The generic nuclear option to hide terrible web design, bypass (some) paywalls, and improve performance 1000x is to disable javascript. ublock and adnauseam both have a button to disable all javascript on a page, which is handy when reading articles on sites filled with garbage.
Also, it's pretty cool that NextDNS has this: https://github.com/nextdns/nextdns/wiki
https://gitlab.com/nitrohorse/ios14-encrypted-dns-mobileconf...
No idea if I should really trust them, or if there’s a better way to install profiles directly from CIRA or Mullvad like I use.
Nice thing is that it’s device wide and all free (hopefully not for malicious intents).
[0]: https://chromium.googlesource.com/chromium/src/+/main/docs/i...
There are a bunch of file variants to weed out specific bad actors.
It's well currated though I will disclaimer it has broken a few websites in the past for me. Maybe that's a good thing.
NoScript will break pretty much 50% of the web. It'll take you about a day to whitelist all the sites you use daily and then it's smooth sailing.
I would also highly recommend this privacy focused list. https://www.privacytools.io/
1 month ago: https://www.reddit.com/r/blender/comments/109yjxm/dont_click...
2 months ago: https://www.reddit.com/r/blender/comments/zewem3/beware_of_p...
4 months ago: https://www.reddit.com/r/blender/comments/xxkx5s/warning_som...
7 months ago: https://www.reddit.com/r/blender/comments/vuqu1r/hey_so_what...
Pretty sad state of affairs that Google can't or won't stop this, especially since they gradually redesigned the ads spots to look practically identical to the search results. Be very careful clicking anything on Google's search results.
https://apps.apple.com/gb/app/wipr/id1030595027
no issues, works great.
Will be interested to hear if you've tried it out and what may have been missing?
The only things we don't block at the moment is some non-English content and Adult sites. With a small team these haven't been the primary focus for the time being. Other than those though we should stop pretty much everything else.
Not that it plugs _into_ PiHole per se, but rather that the Self Hosted VPN makes your phone use your home DNS server (including the PiHole itself). It works! I use https://www.pivpn.io/ but there are many others.
AFAIK only Orion browser [1] comes with full 1st party and 3rd party ad and tracker blocking, by default.
Though yes, this story dates from December and was covered at the time (from a different source):
There was also an HN discussion at the time: <https://news.ycombinator.com/item?id=34095107>
https://cloudinfrastructureservices.co.uk/how-to-block-websi...
Similarly to all the stories (with two currently in the front page of HN, eBay and PayPal) about algorithms that are just insufficient for the range of realistic scenarios these companies must deal with on a regular basis.
It's merely the equation of profit outweighing customer service. Admittedly, they're working on a scale that's difficult to comprehend, but that shouldn't absolve them of aiding and abetting criminal use of their systems.
Google's and Meta's profit motives are the base cause of this continuing escalation of the ubiquity and user-hostility (to put it mildly) of internet advertising.
It's only been predictable for the last 20 years...
https://youtu.be/YlGklt4BSQ8 (first aired in March 2000)
https://youtu.be/XPGgTy5YJ-g (April 1999)
I believe this will be supported by manifest v3 extensions in Firefox[1] which is one of the features I'm looking forward to for the same reason.
[1]: https://blog.mozilla.org/addons/2022/10/31/begin-your-mv3-mi...
I geek out a bit and use Surge for iOS (pricey and not for non-techie users) and run a few proxies. It'll also allow for DNS override, which I use NextDNS's DNS over HTTPS.
https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-don...
Really these days about the only privacy extension you might need is uBO and possibly CanvasBlocker if you haven't set RFP.
https://support.mozilla.org/en-US/kb/firefox-protection-agai...
The former team left Privacy Tools and that is now just arbitrary recommendations by one guy who mostly spruiks cryptocurrency bullshit. He also has no experience when it comes to auditing, verifying any of what is recommended, not a sysop, not a programmer either.
If you want to know specifics about that see https://www.privacyguides.org/about/privacytools
Also see https://github.com/arkenfox/user.js/wiki/4.1-Extensions
We have instructions for that
This will modify the browser fringerprint making you more unique.
I would not install so many extensions as you're trusting a huge number of organizations/people with privileged access to your browser. Anything that modifies CSS, Document Object Model (DOM) will make your browser stand out.
We wrote a blog post about this: https://blog.privacyguides.org/2021/12/01/firefox-privacy-20...
That includes any extensions that modify what is requested etc. See:
https://github.com/arkenfox/user.js/wiki/4.1-Extensions
See https://www.privacyguides.org/desktop-browsers/#firefox, you really don't need to do anything more than that.
> Facebook Container
etc, not needed unless you login to multiple Facebook accounts.
> Disconnect
Not needed, you should enable Firefox's ETP Enhanced Tracking Protection, this includes anything on that list. https://support.mozilla.org/en-US/kb/enhanced-tracking-prote...
There's actually two protocols DNS over QUIC https://datatracker.ietf.org/doc/rfc9250/ which has a specific port 853. This can be blocked.
Then there is DNS over HTTP3 https://security.googleblog.com/2022/07/dns-over-http3-in-an...
It's actually not too difficult if your users use Firefox. You can use enterprise policies https://support.mozilla.org/en-US/products/firefox-enterpris...
/* 0710: disable DNS-over-HTTPS (DoH) rollout [FF60+]
* 0=off by default, 2=TRR (Trusted Recursive Resolver) first, 3=TRR only, 5=explicitly off
* see "doh-rollout.home-region": USA 2019, Canada 2021, Russia/Ukraine 2022 [3]
* [1] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
* [2] https://wiki.mozilla.org/Security/DOH-resolver-policy
* [3] https://support.mozilla.org/en-US/kb/firefox-dns-over-https
* [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/
// user_pref("network.trr.mode", 5);
This is because the desktop browser uses the full "Gecko" renderer, but mobile uses "GeckoView", that doesn't have that implemented yet.
Chinese is the most popular, but only 760 for 2022 and the aggregate trend is down:
2016: 2378
2018: 2252
2020: 1675
2022: 1518
Internationalized Domain Name (IDN) Annual Report 2022
[1] https://www.icann.org/en/system/files/files/idn-annual-repor...
The FTC, other regulators or courts in the countless cases against Google may also use such a statement as validation that fraud is rampant.
I really like the idea about a sort of global blacklist for your permissions.
I use a separate portable FF[0] for that. That makes "cross contamination" impossible.
1.https://sneak.berlin/20230115/macos-scans-your-local-files-n...
https://sneak.berlin/20230115/macos-scans-your-local-files-n...
FBI: "Rather than search...type the business’s URL into an internet browser’s address bar..." I'm not sure about this one. Typos easily happen, and it's the typo'd domain that scammers might own. Risky whatever way you go I suppose. For well known businesses I'd rather search and click on organic links than trust my own typing of a URL.
"Use an ad blocking extension". Third time's the charm. Great to see this advice coming from the FBI.
Companies are using every scrap of data they can get their hands on to take more of our money and they want more. The government is buying up data they can't legally collect directly. It's pretty likely that you've already experienced real world consequences of the data taken from your online activities. (https://epic.org/issues/consumer-privacy/data-brokers/)
They tell us that all the tracking we're subjected to is just about ads, but the data being collected is used all over the place offline. What we really need is privacy regulation with real teeth, but that's probably not going to happen any time soon because it's making companies tons of money. There's a multi-billion dollar a year industry around the buying and selling of the our data for a reason.
You have to get updates here: https://gitlab.com/magnolia1234/bypass-paywalls-firefox-clea...
https://www.androidpolice.com/i-dont-care-about-cookies-acqu...
If that's what you want, you need to give me time to put it together. I set this up a number of years ago and don't remember the details off the top of my head.
here's what I do remember: I use a squid proxy and replace all of the HTTPS certs on my other machines with my own. When HTTPS is negotiated, it's with my proxy, not the end destination.
Then the proxy does its proxy thing and sets up a normal HTTPS connection with the destination.
In my proxy, I have a script that is looking for the HTTP lookup exchanges detailed in RFC8484 (https://www.rfc-editor.org/rfc/rfc8484). When it finds them, it drops them on the floor. Everything else just gets passed through.
Carrying a smartphone is incompatible with privacy. Unfortunately, so is using a credit card (https://www.fastcompany.com/90490923/credit-card-companies-a...) and having a face (https://www.wired.com/story/get-used-to-face-recognition-in-...).
We're all doomed, so you may as well just use the software that makes you happy.
I also used to use Chaff (https://chrome.google.com/webstore/detail/chaff/jgjhamliocfh...), which opens up a tab and browses on its own when the browser is idle and disappears when you start using it again. As with Ad Nauseam, the means of protecting privacy behind it is not anonymity, but rather obfuscation - muddifying your actual browsing behavior by flooding the data you leave behind with junk data (at which point it ceases to be data, I suppose). The problem with that extension was that I would sit back and wait for it to start browsing, and then I’d waste too much time watching it / customizing its behavior.
The book _Obfuscation: A User's Guide for Privacy and Protest_, written by the authors who developed Ad Nauseam and TrackMeNot, has a great chapter on chaff (the obfuscation tactic, not the Chaff extension mentioned above).
Don't bother with this extension as it can't delete other storage locations where there is persistant storage. Also Firefox has TCP, Total Cookie Protection so you don't need them anyway.
https://blog.mozilla.org/security/2021/02/23/total-cookie-pr...
Better to just sanitize on close https://www.privacyguides.org/desktop-browsers/#sanitize-on-... and maybe keep history.
If you want to keep persistent logins then whitelist those specific cookies to those specific sites or use a password manager.
The extra functionality provided by ClearURLs is not not needed with Ublock Origin's removeparam feature.
But what if I want actually use the web instead of just blocking ads. Sponsorblock, TamperMonkey, 1Password, CamelCamelCamel, etc are all useful extensions as well that make browsing the web specifically for me better.
There are so many fingerprinting techniques that it seems pointless to have a detrimental experience generally instead of using a sandboxed computer for specific dangerous activities.
I'll continue to use Ad Nauseum, despite your recommendations against it, because I'd rather have a known worthless profile than a worthless browser.
>I also wouldn't be surprised if there isn't a way to filter out those "clicks" anyway from the ad provider's side.
Theres no evidence supporting this, but Google blocking it from the Chrome store is strong evidence that filtering out those clicks is actually difficult
Edit: Also its a moot point as extensions can't be used for fingerprinting if you just don't use Chrome https://github.com/z0ccc/extension-fingerprints#extension-fi... . I assume any activity I do in Chrome is sent back to Google (or Microsoft or Brave) regardless of plugins installed.