I think it depends on your personal threat-profile.
If you want to avoid mass surveillance then there are steps you can take to reduce the risk. If you are specifically targeted by a government or corporation then it is much more difficult (see Snowden, McAfee, etc.).
For regular folks, relative privacy is probably possible.
But each layer of privacy creates headaches in other areas.
For maximum privacy use TOR browser, preferably within a secure environment like Qubes OS or Tails. You can also just use TOR from any linux os for a major privacy boost. But take care to read and understand the limitations of TOR (and Tails with TOR). You will also want to set the privacy setting on TOR to the maximum setting, not the default.
I like this video about TOR and threat-profiles:
(Actually I like all of Rob Braxman’s videos - always worth a watch)
However, as you crank-up the privacy you crank down the functionality. As you increase the privacy settings on TOR you will find web-sites are less and less functional. Also, some sites block traffic from known tor exit nodes altogether.
The other issue is that using TOR can draw attention to you from the three-letter crowd (no, not Run-DMC). I have heard that there is an automated system to target TOR-users with malware, though I do not know if this is true.
I2P is an alternative to TOR. I don’t have first-hand experience of it so I will not comment beyond saying that TOR is more widely used by those who need privacy. But no harm in doing a bit of research on this yourself - it might suit your needs.
A VPN is useful, but be selective - half of them are probably NSA fronts (haha - I know I am a bit paranoid). It allows you to use more mainstream browsers and websites whilst protecting your data.
Using Firefox with the recommended privacy add-ons / extensions via a trusted VPN is probably a very safe approach for a regular person who is not personally targeted. See:
Do your research before you choose a VPN - deffo choose one that does not keep logs and, preferably is not based in the USA.
I don’t know anything about Opera’s free VPN so I cannot comment on that but I would be cautious - better to pay a few bux and use a product than to get it for free only to find that you are the product!
There is also the issue of hardware. I have grown wary of Intel processors due to the constant stream of vulnerabilities being discovered. For example:
There is also the problem of Intel’s Management Engine (basically a hidden backdoor, though Intel insist it is absolutely, definitely, positively, pinkie-swear no such thing). If exploited it would allow an attacker to by-pass encryption, security, etc., and get their hands on your data). Researchers have recently found a way of switching the ME off (probably put there so spooks can use the stuff without worrying about other spooks!). See:
I think that these hardware issues are more of a problem for people who are targeted on an individual level, but if exploitation of them can be automated then don’t you know they will use them more widely.
Sorry if all this sounds a bit bleak but we live in disturbing times from a surveillance / privacy perspective. I have been advocating that we, the people, take back the tech by creating decentralised networks and services and by supporting those who try to offer privacy-respecting services (Mozilla, Signal, XMPP, etc.).
I think there is still relative privacy to be had for non-targeted individuals if they are careful and thoughtful. But maybe not for very much longer unless we take action.
For me, it’s Firefox. Especially if you use “Firefox Multi-Account Containers” in conjunction with the “Temporary Containers”. While it can be a pain sometimes, when configured correctly, it puts every site in it’s own container so it isn’t possible to share cookies or anything else between sites.
Some other privacy/security add-ons I use:
Personally, I am not fully sold on TOR being a defense against government surveillance, there is too much concerning counter-evidence there. That being said, personally, I am actually less concerned about government surveillance than I am about the invasions of my privacy by private interests.
Back to the topic at hand, I have seen no browser which pays attention to privacy more than Mozilla/Firefox. Is it perfect? No. But I haven’t seen anything better.
Also, it seems inevitable that someone will bring up “Brave”. I would urge anyone who wishes to use that browser for privacy reasons to do some research on the organization, their history with privacy and their background and then make your own conclusions.
I don’t have a Privacy Browser, I have Firefox with the following enhancements:
Set privacy and tracking settings to maximum. Firefox warns against it but I have not broken a page yet.
Added the following extensions: uBlock Origin, Privacy Badger, HTTPS everywhere with blocker turned on, DuckDuckGo Privacy Essentials (I know it overlaps with Badger, but it is practical to have), Decentraleyes, WebRTC Disabler, Facebook Container
Mullvad VPN. It is constantly at the top in reviews, VERY cheap. It is NOT good if you need to pretend to be in another country, because they are not optimized for “transporting” you across the globe. They are optimized for privacy.
I do like Proton VPN. However, be aware that the free version is EXCEEDINGLY limited. Especially with bandwidth…like almost to the point of acting like dial-up (ok, not QUITE that bad) when you’re on it. These limitations are removed even with the lowest tier paid accounts (I’m a proton mail & proton VPN user).
On another note, I PERSONALLY believe uMatrix > uBlock Origin. I like both, don’t get me wrong, but for strong security, uMatrix’s default of block everything and you need to fix it is far more secure default setting, if somewhat harder to use sometimes.
I “picked up” Firefox again today, and well…
Firefox claims, quite vehemently, that Youtube has ZERO TRACKERS. And that’s when it’s being set on Strict privacy. Figuring that can’t be true, I installed Privacy Badger and googleads.g.doubleclick.(notavalidlink) was of course present, as it is in all Google sites.
So did Firefox’s privacy have a bug, or have they started whitelisting Google?
If you don’t get paranoid about the reward system in Brave (which is Opt In) it definitely seems more private than Firefox.
And again, the unfortunate truth is that the Blink engine is just working much better.
The BIG problem with Brave, however is it’s founders political stance, which I won’t discuss here but was what got him fired from Mozilla.
When you got used to the keybindings, it can be a lot of fun. You can even watch videos in your terminal. So surfing the net is a much easier task for the browser.
For those who want to experience the beauty of playing a video in your terminal : mplayer -really-quiet -vo caca $filename
Obviously you have to replace $filename with the actual filename of the video.