The browser is your main window to the internet and the main target for attacks. Through it, data leaks, trackers enter, and phishing works. Let’s understand how to configure a browser for security without losing convenience.
Choosing a Browser
Comparing Popular Browsers
| Browser | Privacy | Security | Convenience | Extensions |
|---|---|---|---|---|
| Firefox | ★★★★★ | ★★★★☆ | ★★★★☆ | ★★★★★ |
| Brave | ★★★★★ | ★★★★★ | ★★★★☆ | ★★★★★ |
| Safari | ★★★★☆ | ★★★★★ | ★★★★★ | ★★★☆☆ |
| Chrome | ★★☆☆☆ | ★★★★★ | ★★★★★ | ★★★★★ |
| Edge | ★★★☆☆ | ★★★★★ | ★★★★★ | ★★★★★ |
Recommendations
For privacy: Firefox with settings or Brave out of the box.
For Apple ecosystem: Safari - good privacy, optimized for macOS/iOS.
For compatibility: Chrome, but with proper settings and extensions.
Privacy Settings
Firefox
Enhanced Tracking Protection:
- Settings → Privacy & Security
- Enhanced Tracking Protection → Strict
- Send websites a “Do Not Track” signal → Always
Additional:
about:config → privacy.resistFingerprinting = true
about:config → network.cookie.cookieBehavior = 5
about:config → dom.security.https_only_mode = true
Chrome
Basic Settings:
- Settings → Privacy and security
- Third-party cookies → Block third-party cookies
- Send a “Do Not Track” request → On
- Safe Browsing → Enhanced protection
Secure DNS:
- Settings → Security
- Use secure DNS → On
- Choose Cloudflare or NextDNS
Brave
Out of the box:
- Tracker and ad blocking
- Fingerprinting blocking
- HTTPS Everywhere
- Third-party cookie blocking
Additional:
- Settings → Shields → Aggressive
- Settings → Privacy → Block fingerprinting → Strict
Safari
Settings:
- Safari → Preferences → Privacy
- Prevent cross-site tracking → On
- Hide IP address from trackers → On
- Block all cookies → Optional (may break sites)
Essential Extensions
For All Browsers
| Extension | Function | Recommendation |
|---|---|---|
| uBlock Origin | Ad and tracker blocking | ★★★★★ Essential |
| Bitwarden | Password manager | ★★★★★ Essential |
| HTTPS Everywhere | Force HTTPS | ★★★★☆ (now built into browsers) |
For Advanced Users
| Extension | Function | Note |
|---|---|---|
| Privacy Badger | Auto-blocks trackers | Complements uBlock |
| Decentraleyes | Local CDN libraries | Fewer CDN requests |
| ClearURLs | Removes tracking parameters from URLs | Clean links |
| LocalCDN | Replaces CDN resources with local | Privacy + speed |
What to Avoid
❌ Free VPN extensions: most collect data
❌ Antivirus extensions: redundant, slow down browser
❌ Video download extensions: often contain malware
❌ Extensions with broad permissions: “access to all sites”
uBlock Origin: Proper Setup
Basic Setup
- Install from official extension store
- Icon → Settings (gear)
- Filter lists → enable:
- EasyList
- EasyPrivacy
- Fanboy’s Annoyance List
- Malware Domain List
Advanced Filters
Against cookie banners:
- I don’t care about cookies
- or Fanboy’s Annoyance
Blocking Modes
| Mode | What it blocks | For whom |
|---|---|---|
| Easy | Ads, trackers | Most users |
| Medium | + third-party scripts | Advanced |
| Hard | + all third-party resources | Paranoid |
Fingerprinting Protection
What Is Fingerprinting
Sites collect unique browser characteristics:
- Screen resolution
- Installed fonts
- Browser plugins
- Time zone
- System language
- WebGL renderer
The combination creates a unique “fingerprint” - even without cookies you can be tracked.
How to Protect Yourself
Firefox:
about:config → privacy.resistFingerprinting = true
⚠️ May break some sites.
Brave:
- Built-in protection, works out of the box
CanvasBlocker Extension:
- Spoofs canvas data
- Randomizes fingerprint
Testing
- Cover Your Tracks - EFF test
- AmIUnique - how unique is your browser
Password Security in Browser
Built-in Manager vs Specialized
| Feature | Built-in | 1Password/Bitwarden |
|---|---|---|
| Cross-platform | Limited to ecosystem | Full |
| Security | Basic | Advanced |
| Password generator | Simple | Flexible |
| 2FA codes | No | Yes |
| Secure notes | No | Yes |
Recommendation
Use a specialized manager:
- Bitwarden: free, open source
- 1Password: paid, best UX
- KeePassXC: local, maximum control
Autofill Setup
- Disable browser’s built-in password manager
- Install Bitwarden/1Password extension
- Enable biometrics for unlock
Cookies and Tracking
Cookie Types
| Type | Purpose | Block? |
|---|---|---|
| Necessary | Auth, cart | No |
| Functional | Settings, language | No |
| Analytics | Site statistics | Optional |
| Advertising | Ad targeting | Yes |
| Third-party | Cross-site tracking | Yes |
Configuration
Blocking third-party cookies:
- Firefox: Settings → Privacy → Strict protection
- Chrome: Settings → Cookies → Block third-party
- Brave: Enabled by default
Auto-delete cookies:
- Cookie AutoDelete extension
- Or “Delete on browser close” setting
HTTPS and Secure Connections
Why HTTPS Matters
HTTP: Your data → [Visible to all] → Server
HTTPS: Your data → [Encrypted] → Server
HTTPS-Only Mode
Firefox:
- Settings → Privacy → HTTPS-Only Mode
- Enable in all windows
Chrome:
- Settings → Security
- Always use secure connections → On
Brave:
- Enabled by default
Security Indicators
| Icon | Meaning |
|---|---|
| 🔒 Lock | HTTPS, connection secure |
| ⚠️ Triangle | Mixed content (HTTP + HTTPS) |
| 🔓 Open lock | HTTP, connection not secure |
Incognito Mode: What It Does and Doesn’t Do
What It Protects
✅ Local history not saved ✅ Cookies deleted on close ✅ Autofill doesn’t work ✅ Extensions disabled (by default)
What It Does NOT Protect
❌ IP address visible to sites and ISP ❌ Employer sees traffic ❌ Sites can track by fingerprint ❌ Downloaded files remain
When to Use
- Logging into someone else’s account on your device
- Searching for something personal on shared computer
- Checking prices without cookie history
For Real Privacy
Incognito + VPN:
- VPN hides IP from sites and ISP
- Incognito leaves no local traces
Browser and VPN
How They Work Together
| Level | What it protects |
|---|---|
| VPN | IP address, traffic from ISP |
| Browser | Cookies, fingerprint, trackers |
VPN Extensions vs System VPN
| Extension | System VPN |
|---|---|
| Browser only | Entire device |
| Easier to set up | More reliable |
| May leak WebRTC | Full protection |
| Free ones often dangerous | Verified providers |
Recommendation: Use system VPN client, not extension.
WebRTC Leaks
WebRTC can reveal real IP even through VPN.
Check: browserleaks.com/webrtc
Disable in Firefox:
about:config → media.peerconnection.enabled = false
In Chrome/Brave:
- WebRTC Control extension or uBlock Origin
Browser Security Checklist
Basic Level
- Browser updated to latest version
- uBlock Origin installed
- Password manager (Bitwarden/1Password)
- HTTPS-Only mode enabled
- Third-party cookies blocked
Advanced Level
- Firefox or Brave instead of Chrome
- Advanced privacy settings
- Privacy Badger or similar
- DNS encryption (DoH)
- Regular cookie clearing
Paranoid Level
- Tor Browser for sensitive stuff
- Resist Fingerprinting enabled
- Separate browser for finances
- JavaScript disabled by default
- VPN always on
Summary
A secure browser is a balance between protection and convenience. You don’t need to become paranoid: basic settings + uBlock Origin + password manager will protect against 95% of threats.
For serious privacy, add Firefox with settings + VPN. This will cover tracking, fingerprinting, and ISP surveillance.
Tainet protects traffic at the network level, browser - at the application level. Together they create layered defense: from the website to your device.
