I know that absolute privacy takes a lot, if it can be achieved at all. My goal at the moment is to at least be protected from being spied upon by private cooperations, which use our data to create user profiles and so on. Now my question, I’m using a paid VPN and the private mode of a browser (Firefox), is that be enough, or do I need more? Thank you.
No. You need to block cookies and scripts too.
Also if you’re serious about what you’re asking, you need to avoid Facebook, Google, etc.
I think you’d also need to install Self-Destructing Cookies extension to improve your privacy.
i basically have the same question and i’m about thinking the same issue for quite a while. i think as long as you are not logged into your normal account (incognito mode) like facebook/google while you’re looking for a psychiatrist or your favorite weed strain you won’t get any ads based on that because they can’t link that to you.
obviously using thor or even mozilla with good privacy settings are better than using the google incognito mode, at least that seems like common sense to me but you never really know.
so for me everytime i look something up or communicate in forums i personally just use a firefox with high privacy settings the ones recommended on privacytools and are always connected to a vpn and only log into one account at a time. the ones that are connected to each other via emai i just leave windows open like my email account and my reddit account.
but i stay away completley from stuff that i would normally do on my normal accounts
one other thing i was thinking about is:
though you could use your VPN while you’re connected to google in your chrome tab and use a privacy mozilla or brave at the same time also with the same IP as your normal google window in the same session. everything you do will appear from the same IP you logged into so it doesn’t really matter to me i think cause they still can’t link it.
but the more steps you take the danker you get
I’m glad and thankful that so many people here are contributing.
Here’s a quick update, which might be helpful for other users, who like me aren’t very tech-savy:
I have tested my installed browsers with https://panopticlick.eff.org/ , which is an online tool suggested by https://privacytoolsio.github.io - thanks to 10bass for the link. On Panopticlick, you can test your browser, and if you are leaving an unique fingerprint. In short, your fingerprint is a collection of all the data you leave online, including your set language, time-zone, etc… You can’t “turn off” leaving fingerprints, but you can get to the point where your fingerprint is not unique anymore (my understanding, please correct if wrong).
From the browsers I tested, only Tor browser in privacy mode (just wondering why Tor has a privacy mode, I thought that’s why it was created in the first place) and actived NoScript actually gives me a not-unique and common fingerprint, which I think should mean that “trackers” aren’t able to track, as I’m also using a trustworthy VPN. Please correct me if I’m wrong.
Browser “Brave”, which I have never heard of before and which is pretty neat, gave me a fingerprint that is shared by a few other users, so it seems to be pretty good. For this I had to active several so called “Shields”.
I’m not sure how “everyday useful” Tor will turn out to be, as for example I couldn’t write a comment here with no-script turned on (someone has an idea?), but that’s how far I have gotten so far.
For everyone who might worry that Tor browser is complicated and so on, I can guarantee you that it’s easy and flawless. For Brave, the same is true.
Thanks everyone again, and please feel free to add more information.
Tested browers: Firefox Privacy Mode (tested my default version and didn’t added more add-ons), Vivaldi Privacy Mode (tested default mode, didn’t add any add-ons, if they exist, and didn’t play around much with privacy settings), Brave Privacy Mode, Tor Privacy Mode with NoScript turned on.
Edited for clarification.
What I do is use a virtual machine (Virtualbox) running Ubuntu and use my VPN on that. I don’t log into Google/facebook/reddit/etc on it.
about sniffing, an ISP will sniff all incoming and outgoing traffic. Every single byte.
I’m using a paid VPN and the private mode of a browser (Firefox), is that be enough, or do I need more?
On private browsing mode:
You probably think your browser’s private browsing mode keeps you, well… private
Wrong. In fact, private browsing & deleting cookies doesn’t do much at all to keep what you’re doing online private.
The only thing private browsing does is keep people who go on your actual, physical computer from seeing the sites you’ve been to… but the rest of the world can see everything.
Does blocking scripts block all fingerprinting, or do you need to go further?
Private mode drops cookies on exit of the browser
That’s like allowing just certain, reputable, cookies.
The best advice I can give you is to restrict Google, Twitter and Facebook use to your phone only. Never use one of those services while on your laptop not even if not logged in. Your laptop should be a Google, Facebook and Twitter free zone. Use your phone for social media instead; there is no real privacy on a phone anyways.
I think we are both looking for the same, a 80/20 solution that gives you a decent level of privacy, even though 100% is better, I’m not arguing about that. For me it’s a starting point.
What you should also do, check your brower fingerprint with the link I posted above, as it might make you unique and “trackable”, even if you’re using a vpn and high privacy settings. I have now gotten my firefox to the point that I share a fingerprint with 1/10k users, which I think/hope is a good starting point.
PS: Didn’t exactly understood what you meant at the end with using different browsers and same IP.
Thank you, as far as I know, the one I use is seen as one of the best available. If I interpret your answer correctly, basically I should be protected from spying by a “major search engine”, a major “social network” and so on. I’m not planning to do anything remotely illegal, just hate that private companies are trying to collect everything we do online.
One thing I forgot, I’m using some addons like Adblock Plus, is that a potential problem? Thanks everyone again
In short, your fingerprint is a collection of all the data you leave online, including your set language, time-zone, etc… You can’t “turn off” leaving fingerprints, but you can get to the point where your fingerprint is not unique anymore (my understanding, please correct if wrong).
Correct.
From the browsers I tested, only Tor browser in privacy mode (just wondering why Tor has a privacy mode, I thought that’s why it was created in the first place) and actived NoScript actually gives me a not-unique and common fingerprint, which I think should mean that “trackers” aren’t able to track, as I’m also using a trustworthy VPN. Please correct me if I’m wrong.
The trackers are still following you it’s just that now you’re hiding in a crowd of other Tor users.
Best way to think about it is like this. Pretend you’re in Times Square walking around, if you’re using Chrome/FF (stock setup) then you’re basically walking around with a big bright pink jacket on with your IP address on it. When you’re using a VPN you’re still wearing the same bright pink jacket but with a different IP address, most people will figure out it’s still you.
With Tor you’re now wearing a bright red jacket with an IP address on the back, but now there are 1000 other people in Times Square wearing the same bright red jacket. It’s much harder to determine which one is you.
Browser “Brave”, which I have never heard of before and which is pretty neat, gave me a fingerprint that is shared by a few other users, so it seems to be pretty good. For this I had to active several so called “Shields”.
Brave is a great browser, it prevents fingerprinting mostly by blocking scripts and cookies that would be used to track you. However due to its scarce usage, trackers that do not require scripts or cookies to run (rare but out there) will be able to follow you based solely on using Brave.
I’m not sure how “everyday useful” Tor will turn out to be, as for example I couldn’t write a comment here with no-script turned on (someone has an idea?), but that’s how far I have gotten so far.
You have to really play with enabling some scripts to get sites functioning. Not all scripts are running trackers, especially here on reddit so you can enable quite a few of them without giving up too much information.
Browser “Brave”, which I have never heard of before and which is pretty neat, gave me a fingerprint that is shared by a few other users, so it seems to be pretty good. For this I had to active several so called “Shields”
Funny nobody seems to mention or care about its privacy vulnerability:
Because Brave borrows its code base from the open source Chromium project, it inherits both the good and the bad: It includes Chromium’s sandboxing technology but then it also inherits Chromium’s (and Chrome’s) numerous privacy vulnerabilities, such as the WebRTC leak bug
the [Brave] browser suffers from WebRTC vulnerability, the users can easily get unmasked, even with a proxy
Unless you encrypt to a vpn.
All isp will see is your connection to the vpn server and lots of data like this:
G…%…2_"+!..xx…ejx~…'…h…e…7…(,…
They are welcome to sell gibberish to companies if someone’s willing to pay for it lol.
Have a look at https://panopticlick.eff.org/ , to test if your fingerprint is unique.
There’s a percentage outcome, the big initial increments are easy, the last few percent are very hard.
If you use VPN plus plug ins to prevent persistent cookies you get say an 80% solution, the remainder gets harder. Browser fingerprinting for example is a pain to prevent.
Yes, but that doesn’t stop the cookies from tracking you from site to site before you close the browser.