I believe that the only two privacy extensions you really need to meet 90% of your privacy goals are uBlock origin + NoScript
uBlock origin is effective because it stops the injection of ads which might contain and inject code. NoScript forces you to look at which scripts you really need for the website to function. Say you visit a trusted site, like your lemmy instance, then you can enable running of javascript by default the next time you visit the site. You’ll be surprised how functional some sites are even without javascript. I did not like the idea of browsers having Javascript: it’s remote code execution and if there’s anything malicious in there and your browser is not patched against it you’re fucked. This way yeah it’ll be annoying when you first visit a site but it remembers your settings for the next time you visit.
You don’t need Noscript anymore uBlock Origin handles everything Noscript handles and much more, and it affords more granular control.
uBlocks handling is very bad. NoScript was superior. Especially I could only block partial JS after it was loaded in uBlock.
I still use noscript and ublock. How is ublock “everything and more” than noscript? i would love to be corrected by you but far as i know they are very different programs, each with their place
Put ublock in advanced mode https://github.com/gorhill/uBlock/wiki/Advanced-user-features and test if it’s enough for you. I use it this way and I’m pretty happy with it
Thanks, that does unlock new options!
With uBlock Origin you can go Easy Medium and Hard mode https://github.com/gorhill/uBlock/wiki/Blocking-mode and also set your blocking preferences per site.
I’ve used uBlock Origin for years and never knew about this. Just enabled it. Thanks!
Note that medium mode is a good compromise and is a lot less painful than hard mode.
Huh. I stand corrected. You only ever do need uBlock. Thanks
This deserves its own post.
It’s crazy just how much of a PITA it is to use the internet when using NoScript
Using Noscript eventually causes me to give up using Noscript, which is probably the one thing I was supposed to avoid…
This was my experience as well, it was just way too inconvenient… Which is the crazy part, because it really shouldn’t be.
That’s why uBlock Origin is such a blessing: so many people have already contributed to figuring out what to block on so many websites.
Eh you can go with a blacklist approach and try to selectively block tracking instead of whitelisting everything until a site works.
But the worst scripts don’t even have UI for you to see.
I use both, but a big complaint of noscript is the inability to tell what scripts were blocked. I end up unblocking ***CDN.com or ***static.com and if that doesn’t work, check each until it does. Sort of defeats the purpose.
I installed it on my parents computers and trying to teach them how to get necessary function working again is beyond them.
I have instead installed privacy badger since I read it also blocks scripts.
Privacy badger combo’d with ublock has been my go-to for years ❤️
Privacy Badger is pretty useless now.
Why do you keep saying this?
You’re right, I should have explained.
Privacy Badger was known to be able to learn what to block but local learning could be used to fingerprint you so it was removed. Nowadays it’s only a list based blocker, while the list is still automatically generated on their side through learning it mostly overlap with regular tracking protection list used with uBlock Origin.
They also claim other features but they are either outdated (google outgoing link protection last update is 9 months old and is based on the old url schema) or already covered by uBlock Origin (uBlock Origin can now sanitize urls with the
removeparam
filter, facebook outgoing link protection is included in the “AdGuard URL Tracking Protection” filter list, for third party widget blocking enable the “EasyList – Social Widgets” list).It’s also in Arkenfox “Don’t bother” extension list.
Better use Firefox in strict mode with uBlock Origin.
Good and actionable info thanks
Thank you for this.
Oh this is really cool
I much prefer uMatrix over NoScript, it is way more intuitive. And even though uMatrix is no longer updated, it still works better than NoScript for me. My Firefox Android has gotten soft-locked by NoScript in regular intervals. Since they enabled uMatrix for Firefox Android again, I have had no such issues.
Just say no to noscript.
NoScript is awesome, just learn to use it properly
Just spend hours pouring over JavaScript for every single website you ever visit. It absolutely won’t consume you, or leave you constantly frustrated with broken websites
You can still be tracked with that.
I wouldn’t run without Chameleon set to change my borwaser properties every 60 seconds, which makes tracking fingerprinting useless.
Actually, tracking the extremely unique individual with sometime, nonsensical features is making you hyper-easy to track on websites. Maybe it could be useful per browsing sessions, but every 60 seconds in non-sensical, a compatibility nightmare and defeat even the deception method of faking your browser features.
In session sanitising seems pretty useless.
I need to learn Chameleon well, I tried it once but it seemed complicated so I gave up
What’s hard? After install the only thing I change is the drop down to 60 seconds.
Did I mistake it for a different app? I use Librewolf with letterboxing, is using Chameleon more secure?
Sounds dumb.
You don’t need NoScript, unlock can do that too
deleted by creator
Maybe shelterJS and Privacy badger
Privacy Badger is pretty useless now.
Does shelterjs have a big impact on performance?
Adnauseum is also very good, its based on ublock but instead of just blocking ads it will also randomly “click” them to add noise to advertiser dataClick fraud is a big thing with a lot of countermeasures, it’s not as easy as adnauseum pretends it is. I doubt it does anything.
Word? I wasnt aware of this, guess i will switch back to ublock
I tried it but it didn’t seem effective.
It is as effective as uBlock with the same settings. The ad-deception “auto-clicking” method shouldn’t and doesn’t have any results to the end-user as it should just confuse the ads companies themselves. Still looking forward to potential documentation on how effective it may or may not be nowadays.