This comment is probably the longest thing I wrote on [RAMBLE], maybe the longest from all users, but the TL;DR: use LibreWolf, since it has the tweaks recommended, and install some addons, especially uMatrix, WebRTC Control, LocalCDN. And others listed on the essentials privacy addons. Besides searX, you can use MetaGer and YaCy for search results from independent indexes. I really hope this summary is enough, since this entire thing is 8 000 characters long if you render it in plain text as UTF-8. Can you imagine it took me several hours to write this? Well, mostly because I was also distracted with other things, oh well, I guess enjoy the reading, or don't, just skip past it if you want

As burnerben said, you should use LibreWolf instead of hardening Firefox, especially since arkenfox' user.js doesn't disable all connections, which werwolf proves themselves by showing what you can tweak in about:config. Sure, LibreWolf enables autoupdating uBlock Origin lists by default and it relies on the evil Mozilla, but it's still the best Firefox fork if you really need one. Anyway, let's skip the entire profile nonsense and move to search engines.

They recommend searX, which I think is a good choice, especially after they released version 1.0.0 — but it does rely on Google and other search engines, which might bother some. It does, however, support searching with Mojeek and Wiby, which have fully independent indexes, although with weak results, so it's probably a good idea to enable those and whatever else you want. What about the other, less recommended options?

• MetaGer: not sure if I can count it as a metasearch engine, since, unlike searX, you don't get 70+ search engines, you only get four: Scopia (which is their index, and of course, it has weak results — but DuckDuckGo also has its own), Bing (like DuckDuckGo, but they also use yahoo*!*), and One News Page for both text and video (why are there two of them, especially since they're also in the News/Politics category?). That's just the Web category, of course, there's also Pictures (which exclusively uses Bing), Shopping (like how Pictures uses only one search engine, this one uses Kelkoo, which looks like it's useless), and News/Politics, but it's still nothing compared to searX. Also, I'm not sure if it's preferable over DuckDuckGo, since they: don't require JavaScreep, partially use their own indexes, have onion domains, store IP addresses, have somewhat good results, and don't share data with third parties.
• DuckDuckGo: if you don't trust DuckDuckGo, why do you list it? Actually, whatever, if you do want to use it, use the Lite version, as shown here.
• Qwant: is it actually private? Well, Qwant's privacy policy says that, besides the queries, it stores a “salted hash of the user’s IP address” and “the User Agent” for a week. Obviously, I remember that the only anonymous data is no data (yes, it is from DuckDuckGo, but you get my point), but it's still probably better than other search engines. Also, note the freetardist “non-free” notice because I don't know why would you want to say that otherwise, lol.
• Mojeek: I already mentioned it has an independent index, and it neither stores your IP address nor shares it with third parties. But again, there's that stupid “non-free” notice, even though it doesn't matter at all.
• YaCy: I think this one might be even better than Mojeek and Wiby combined, considering everyone can contribute, but I have no idea how do they compare.

Should you use any of those? Well, maybe MetaGer if you want its Scopia index and YaCy for P2P index, since the rest can be used with searX.

Now let's see their recommended addons:

• uBlock Origin: I think that uMatrix (which is mentioned, along with NoScript, but I don't recommend that because it's malicious and dishonest and it doesn't allow blocking other than global) is better because, by default, it relies on blocking entire classes instead of lists that need to be constantly updated. Also, it has well configured rules. Although, it only does basic content blocking, which might be an issue on sites like YouTube, where the scripts to load videos and ads are on the same site. So if you have to rely on them, it's probably a good idea to get uBlock Origin too, or Disconnect as an alternative.
• LocalCDN: like uMatrix, LocalCDN is an essential privacy addon, which supports more CDNs than Decentraleyes.
• Password manager choices: bitwarden looks like a pretty good choice, but the problem is that they have premium membership, which, if you don't have it, locks out options like TOTP, which aren't considered essential here, for some reason. Luckily, the community came to help and made vaultwarden, which doesn't have that. If you want an instance, LavaTech has one. But if you don't want to store passwords online, KeePassXC is probably a good option too, along with Syncthing if you have multiple devices. I don't recommend pass because it requires a terminal, which is ridiculous.

That's the essentials considered by them, but I think WebRTC Control should be there too, especially for those changing IP addresses, since WebRTC reveals your real one, even with Tor over VPN. Sure, the about:config tweaks do suggest disabling it, but those two settings might not be enough. What about other addons?

• Cookie AutoDelete: I think that first party isolation and disabling tracking cookies should be mostly enough, and you could be fingerprinted if you have many addons.
• ClearURLs: not only UTM tracks, but it's also annoying, so definitely get it. Although, I didn't notice any breakage from that addon back when I used it.
• Temporary Containers: this thing is just a fake initiative, and it's outclassed by uMatrix.
• ETag Stoppa: ETags are useless anyway, so get rid of them.
• CanvasBlocker: this one did break sites for me, but it's still useful if you need third party JavaScreep, which is what uMatrix blocks by default.
• xBrowserSync: like how you shouldn't sync passwords with Firefox Sync, you shouldn't sync your bookmarks with that too, so use this addon instead!
• AdNauseam: if you want to use sites like YouTube and tick off ad networks, use this along with uMatrix and hopefully, we'll destroy the cancer!
• Privacy Redirect: a better idea would be to use Redirector and set up regex rules for redirection, which makes it superior to that because you can add other sites too.

Also, I recommend checking the essentials privacy addons to see other useful addons.

Just to end this long comment, let me talk about the buttons below for a bit. FreeBSD is, well, probably better in website hosting because it has better security practises, unlike Linux. Discord is bad, and it's good they're promoting the Online Spyware Watchdog. No idea why they don't like the <blink> HTML element, I never used it. There's this “The Bible is an Anarchist Manifesto” thing that's controversial, apparently, and this comparison of Goolag Hrom and Internet Exploder is actually funny, and… oh no, the Vim editor (remember what I said about pass?). About Mastodon… why not just not use social media and connect to people directly instead? The last button is just promoting itself as a project “which tries to mimic the 80s multi users unix machines”. That's all.

To be honest, if you have an account on a just breached site and your data didn't got leaked, it's probably a good idea to change it anyway. I still use these kinds of tools, though, but mostly because I used to make accounts on lots of services, forget about them, then get reminded again by a breach, then I usually just download whatever data I had, if any, then remove the account and forget about services for however long. The shock when I found out I got my data leaked because of the Armor Games breach...

users are recommended to immediately check if their passwords were included in the leak.

"We recommend you to add your password to the leak".

These tools have always been a head scratcher for me.

I had not heard of that LocalCDN fork of DecentralEyes, and I'm going to try it out. Also prefs list is short and useful. Nice. Usually these Firefox guides are so big and outdated that they're hard to find the good stuff in them.

Guess they asked someone else.

It's interesting because, from what I gather, in Germany they have the same rule regarding telecommunication providers as in Switzerland, but different interpretations of it or - more precisely - of what constitutes a telecommunication provider. Maybe it's true that Switzerland is still a decent model when it comes to privacy.

why not just use LibreWolf?

It's not something usable on random criminals. In a sense it is do-not-care. If what was possible would be used for everything, everyone would be more or less aware, making it much less useful. Like the heart attack gun the CIA has since the 1960s. It's used sparingly enough for most people to not even know that it exists. (It's basically an untraceable killing method with a disintegrating projectile that induces a heart attack int he victim.)

What you describe isn't something the people with access to the good stuff would be even aware of, I believe. Too insignificant to reveal their hand.

Spies benefit from false fears of omniscience.

This is utterly useless if crypto, Tor, VPNs are legal. They have to go all the way China or lose on a disqualification. Which do you think?

https://spyware.neocities.org/articles/waterfox_classic.html

I use Waterfox how fucked am I?

Bromite is only for Android, but I guess Android web browsers are missed when mentioning FLoC. Also, from what I see, CalyxOS build of Chromium either has FLoC disabled by default (and it is on version 89, by the way) or I haven't been FLoC'd. Actually, since I disabled third-party cookies, I can't be FLoC'd. And also, it doesn't look like the Calyx Institute mentioned FLoC and whenever they disabled it in their build of Chromium.

Bromite is a Chromium fork with ad blocking and enhanced privacy for Android.
This browser is disabled FLoC by default since version 90.0.4430.101.

The difference is that ungoogled-chromium disables connections and integrations to Google. Since I have a feeling the chromium-browser Mint package might still contain those, you might need to download the package manually. I think AppImage, Debian, or the portable builds should work.

Is there a difference between ungoogled-chromium and chromium-browser? I've got the latter in my repository (Linux Mint), but not the former.

It looks like it will be embedded in a way that can be disabled. In fact, Brave and Vivaldi have already stated FLoC will be disabled. ungoogled-chromium didn't state anything about it AFAIK, but since it disabled everything Google, it will probably disable FLoC too.

Is this only part of Chrome or will this become an integral part of the engine that basically all other browsers use, too?

At one point they started serving unsolvable captchas like google, fortunately they soon quit that fuckery and now it seems to work consistently.

It's still annoying as hell because tons of retarded webmasters block read access from Tor with Cloudflare cancer and thus also hCaptcha.

Though IMO captchas are not a fundamentally bad idea for blocking robots from having write access to a service, not malicious humans. They're just overused by idiots who have no fucking clue about what they're doing, which is mainly why half of the modern web is completely unusable on Tor. (There's also the minority which knows exactly what they're doing, aka Google.)

Yeah, that's on me. Usually I'll read, or at the very least skim my submissions.

Should've dig deeper before sharing then, especially when it's from reddit, where they do shit like censoring the Dig Deeper website, which is a fucking joke for a subreddit that says they help with "Privacy & Freedom in the Information Age". Never mind the subreddit, the entire forum is against privacy. At least they aren't Clownflared and they allow VPNs.

I'll admit, I didn't read the article. Just copied from /r/privacy on reddit.

It'll eventually be like China, each country has their own Great Firewall.

It's an improvement over using Google reCaptcha, at least for now it's not Google (although Google would probably just buy it). Ideally of course our website should be standalone, not loading resources from external sources.

Let's not forget to mention Firefox and DuckDuckGo. Oh, and did I mention that Medium is Clownflared and Internet Archive is shit at trying to view an article on it, forcing you to use Google Cache? It sounds like irony to me.