It does also need to make a difference though. If Google has say three different ways of figuring out who I am and I eliminate one of them then nothing has changed.
Let’s say IP address, fingerprinting and cookies.
In that sense it is somewhat all or nothing. Either I’ve eliminated all three or I have not. I know that’s not precisely what the author means by all or nothing but there are certainly dynamics at play here that are not a smooth continuum
> Let’s say IP address, fingerprinting and cookies.
You also forget time. There is historical data, current data, and future data. You can tackle all of these, and they should be addressed differently. You can remove data and that can prevent future players or potential sales of your data. But we should also be really aware that the future data is most important. You change over time and they want to track these changes. The more you can limit their access, the more you fight back. One easy method is to use email masks. You can do this for free or relatively cheap, but I've changed most of my logins to unique emails as well as unique passwords (fwiw, Mozilla Relay integrates into Bitwarden, making this simple). I've now been able to track who is leaking my information to who, and better adapt to the environment. It also means that if one of these sites gets hacked than I can easily burn that email address and not be forever locked in a circulating list.
So I just want you to realize, you haven't been defeated yet. As long as you generate new data, there is time for you to fight back.
That's not true! If Google has three ways and you eliminate one, and nothing else ever happens, then you might as well not do anything. But if there's one approach to data security that protects you from one kind of tracking, and you "set it and forget it," then it's chugging away in the background not really protecting you now—but if you later "set and forget" two other approaches to data security, then, together, they might have eliminated the problem, even if none of them individually made any difference.
(Stating the attempted refutation this way, it feels kind of like the privacy version of the refutation of "what good is half an eye?", e.g., https://evolution.berkeley.edu/evolution-101/the-big-issues/...)
This is why you should "eliminate fingerprinting" by randomizing your fingerprint.
Here's the rub. I buy that privacy is not dead, however free privacy is very limiting. Total privacy remains a complicated pay to play game.
But to me it's similar to posture, or maybe hygiene. I stand tall but know I'm feeble. I wash but know the bacteria persists. And I actually think the invasion of privacy is analogous to bacteria in its inevitability, ubiquity, and perhaps even virulence snd symbiosis. It's a kind of day dream - one that if ever presenting actual opportunity, I will seize if I can grasp it. But I've come to not expect much of it, however much I desire it or make token efforts toward.
But I remain closely aligned with its principle. And I sustain its spirit. Primarily, I uphold it by valuing, respecting and defending the privacy of others where I'm able. There's a different kind of privacy, and vaguely but formidably unassailable solitude, for those who value the sanctity of others. I think it reduces the value of the corrupt currency of data, in some small way.
But I don't think I'd survive long without ublock or the cozy alcove of foss. Nor might I want to.
Here's a concrete example: Let's say your friend just told you they moved their communications from SMS to Signal. This is something to celebrate! Your friend just improved their data privacy a lot by deciding to start using Signal instead of SMS. It is absolutely not the time to tell your friend things like "Okay, but you're not even using Firefox!
If a privacy source suggests that Firefox is an absolute improvement over other browsers without actually laying out the security tradeoffs you'd be making by adopting it, you should trust that source less.
I would personally go much farther with this analysis; I have categorical opinions about the relative security of browsers. But you don't have to follow me that far down the path to see the merit of the rule, because if you think "just use Firefox" is an uncomplicatedly strong recommendation, you're simply not paying attention to browser security at all, in which case: why are you making recommendations?
Most privacy and security guides are LARPs.
They do indeed recommend Firefox (as a third choice, after Tor and Mullvad Browsers), and the recommendation page doesn’t go into reasoning, sadly, but it does discuss some pitfalls of the default config and how to fix them: https://www.privacyguides.org/en/desktop-browsers/#firefox
It is called privacy guides and not security guides for a reason, and many of our basic "recommendations" are geared towards a specific threat model that does not include, for example, being targeted by law enforcement or others with access to zero-day vulnerabilities or similarly targeted exploits. They are geared towards avoiding commercial-grade tracking, especially by corporations, and dragnet mass surveillance programs.
This is why we place so much of an emphasis on threat modeling before suggesting recommendations in the first place though, to make sure readers know exactly when the recommendations apply to them and when they instead need to seek additional resources. We have countless pages within our community forum detailing why and when Chromium is technically superior to Firefox.
This is also why we don't recommend Firefox on mobile devices at all, because while we do feel Firefox on desktop is adequately secure for many people, we don't feel that is the case on Android, unfortunately.
Anyways, thank you for your insight. I will look into making this more clear at a glance.
The part you quoted was an example of what _not_ to do ("not the time").
When someone might benefit from marginal privacy, its best to ask who they want to be private from. Sometimes the juice is worth the squeeze (Privacy from ISP, Spouse etc) sometimes it isn't (State actors, large corps) depending on how much effort they want to put in.
When you're starting out you're learning everything and trying to adjust your current usage with the limits of the private alternatives. And then we live in a society there is the learning curve for those who want to interact with you and are somehow willing to cooperate and use a more secure/private thing than the tool/service they're used to.
Let people get better and encourage them to keep going is definitely the right advice. The tone, intent, and timing of telling people how to keep going further is as important as the advice or recommendations you're giving them.
I assure you that Privacy Guides has not made a deal with Brave or any other of the tools that it recommends on the website. I'm happy to address any other questions about raising funds if you have them.
There are lengthy discussions about whether to recommend a tool or not on the Privacy Guides GitHub and their forum. There is a lot of great context there.
> There are lengthy discussions about whether to recommend a tool or not on the Privacy Guides GitHub and their forum
The process doesn't strike me as consensus driven? Mods/team have become gatekeepers (both for persisting with existing recommendations or adding new ones), including aggressively shutting down conversations/threads they personally don't like (I was told, all moderation actions are final, regardless of who on the team does it, even if why they did it doesn't hold water). I imagine, such a rigid setup is in response to prevent bad faith actors (but then, I lose count of how many times team/mods have called others "extremist", using it as a slur, just because ... reasons).
It is hard to definitively prove ulterior motive, but other folks do observe such nefariousness and come to their own conclusions, valid or not, as GP has done.
All that to say, the way it is currently run, "discussions happened" isn't really the defence you think it is.
I think our position on Brave is clear enough from the very first paragraph in the guide:
> We recommend Mullvad Browser if you are focused on strong privacy protections and anti-fingerprinting out of the box, Firefox for casual internet browsers looking for a good alternative to Google Chrome, and Brave if you need Chromium browser compatibility.
edit: ninja'd by justin lol
Just want to put emphasis on “out of the box”. Changing any of the default settings will cause you to stand out. The fingerprinting protection is essentially to have a bunch of people all using the same browser with all of the mechanisms used for fingerprinting being either disabled or giving the same results on all installations; everyone has the same fingerprint.
What about a WebKit based browser?
"Orion comes with state-of-the-art ad and tracker blocking enabled by default, unlike any other browser in existence... Beyond blocking all ads and trackers by default, Orion is also a zero telemetry browser. It protects you from websites on the web, and the browser itself never leaks your private information anywhere."
Your personal preference does not prove this website is engaging in shady deals, as the person you’re agreeing with claims.
> It does the best job of respecting the user out of any available option.
Maybe. That too is debatable. Mozilla’s track record with Firefox and privacy has been less than stellar as time goes by.
https://www.privacyguides.org/articles/2024/07/14/mozilla-di...
I see this mindset a lot with privacy, and I think a lot of it is apathy or more that people have been run down. I'm at the tail end of a CS PhD and I even have a hard time convincing people in my program to communicate with me over Signal vs text. Common answers being "they have my data anyways" and people buying into a whole ecosystem. But truth is, fragmenting your data is an important part to data privacy. You minimize what you can, and what you leak you try to distribute. Information's power is in its aggregation, so you make it harder to aggregate.
I think it is the same as with security. There's no real perfect security[1], and realistically security is more about putting up speed bumps than impenetrable doors. Just sometimes your speed bump is so large that you got to build a car that couldn't fit on the road if you want to make it over (you can always brute force a password). The goal is to make it too expensive, too time consuming, or too costly to use that route or maybe even to attempt an attack in the first place. The same is true for privacy. Make them pay more for that data. Make it harder to aggregate. Make your data as noisy or indistinguishable from noise as possible (small footprints are better than extra footprints). Because this isn't a zero-sum game instantaneous game, this is a constant battle and it is always cat and mouse.
But I do think we as the programmers, the developers, the makers, should also have a serious talk about the consequences of surveillance capitalism. With any engineering, it is always easy to get caught up in the upsides and downplay the downsides. The path to hell is paved with good intentions, not malice[2]. Every engineer has to have a code of ethics, surely Ethan Zuckerman didn't foresee the hell he created, and had good intentions. While we don't build bridges that can collapse (actually... we do) there can be no doubt that information can be weaponized. It seems no matter what your politics are that this is recognizable and in conversation. And I think these conversations can still be had in an apolitical setting (which I hope we will do here, but I understand the pull towards that direction[3]). I do encourage apolitical discussions because these can be had within the workplace and can be had without starting fights. I do believe that many people will often find themselves on the same side when had conversations not initiated this way they would not have. At the end of the day, it requires a community to make these changes and even if we disagree on some things that doesn't prevent us from working together towards common goals.
[0] Godel was said to have been inspired by the paradox "this statement is false" but that's probably folklore. "Indeterminate" here is equivalent to "this statement cannot be proved"
[1] Okay, I know, but if you know then you know what I mean here
[2] I think it is important to recognize that evil is often created when good men are trying their best. So be careful when making attributions, because evil is sly and subtle. If it weren't, we'd have purged it long ago.
[3] I believe that the discussion around "Turnkey Tyranny" often helps with keeping things apolitical. Because one needs not say that any one party is or will become tyrannical, but we can remain abstract in a future scenario and consider the risk-reward calculus (I'm sure more relevant than ever).