This is a companion discussion topic for the original entry at https://neat.tube/w/xxjxjQvhgdpncs9VZSJ2RF
I would love to know which mobile browsers you use. A video on that would be awesome!
For me, the solution to the browser problem was Qubes OS.
Having the option to run any browser in a disposable vm, which is isolated from the rest of the OS, solves the majority of both privacy and security issues.
I have one qube that is disposable with vpn, this is my default browser, and I use the Brave sync to save bookmarks and passwords for forums and such, no important passwords.
I have one that is disposable without vpn, for websites that don’t work well with vpn, and for accessing servers on my local network, this qube also has my normal password manager.
And I have one qube that is non-disposable with vpn, for accessing website that require 2FA login, like Proton, Nextcloud, etc.
This has pretty much solved all my issues, if I need to visit a website I know privacy invasive I start a new clean browser, and when I close the browser everything gets deleted, this largely solves both 1st and 3rd party tracking.
And it’s just nice to know the browser is running in a vm in case it should get hacked, the hacker would only get access to that one browser session, and any software they could install is deleted when I close the browser.
I’m not a Brave user so I’m curious — how is forgetful browsing different from the base Chromium feature “Clear cookies and site data when you close all windows” plus adding per site exceptions?
That option is not in Brave desktop. Privacy and Security > General Settings > Block Third party cookies , you get three options. Allow all, block third party, block all. No whitelist.
My desktop use 20% has been about the same as Henry’s Brave, Mullvad and TOR is basically where I am at. One addition is PortableApps LibreWolf and TOR, kinda desktop.
On Android 80%, Brave, Mull and TOR. I should say Mull is Default and Brave is for accounts. I dislike having a default browser and I like the fact that because of PWA I do not realize how much time I spend in PWA with Brave vs my default browser Mull.
AFAIK it clears cookies when the tab itself is closed, not when you close the browser.
Nice that the browser situation has been addressed.
What’s the best operating system though? And what’s the best Linux distro? And what’s the best package management format?
I personally use only use Firefox with the following rules:
- All cookies are cleared on exist
- For the really bad websites like Youtube, Pinterest etc, I always use them in a private window.
For me, this feels like a decent balance between usability and privacy. It also means I don’t contribute to the Chromium dominance.
I also use ad-blockers and NextDNS to block a lot of trackers.
I use Mullvad browser and chromium but might replace MB with librewolf because of passkey support. Since I use keepass, I don’t really care about getting logged out every time i restart my browser.
On desktop I only use LibreWolf and it does all I need. It is basically hardened firefox like mullvad, does not support the chrome engine monopoly (which I find more important than Henry seems to find it), deletes all cookies on restart except for websites where I want to stay logged in and set an exception. And all the websites I use work fine. Collabora office needs html5 canvas access permission, but once you know that, its no issue. Only PWA’s are missing, but I can live with that. Keepass support sadly does not work due to flatpak sandboxing, but opening Keepass is not that big of a deal.
I wonder why Henry didn’t really talk about it
Good video on just hightligting the different use cases and values that folks can bring to the browsers they choose. After you dismiss certain browsers like Chrome (though it can have its place as well), you’re mostly fine with almost anything you use. You have to make the call for yourself and you have to let other people make the call for themselves.
When it comes to question of which browser to use, it helps to inject this mindset into your answer so that you don’t come across as dismissive of the other options that might also be perfectly fine. Especially when it mostly boils down to two options anyway.
The TL;DR is that:
- “clear cookies and site data when you close all windows” = clearing cookies after you are done browsing.
- Whereas “Forgetful browsing” (or cookie autodelete for Firefox) clears cookies automatically on an ongoing basis as you browse.
How big a difference this is depends largely on how you browse. If you are the type of person that opens a web browser, does a thing, and then closes the web browser, the difference wont be that meaningful.
But if you use your browser like many people do where the browser is left open almost all the time, for days maybe weeks, the difference is much more pronounced. In the case of ‘forgetful browsing’ the cookies would be continually cleared as you open and close websites, whereas with the other option cookies would quickly accumulate and eventually be cleared and quickly accumulate again the next time you open the browser.
As an example, I have very restrictive browser settings, and I clear cookies when I close the browser, after only ~3 hours of browsing I’ve already accumulated ~90 cookies. Extrapolate this out to days or weeks and you can see that you’d have hundreds of cookies being stored nearly all the time, with the exception of a short period right after you close and repopen the browser. In contrast, forgetful browsing would minimize the number of cookies regardless of how long you leave your browser open.
For me it is easier to understand and explain this visually:
edit: I should mention, my experience and understanding is based on the Firefox extension “cookie autodelete” not Brave’s “forgetful browsing”, but from what I’ve read, the concept is the same and they function similarly.
Thanks for your detailed explanation!
For my use case, that feature sounds like it would be less convenient to me than “clear cookies on close.”
Generally, when I’m working with a lot of tabs I might be signed into various sites for whatever project I’m on. I imagine it would be inconvenient to have the cookies clear if you temporary close that site to focus on something else. With the normal setting, site data wouldn’t clear until you close everything and therefore sort of signify that you’re done with whatever you’re working on.
If you’re familiar with how apps behave on macOS, you’ll know that when you close the last tab, the app is still running, readily available for a speedy launch of a new tab etc. Even though the app never fully closes, the cookies still clear when the last tab is closed. I use Arc on macOS, but I believe this is how all Chromium browsers work with that feature on. So it’s still quite easy to clear cookies, all you got to do is close all your tabs. But on Windows or whatever it would be more intentional since you’re closing their entire program.
That said, I know most people aren’t as aware of their tab management so Brave’s feature seems better for the majority.
(I wrote this very quickly; please forgive how poorly it reads. I hope I still got my points across!)
There is undoubtedly a tradeoff in convenience when you use this type of feature (even more of a tradeoff than there already is with “clear cookies on exit” compared to the default). However, just like with clear cookies on exit, forgetful browsing is intended to be used with a whitelist. So if you are like me, and there are at most a couple dozen sites you like to stay logged into, you add them to the whitelist. Also there was a cool feature in Cookie Autodelete which I used that allowed you to set a delay (so you would only be logged out of a site once (1) it was closed, and (2) a user defined amount of time had passed.
For most people it is overkill (most people don’t even like ‘clear on exit’), but its not nearly as inconvenient as it sounds once you get used to it. That said, I believe that for Firefox users the introduction of FPI and Total Cookie Protection has reduced the importance of clearing cookies.
For my personal life I have a gaming desktop (windows) and personal laptop (macOS) I use Firefox, Mullvad, And Tor. Now mobile I use a iPhone I use Safari, Firefox, and Firefox Focus.
Firefox Add-on I use uBlock Origin, 1Password, Firefox Translations, Firefox Multi Account Containers, Language tools, Bonjourr Startpage, and finally Tree style tabs.
Safari Add-on I use AdGuard and 1Password.
For work life, I use Google Chrome or Microsoft Edge (windows laptop) I don’t get a say in this matter, sadly.
For my Personal/Job search, Google Chrome (Chromebook) I have a Google account used only for Job searching and work.