top | item 19603528

(no title)

tya99 | 7 years ago

> Im actually glad that the author pointed out that once you log in somewhere that will track you, that connection is associated with you.

Exactly, and it's usually a cookie or some sort of persistent storage. I use a VPN, but I use it at the router level. https://wiki.alpinelinux.org/wiki/Linux_Router_with_VPN_on_a...

I know my ISP logs my metadata (by law), whereas I trust that my VPN provider does not.

Essentially VLAN2 all traffic is routed direct to my ISP, and VLAN3 all traffic is routed to VPN. My machine normally sits in VLAN3. I make sure not to log into anything social media related or tied to my real identity.

If I need to do banking, Facebook or something like that I'll use a device in VLAN2 (a separate computer).

All phones and devices like that are broadcasting information anyway so those are in VLAN2 as well, unless they are devices with LineageOS and no Google Apps.

> A vpn is not a cure-all. It is only as private as you're willing to make it. If you want to pirate movies and chat on facebook at the same time, you're probably gonna have a bad time. What you do is absolutely a part of your advertising/tracking profile.

See in this scenario I would have a system in VLAN3 that I use for my downloading, and another computer in VLAN2 that is used for the facebooking. I use a hardened browser with https://github.com/ghacksuserjs/ghacks-user.js that hardens the browser and helps against fingerprinting.

I also use a number of addons, for various purposes

That requires hardening. Currently I use

* CleanURLs https://addons.mozilla.org/addon/clearurls/ (remove UTM and parameter tracking)

* CSS Exfil Protection https://addons.mozilla.org/addon/css-exfil-protection/

* Decentraleyes https://addons.mozilla.org/addon/decentraleyes/ (prevent tracking via CDN)

* Firefox Multi-Account Containers https://addons.mozilla.org/addon/multi-account-containers/ (used for sites to keep me logged in)

* HTTPS Everywhere https://addons.mozilla.org/addon/https-everywhere/

* Redirect AMP to HTML https://addons.mozilla.org/addon/amp2html/ (no to AMP)

* Temporary Containers https://addons.mozilla.org/addon/temporary-containers/ (Prevents tracking via ETags and other things like IndexDB)

* uBlock Origin https://addons.mozilla.org/addon/ublock-origin/ (block adverts)

* uMatrix https://addons.mozilla.org/firefox/addon/umatrix/ (block 1st party JavaScript)

discuss

zcid|7 years ago

I use a very similar list of addons. In addition I recommend:

* CanvasBlocker https://addons.mozilla.org/en-US/firefox/addon/canvasblocker...

* Cookie AutoDelete https://addons.mozilla.org/en-US/firefox/addon/cookie-autode...

and I block cookies by default using uMatrix.

Thanks for pointing out CSS Exfil Protection. I hadn't seen that one yet.

Edit: I also recently switched to NoHTTP instead of HTTPS-Everywhere. This way I have to explicitly allow any non-HTTPS connections.

tya99|7 years ago

I use a very similar list of addons. In addition I recommend:

> * CanvasBlocker https://addons.mozilla.org/en-US/firefox/addon/canvasblocker....

A lot of people recommend that, but you don't need it if you're using ghacks-user.js. The reason is because of privacy.resistFingerprinting.

> * Cookie AutoDelete https://addons.mozilla.org/en-US/firefox/addon/cookie-autode....

> and I block cookies by default using uMatrix.

I use CookieAutodelete on my mobile because unfortunately the container API isn't available on the Android version of Firefox.

The reason I don't use it on my desktop is because there are certain types of things that cannot be cleared.

> APIs do not exist to allow clearing IndexedDB, Service Workers cache, appCache, or cache by host. Clearing cookies & localStorage on their own, and leaving orphaned persistent data is a false sense of privacy.

* https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/wiki/...

* https://github.com/ghacksuserjs/ghacks-user.js/wiki/4.1-Exte...

> Edit: I also recently switched to NoHTTP instead of HTTPS-Everywhere. This way I have to explicitly allow any non-HTTPS connections.

I might have to check that out.

FabHK|7 years ago

Superb list.

But what world are we living in that one needs a specific browser with 10+ addons and tweaks to have some amount of basic privacy. Lunacy!

dngray|7 years ago

We've documented it here:

https://github.com/dngray/ghacks-user.js/tree/fx-desktop

https://github.com/dngray/ghacks-user.js/tree/fx-android

The setup is aimed to minimize duplication.

> But what world are we living in that one needs a specific browser with 10+ addons and tweaks to have some amount of basic privacy. Lunacy!

Yes, I wish it was like the 90s. . Unfortunately the advertising/tracking industry is insidious and could not care about user experience.