BlackWinnerYoshi said () (edited )

This comment is probably the longest thing I wrote on [RAMBLE], maybe the longest from all users, but the TL;DR: use LibreWolf, since it has the tweaks recommended, and install some addons, especially uMatrix, WebRTC Control, LocalCDN. And others listed on the essentials privacy addons. Besides searX, you can use MetaGer and YaCy for search results from independent indexes. I really hope this summary is enough, since this entire thing is 8 000 characters long if you render it in plain text as UTF-8. Can you imagine it took me several hours to write this? Well, mostly because I was also distracted with other things, oh well, I guess enjoy the reading, or don't, just skip past it if you want

As burnerben said, you should use LibreWolf instead of hardening Firefox, especially since arkenfox' user.js doesn't disable all connections, which werwolf proves themselves by showing what you can tweak in about:config. Sure, LibreWolf enables autoupdating uBlock Origin lists by default and it relies on the evil Mozilla, but it's still the best Firefox fork if you really need one. Anyway, let's skip the entire profile nonsense and move to search engines.

They recommend searX, which I think is a good choice, especially after they released version 1.0.0 — but it does rely on Google and other search engines, which might bother some. It does, however, support searching with Mojeek and Wiby, which have fully independent indexes, although with weak results, so it's probably a good idea to enable those and whatever else you want. What about the other, less recommended options?

  • MetaGer: not sure if I can count it as a metasearch engine, since, unlike searX, you don't get 70+ search engines, you only get four: Scopia (which is their index, and of course, it has weak results — but DuckDuckGo also has its own), Bing (like DuckDuckGo, but they also use yahoo*!*), and One News Page for both text and video (why are there two of them, especially since they're also in the News/Politics category?). That's just the Web category, of course, there's also Pictures (which exclusively uses Bing), Shopping (like how Pictures uses only one search engine, this one uses Kelkoo, which looks like it's useless), and News/Politics, but it's still nothing compared to searX. Also, I'm not sure if it's preferable over DuckDuckGo, since they: don't require JavaScreep, partially use their own indexes, have onion domains, store IP addresses, have somewhat good results, and don't share data with third parties.
  • DuckDuckGo: if you don't trust DuckDuckGo, why do you list it? Actually, whatever, if you do want to use it, use the Lite version, as shown here.
  • Qwant: is it actually private? Well, Qwant's privacy policy says that, besides the queries, it stores a “salted hash of the user’s IP address” and “the User Agent” for a week. Obviously, I remember that the only anonymous data is no data (yes, it is from DuckDuckGo, but you get my point), but it's still probably better than other search engines. Also, note the freetardist “non-free” notice because I don't know why would you want to say that otherwise, lol.
  • Mojeek: I already mentioned it has an independent index, and it neither stores your IP address nor shares it with third parties. But again, there's that stupid “non-free” notice, even though it doesn't matter at all.
  • YaCy: I think this one might be even better than Mojeek and Wiby combined, considering everyone can contribute, but I have no idea how do they compare.

Should you use any of those? Well, maybe MetaGer if you want its Scopia index and YaCy for P2P index, since the rest can be used with searX.

Now let's see their recommended addons:

  • uBlock Origin: I think that uMatrix (which is mentioned, along with NoScript, but I don't recommend that because it's malicious and dishonest and it doesn't allow blocking other than global) is better because, by default, it relies on blocking entire classes instead of lists that need to be constantly updated. Also, it has well configured rules. Although, it only does basic content blocking, which might be an issue on sites like YouTube, where the scripts to load videos and ads are on the same site. So if you have to rely on them, it's probably a good idea to get uBlock Origin too, or Disconnect as an alternative.
  • LocalCDN: like uMatrix, LocalCDN is an essential privacy addon, which supports more CDNs than Decentraleyes.
  • Password manager choices: bitwarden looks like a pretty good choice, but the problem is that they have premium membership, which, if you don't have it, locks out options like TOTP, which aren't considered essential here, for some reason. Luckily, the community came to help and made vaultwarden, which doesn't have that. If you want an instance, LavaTech has one. But if you don't want to store passwords online, KeePassXC is probably a good option too, along with Syncthing if you have multiple devices. I don't recommend pass because it requires a terminal, which is ridiculous.

That's the essentials considered by them, but I think WebRTC Control should be there too, especially for those changing IP addresses, since WebRTC reveals your real one, even with Tor over VPN. Sure, the about:config tweaks do suggest disabling it, but those two settings might not be enough. What about other addons?

  • Cookie AutoDelete: I think that first party isolation and disabling tracking cookies should be mostly enough, and you could be fingerprinted if you have many addons.
  • ClearURLs: not only UTM tracks, but it's also annoying, so definitely get it. Although, I didn't notice any breakage from that addon back when I used it.
  • Temporary Containers: this thing is just a fake initiative, and it's outclassed by uMatrix.
  • ETag Stoppa: ETags are useless anyway, so get rid of them.
  • CanvasBlocker: this one did break sites for me, but it's still useful if you need third party JavaScreep, which is what uMatrix blocks by default.
  • xBrowserSync: like how you shouldn't sync passwords with Firefox Sync, you shouldn't sync your bookmarks with that too, so use this addon instead!
  • AdNauseam: if you want to use sites like YouTube and tick off ad networks, use this along with uMatrix and hopefully, we'll destroy the cancer!
  • Privacy Redirect: a better idea would be to use Redirector and set up regex rules for redirection, which makes it superior to that because you can add other sites too.

Also, I recommend checking the essentials privacy addons to see other useful addons.

Just to end this long comment, let me talk about the buttons below for a bit. FreeBSD is, well, probably better in website hosting because it has better security practises, unlike Linux. Discord is bad, and it's good they're promoting the Online Spyware Watchdog. No idea why they don't like the <blink> HTML element, I never used it. There's this “The Bible is an Anarchist Manifesto” thing that's controversial, apparently, and this comparison of Goolag Hrom and Internet Exploder is actually funny, and… oh no, the Vim editor (remember what I said about pass?). About Mastodon… why not just not use social media and connect to people directly instead? The last button is just promoting itself as a project “which tries to mimic the 80s multi users unix machines”. That's all.


BlackWinnerYoshi said ()

To be honest, if you have an account on a just breached site and your data didn't got leaked, it's probably a good idea to change it anyway. I still use these kinds of tools, though, but mostly because I used to make accounts on lots of services, forget about them, then get reminded again by a breach, then I usually just download whatever data I had, if any, then remove the account and forget about services for however long. The shock when I found out I got my data leaked because of the Armor Games breach...


BlackWinnerYoshi said ()

I watched both the CringeTok and browsed the PDF, there's literally nothing mentioned about facial expressions. But hey, iPhones are still shit, so let's just not buy them, that's the only solution for now.


BlackWinnerYoshi said ()

Bromite is only for Android, but I guess Android web browsers are missed when mentioning FLoC. Also, from what I see, CalyxOS build of Chromium either has FLoC disabled by default (and it is on version 89, by the way) or I haven't been FLoC'd. Actually, since I disabled third-party cookies, I can't be FLoC'd. And also, it doesn't look like the Calyx Institute mentioned FLoC and whenever they disabled it in their build of Chromium.


BlackWinnerYoshi said ()

I would recommend Twiiit to randomly redirect to a Nitter instance that's not dead/rate-limited, but it looks like it can select instances which are dead, redirect somewhere else, or are Clownflared. It's possible I'll have to message the owner about this, so for now, check the instance list to find an instance that's not slow or Clownflared. It might still eventually get rate-limited, though.


BlackWinnerYoshi said ()

Should've dig deeper before sharing then, especially when it's from reddit, where they do shit like censoring the Dig Deeper website, which is a fucking joke for a subreddit that says they help with "Privacy & Freedom in the Information Age". Never mind the subreddit, the entire forum is against privacy. At least they aren't Clownflared and they allow VPNs.


BlackWinnerYoshi said ()

I don't trust hCraptcha - their main page has a "Try it out" thing, which embeds hCraptcha over Clownflare, which means BCMA will block the main page after the first load. So it's clear to me they support Clownflare in some way.

Actually, the Stop Cloudflare repository said it's all about money. You can see it on hCraptcha main page:

hCaptcha allows websites to make money serving this demand while blocking bots and other forms of abuse.

The "abuse", of course, will be e.g. users who use Tor and they happen to visit a Clownflared website.

Is that the only issue? Well, it also has the issue reCRAPTCHA has - the user is still forced to solve it, the only thing that changes is who gets your data to abuse it.