A Browser is what we use to access the Internet i.e. the World. The technology has advanced to a level that we can mostly access/use everything from our palms. Out of all the software/applications the mostly helpful and useful one is a Browser.

In this post I would like to share my browser configuration and the extensions that I use to make my life a little secure, private and easier.

The two devices that I mostly use are:

  1. Laptop
  1. Android Device

My Laptop Browser Configuration:

Details:

Note

As I use Brave as my default browser most of the configuration will be according to it.

Browser Settings

Brave out-of-the-box is configured very neatly, for someone with basic needs may not need to tinker anything expect for the startup settings. Brave has an inbuilt adblocker that blocks almost all the third-party ads and trackers in the website. But Brave can be configured a lot to improve both the security and privacy.

  • To access the settings panel use can either type brave://settings in the address bar or use the hamburger section present in the right top to access it.

    hamburger menu

  • All the settings are mostly intuitive. Go through all the settings and enable/disable it as per your choice. The Following are the ones that I have enabled/disabled:

    • Enabled Show autocomplete in address bar (uses some cookies to do so)

      autocomplete

    • Disabled Show top sites in autocomplete suggestions and Show Brave suggested sites in autocomplete suggestions (prevents the issue of brave referrals)

      suggested

    • Shields section

      • The Shields is activated by default. The default is set to Simple view, select the Advanced view to get more information shown in the bar.

        shields

      • Block cross-site trackers - Blocks advertisements and trackers that are in the sites.

      • Upgrade connections to HTTPS - It uses HTTPS Everywhere’s rule set to achieve this.

      • Block Scripts - Javascript in a website will be blocked (some websites may not work as intended). The default is set to be disabled as most of the websites use Javascript and so do the trackers/ads (I intend to block it).

      • Cookies - It is set to accept only the 1st party ones (the website the user is in), blocking all the other 3rd party cookies. It can be set to Block all to improve privacy, but sometimes comfortability takes the choice.

      • Fingerprinting - Set to Block all Fingerprinting. Enabling this will improve our privacy a lot. More on Fingerprinting Protection.

      Even without the use of cookies, some websites can identify the way your browser and device differ from others in order to recognize you based on your unique combination of these traits. This approach is called “Fingerprinting” (sometimes referred to as “Device Recognition”).

      • For Further reading, read the article by Brave.

    • Social media blocking

      • As the section header says it blocks/removes all the tracking and embedded links in a sites that are related to the specified websites.

        Social Media Blocking

    • Search Engine

      • This section lets you select the default search engine. If not initially changed at the startup of the browser.

      • To add a url of choice add /search?q=%s at the end of the url.

      • For Example, I use Whoole Search a self-hosted search engine runs at localhost:8888.

      • To make it as my default search engine, Click the Add option in the Manage search engines section and add localhost:8888/search?q=%s.

    • Extensions Section

      • Not the extensions but the extensions section in the settings.

        extensions

      • Web3 provider for using Dapps and Load Crypto Wallets on startup are for Crypto and struff.

      • Brave supports an amazing feature TOR. It can be used from the hamburger section in the toolbar.

      • WebTorrent lets you torrent directly in the browser.

      • Enabled Widevine for streaming services.

    • Brave has an option that checks for data breaches, bad extensions and more called Safety Check.

    • Enabled Do Not Track, which sends a “Do Not Track” request with your browsing traffic.

    • Enabled Use hardware acceleration when available for good performances.

Extensions

uBlock Origin

An efficient blocker add-on for various browsers. Fast, potent, and lean.

uMatrix

Point and click matrix to filter net requests according to source, destination and type

  • Links:

  • My Configuration

    • Same as uBlock, uMatrix also blocks ads and trackers in the website but with more functionality and controllability. I have disabled all the 3rd-party and 1st-party in uMatrix.

      uMatrix

    • And most of other settings are set to default.

    • For more usage refer its Wiki. There are lot of features to tinker with.

uBlock Origin Extra

A companion extension to uBlock Origin: to gain ability to foil early anti-user mechanisms working around content blockers or even a browser privacy settings.

The extension is useful only for Chromium-based browsers. There is no need for such an extension so far on Firefox, and thus there is no version for Firefox.

Bypass Paywalls

Bypass Paywalls is a web browser extension to help bypass paywalls for selected sites.

  • Lists:

    • Source Code

    • Chrome:

      • Download this repo as a ZIP file from GitHub.

      • Unzip the file and you should have a folder named bypass-paywalls-chrome-master.

      • In Chrome go to the extensions page.

      • Enable Developer Mode.

      • Drag the bypass-paywalls-chrome-master folder anywhere on the page to import it (do not delete the folder afterwards).

    • Firefox:

  • Lists of sites that can be bypassed - Websites

Random User-Agent

Automatically replaces the User-Agent after a specified time interval

Warning

Depending on your threat model, faking your user agent might make you more fingerprintable, not less. There are ways other than User-Agent sniffing to determine what browser you’re using, so malicious sites could learn what browser you’re really using through other means and then combine that with your randomly changing User-Agent to pretty effectively track you.

Tampermonkey

Tampermonkey is the most popular userscript manager for Google Chrome.

Privacy Badger

Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to block, Privacy Badger learns by watching which domains appear to be tracking you as you browse the Web.

Privacy Badger sends the Do Not Track signal with your browsing. If trackers ignore your wishes, your Badger will learn to block them. Privacy Badger starts blocking once it sees the same tracker on three different websites.

Besides automatic tracker blocking, Privacy Badger removes outgoing link click tracking on Facebook and Google, with more privacy protections on the way.

Font Fingerprint Defender

Font Fingerprint Defender is a multi-browser addon that let you easily hide your real font fingerprint by reporting a random fake value. According to many tech blogs, completely blocking the fingerprint is not a good idea, therefore reporting a fake value could be the best solution to better protect your privacy. This addon simply adds a small noise to the actual fingerprint and renews it every time you visit a website or reload a page.

  • Links:

  • AudioContext Fingerprint Defender

    AudioContext Fingerprint Defender is a multi-browser addon that let you easily hide your real audiocontext fingerprint by reporting a random fake value. This addon does not block audiocontext or any other web audio API methods. It simply adds a small noise to the actual fingerprint and renews it every time you visit a website or reload a page.

WebGL Fingerprint Defender

WebGL Fingerprint Defender is a multi-browser add-on that let you easily hide your real WebGL fingerprint by reporting a random fake value. According to many tech blogs, completely blocking WebGL API is not a good idea, therefore reporting a fake fingerprint could be the best solution to better protect your privacy. This addon simply adds a small noise to the actual fingerprint and renews it every time you visit a website or reload a page.

Change Geolocation(Location Guard)

Change Geolocation (Location Guard) is a multi-browser addon that let you easily change your geographic location to a desired value. Simply open addon options page and set latitude and longitude for where you want the geolocation to be. Next, reload a page and check your location.

Universal Bypass

Don’t waste your time with compliance. Universal Bypass automatically skips annoying link shorteners.

Behave!

A (Still in Development) monitoring browser extension for pages acting as bad boys.

CSS Exfil Protection

Guard against CSS data exfiltration attacks.

Guard your browser against CSS Exfil attacks!

CSS Exfil is a method attackers can use to steal data from web pages using Cascading Style Sheets (CSS). This plugin sanitizes and blocks any CSS rules which may be designed to steal data.

h264ify

h264ify is a Chrome/Firefox extension that makes YouTube stream H.264 videos instead of VP8/VP9 videos.

The Great Suspender

“The Great Suspender” is a free and open-source Google Chrome extension for people who find that chrome is consuming too much system resource or suffer from frequent chrome crashing. Once installed and enabled, this extension will automatically suspend tabs that have not been used for a while, freeing up memory and cpu that the tab was consuming.

SponsorBlock

SponsorBlock is an extension that will skip over sponsored segments of YouTube videos. SponsorBlock is a crowdsourced browser extension that lets anyone submit the start and end times of sponsored segments of YouTube videos. Once one person submits this information, everyone else with this extension will skip right over the sponsored segment.

Redirector

Redirector is a browser add-on for Firefox, Chrome and Opera. The add-on lets you create redirects for specific webpages, e.g. always redirect http://bing.com to http://google.com. It was originally done by request for someone on the Mozillazine forums. The redirect patterns can be specified using regular expressions or simple wildcards and the resulting url can use substitutions based on captures from the original url.

Flags

  • I have enabled many flags to improve my performance, privacy and security. The flags are only experimental features so be careful and enable/disable under your own risk.

  • To edit the flags, go to brave://flags

Enabled Flags

  • #enable-webrtc-hide-local-ips-with-mdns - Conceal local IP addresses with mDNS hostnames.

  • #enable-vulkan - Use vulkan as the graphics backend.

  • #cookies-without-same-site-must-be-secure - If enabled, cookies without SameSite restrictions must also be Secure. If a cookie without SameSite restrictions is set without the Secure attribute, it will be rejected. This flag only has an effect if “SameSite by default cookies” is also enabled.

  • #improved-cookie-controls - mproved UI in Incognito mode for third-party cookie blocking. – Mac, Windows, Linux, Chrome OS, Android

  • #improved-cookie-controls-for-third-party-cookie-blocking - Enables an improved UI for existing third-party cookie blocking users.

  • #enable-heavy-ad-intervention - Heavy Ad Intervention Unloads ads that use too many device resources.

  • #reduced-referrer-granularity - If a page hasn’t set an explicit referrer policy, setting this flag will reduce the amount of information in the ‘referer’ header for cross-origin requests.

  • #treat-unsafe-downloads-as-active-content - Disallows downloads of unsafe files (files that can potentially execute code), where the final download origin or any origin in the redirect chain is insecure if the originating page is secure

  • #enable-removing-all-third-party-cookies - Enables UI on chrome://settings/siteData to remove all third-party cookies and site data.

  • #prefetch-privacy-changes - Prefetch requests will not follow redirects, not send a Referer header, not send credentials for cross-origin requests, and do not pass through service workers.

  • #turn-off-streaming-media-caching - Reduces disk activity during media playback, which can result in power savings.

  • #audio-worklet-realtime-thread - Run Audio Worklet operation on a realtime priority thread for better audio stream stability.

  • #enable-parallel-downloading - Enable parallel downloading to accelerate download speed.

  • #privacy-settings-redesign - Redesign of the privacy settings card to make it more prominent and and easier to use.

  • #show-legacy-tls-warnings - Show security warnings for sites that use legacy TLS versions (TLS 1.0 and TLS 1.1), which are deprecated and will be removed in the future.

  • #tab-groups - Allows users to organize tabs into visually distinct groups, e.g. to separate tabs associated with different tasks.

  • #tab-groups-collapse (if #tab-groups is enabled) - Allows a tab group to be collapsible and expandable, if tab groups are enabled. – Mac, Windows, Linux, Chrome OS

  • #enable-noscript-previews - Enable disabling JavaScript on some pages on slow networks.

  • #freeze-user-agent - Set the User-Agent request header to a static string that conforms to the current User-Agent string format but only reveals desktop vs Android and if the ‘mobile’ flag is set.

Disabled Flags

  • #allow-popups-during-page-unload - When the flag is set to enabled, pages are allowed to show popups while they are being unloaded.

  • #enable-generic-sensor-extra-classes - Enables an extra set of sensor classes based on Generic Sensor API, which expose previously unavailable platform features, i.e. AmbientLightSensor and Magnetometer interfaces.

  • #tab-hover-cards - Enables a popup containing tab information to be visible when hovering over a tab. This will replace tooltips for tabs

  • #enable-user-data-snapshot - Enables taking snapshots of the user data directory after a Chrome update and restoring them after a version rollback

  • #enable-text-fragment-anchor - Enables scrolling to text specified in URL’s fragment.

  • #happiness-tracking-surveys-for-desktop-demo - Enable showing Happiness Tracking Surveys Demo to users on Desktop.

  • #happiness-tracking-surveys-for-desktop - Enable showing Happiness Tracking Surveys to users on Desktop.

  • #raw-clipboard - Allows raw / unsanitized clipboard content to be read and written.

My Android Device Browser Configuration

Details:

Most of all the settings are set to default.

AdBlocking and AdFiltering

I use AdGuard for filtering, blocking the advertisements and trackers. It has many features including a Firewall and HTTPS Filtering.

Flags

Enabled Flags

  • #context-menu-copy-image - Enable copying image to system clipboard via context menu.

  • #smooth-scrolling - Animate smoothly when scrolling page content.

  • #enable-vulkan - Use vulkan as the graphics backend.

  • #tls13-hardening-for-local-anchors - This option enables the TLS 1.3 downgrade hardening mechanism for connections authenticated by local trust anchors. This improves security for connections to TLS-1.3-capable servers while remaining compatible with older servers. Firewalls and proxies that do not function when this is enabled do not implement TLS 1.2 correctly or securely and must be updated.

  • #enable-autofill-credit-card-ablation-experiment - If enabled, credit card autofill suggestions will not display.

Disabled Flags

  • #enable-games-hub - Enables viewing and usage of the Games Hub.

  • #media-history Enables Media History which records data around media playbacks on websites.

Some flags are set by default to improve the user’s experience.

Conclusion

This is my current configuration. I will be updating it, as learn to tweak it more. If you have any suggestions (or) would like to talk about your stuff (or) to just hang out and chat join our Discord Server.