Previously: Part Zero, Part I, Part II, Part III.

 

Part IV: Web Browsers

 

While there are dozens of ostensibly different web browsers available to use, there are only three widely used web rendering engines. In essence, the rendering engine is what is responsible for parsing HTML and CSS code, as well as other W3C standards, into the graphical web pages we view and with which we interact. The three major rendering engines are Google’s Blink engine, which is distributed only in the form of the chromium browser base, the Gecko engine, which is developed by Mozilla and forms the basis of the Firefox browser, and the WebKit engine, which is developed by Apple and forms the basis of the Safari browser. This may seem like a trivial detail, but the rendering engine is the part of a web browser that does most of the heavy lifting, and largely what differentiates one browser from another. So for instance, the difference between any two chromium-based browsers is mostly cosmetic and trivial, while the difference between a chromium-based browser and a Gecko-based browser is more substantive. All three of the major web rendering engines are open source software.

The Blink engine and chromium project form the basis of Google’s Chrome web browser. Just as with Android, the Chrome web browser is, by design, a privacy nightmare. Similarly to the way that Google lards up the Android Open Source Project with its proprietary software and services to create the Android OS that ends up on mobile phones, the Chrome browser adds many proprietary bits and additional Google services to the open source chromium base. Chrome should be avoided like the plague. Literally any other browser will be an improvement, or at least no worse. But what about the open source chromium project? Similarly to AOSPand the third party Android ROM community, the chromium project forms the basis of many other web browsers. In fact, most of the web browsers available for installation are chromium-based. Even Microsoft’s Edge browser, which replaced the tragically long-lived Internet Explorer as the default web browser in Windows, is chromium-based. It’s unfortunate that chromium has been so widely adopted, because even in its virgin open source state, it integrates privacy-disrespecting Google services like Safe Browsing and makes many connections to Google servers. Most chromium-based browsers not only leave those problematic elements intact, but compound the problem by adding their own privacy-disrespecting services on top of it. There are numerous examples of this in both desktop and mobile browsers, and discussing each one in detail would be beyond the scope of this article. However, due to its popularity in some conservative and libertarian political circles, I would like to briefly pick on the Brave browser. Brave’s popularity among a certain cadre of conservatives and libertarians seems to derive in large part from the fact that its founder, Brendan Eich, was ousted from Mozilla by a woke cancellation campaign due to his personal, private donations to support Proposition 8, the ballot initiative in California which banned gay marriage in the state prior to being overturned in federal court, and then further obviated by the Obergefell decision. While I am sympathetic to Mr. Eich’s plight in that ridiculous debacle, I can scarcely think of a sillier reason for selecting a piece of software to use, and unfortunately, despite a relentless online shilling public relations campaign hyping it as a privacy-conscious browser for renegades, Brave is terrible from a privacy standpoint. Since the publication of the linked article, some changes have been made to the Brave browser, namely its default search provider, but most of the information is still relevant. Brave is a typical chromium-based browser with all of the inherent drawbacks that entails, plus several drawbacks unique unto itself, and would be best avoided. Of the chromium-based browsers, the only one I would recommend is ungoogled-chromium. Ungoogled-chromium is not a browser per se, but a set of scripts that strip out Google binaries, services and telemetry from the chromium browser at build time. The maintainer of the ungoogled-chromium scripts distributes a finished binary for Linux systems in the form of a Flatpak package. Third parties provide versions for Windows, although I would not recommend using them since there is no way of knowing how they were compiled, and thus no way of knowing if any malicious code has been sneaked into the resulting executable.

Of special note, all chromium-based browsers will be implementing Manifest V3 and deprecating Manifest V2 for extensions within the next 6 months. This change is already beingrolled out in the Chrome browser. In brief, what that means is that ad blocking extensions will no longer work in the same way they do now, because the functionality that allows such extensions to strip elements out of a web page before it is displayed to the user has been removed. For now, the best workaround is to use a DNS-level ad blocker, such as Pi-hole or AdGuard Home. These are actually great solutions for network-wide ad blocking for all of the devices in your home, including those pesky IoT devices, “smart” TVs and appliances, and I highly recommend using them in addition to a browser-based ad blocking extension. However, installing them and setting them up requires a little bit of work that a browser extension does not, and obviously they are only effective on your home network where they are installed, whereas a browser ad blocking extension travels anywhere your browser goes. In any case, unless something changes or the developers of ad block extensions manage to come up with a creative solution, extension-based ad blocking will be severely limited on all chromium-based browsers going forward, so now is the time to start exploring alternatives.

The only major alternative to chromium-based browsers, and the only alternative available to Windows users, is Firefox (and its derivatives). Unfortunately, Firefox has grown increasingly privacy-disrespecting over time. A default installation of Firefox makes just as many unwanted connections as a default installation of chromium. Fortunately, it is possible to mitigate most of the worst tendencies in Firefox and turn it into a relatively privacy-respecting browser with some tweaking. The easiest way to at least begin that process is to use Firefox Profilemaker to generate a user settings profile that you can simply copy into your Firefox user data directory. Firefox Profilemaker has mitigations for the most egregious privacy violations, but in order to do a more thorough mitigation, configuring a custom user.js file is preferable. The Arkenfox user.js template provides a great basis with sane defaults. It is, however, only a template. You are expected to read through it, do some research, and tweak things to your liking. The Narsil user.js is a fork of the Arkenfox user.js with a stronger emphasis on privacy, and is a pretty good way to go if you are lazy and do not want to make your own tweaks to the Arkenfox template. Be sure to read the “known issues” section though, as some of the privacy-enhancing changes made in the user.js may interrupt the functionality of certain websites.

As with chromium, there are third party browsers based on Firefox, and as with chromium, most of them do not mitigate any of Firefox’s abysmal privacy violations, but instead add some of their own. The one exception is LibreWolf. While not quite achieving privacy schizo perfection, LibreWolf mitigates most of the worst tendencies of vanilla Firefox out of the box without requiring any additional tweaking, and also includes the uBlock Origin ad blocker preinstalled. It is available for Windows as well as Linux systems. If you haven’t got the time or inclination to delve into user.js tweaking, LibreWolf is a good option that will, at the very least, leave you just as well off as, or possibly even better off than, the Firefox Profilemaker mitigations on a vanilla Firefox installation.

Regardless of which flavor of chromium or Firefox based browser you choose, there are a handful of useful extensions that I also recommend. The first and foremost is the aforementioned uBlock Origin. While there are a number of ad blocking extensions available (keeping in mind the caveats regarding upcoming Manifest V3 changes in chromium-based browsers), uBlock Origin has been by far the best in my experience. It is less resource hungry than some other ad blockers, has more robust content blocking features which allow you to block any number of elements on a page (not just ads), and more importantly, it does not generate revenue from whitelisting. AdBlockPlus, for instance, generates revenue by charging ad companies like Google to put some of their domains in a whitelist and bypass the ad blocker. If that sounds scummy, it’s because it is. You may be tempted to install more than one ad blocking extension, thinking an extra layer of protection might help. That is not the case. In fact, because of the way they act to read a page’s DOM and strip out the advertising elements, multiple ad blockers will sometimes compete with each other to block the same elements and break the page entirely. Whichever ad blocking extension you choose, use only one. However, it is perfectly safe to use a single browser-based ad blocking extension along with a DNS-level ad blocker, as they work differently and do not interfere with each other’s functionality. I also useand recommend: Decentraleyes, an extension that stores commonly used scripts locally and directs requests to CDNs to those local resources to prevent tracking; CanvasBlocker, an extension that prevents common browser fingerprinting techniques by either blocking the requests or generating junk data so that no reliable fingerprint can be obtained; and ClearURLs, which automatically removes tracking elements from URLs (basically removes that huge unique identifier embedded in your links to, say, Amazon). Bear in mind that while extensions can help to reduce the amount of ads you see and the amount of data you share, they also add to the uniqueness of your browser fingerprint and make you easier to track online. A few well-curated extensions will serve you better than loading up the browser with everything you can find.

We will touch only briefly on WebKit-based browsers, for the simple reason that outside of Safari in the Apple ecosystem, there are very few of them of which to speak. Google’s Chrome browser originally used the WebKit engine, but Google chose to fork WebKit into the Blink engine and chromium browser core in order to take its development in a direction that better suited their goals. While Apple previously maintained a Windows version of its Safari browser, they ceased doing so many years ago, and there exist no WebKit browsers for Windows. The WebKit engine does exist on Linux-based OSes mostly in the form of its GTK port, WebKit2GTK,and there are several relatively obscure browsers that use it, the most prominent being GNOME Web. GNOME Web was previously known as Epiphany, and if you are using a Linux-based OS you may find it so named in your distro’s software repositories. Until recently,WebKit2GTK did not support WebExtensions. However, WebExtensions functionality is now supported in the WebKit2GTK engine and is being added to GNOME Web on an experimental basis. Welcome news for me and the 12 other people who actually use GNOME Web (or my other favorite browser, BadWolf).

And of course, we must mention the venerable Tor browser. The Tor browser is a heavily modified version of Firefox designed to make use of the Tor network by default. Tor began as an acronym for The Onion Router project. In brief, onion routing is a method of routing web traffic through multiple relays in such a way as to obscure its origin. The Tor browser also disables certain features that track you across the web. Tor browser is not a good choice if you’re going to be consuming video streams or other data-heavy tasks as the deliberately convoluted routing makes load times slow, and some sites may break because of its privacy tweaks. And take it form Ross Ulbricht: you shouldn’t rely entirely on Tor to cover your tracksif you’re attempting to do something illegal. Now at this point, some pedantic privacy schizo might jump in and point out that ackchyually it was Ulbricht’s poor OpSec that got him caught. The point is, trust no one if you’re doing something that might draw the attention of law enforcement or the state. Seeing as very few of us are in a Ulbricht or Snowden type situation, Tor is a good option if you just want to make it more-than-trivial for some third party to snoop on you, but do not treat it like an immunity cloak.

So far we have discussed desktop web browsers. Let us now turn our attention to mobile web browsers. Every mobile OS, including AOSP and its derivatives, includes a built-in web browser. For iOS users, this will be Safari. For Android users, Chrome. For AOSP users, the default browser is a simple front-end to SystemWebView, which is simply a version of the chromium browser embedded into the OS itself. On iOS, every browser must use Safari’s WebKit rendering engine. Effectively this means that any third party browser you install on an Apple mobile device is just a reskinned Safari. Android users (including AOSP) have more options. Of the chromium-based mobile browsers, the only one I use myself is the fairly spartan FOSS Browser, which can be found in the F-Droid repositories. Bromite is another acceptable option, which uses some of the ungoogled-chromium build scripts and includes ad blocking and some privacy mitigations by default. Bromite is not available in the standard F-Droid repositories, although you can manually add the Bromite repository in order to manage installation and updates through F-Droid. Mull and Fennec F-Droid are Firefox-based browsers for Android, available through F-Droid. Both are good choices, although I personally prefer Mull as it includes more privacy mitigations to the upstream mobile Firefox code. Helpfully, both browsers support extensions, so you can use uBlock Origin and any other extensions you like, just like their desktop counterparts.

TL;DR: Web browsers based on the chromium project generally do not respect user privacy, and will soon lose support for most major ad blockers. Now would be a good time to consider supplementing your favorite ad block extension with a DNS-level ad blocker, like Pi-Hole or AdGuard Home. Consider migrating to Firefox or a Firefox-based browser, but be aware that they require additional configuration to become privacy-respecting. The Arkenfox user.js template is a great place to start. LibreWolf provides a “good enough” solution out of the box for desktop PCs. On Android, consider Bromite or Mull. On any browser that supports extensions, install the uBlock Origin content blocker. Other recommended extensions include: Decentraleyes, CanvasBlocker and ClearURLs.

Next, “Part V: Video Sharing.