Best secure browsers for privacy (2022)
Big changes are afoot in the ad-sponsored web, and the browser has become a key battleground for end-user privacy. While Chrome is by far the most widely used browser in the world, there are alternative browsers and ways to improve your privacy when using Chrome.
Unfortunately, there’s no easy way yet to ensure total privacy through browsers, according to Dr Lukasz Olejnik, an independent privacy researcher and consultant, who led a large scale study in 2009-2011 that found web browsing histories can be used by online ad companies to fingerprint individual browsers over time.
Researchers from Firefox-maker Mozilla emulated his study in 2020 with 52,000 Firefox users, which confirmed Olejnik’s findings. They warned that Google’s and Facebook’s tighter grip on online advertising today makes the practice of re-identification through browsing histories an even more pressing privacy problem today.
Google’s FLoC (Federated Learning of Cohorts) substitute for third-party cookies, which Google plans to block in 2022, is being trialed now with some Chrome users in the US and other markets except Europe, where Google recently admitted FLoC might not be compatible with the EU’s General Data Protection Regulation (GDPR).
But FLoC won’t solve the problem of browser fingerprinting. “Fingerprinting is here to stay and the removal of third-party cookies indeed does not impact on this technique,” says Olejnik.
Brave, a privacy-focused Chromium challenger
Best Browser for Privacy
Brave is a Chromium-based browser that by default blocks ads, fingerprinting and ad-trackers. Brave in January announced it had passed 50 million monthly active users, which is still a fraction of Chrome’s 3.3 billion users across desktop and mobile.
Brave’s business model relies on privacy-protecting ads that can pay publishers and users with Basic Attention Tokens (BAT) when users pay attention to ads. It also recently acquired Tailcat to launch Brave Search, so it can provide a privacy-focussed alternative to Google Chrome and Google Search.
The Chromium-based browser is headed up by Brendan Eich, a key designer of the JavaScript programming language and a co-founder of Mozilla and Firefox.
Brave’s privacy record isn’t unblemished. Eich in 2020 apologized to customers after being caught sharing default autocomplete answers with an affiliate cryptocurrency exchange.
Still, a recent study by Professor Douglas J. Leith at Trinity College at the University of Dublin rated Brave as the most private browser over Google Chrome, Mozilla Firefox, Apple Safari, and Chromium-based Microsoft Edge.
Leith looked at how much browsers communicate to each browser maker’s backend servers. Brave did not use any identifiers allowing the IP addresses to be tracked over time, and did not share details of web pages visited with its backend servers. By contrast Chrome, Firefox and Safari tagged telemetry data with identifiers linked to each browser instance.
Brave has removed a ton of Google code from its version of Chromium to improve user privacy and has also come out hard against Google’s FLoC ID proposal, which is beginning to roll out to Chrome users but will not been enabled in Brave.
Brave has several privacy-enhancing settings with options to block third-party ad trackers, a toggle for upgrading unsecured connections to HTTPS, cookie blocking and fingerprinting blocking. Users can adjust these in Settings with in the Shields and Privacy and security sections.
Despite alarm over FLoC, Olejnik says it is preferable to third-party cookies from a privacy standpoint, but he’s holding off judgement until he sees the final design.
FLoC is a type of fingerprint designed to replace third-party cookies. In this scheme, Google assigns a FLoC ID to clusters of Chrome users with similar interests, allowing for some privacy by letting individuals ‘hide within crowds’, as Google put it, while still delivering targeted ads to advertisers.
Still, Olejnik found the initial implementation of FLoC can leak users web browsing histories, so taking cover in the crowd might not actually work as intended yet.
“If I had to choose between third-party cookies or FLoC, I would choose FLoC. But it all depends on the final design and configuration. Care must be exerted in the design to avert the risk of data leaks,” Olejnik says.
“In my tests of the initial version, I verified that leaks of web browsing histories are indeed possible. But I am sure that the final solution would have to have some privacy settings designed and implemented. In current testing FloC, this is not the case.”
Pros
- Privacy-focussed by default
- Not in the traditional online ad business
- A fast experience
Cons:
- No obvious negatives but issues in the past show it is not perfect
Mozilla Firefox
Most Secure Browser
Chrome’s security and patching make it the most secure browser available today, but when looking solely at privacy, Olejnik rates Mozilla Firefox as the best of the pack. So, for those using a multi-browser strategy to improve privacy, Firefox is a must-have.
One of Firefox’s most important privacy features is Enhanced Tracking Protection. Mozilla has also borrowed Tor techniques to block browser fingerprinting and, despite its declining monthly active user numbers (it’s at 220 million today, down from 250 million a year ago), Firefox developers are on a constant quest to improve tracking-prevention features, such as its work on browser data storage that can be used for tracking users across the web, which goes beyond just stored cookies and targets multiple caches.
Firefox is rich with choices to customize the browser for privacy by typing about:preferences#privacy in the address bar. The “standard” Enhanced Tracking Prevention blocks social media trackers, cross-site tracking cookies, and blocks tracking in private windows, cryptominers, and fingerprinting scripts. There is a “strict” mode too that might break some sites, but there are ways to whitelist Enhanced Tracking Protection for trusted sites. And for those with the time, Mozilla provides a way to customize the privacy feature.
The other option for Firefox fans is Firefox Focus, a privacy-focussed browser for iOS and Android that blocks ad trackers and has a built-in ad blocker.
And if you’re against Chrome’s FLoC, Mozilla this week told Digiday that it too would oppose the fingerprinting technique and won’t be implementing it in Firefox.
“We are currently evaluating many of the privacy preserving advertising proposals, including those put forward by Google, but have no current plans to implement any of them at this time,” a Mozilla spokesperson said.
“We don’t buy into the assumption the industry needs billions of data points about people, that are collected and shared without their understanding, to serve relevant advertising,” they added.
Pros
- Firefox has invested a lot into Enhanced Tracking Prevention
- No interest in profiting from online ads
- Trusted by 220 million users
Cons:
- Despite a major overhaul Firefox is still losing users
- Mozilla is pushing its read-it-later service Pocket through Firefox
DuckDuckGo extension
Is an extension from a privacy search engine the answer?
DuckDuckGo, a privacy-focused search engine, is a vocal supporter of consumer’s privacy rights and in January hit a milestone of reaching 100 million user search queries in a day.
DuckDuckGo and the rise of encrypted messaging app Signal, shows there is a growing appetite for privacy-focussed alternatives to tech giants like Facebook and Google. Still, DuckDuckGo’s daily search numbers are minuscule compared to Google’s five billion daily search queries.
DuckDuckGo’s Privacy Essentials extension for Chrome, Firefox and Microsoft’s new Edge has been installed by four million Chrome users. Its reputation is built on the idea it does not collect user data but can provide the same search results as those that do collect user data.
In a seeming reaction to Google’s unchallenged dominance in search, some browser makers such as the To web-anonymizing project, made DuckDuckGo the default search engine to ship with its Firefox-based browser.
DuckDuckGo was founded by entrepreneur Gabriel Weinberg as a self-funded project in 2008.
The DuckDuckGo extension was also quick to block Google’s FLoC fingerprinting identifier.
And the company is a founding member of the Global Privacy Control (GPC) standard (which is still being hashed out) as an answer to consumer privacy protections under the California Consumer Protection Act (CCPA) and Europe’s General Data Protection Regulation (GDPR).
But it is browser extension and, like all software, there are vulnerabilities that crop up. In March, researchers discovered a cross-site scripting flaw in the DuckDuckGo Privacy Essentials that could allow an attacker to observe all websites that the user is visiting. Fortunately DuckDuckGo fixed the flaw fairly swiftly for both Chrome and Firefox.
Pros
- Supported on Chrome, Chromium-based browsers and Firefox
- DuckDuckGo appears to have a solid commitment to user privacy
- If you don’t like FLoC, it blocks it automatically
Cons
- It’s a software extension and that creates another avenue for security flaws to creep in
Microsoft Edge
The wild card for online privacy
Microsoft Edge, being based on Google’s Chromium project, is now available for Windows 10, macOS and Linux.
Microsoft was rated the worst browser for privacy by Professor Leith because of how often it sent identifiers, including IP address and location data to Microsoft servers — even worse than Google Chrome.
Microsoft told ZDNet it was just diagnostic data that can be easily disassociated from the device ID. Microsoft confessed its collection does include information about websites visited but said this information is not used to track users browsing history or URLs specifically tied to the user. Windows 10 telemetry data collection shows Microsoft can be clumsy on privacy despite Microsoft president Brad Smith’s principled statements on the use of facial recognition in public arenas.
Microsoft also has an interesting take on Google’s FLoC. A Microsoft spokesperson told ZDNet it does not support fingerprinting because users can’t consent to it. It is however developing its own alternative to FLoC called PARAKEET, which has similar goals to FLoC, like retargeting browsers over time.
“Like Google, we support solutions that give users clear consent, and do not bypass consumer choice. That’s also why we do not support solutions that leverage non-consented user identity signals, such as fingerprinting. The industry is on a journey and there will be browser-based proposals that do not need individual user ids and ID-based proposals that are based on consent and first party relationships. We will continue to explore these approaches with the community. Recently, for example, we were pleased to introduce one possible approach, as described in our PARAKEET proposal. This proposal is not the final iteration but is an evolving document,” Microsoft said.
Microsoft PARAKEET proposal says it supports an “ad-funded web because we don’t want to see a day where all quality content has moved behind paywalls, accessible to only those with the financial means.”
While Microsoft’s Bing search engine may not be widely-used, it does own LinkedIn and that brand’s online ad division brought in $2.58 billion in revenue in quarter ending December 2020 quarter, up 23% year on year, making up about 5% of Microsoft’s total $43.1 billion in revenue for that quarter.
Microsoft has never claimed to be a guardian of end-user privacy but it does at least provide a support page explaining what data Edge collects and why Microsoft collects it.
Pros
- It’s not Google Chrome
- Edge is gaining new features rapidly
Cons
- It has a burgeoning online advertising business
- Microsoft’s position on FLoC is ambiguous
Don’t disable JavaScript, do try the NoScript extension
Easy to install, a burden to manage
In the past, security-conscious people advised others to disable JavaScript in the browser, but Olejnik tells ZDNet this is a sledgehammer approach for the web today.
“Disabling JavaScript today is a no-go because almost every website depends on it. Disabling it would make the web essentially unusable,” says Olejnik.
One example is that today Google won’t let users who disable JavaScript to sign in to Google Accounts such as Gmail and YouTube.
His recommended workaround for people wanting more privacy is to install the NoScript extension for Firefox, Chrome and Chromium-based browsers like the new Microsoft Edge. NoScript offers a more selective way to deal with invasive scripts and malware attacks that rely on JavaScript.
“In very simple ways users may easily decide which websites would be able to include what component, executing JavaScript or not,” he says.
However, he warns NoScript may be “quite cumbersome” since it takes time to click-through to decide which websites should be allowed what.
“But it is worth it,” he adds.
“Disabling scripting on weird or random sites is the biggest impact. Scripting is responsible for most of the most important privacy risks. It is also responsible for the delivery of some web browser exploits. So not having scripting on by default may actually save you from being hacked,” says Olejnik.
Of course, there are other approaches users can take too, including using a browser other than Chrome. To this end, Olejnik suggests it is wise to use several browsers for different tasks. You can go to the NoScript website for more information on what exactly the extension does, as well as access an active user community forum to report bugs, propose updates, and troubleshoot issues.
Pros
- Freely available for Firefox, Chrome and Chromium-based browsers
- Protects against the most common privacy and security threats on the web
- Doesn’t collect your web history
Cons
- A bit cumbersome to set up the allow list
What is the best browser for privacy?
Brave is our pick for the best browser for privacy based on our analysis of specs such as cookies stored, privacy settings, and speed of the top browsers.
Are there other browsers worth considering?
Another great choice for improving your privacy on the web is the Tor browser, which is based on Mozilla’s Firefox Extended Support Release (ESR). It’s been tweaked to help users use the Tor anonymizing network — a collection of distributed nodes versus a more centralized design like a VPN service. The Tor browser’s default search engine is DuckDuckGo.
While it isn’t a mainstream browser choice, the Tor browser is a well-regarded browser for people who don’t want to be tracked across the web and it gets updated on a monthly basis by the Tor Project.
However, page loads in the Tor browser can be slower and some sites might not work due to the architecture of the Tor network. Using the Tor browser for Google Search, for example, might require going through additional CAPTCHA challenges to prove you’re not a bot. Page loads are also noticeably slower on streaming services like Netflix.
Nonetheless, the Tor browser is worthy addition for people who use multiple browsers to get life done on the web.
Does using a private browsing window hide my IP address?
If you’re using Chrome, an Incognito Window doesn’t hide your IP address. It simply doesn’t store your browser history, information you’ve entered into forms, or what permissions you’ve given to sites you’ve visited. Microsoft Edge, Firefox, and Opera all use a similar form of “anonymous” web window for browsing, but they aren’t truly hiding your online identity. If you want to block your IP address from being viewed or tracked, you can download a VPN, which masks your IP address so your service provider (or anyone else, for that matter) can’t see what you’re doing.
What is the Tor browser?
Tor is a non-profit organization that researches online privacy. Their proprietary web browser “hides” a user’s IP address and activity by relaying it through an in-house network of servers run by volunteers. By bouncing your information around so much, it makes things exceptionally difficult to track, which is great if you don’t want your ISP or anyone else spying on your online activity. The Tor browser has seen its fair share of controversy, since it’s a popular choice for accessing the deep web: a collection of websites and pages that are inaccessible through traditional means, like search engines. While accessing deep web sites is not in itself a crime, there are quite a few places (like the now defunct Silkroad) that conduct highly illegal activity such as trafficking drugs. But don’t let that dissuade you from using the Tor browser itself, or other privacy-focused browsers that use Tor like Brave. Just because some people misuse the technology, that doesn’t mean it’s a bad browser.
What is the most common personal web security vulnerability?
Honestly? Putting your personal or contact information in your social media. If you have your full name, phone number, address, or place of work anywhere on your social media, someone can use it to wreak havoc on your personal accounts. To prevent this, avoid using your real name online where possible, turn off location tracking, and don’t post about your place of work if you can help it. All it takes is a single piece of personal information for someone with very bad intentions to get ahold of your entire online presence.
Those innocent-looking name generator memes are another big issue; the ones that have you type out your first pet’s name and your childhood street name (or something similar) to make up a gnome (or whatever) name. These are answers to common password recovery questions, so by letting the world know that your Christmas elf name is Fluffy Elm Street, you could be handing over all of your personal accounts to internet criminals.
READ MORE HERE