Sampei.Nihira

Instead, I prefer, whenever possible, to get security directly in the browser. Let's consider the usual javascripts as an attack vector. Only with MS Edge 96 is it currently possible for renderer processes: https://blogs.windows.com/msedgedev/2020/09/30/microsoft-edge-multi-process-architecture/ to lower the default level which is "Untrusted" to IL AppContainer. Currently with Process Explorer you will always see an IL "Untrusted" because the function is disabled and to enable it you have to insert a registry key. If I remember correctly Firefox has a "Low" IL.******* It is obvious that a sandbox-escape will have a probability of success that is much lower in Edge (hardened): https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#rendererappcontainerenabled than in Firefox. P.S. ******* https://wiki.mozilla.org/Security/Sandbox/Process_model

It is preferable not to abound with installed extensions.

It depends on how you blend into the crowd. If you use a common browser completely to default like the greater part of the mass you are yes, camouflaged but very vulnerable in safety. If instead you use a hardened browser with purpose the safety + values more commonly used for the fingeprinting falsified you are equally camouflaged because even if you are visible you usufruite of a visibility fake.

https://www.ghacks.net/2021/11/24/mozilla-bans-the-fvd-speed-dial-extension-from-firefox/ The extension is for now regularly featured in Edge/Chrome Web Store

https://puppylinux.com/ https://antixlinux.com/download/ https://q4os.org/ Try these distros.

I think the browsers I use are the first defense against trackers: then there are the specific lists I use in UBO,and probably DNS. This last aspect is more important in the smartphone.

Appears the first time Firefox is started. In a tab next to the home. The promo occurs also in Private Browsing.

Firefox 94.x also advertises its VPN. To disable the ad make the changes as in the image below:

@Dixel OK.

I assume therefore yes. Just check the list "AdGuard URL Tracking Protection". With UBO Legacy this rule does not work. TH.

Hi to all. A colleague would like to know if UBO installed in 360 is able to use the rule "removeparam=" Thanks to whoever will answer me.

I am certainly not one of those fans. In Windows,Linux,Android I use 3 different browsers.

I instead as someone has already noted in favor of Firefox. To eliminate or mitigate the problems of privacy it is enough to use the optimal Arkenfox user.js: https://github.com/arkenfox/user.js/blob/master/user.js For those who want to do everything by themselves and do not push in an extreme way the search for privacy, some ideas in the excellent article below: https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/ Pale Moon is not able to reach the security of Firefox, think of Total Cookie Protection: https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/ o Site Isolation = Fission: https://www.ghacks.net/2021/11/02/firefox-94-0-release-here-is-what-is-new-and-changed/ By the way who uses Firefox 94.x especially in a Linux OS should check the actual enabling of Fission: "fission.autostart" set to true "gfx.webrender.all" set to true As I've already written I don't think Firefox is the safest browser in a modern Windows OS, but this is OT with the topic of the excellent thread opened by @Mr.Scienceman2000

HTTP websites with malware content discovered daily on the web outnumber HTTPS websites. In addition, HTTPS websites stay online for a shorter time. It is the same for phishing websites: https://phishtank.org/phish_search.php?valid=y&active=y&Search=Search You don't need to work in IT Security, you just need to know how to count.

Beyond the obvious privacy functionality, this feature in Firefox 94.x also fulfills a security task. Unfortunately it is not so in MS Edge (and probably also in other chrome-based browsers,I have not checked) where the feature has lower performance, and not only for the lack of an exceptions list. For the test I will use the malware database of URLhaus: An HTTP malware site blocked in Firefox and almost certainly, as I have verified several times, with download pop-up opening in MS Edge. I invite you to do a verification: On HTTPS websites (,insert the filter for a better and faster test) the download pop-up appears and the download succeeds without any warning of potentially harmful files for the user. In this case with MS Edge (and probably also in other chrome-based browsers) the download is blocked or the user is warned about the possible danger: I recommend users who use chrome-based browsers to insert in the browser itself a rule that blocks all javascripts in HTTP websites: HTTP://*

Sometimes it happens,but most of the time it doesn't. I'm going to open a new thread to highlight just this aspect but in modern versions of browsers. I invite you to participate and maybe do some testing yourself.

The browser is a critical component of the security configuration. As I've written many times I consider security as a primary objective compared to privacy. If we take Pale Moon that lacks the Google Safe Browsing feature present instead in Firefox, it is good practice to integrate this lack. Choosing protective DNS. Enabling in UBO the anti-malware + anti-phishing lists. Who instead uses Firefox 94.x especially in a Windows OS must work on the privacy side (as well as at the OS level) that as you have all pointed out is lacking by default.

You are absolutely right.

Hi, do you use MS Edge in a Linux distro?

Personally, as I have written several times I am more interested in security than privacy. Second option is the comfort of use.

I will not install, for now, W.11 on my new W.10 pc even if it is compatible.

Total javascript blocking is impractical on websites where you need to interact, so you are registered and login. In that case your protection against fingerprint is left to the browser itself (in the best case scenario) + some extensions (less is more).

@ArcticFoxie With chrome-based browsers, unless you use several extensions (and here the debate opens as to whether it's better not to install too many extensions), you can't privatize several aspects of the browser subject to fingerprinting. A few examples: https://audiofingerprint.openwpm.com/ https://armin.dev/apps/ping-spotter/ https://pazguille.github.io/demo-battery-api/

Try it: https://phishtank.org/phish_search.php?valid=y&active=y&Search=Search

Aside from Windows XP, the most profitable use of a browser depends on many factors. With Windows, security should be a priority. If one browser is intrinsically more secure than another, it doesn't mean that your security configuration will be any less efficient than the one who chooses the more intrinsically secure browser. If with Windows I choose to use a browser firefox-based I renounce to the protection of the IL level untrusted. To take a next example if you use a chrome-based browser other than MS Edge in an OS like W.10 you forgo the CFG Anti-Exploit protection. My point of view is, let's think about the security first and then we intervene on privacy.