this post was submitted on 20 May 2024
68 points (97.2% liked)

Privacy

4176 readers
41 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
 

The amount of questions that I got on my last post here made me want to create a full on guide for internet privacy based on my experience, so let's begin:

Browser

yeah it's gotta be firefox or a fork that you deem trustworthy

These are my settings:

  • first go to about:config and set "privacy.fingerprintingProtection" and "privacy.resistFingerprinting" to "true"

https://files.catbox.moe/jcrlnh.png

  • go to firefox settings "privacy and security" tab and set "enhanced privacy protection" to "strict"

https://files.catbox.moe/8koui0.png

  • right under that there is "website privacy preferences" and "Cookies and site data" under privacy preferences turn on these two options: "Tell websites not to sell or share my data", "Send websites a “Do Not Track” request"

  • Under "Cookies and site data" check "Delete cookies and site data when Firefox is closed". Don't worry you can set exceptions for the websites that on you want to stay logged in

https://files.catbox.moe/5qqceq.png

  • Under History tab turn on "Clear history when Firefox closes"

https://files.catbox.moe/h2c1au.png

  • Under Permissions enable: "Block pop-up windows" and "Warn you when websites try to install add-ons"

  • Disable all telemetry under "Firefox Data Collection and Use"

https://files.catbox.moe/qxgkvc.png

  • Under "Deceptive Content and Dangerous Software Protection" enable all three options

  • Under Certificates enable: "Query OCSP responder servers to confirm the current validity of certificates"

  • enable "https only mode"

https://files.catbox.moe/30cod4.png

  • under "Dns over https" enable maximum protection and pick a hostname suitable to your needs from here: "https://mullvad.net/en/help/dns-over-https-and-dns-over-tls" I use "https://base.dns.mullvad.net/dns-query"

https://files.catbox.moe/7nq4uc.png

  • in the search tab disable search suggestions

Addons:

Important Notice: addons make your fingerprint more unique so try to be conservative about using too many addons

  • My essentials are "ublock origin, noscript and libredirect" optionally "skip redirect"

  • My Noscript settings are pretty simple: in it's settings page I have it's default preset set to only allow "noscript" and "other"

https://files.catbox.moe/3iah8c.png

  • For ublock origin things get a little more complicated. My ublock origin blocking mode is set to "medium" which means it blocks all 3rd party scripts aswell as adds. More on that here: https://github.com/gorhill/uBlock/wiki/Blocking-mode

  • I have also enabled every single filter minus the country spesific ones enabled on the filters tab of the ublock origin settings plus two custom lists, that are: "https://github.com/DandelionSprout/adfilt/discussions/163", "https://github.com/yourduskquibbles/webannoyances"

https://files.catbox.moe/6uz1ss.png

Search Engine:

  • The one I am using is called "Startpage" it scrapes results from google and it respects your privacy. I avoid DuckDuckGO because I remember it getting involved with cencorship in results at some point and I don't like it's results.

  • Startpage's majority shareholder is an Adtech company but I trust it due to this quote from privacy guides:

"Startpage's majority shareholder is System1 who is an adtech company. We don't believe that to be an issue as they have a distinctly separate privacy policy. The Privacy Guides team reached out to Startpage back in 2020 to clear up any concerns with System1's sizeable investment into the service, and we were satisfied with the answers we received."

VPN:

  • To quote privacy guides once again: "Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic."

  • I use and reccomend "Proton VPN" as an always connected vpn with a killswitch. I have heard good things about "Mullvad" though and have some friends that swear by it

  • Interview with the Proton CEO: https://yt.artemislena.eu/watch?v=Dp7ght2fMR4

Privacy Friendly Frontends:

OS:

  • Let's face it, propertiary operating systems like Windows and MacOS collect your data and invade your privacy just by you using your computer, so swapping them out for alternatives is very helpfull in terms of protecting your privacy

  • Main players in the game are "Linux" and "FreeBSD". I find "Linux" to be MUCH more usable than freebsd though. Seriously just stick with linux unless you want to deal with a lot of issues.

  • Reccomened distros: I am a big fan of Fedora and KDE so I am gonna reccomend "Fedora KDE spin" to the regular user. "Mint" is well liked among beginners but I tend to find it's old ubuntu LTS base infruiating. For gaming I reccomend "Nobara" which is what I use. It is based on fedora and uses KDE as it's DE and has optimizations for the gaming usecase. PopOS is also a great option for gaming but I belive it is based on ubuntu LTS aswell which I do not like. Finally "EndavourOS" is based Arch but installation is made simple and I belive is actually beginner friendly

Disclaimer about the EFF "Cover your tracks test":

https://coveryourtracks.eff.org/

  • the test will not load with Mullvad DNS due to it blocking tracker domains so switch to nextdns instead while running the test

Sources: https://www.privacyguides.org/en/tools/, https://github.com/mendel5/alternative-front-ends, https://github.com/arkenfox/user.js/wiki/4.1-Extensions

all 6 comments
sorted by: hot top controversial new old
[–] SoupBrick@pawb.social 3 points 5 months ago

Much appreciated!

[–] Sunny@slrpnk.net 2 points 5 months ago (2 children)

Thanks for sharing, a few tips I wasn't aware of actually! Only part I would personally switch is Bazzite instead of Nobara.

[–] WeLoveCastingSpellz@lemmy.dbzer0.com 1 points 5 months ago* (last edited 5 months ago)

bazzite is great too, nobara is just my personal preference

[–] Jaysyn@kbin.social 0 points 5 months ago (1 children)
[–] WeLoveCastingSpellz@lemmy.dbzer0.com 1 points 5 months ago* (last edited 5 months ago)

Well as a Nobara user I can say that both have their own advantages and disadvantages. First Nobara has only one guy behind it, it's not that he is not trustworty, he is the creator of proton ge, glorious eggroll and the project is FOSS but it can theoritically be less stable, which I can attest to whilst adding that none of thoose problems were ones that I couldn't solve. Bazzite on the other hand is immutable this brings much greater stability but sacrifices on a lot of flexibility on how you can use your system. You can only access the home directory. Some people swear by immutable distros but lemme tell you they're NOT for me. Both are great the best choice for you depends on your preference