No siree.
Here Mozilla, I've made some UI improvements:
Edit, and a few more, because, why not:
Clear, concise, no George Orwell double-think.
Remember guys, your browsing history isn't 'data', it's, err... history. Stored as, err... data.
]]>/home/<name>/.mozilla/firefox
Under there, you'll see a folder that ends with '.default'.
You first port of call is to eyeball "saved-telemetry-pings" folder, and look at the text data within. You will never see such a payload of so much system information in your life. This information appears to still transmit even if you explicitly unselect sending so-called 'health' reports, and why they're even there in the first place is even more disturbing. Contains everything from CPU, memory, harddrive, to plugins, what site you were browsing and tons of other data I don't comprehend. But that's not the worst of it.
I advise you browse for a bit on Firefox. The data saved from the session will still occur even if you tell Firefox to save nothing. Go into the Storage folder in the <garbage letters>.default folder. In the Storage folder will be three folders:
default, which appears to KEEP a history of sites visited (regardless of cookies) and extension data,
permanent, which keeps a set of SQLite databases (read: hidden cookies) which are also kept persistently, and
temporary, which is only used by sites that give a toss about privacy (I only see mega.nz in that one, good choice for ISO uploads, it seems).
Firefox developers absolutely insist if you try to delete the data yourself bad things will happen(tm) (probably to their profits and bottom line), however I believe they simply want you to retain the data and 'trust them' (because they worked so well for the NSA, GCHQ, US government etc). You can read more on the discoveries one person made here. Mozilla claim they'll fix it, but real question was, why did it take a public discovery for this to happen? Their bullshit argument is because of 'User Interface' designs.
I've dug around for suitable browsers, and the bad news is, basically, there are none. Browsers I've found fall into several categories:
1) Don't work too well, break a lot, and don't offer real protection (EG Midori)
2) Phone home (EG Chrome, Opera, Firefox)
3) Inherit from Chrome which leaks like a sponge with a running tap (EG SWIron, Brave browser [implied by user-agent identification by discord treating it as though Chrome])
4) Inherit from Firefox (EG Iceweasel, Icecat, Tor)
My proposal is not to look for a fully functional browser in this day and age, but instead a very simple solution that pwns even the most well researched of datamining: a VM browser host.
Specifically, an OS hosts a barebones VM container that loads the default state browser (plugins, updates etc included), which upon after the browser session is exited, the container discards the browser, and reloads it anew. There's a number of advantages:
1) Any data stored on the browser itself becomes useless, even if the browser developer cooperates, because the tracking is fundamentally defeated by way of disposable browsers.
2) Any exploits targeting a browser in order to hijack it encounters two problems: 1, it's sandboxed in a VM and thus can't escape (goodbye FOXACID), and 2, the malware is wiped upon discard (goodbye FOXACID).
3) The VM container can 'lie' to the browser as to the system specs, which means even if it 'phones home', all it phones home with is the stuff we gave it. I'd probably pay money if said stuff could include replacing every named system device with a phrase like STOPSPYING and similarly.
4) Everyone else indirectly gains, because VM users are indistinguishable from legitimate users.
5) If people want to be able to maintain browser persistence, make use of snapshots.
For people still on Firefox, I'd recommend the following plugins:
1) User-agent-spoofer. Despite the name it does a whole lot more than rotate what user agent you have (anyone who checks what I post with will see I'm supposedly using the Edge browser on Windows). You can subvert things like URL referrals and more in it. Doesn't allow settings to be saved, annoyingly.
2) NoScript. For advanced users. Even if you fully enable scripts it will still break some sites (payment gateways are notorious). Always have a second browser on hand for broken sites.
3) uBlock Origin (not to be confused with uBlock). Yes, there is a difference, different developers with different stances. I don't recall why I sided with Gorhill and chose uBlock Origin, but if it helps, he's the original developer of uBlock before it got, err 'hijacked'.
4) Decentraleyes, yes, that is how it's spelt. Used for sneaky trackers, being rebuilt for the nightmare that is WebExt.
5) HTTPS everywhere. Tries to enforce HTTPS on every site.
6) Privacy badger. This one is optional, doesn't seem to do a very good job. Supposedly 'learns', but so far it's marked every site I go on green. Ghostery would have had multiple fits where-as privacy badger is just 'meh'. Blocks facebook, google+ and twitter, so I guess there's that.
7) UnPlug. Allows you to get at media on pages for download, which is extremely helpful if your bandwidth is slow and the juttering splinky spring loading is unpleasant (no youtube, 240p at 'lag every 10 seconds' is not acceptable). Great for retrieving your own uploaded videos from youtube, which I've had to do a number of times when my own local files went missing.
Privacy wise there are other plugins but they either no longer work or they've become shady.
(Cash money from google for Adblock Plus anyone?)
]]>On the DNS server I could imagine the cost and capacity needed, but sometimes people have free resources to use voluntarily in research organizations and comm.companies. What still amazes me is the proposal of gnunet, a serverless decentralized internet of equal peers. What I would have thought is the future is nearly abandoned and forgotten.
]]>…A cheap easy way is either firefox (if you trust it) has "private" windows…
"Private" is only a request to website operators, who interpret as they see fit. Tracking data may be packed into url instead of cookie. Functionality depends increasingly on communication between multiple servers in different domains, often third parties.
For "easy" run in RAM a separate OS with zero access to other storage - on separate hardware. Simpler.
Another way is to spend some time reading up on containers and sandboxing. Bubblewrap, firejail, flatpak, etc are ways to use internet pkgs and semi-isolate them from the rest of the system.
A cheap easy way is either firefox (if you trust it) has "private" windows, and so does midori. I use the later when I want something to read from sites I do not trust. With torbrowser and scripts turned off there is not much of major news and information sites that can be reached. You can't get through the iron clouds. But there is nothing on wikipedia that I have found that needs scripts.
Meanwhile the opennic project seems to be folding, less and less dns servers still available and fery few new ones.
I will stop here before @golinux comes and locks the thread!
]]>That does not mean I want to prevent anyone to take the blue pill when shopping :-)
Grts