Browsers Which Protect Your Privacy?

valkraider asks: "Browsers are getting better at protecting user's privacy. Mozilla has pretty good cookie preferences. Many browsers like OmniWeb for Mac OS X will block images from sites based on wildcard expressions (like *ad*). Most browsers have settings to delete cookies and cache and such at the end of each session. Even IE for windows (not Mac) will allow you to 'import' a privacy file and control many things pretty tightly. Currently on PCs I use Mozilla with no disk cache, no persistent cookies, no third party images,and many blocked image sites. I can do almost the same with Chimera on Mac OS X. What are people's favorite browsers for protecting your privacy?" Which browsers provide the best balance between functionality and privacy? What privacy features would you like to see, that are missing from those currently available?"

Treating Flash like images

[mrblah]

So many sites are using flash now instead of normal images that the image blocking, while very nice, is becoming less useful. It'd be nice to be able to enforce the same controls on flash content (and other forms of content delivery) as normal images.

I use...

[doofsmack]

Opera and proxomitron. It allows me to filter out flash like everyone's complaining about, and you can set rules for just about everything sent and recieved. Very nice.

iCab

[singularity]

iCab, available only for the Mac, is one of the best browsers I have seen as far as privacy goes.

It can filter images based on the server, link, size, or anything else.
It can filter cookies based on the server, duration, or anything else.
it can filter JavaScript (InScript) based on server, action, or anything else.

One of the best features: You can set it to only use "Referer" from within the same domain. So if I link to a Sony.com page from Slashdot, Sony has no idea how I got to the page. But Sony can track how I navigate their site (You can also set iCab to never send referer:)

There are more features than I could ever list here. Suffice to say it is very powerful and very configurable. Anyone using MacOS deserves to look at it.

it is still missing a few things, and it is compliant to a fault at times (with regards to page layout), but I use it for 99.5% of my browsing without and problems.

A filtering proxy ususally beats inbuilt features

[SteWhite]

I use Privoxy (get if from SourceForge).

It's a filtering HTTP proxy, incredibly configurable, and of course browser and platform independant. The "out of the box" config also does a really good job (IMHO) of filtering without being too intrusive.

Features include:

Filtering images, flash and java applets

Cookie management including transforming permanent cookies to session based cookies.

Pop-up window killing

Filtering of any URL pattern with regular expressions

.... plus much more. Really, to much to list. Try it.

Re:Cookies

[valkraider]

You can save this as an XML file, and then import it into IE6's privacy settings.

<MSIEPrivacy>
<MSIEPrivacySetting s formatVersion="6">
<p3pCookiePolicy zone="internet">
<firstParty noPolicyDefault="forceSession" noRuleDefault="forceSession" alwaysAllowSession="no">
</firstParty>
<thirdPar ty noPolicyDefault="reject" noRuleDefault="reject" alwaysAllowSession="no">
</thirdParty>
</p3pCook iePolicy>
<flushCookies/>
</MSIEPrivacySettings>
</MSIEPrivacy>

*NOTE* The submit process is adding some spaces..
Line 2: remove space in MSIEPrivacySettings
Line 6: remove space in thirdParty
Line 8: remove space in p3pCookiePolicy

These custom settings force ALL cookies to session lifetime, and does not allow 3rd party cookies. It will flush all your existing cookies when you import it. (you can remove the flush cookies element to not flush them on import).

The Browser's not the solution

[orthogonal]

Use a proxy to filter out what you don't want. Use the browser to render the pages.

The proxy'll work with any browser that allows you to set a proxy, so that you can set up a rule set that doesn't change when/if you change browsers (i.e., in cases where the site only supports, e.g., IE).

More importantly, the proxy (if it supports regexed grepping) can be set up to remove or alter any arbitrary HTML -- something most browsers aren't set up to do. And it provides a additional layer of defense when the browser is buggy (see the earlier /. story today on IE's 'ability' to run arbitray code from a supposedly 'local' page).

I use Proxomitron under Windows. It does arbitray regex, so I can remove ads, flash, abitrary javascript, etc. I can also add or change elements (showing hidden fields is useful in debugging). And I suspect I'll be able to come up with a filter for the IE bug I mentioned above.

A question.

[leastsquares]

Maybe I am being naive, but...

How is the process of blocking Ads protecting my privacy?

Re:A question.

[Zaffle]

Maybe I am being naive, but...

How is the process of blocking Ads protecting my privacy?

Advertising companies (especially DoubleClick) serve up ads for a lot of websites, they also note down what sites you goto, and build up a profile. (Note: this can be stopped using DoubleClicks opt-out feature, however not all advertising sites have this option, and then, they are all opt-out, not opt-in)

This might not seem like such a bad thing, (eg hey, now I'm only getting ads for games and linux stuff, not tampons and other crap (appoligies to woman and everyone else I offended with that remark)), however they also try their hardest to link this profile with your real name, address, etc.

This all comes back to a case awhile ago, where a woman sued a supermarket because she slipped on a large patch of water in one of the aisles. The supermarket then, using her "discount" card, produced logs in court showing she would regularly purchase large ammounts of alcohol.

In the end, do you really want companies you don't know, knowing a lot about what you do on the web, and where you go?

True, your ISP knows almost everything (if they bother), unless you use FreeNet or something, and Visa/Mastercard/Amex know a lot about your spending habits, but just how much are you willing to put up with?