avatar-kunal.jpg

Digital Security Training Intern

Last updated


As the coronavirus pandemic continues to upend society, more and more of our daily lives are moving online. An ever increasing amount of traffic flows through our devices, turning web browsers from our primary gateway to the web into our primary gateway to the rest of the world.

Even browsers haven’t been immune to COVID-19. In April, browser vendors were forced to delay plans to deprecate insecure protocols after realizing it could prevent users from accessing critical health and government websites.

We last examined web browsers in July 2019, after Google made headlines for its controversial plans to change how extensions, especially ad blockers, will work in Chrome.

As it has begun rolling out those changes to Chrome Canary users with a plan to enable it for all users before the end of 2020, it’s a good time to look at what features browsers have to protect your privacy and security online — maybe even re-evaluating your browser of choice.

The browser you use has a real impact on your safety online: alongside advertisers tracking your online activity, there are also adversaries who may try to exploit bugs in your browser in order to compromise your entire system (regardless of which browser you do choose, it’s always important to ensure you have the latest update).

There are quite a few different options across various operating systems and devices, so it can be difficult to determine which one is right for you. We’re looking for browsers that provide good network security, protect your privacy, and maintain the user experience you expect.

Tor Browser

Platforms: Windows, Mac, Linux, Android

Maintainer: Tor Project

Download

Tor Browser is the best option when it comes to safeguarding your privacy. This hardened version of Firefox is designed to protect user privacy by reducing the amount of unique bits specific to your browsing experience. By limiting the amount of browsing data you share with third parties, Tor Browser effectively prevents trackers from uniquely identifying or fingerprinting you.

Websites and the ads embedded in them use trackers to try and collect as much information as possible about your browser, such as installed fonts, screen size, operating system and version, or plugins, to identify you across multiple websites. This technique is known as “fingerprinting.” Instead of maintaining a list of trackers to block, Tor Browser aims to disguise the unique information about you, for example by using a common set of fonts, using a standard window size, faking platform information, and using a consistent set of plugins. While trackers can figure out that you are using Tor Browser, you’ll appear the same as any other Tor Browser user.

All network traffic runs through the Tor network, an anonymity network designed to conceal your location and IP address. Requests to websites that support HTTPS are automatically converted to use the more secure protocol. One caveat: Depending upon its popularity in your region (the Tor usage by country statistics can help you get an estimate), Tor users may actually draw attention upon themselves in regions with low Tor usage.

Screenshot of a Tor Browser circuit, showing its connection to freedom.press through multiple random servers around the world — in this case, a server in Germany, Hong Kong, and France, before the connection exits to freedom.press.

Each tab you open on the Tor Browser creates a new circuit, routing your requests to multiple servers throughout the world.

On top of that, Tor Browser allows users to strengthen its security by toggling through progressively robust security settings. Users with the highest security settings enabled be warned — you may have to contend with decreased functionality on some websites you visit, especially those that rely heavily on JavaScript. Tor Browser also “sandboxes” requests, isolating processes within the browser to mitigate the impact of vulnerabilities. However, this isn’t available on all platforms yet.

Screenshot of Tor Browser's three "security levels: Standard, Safer, and Safest. Standard enables all features in the browser; Safer disables some website features; Safest disables many website features, including JavaScript on all websites.

The three levels of security settings offer users the choice to toggle between different browser experiences.

Each separate website you visit is isolated from others, so tracking cookies cannot follow you as you browse, limiting advertisers’ ability to build a profile on you. These “third-party” cookies are set when a website operator uses an external service to provide extra functionality, usually ads or analytics.

These privacy-enhancing features come at a cost though. Tor Browser won’t keep you logged in to websites or store history between sessions, and discourages customization of the browser. You’re more likely to hit CAPTCHAs, and popular streaming services like Netflix won’t work. Interactive features that websites utilize may be disabled to prevent them from revealing too much user information.

A side-by-side view of a version of youtube.com with all features enabled, versus the "safest" version, which appears blank.

Tor Browser on the “Standard” security level (left), and on the “Safest” security level (right).

All told, Tor Browser is an incredibly useful tool for risky research, private communication, and censorship circumvention that should be part of your toolkit, but is unlikely to be an appropriate tool to use as your daily driver.

Firefox

Platforms: Windows, Mac, Linux, Android, iOS

Maintainer: Mozilla

Download

Firefox provides a straightforward user experience, and takes steps to protect users’ privacy by blocking known trackers. This approach, while not as strong as Tor Browser’s anti-fingerprinting measures, is significantly better than nothing. And over time, privacy-enhancing features from Tor Browser are making their way into standard Firefox.

A screenshot of Firefox's content blocking settings, including standard, strict, and custom. The user is currently selecting "standard," which only blocks trackers in private windows and third party cookies. Strict settings would block all trackers.

Firefox features strong privacy enhancements to your browsing experience in its "Standard" settings.

For stronger privacy and security, users may need to install a few additional browser add-ons. For example, users may consider installing the Electronic Frontier Foundation’s HTTP Everywhere addon that upgrades requests to use HTTPS if the site supports it. Users may also want to install uBlock Origin and Privacy Badger, other ad/tracker blockers with access to even more tracker block lists.

Screenshot of a Firefox notification alerting users that their DNS lookups will be encrypted.

Firefox will prompt users to encrypt domain name lookups using the DNS-over-HTTPS protocol.

Recently, Firefox started rolling out a new security feature called DNS-over-HTTPS. Much like a phone book lists a person’s name and phone number, we depend on a routing system called DNS, which is responsible for translating domain names (e.g., https://freedom.press) to server IP addresses (e.g., 104.22.23.122). DNS connections have traditionally been unencrypted, allowing your Internet service provider to snoop on the websites you visit. DNS-over-HTTPS secures these requests by encrypting them with the commonly used HTTPS protocol. Taking it a step further, Mozilla requires all DNS-over-HTTPS providers contractually agree to delete any user data after 24 hours and not sell or distribute that data, on top of other restrictions.

Firefox features “containers,” which allow you to fully separate different profiles and accounts. If you wanted to log into a website with two different accounts, you could have a container for each account. The containers are fully isolated from each other, so if you visited your bank’s website in one container, and did some shopping in another, none of the tracking information like cookies would be shared between the two.

Even if you aren’t using containers, Firefox will now try to block third-party tracking cookies by default using a predetermined list of trackers.

Firefox also provides an end-to-end encrypted sync feature, that allows sharing bookmarks and history across multiple devices, including between your desktop and phone— without giving that data up to Mozilla or third parties.

In terms of security, Firefox continues to improve its implementation of sandboxing across all platforms and is experimenting with new strategies to make browsing the web safer.

iOS users should look into Firefox Focus, a lightweight browser with a tracker blocker that deletes history once you’re finished browsing.

Brave

Platforms: Windows, Mac, Linux, Android, iOS

Maintainer: Brave Software

Download

Brave provides a hybrid user experience, offering similar measures to Firefox to protect your privacy, while keeping Google’s Chromium security features. By default, it blocks known ad trackers and upgrades requests to HTTPS if possible.

Brave is designed to communicate what measures it takes to protect your privacy, with blank new tabs displaying how many ads and trackers have been blocked.

Screenshot of Brave's tracker blocking dialogue, providing a count of both trackers and ads blocked, as well as a count of HTTPS upgrades, and the amount of estimated time saved through blocking.

Brave offers users real-time metrics on ad and tracker blockers, and usability features.

It also allows further anonymity by opening a private Tor window that routes most network traffic over Tor. While using Tor will likely improve your privacy, the protection offered by Brave is not as fully-featured as the hardening provided by Tor Browser, and could potentially leak information that would have normally been protected by Tor Browser. For example, Tor Browser uses a technique known as letterboxing to prevent trackers from determining your screen size; Brave doesn’t support that yet. On top of that, some requests/protocols may still send requests over your normal network instead of Tor, leaking your real location.

A screenshot of a Brave's private winddow with Tor enabled.

Users can leverage some of Tor's features in a special window in Brave.

Despite being built on top of Chrome’s source code, Brave has announced that it does not plan to adopt Google’s proposed change to how extensions function, leaving room for traditional ad blocking extensions.

Brave also comes with a cryptocurrency experiment, the Basic Attention Token (BAT) that allows users to pay content creators in micropayments, but despite it appearing prominently throughout the browser it is fully optional and can safely be ignored.

Chrome

Platforms: Windows, Mac, Linux, Android, iOS

Maintainer: Google

Download

Chrome has been a pioneer in safeguarding users’ security. It was the first major browser to implement robust sandboxing, a method of reducing or nullifying the impact of security vulnerabilities in browsers, on all platforms.

A screenshot of a webpage within Chrome called "sandbox status," which can be found at chrome://sandbox.

Chrome's "sandboxing" features grant users significant security benefits.

Before using Chrome, you should consider whether Google is part of your threat model, given the fact that the company will be collecting some anonymized data about you as you browse the web, and can tie data to your Google account when logged into Chrome. If you’re already using some Google services like Gmail or Drive, then you may not be concerned with additional data collection.

Given that Google’s largest revenue source is advertisements based on tracking cookies, it’s no surprise that Chrome is lagging behind Firefox and Safari in blocking them. Google has said it plans to block them, but it may be as late as 2022.

Chrome also offers a “profile” feature, which allows you to build multiple profiles to compartmentalize different accounts and browsing activity (similar to Firefox’s containers).

Screenshot of a profile (or "person") switching screen within Chrome, showing two users with different profiles.

Users can easily switch between different "Profiles" on Chrome.

Chrome has taken a different approach than Firefox in rolling out DNS-over-HTTPS, only enabling it if your system’s current DNS provider supports it. This aims to preserve users’ choices of DNS providers (especially those that might provide filtering options) but will leave users unprotected until their ISP or DNS provider begins supporting DNS-over-HTTPS.

Users may want to install extra extensions for stronger network security, including Electronic Frontier Foundation’s HTTPS Everywhere addon that upgrades requests to use HTTPS if the site supports it. Two other extensions to install are uBlock Origin and Privacy Badger, other ad/tracker blockers with access to even more tracker block lists.

Google has begun to roll out its plans to change how tracker blocking extensions work for alpha testers of Chrome. In short, instead of the extension looking at each request and deciding whether to block it or not, the extension will give Chrome a list of things to block so the extension isn’t looking at every request.

Google expects that this will help prevent malicious extensions from stealing your data, but it may also require authors of legitimate extensions to change how they work. Some of the newly proposed limitations are expected to limit the ability of many extensions (e.g., tracker blockers) to perform effectively. Google says that the old, more featureful system for ad blockers will be kept for at least another year, so it’s not cause for immediate panic. But if this extension functionality is important to you, it may be a reason to consider alternative browsers.

Comparison of features

These browsers all provide some similar privacy and security features, but may not be directly comparable. This table is intended to give a high-level comparison of all of the different features discussed above.

Legend:

  • Yes - Enabled by default
  • Available - Included in the browser, but disabled by default
  • Partial - Not fully implemented
  • Needs addon - Functionality is available through a third-party addon/extension
  • No - Not included
Tor Browser Firefox Brave Chrome
Platforms Desktop Yes Yes Yes Yes
Mobile Android only[1] Yes Yes Yes
Network Automatic HTTPS redirection Yes Needs addon Yes Needs addon
DNS-over-HTTPS n/a, relies on Tor exit node to provide DNS Yes for US users, available for others[2] Partial[3] Partial[4]
Tor integration Yes No Partial[5] No
Privacy Anti-fingerprinting measures Yes Available[6] No No
Blocklist for trackers No[7] Available[8] Yes Partial[9]
Tracker blocking via third-party cookies Yes Partial Yes No
Distinct profiles No Needs addon Yes Yes
Security Sandboxing Partial[10] Partial[11] Yes Yes
FIDO2/U2F security keys No Yes Yes Yes
Automatic updates Yes Yes Yes Yes
User experience Bookmarks & history Partial[12] Yes Yes Yes
Desktop/mobile sync No data to sync, n/a Yes Yes Yes
Add-ons/Extensions Not recommended[13] Yes Yes Yes