• General

  • Avoiding Browser fingerprinting - best usable option

With is the best way to avoid browser fingerprinting without using tor? Because many sides don't work, or i have to do a lot of captchas.

On mobile @grapheneos has said when i remember correctly that safari is the only browser that has real potential to avoid fingerprinting because its on many and all most the same devices.

So is safari the best option on mobile? If yes, only on an iphone or on a ipad too?

Are destop browser better? Like the Mullvad Browser? On a m series chip mac? I read in this forum often mac is the most secure and private option for a destop operating system.

For reverence i use vanadium incognito only.
Cross-origin referer disabled
Open external links in incognito enabled
JavaScript and side settings disabled by default. I add exceptions for a handful of sides.

Usually i don't log in on any sides. I take most of the time research (I'm a journalist) and would buy a secondary device only for browsing if necessary to avoid being tracked.

    SPUTTERGRUMBLENANOMETER firefox on desktop with arkenfox user.js and noscripts is what i use... But i assume with the amount of chrome users, just running a stock chrome would be less profileable... Personally i just accept constant recaptchas and broken sites are the cost of running a vpn and noscripts...

      Maybe you want to give this discussion a try - despite what its title might suggest - it's also a lot about browser fingerprinting:

      https://discuss.grapheneos.org/d/4242-brave-vs-vanadium

      This might also be worth reading:
      https://grapheneos.org/usage#web-browsing

      If you're just starting your privacy journey and like videos more than reading, this video by Naomi Brookwell might be interesting too.

      SPUTTERGRUMBLENANOMETER I would avoid Brave not out of technological concerns but out of distrust of the creator and developers, but this is for personal political reasons which I won't discuss.

      Ironfox and Cromite are good

      https://www.privacyguides.org/en/mobile-browsers/#cromite-android

      One thing to be aware of is many browsers fake or block standard measurements (like audio fingerprints) to seem similar.

      This may not work. Creep.js is the best standard for seeing if you are unique with many complex tests.

      It's debatable as to whether using a browser that standardizes everything to blend in works when there are many nonstandard fingerprint methods.

      Making certain values random is detectable, but the random data may make this harder to be sold. Plugsins like canvablocker (on ironfox) do this beyond just resist fingerprinting default settings.

      Privacyguides.org and simplifiedprivacy.com but have excellent information. Simplifiedprivacy has a more either realistic or paranoid intensity, but they tend to provide better information that is more advanced or robust or more defensive against potential threats. Privacyguides.org is more careful not to state things without lots of proof and to not be overly fearful, but this can backfire, like when they recommended US-based skiff.com to users, something simplified privacy never would have ever done due to their more defensive nature.

      But really with JavaScript on you can't defend against adversaries who are sophisticated. There are posts on this forum about creeps.js. One user did extensive testing of this in another post, I don't recall the username but it was excellent.

      Use search on this forum.

          @GrapheneOS
          I have tried to link you in my post above. I couldn't find the original post I mentioned. I was hoping you could give some clarity on this topic.
          I would love to hear your opinion on what would be the best case to use the internet just for research only.
          I've already read many forum posts and had a look on the mentioned links and videos above but I'm not getting a clearer view on this topic and what to do in my usecase.

          Don't feel forced to answer but I would appreciate your help.

          It's impossible to be anonymous on mobile. Tor browser for android has problems and therefore not recommended. If you want to remain truly anonymous, and also bypass captchas and websites blocking you, the only option left is to use a VPN/Proxy after Tor. Safari - I don't know. Using a private search engine on a proprietary browser doesn't seem like a good idea to me. Mullvad browser is a fork of Tor browser with a much smaller user pool. Vanadium does have some privacy protections (cross-origin referrer, os spoofing, etc.) but it's not perfect. Brave is known to be secure but there are limits. Gecko based browsers (firefox and its fork) are not recommended at all. You can also use websites like fingerprint dot com to check your browser fingerprints.

            trashaccount many people would agree with this

            I only don't use Brave for political reasons, not technological ones. The consensus is Brave is very good in mobile settings.

            privacyguides.org also lists brave and they give very rational explanations for everything they say

            simplifiedprivacy also gives explanations and some do not have the same level of acceptance. (They have very strong views against centralization and CDN. Their ideas are more intense, but often fascinating. I have more fun reading their material.)

            Both sites recommend GOS btw.

              in_search_of_privacy dont mix private up with secure, while of course they overlap the op was asking about fingerprinting which is an aspect of privacy, therefore the weak sandboxing of gecko based browsers such as firefox, is irrelevant to its anti fingerprinting capabilities, which to my mind exceed vanadiums, though i use vanadium on my mobile i sorely miss the grainular control of noscripts, and the fine tuning capabilities enabled by running a arkenfox user.js

                  Chipper I decided to explore a little more indepth the chromium and firefox implementations of tab sandboxing and state partitioning, in doing so i came across this:

                  "Cache Partitioning: Chromium partitions the HTTP cache, meaning shared resources (e.g., Google Fonts) are downloaded separately for each top-level site, reducing tracking risks but increasing data usage and load times."

                  "Google's Tracking Advantage: Critics argue that Chromium's cache partitioning, while privacy-enhancing, benefits Google's tracking capabilities. For example, downloading Google Fonts separately for each site reveals user visits to Google's servers, potentially enabling tracking despite partitioning. An attacker (or Google itself) could exploit this to build user profiles, undermining the privacy benefits of partitioning."

                  I thought that was interesting, though i dont know that Vanadium doesnt mitigate that in some way.

                  It is clear from what i can tell, that Chromiums implementations are across the board better than firefox's impacting both security and privacy.