this post was submitted on 01 Apr 2024
114 points (90.1% liked)

Privacy

31932 readers
970 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I believe that the only two privacy extensions you really need to meet 90% of your privacy goals are uBlock origin + NoScript

uBlock origin is effective because it stops the injection of ads which might contain and inject code. NoScript forces you to look at which scripts you really need for the website to function. Say you visit a trusted site, like your lemmy instance, then you can enable running of javascript by default the next time you visit the site. You'll be surprised how functional some sites are even without javascript. I did not like the idea of browsers having Javascript: it's remote code execution and if there's anything malicious in there and your browser is not patched against it you're fucked. This way yeah it'll be annoying when you first visit a site but it remembers your settings for the next time you visit.

all 45 comments
sorted by: hot top controversial new old
[–] [email protected] 100 points 7 months ago (2 children)

You don't need Noscript anymore uBlock Origin handles everything Noscript handles and much more, and it affords more granular control.

[–] [email protected] 12 points 7 months ago* (last edited 7 months ago)

uBlocks handling is very bad. NoScript was superior. Especially I could only block partial JS after it was loaded in uBlock.

[–] [email protected] 3 points 7 months ago (1 children)

I still use noscript and ublock. How is ublock "everything and more" than noscript? i would love to be corrected by you but far as i know they are very different programs, each with their place

[–] [email protected] 9 points 7 months ago (1 children)

Put ublock in advanced mode https://github.com/gorhill/uBlock/wiki/Advanced-user-features and test if it's enough for you. I use it this way and I'm pretty happy with it

[–] [email protected] 1 points 7 months ago

Thanks, that does unlock new options!

[–] [email protected] 43 points 7 months ago (3 children)

With uBlock Origin you can go Easy Medium and Hard mode https://github.com/gorhill/uBlock/wiki/Blocking-mode and also set your blocking preferences per site.

[–] [email protected] 11 points 7 months ago (1 children)

I've used uBlock Origin for years and never knew about this. Just enabled it. Thanks!

[–] [email protected] 7 points 7 months ago

Note that medium mode is a good compromise and is a lot less painful than hard mode.

[–] [email protected] 9 points 7 months ago

Huh. I stand corrected. You only ever do need uBlock. Thanks

[–] Tramort 2 points 7 months ago

This deserves its own post.

[–] [email protected] 32 points 7 months ago (2 children)

It's crazy just how much of a PITA it is to use the internet when using NoScript

[–] [email protected] 22 points 7 months ago (1 children)

Using Noscript eventually causes me to give up using Noscript, which is probably the one thing I was supposed to avoid...

[–] [email protected] 16 points 7 months ago (1 children)

This was my experience as well, it was just way too inconvenient... Which is the crazy part, because it really shouldn't be.

[–] [email protected] 9 points 7 months ago

That's why uBlock Origin is such a blessing: so many people have already contributed to figuring out what to block on so many websites.

[–] [email protected] 6 points 7 months ago (1 children)

Eh you can go with a blacklist approach and try to selectively block tracking instead of whitelisting everything until a site works.

[–] [email protected] 2 points 7 months ago

But the worst scripts don't even have UI for you to see.

[–] [email protected] 27 points 7 months ago (2 children)

I use both, but a big complaint of noscript is the inability to tell what scripts were blocked. I end up unblocking ***CDN.com or ***static.com and if that doesn't work, check each until it does. Sort of defeats the purpose.

I installed it on my parents computers and trying to teach them how to get necessary function working again is beyond them.

I have instead installed privacy badger since I read it also blocks scripts.

[–] [email protected] 10 points 7 months ago (1 children)

Privacy badger combo'd with ublock has been my go-to for years ❤️

[–] [email protected] 6 points 7 months ago (1 children)

Privacy Badger is pretty useless now.

[–] [email protected] 1 points 7 months ago (1 children)

Why do you keep saying this?

[–] [email protected] 8 points 7 months ago (2 children)

You're right, I should have explained.

Privacy Badger was known to be able to learn what to block but local learning could be used to fingerprint you so it was removed. Nowadays it's only a list based blocker, while the list is still automatically generated on their side through learning it mostly overlap with regular tracking protection list used with uBlock Origin.

They also claim other features but they are either outdated (google outgoing link protection last update is 9 months old and is based on the old url schema) or already covered by uBlock Origin (uBlock Origin can now sanitize urls with the removeparam filter, facebook outgoing link protection is included in the "AdGuard URL Tracking Protection" filter list, for third party widget blocking enable the "EasyList – Social Widgets" list).

It's also in Arkenfox "Don't bother" extension list.

Better use Firefox in strict mode with uBlock Origin.

[–] [email protected] 3 points 7 months ago

Good and actionable info thanks

[–] [email protected] 2 points 7 months ago

Thank you for this.

[–] [email protected] 2 points 7 months ago

Oh this is really cool

[–] [email protected] 20 points 7 months ago

I much prefer uMatrix over NoScript, it is way more intuitive. And even though uMatrix is no longer updated, it still works better than NoScript for me. My Firefox Android has gotten soft-locked by NoScript in regular intervals. Since they enabled uMatrix for Firefox Android again, I have had no such issues.

[–] [email protected] 12 points 7 months ago (1 children)
[–] [email protected] 2 points 7 months ago (1 children)

NoScript is awesome, just learn to use it properly

[–] [email protected] 10 points 7 months ago

Just spend hours pouring over JavaScript for every single website you ever visit. It absolutely won't consume you, or leave you constantly frustrated with broken websites

[–] [email protected] 12 points 7 months ago (4 children)

You can still be tracked with that.

I wouldn't run without Chameleon set to change my borwaser properties every 60 seconds, which makes tracking fingerprinting useless.

[–] [email protected] 7 points 7 months ago

Actually, tracking the extremely unique individual with sometime, nonsensical features is making you hyper-easy to track on websites. Maybe it could be useful per browsing sessions, but every 60 seconds in non-sensical, a compatibility nightmare and defeat even the deception method of faking your browser features.

[–] [email protected] 4 points 7 months ago

In session sanitising seems pretty useless.

[–] [email protected] 1 points 7 months ago (1 children)

I need to learn Chameleon well, I tried it once but it seemed complicated so I gave up

[–] [email protected] 1 points 7 months ago (1 children)

What's hard? After install the only thing I change is the drop down to 60 seconds.

[–] [email protected] 1 points 7 months ago

Did I mistake it for a different app? I use Librewolf with letterboxing, is using Chameleon more secure?

[–] [email protected] 0 points 7 months ago

Sounds dumb.

[–] [email protected] 7 points 7 months ago

You don't need NoScript, unlock can do that too

[–] [email protected] 3 points 7 months ago (2 children)

Maybe shelterJS and Privacy badger

[–] [email protected] 3 points 7 months ago

Privacy Badger is pretty useless now.

[–] [email protected] 2 points 7 months ago

Does shelterjs have a big impact on performance?

[–] [email protected] 0 points 7 months ago* (last edited 7 months ago) (2 children)

~~Adnauseum is also very good, its based on ublock but instead of just blocking ads it will also randomly "click" them to add noise to advertiser data~~

[–] [email protected] 1 points 7 months ago (1 children)

Click fraud is a big thing with a lot of countermeasures, it's not as easy as adnauseum pretends it is. I doubt it does anything.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

Word? I wasnt aware of this, guess i will switch back to ublock

[–] [email protected] 1 points 7 months ago (1 children)

I tried it but it didn't seem effective.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

It is as effective as uBlock with the same settings. The ad-deception "auto-clicking" method shouldn't and doesn't have any results to the end-user as it should just confuse the ads companies themselves. Still looking forward to potential documentation on how effective it may or may not be nowadays.