←back to thread

Hardening Firefox – a checklist for improved browser privacy

(andrewmarder.net)
263 points amarder | 5 comments | 30 Aug 25 11:26 UTC | HN request time: 0.685s | source
Show context
piskov ◴[30 Aug 25 19:09 UTC] No.45077185[source]
After the shit Mozilla pulled with ad/tracking this summer, the first step for improved privacy should be to delete firefox and switch to brave / what have you.
replies(2): >>45077308 #>>45077804 #
1. creesch ◴[30 Aug 25 19:28 UTC] No.45077308[source]
> switch to brave

Fun suggestion to switch to a browser that has a company behind it that has pulled a lot of shady stuff related to ads and tracking. A company where privacy is more marketing than a core value.

Edit: Since people are going to ask anyway, here is an article that covers a lot of the shady stuff brave pulled https://thelibre.news/no-really-dont-use-brave/

If you are one of those folks who don't care about the political arguments, feel free to skip over paragraph one and two. Paragraph three till ten cover actual shady stuff done by brave the company itself.

There is one more thing I can add to the list, though it wasn't as widely published about. At some point the team behind Brave decided to implement browser extension support from scratch and only support specific extensions. Which sounds okay in theory until you realize how they did so. Without involving the extension creator they would fork a version of the extension and bake that into Brave. They did so without informing the extension creator, meanwhile users would still go to the extension creator for support who couldn't fix a thing.

Every time one of these things come up, the Brave team either is irked (but changes it anyway) or goes "oh, yeah we'll remove it in the future". This to me indicates a company culture where there is no thinking ahead about the impact of features or where they simply don't care as long as they aren't called out on it.

This consistent pattern over a period of years has, to me anyway, shown that issues such as privacy or even being user centered are not a core part of their thinking but merely a marketing gimmick.

And to be ahead of the curve on some other things I have heard people say over this. Just that Mozilla sucks doesn't mean alternatives can't be worse.

replies(3): >>45077356 #>>45082004 #>>45086213 #
2. piskov ◴[30 Aug 25 19:34 UTC] No.45077356[source]
Could you actually cite some from Brave’s privacy policy (as firefox has now) to corroborate these claims
replies(1): >>45077400 #
3. creesch ◴[30 Aug 25 19:38 UTC] No.45077400[source]
See my updated comment, that contains all the details you should need. Unfortunately nothing about their privacy policy, I personally feel that actions taken by brave speak louder than whatever they have in their written policy.
4. frm88 ◴[31 Aug 25 10:15 UTC] No.45082004[source]
Thank you for that article. I've considered Nobara 42 for my new PC but it comes with Brave as the only browser capable of VSS and now I'm worried.
5. antonok ◴[31 Aug 25 19:22 UTC] No.45086213[source]
Are you referring to the Manifest V2 extensions supported by Brave? The original extension creators were made fully aware of those plans ahead of time and have been in contact with Brave since then, e.g.:

https://github.com/hackademix/noscript/issues/359 https://github.com/uBlockOrigin/uBlock-issues/discussions/29... https://github.com/brave/brave-browser/issues/41173#issuecom...

I'm not sure how you can interpret forking open source codebases as a "shady" behavior (it's one of the most important reasons to use open source in the first place), but in this case there is a high demand for said extensions and Brave has provided the only way to continue doing so on a Chromium rendering engine.

(I am one of the devs who worked on the spec for this feature)