Firefox with extensions like UBlock Origin, instead?
I'm currently not using Mull or Vanadium at the moment because I'm not sure how I want to deploy them. Vanadium has so much value with its strong security that, when I finally want to use it, I want to make the most out of it. I could replace my usage of Cromite with Vanadium, as I do so much anonymous browsing, that a more hardened browser would keep me safer as I traverse the web. If I'm not logging into anything anyway, and I'm always on my VPN, then I don't think I need to be as concerned about fingerprinting as I am with how I use Brave.
I am wondering if I could be making better use of Mulch. Yes, it's not as secure as Graphene, but instead of using it solely for Google video/voice chats, maybe I could delegate it to pseudoanonymous stuff like forum account access. I risk being fingerprinted that way, so I'm unsure. Might be best to leave that with Brave. I am a bit leery on leaving so many of my eggs in one basket with Brave, when it comes to fingerprinting.
Any thoughts on using Brave Beta for anything? Given that it is beta software, I assume most of you will be against its use, for security reasons.
User profiles
I have 4 Graphene user profiles to separate my crypto activity, work apps, personal stuff and browsing, and risky research and related downloads. I do this for extra security and privacy to avoid an event where an app somehow gains access to files I don't want it to have (sorta more overkill than storage scopes, I guess, but I use those too), to compartmentalize my life in case an entity were to have access to things in one of those profiles, and to streamline how groups of apps connect to the internet. With that said, should I be factoring big tech browser and device fingerprinting into this equation, too? I'm sorta already do that to some degree, as I don't trust the work app I use, what with all its big tech trackers, but maybe I could do more. Isolating more apps with trackers, Google stuff, etc. A profile for apps requiring Google Services? I'll leave that in your court, fellas!
Thanks so much for reading all this. Please correct me on anything I've written here. I know how brutally blunt y'all can be ;)
Regards,
Brother Swan