I recently tried to clean up my digital life. I switched to Linux and switched to GrapheneOS and made more use of my proton subscription to replace google. But I have a few questions :
I tried https://coveryourtracks.eff.org/ on Librewolf on my PC and Vanadium on my phone and it say I have a nearly unique fingerprint. Is the benefit of using a privacy focused browser neglected by the low userbase and unique fingerprint ?
I did not have a great digital hygiene before so I have a google account, meta… How do I clean this up ? Are services like Incogni any good or is it just marketing ?
Finally I wanted to use tails with persistent storage to use as a live system if I ever need to use a PC that is not my own to connect to my accounts. However, I don’t want the ISP to know I use Tor. I see it as a big “I have something to hide” flag for the ISP. But my understanding is if I install a VPN on tails it will be Tor over VPN (bad if I understand correctly) instead of VPN over Tor. Should I use something else than tails since I only want/need always on VPN with kill switch.
Thanks a lot for your help. I want to say the journey is much easier than what I anticipated. The hardest part is making people switch around me. The lobbying has started.
Firefox Nightly + arkenfox userjs + uBlock Origin + Bitwarden as my daily driver.
Been a couple years since I checked up on arkenfox still being good. I get flagged as a bot all the time and constantly get popups about WebGL (GPU fingerprinting) so I assume its working as intended for my threat model.
Tails when I really care.
Mullvad VPN as my regular VPN with ProtonVPN for torrents.
GrapheneOS / NixOS as my OS.
Proton Visionary for most cloud services except passwords and I don’t really use Proton Drive. I do use ProtonPass for unique emails to every provider.
Kagi for searches / AI.
Etesync for contacts because Proton didn’t sync with the OS last I checked.
Backblaze B2 for cloud storage with my own encryption via rclone (Round Sync on GrapheneOS)
Keypass for a few things like my XMR wallets and master passwords I don’t even trust in Bitwarden.
https://jmp.chat/ for my mobile provider.
Pihole with encrypted DNS to Quad9.
https://onlykey.io/ for the second half of my sensitive passwords (Bitwarden, LUKS, Keypass, OS login). First half memorized.
Its a lot. I burned myself out a couple years ago keeping up with optimizing privacy and this setup has served me well for 2 years without really changing anything. The cloud services are grey areas in terms of privacy but the few ads that leak through uBlock have zero relevance to anything about me.
Thank you for laying all this out. This is really helpful.
LibreWolf doesn’t work to give you a non-unique fingerprint. Use Mullvad Browser for that (without changing anything other than the safety level).
Don’t use a VPN with Tails. You could try something like https://github.com/PJ-Singh-001/Cubic to roll your own custom Ubuntu ISO, or you can just install another Linux distro on it which is what I recommend. Don’t forget to enable disk encryption because you can’t reliably wipe data from flash storage.
LibreWolf doesn’t work to give you a non-unique fingerprint. Use Mullvad Browser for that (without changing anything other than the safety level).
Konform Browser also provides stronger protection against fingerprinting compared to vanilla FF or LW. Similarly (and in no small part thanks) to Tor Browser and Mullvad Browser.
Identification via enumeration and rendering differences of fonts is a major factor that’s often overlooked. Those three browsers bundle and enforce the same fonts and fontconfig to make that less reliable as fingerprinting method.
You’re not a noob, you’re a sprout.
NoScript will improve your privacy by a lot, and will make webpages load faster, since it stops stylish and tracker-ridden JS. If a webpage breaks, you can flick a few buttons to temporarily allow JS (or permanently if you’ll be visiting that site a lot).
Tor over VPN is a fine solution if you want to hide it from your ISP, but I don’t think you should install extra stuff on TailsOS. Consider using Tor Browser + UblockOrigin on your own PC over a VPN, it’s pretty much the same thing if you’ll just be browsing online.
Oh-- and one important thing to remember: Don’t expend more effort than necessary for your own threat model. Consider the extent of your privacy needs and act accordingly, going overboard will only leave you tired for not much in return.
P.S.: mander.xyz has a Tor-based onion frontpage ;)
Mullvad Browser and LibreWolf have two completely different strategies to avoid fingerprinting. Mullvad Browser operates on everyone having the same configuration to blend in - if you want to use it, you need to avoid changing any of the settings. LibreWolf, on the other hand, works by spoofing a different fingerprint every session. It will look unique to Cover Your Tracks and the like, but it will be different every time you close and reopen it. Again, it works best if you don’t mess with the settings.
I believe both Mullvad Browser and LibreWolf come with uBlockOrigin pre-installed. Just about anything you want to do regarding blocking ads or scripts can be done in UBO’s settings; do NOT add extra “privacy” add-ons as you will only make yourself easier to fingerprint.
If you’re looking for something to use with actual accounts (like banking), use hardened Firefox (with arkenfox) or a hardened chromium browser. Neither Mullvad Browser nor LibreWolf (and especially NOT Tor) are designed for that use case.
As an aside, you can use multiple browsers for different use cases. I honestly think that’s best practices at this point, but you’d have to be good about not overlapping your browsing on them (i.e., not visiting/logging into the same website on multiple browsers).
LibreWolf, on the other hand, works by spoofing a different fingerprint every session.
Is that true? I think it’s not that much of a fundamental difference in strategy as you say. While LW (like MB) does randomization of e.g. WebGL and Canvas fingerprints, in general other fingerprintables are also kept static. From my perspective it’s more a difference in degrees than direction. Have you checked how your font fingerprint persist?
I believe both Mullvad Browser and LibreWolf come with uBlockOrigin pre-installed
Not exactly. LW comes without the addon but is configured to download and install uBlock Origin from
addons.mozilla.orgthe very first thing it does. This is in contrast with Mullvad Browser (which does bundle the addon) and Konform Browser (which will load locally installed system uBO from known path if installed from distribution package manager).If you’re looking for something to use with actual accounts (like banking), use hardened Firefox (with arkenfox) or a hardened chromium browser.
Konform Browser is intended to support that use-case and also worthy for consideration. Would be curious to hear if you agree or how you think it falls short!
I think the main difference is that MB is geared for every user to look the same, whereas with LW every user is presumably unique, but not persistent between sessions.
I haven’t heard of Konform, so I’ll have to look into it. Thanks!
TL;DR The only way to avoid a near unique fingerprint is Tor Browser
Longer explanation: There are too many styles of fingerprinting protections: randomized and normalized.
Librewolf inherits its fingerprint protections from Firefox (which intern was upstreamed from the Tor uplift project. It works by taking as many fingerprintable characteristics (refresh rate, canvas, resolution, theme, timezone, etc) and normalizes them to a static value to be shared by all browsers using the feature (privacy.resistFingerprinting in about:config). The benefit of normalizing is you appear more generic, though there are many limitations (biggest of which is OS because you cant hide that). The purpose design of these protections stems from the anonymization strategy of Tor which is to blend in with all other users so no individual can be differentiated based on identifiers. Since Librewolf has different a default settings profile to Tor (or Mullvad) and even vanilla Firefox with RFP enabled, the best you can hope is to blend in with other Librewolf users (which you really cant, especially if you install extensions or change [some] specific settings). Instead, the goal is just to fool naive fingerprinting scripts, nation states or any skilled adversary is out of the scope.
Brave (or Cromite) uses the strategy of randomizing fingerprintable characteristics. This is only meant to fool naive FP scripts but in my opinion (when done right) is better at fooling naive scripts. The biggest problem is that these attempts by other browsers and not as comprehensive as Firefox. I think Cromite does a better job than Brave: it is the only browser which fools Creepjs that I have tried by creating a new FP on refresh. Cromite required some configuring to get to place I wanted it, but so does every browser.
The advantage with Firefox forks is that vanilla Firefox has RFP and therefore so do the forks (though most dont enable), but you dont blend i with a crowd (making it far less effective than MB or Tor). The advantage of Brave or Cromite is a randomized FP, bit since it isnt upstreamed (and Google will never do that) you stand out like a sore thumb. Either way is fine though for basically everyone.
The only browsers I know that work against Creepjs are as follows:
- Mullvad (persistent FP)
- Tor (persistent FP)
- Cromite (randomized FP)
Creepjs is not a valid metric for fingerprinting protection.
It still gives metrics. And yes, Creepjs is not very useful against randomized values, though I noted it still because Brave fails (resulting in a persistent fingerprint) whereas Cromite succeeded to fool Creepjs. Both have many methods of fingerprinting protection.
Checking the fingerprinting protections of Mullvad and Tor is better done with TorZillaPrint test page by Arkenfox. It is optimized to tell you whether you blend in correctly with RFP normalized values.
The Brave browser has much better blocking capabilities with the goal of offering all of the uBlock Origins features, while Cromite has an ABP integration which has weaker and less support for advanced filterlists. The default filterlists selection is also quite questionable. A blocked script can no longer track you.
Brave’s fingerprinting protection measures are technically speaking superior than Cromite, the only reason that CreepJS can’t be fooled by it all the time (I’ve done my own tests and it fails sometimes) is that it has specifically been designed to adapt to its protection mechanisms, which hasn’t been done for Cromite.
You can also harden Brave to increase its level of protection:
https://www.privacyguides.org/en/desktop-browsers/#brave
https://www.privacyguides.org/en/mobile-browsers/#recommended-brave-configuration
Regarding Incogni, this video explains them pretty well
Are they trustworthy?
I tend to ignore everything that advertises itself.
