"What is the recommended cocktail of extensions to use these days for optimal privacy?"

It's crazy what we need to do just to surf the web without worrying about being profiled and manipulated. Here's what I do (Firefox, DuckDuckGo, Mullvad and uBlock Origin)

@blueberry i wouldn't recommend using all these extensions... seems over the top to me personally and could lead to bigger issues

@markosaric after adjusting a couple settings, I actually see almost no issues with most sites. Which do you feel is over the top?

@blueberry i just had a quick look but feels like many duplicates. some features firefox supports by default (clearing history, cookies...) and some you can already do with ublock origin (such as remove facebook ads or specific elements)

in general i think more extensions more unique you are so i try to keep it as simple as possible personally

@markosaric if you read some of the comments, you can see why I use the clear history,cookie, etc. extensions (mostly bc it’s customizable)

uBO does not work well to block ads in Facebook because it does not support wildcards. Even if you find something that works, it’ll often break within a couple days/weeks

Even if you don’t use any extensions, I guarantee you will be unique on any test you try. Try a new profile of Firefox and see for yourself. This is a pretty common misconception

@markosaric It really is crazy. My setup is a bit different (I don't, for example, use a VPN full time for a number of reasons) but it's just as complex. Hell, in reality my whole tech stack was built out of a concern for privacy and it's kinda ridiculous.

@chris very true. the worst part is that people like us can "defend" ourselves but we're the exception. most people will never do anything like this, most will never even install an adblocker. so this approach is not really a solution for the problem

@markosaric I couldn't agree more (it's all been the source of many rants for me lately, lol)

@markosaric Firefox starts uploading enormous ammounts of metadata from the moment you open it. In contrary to what Mozilla claims, it's not build for privacy. You can install Ghostery for more privacy but it's never a 100%.

@Ruben Brave is better and more private by default but doing few tweaks such as those I do makes Firefox great too. i don't see other options other than these two really

@Ruben yes. i assumed you use it if you don't like firefox. i don't know any other valid alternative for privacy

@Ruben on linux yes. i've run it on debian and fedora. so i assume it's possible on opensuse too... see

@markosaric Thnks for the update. I'm gonna take a look at it.

@markosaric I see it is Google owned (Chromium under the hood). So much for the privacy. It's also connected to all kinds of Bitcoin shit. It is fast though. But privacy? No!

I wrote a relatively simple bash script for my routing/firewalling machine. It pulls some hosts-files from various online sources which are basically listings of known bad URLs and resolve them to
These files are read by the DNS server on the same machine.

Of course it takes a few more steps to catch everything, but this is a good basis to avoid most of the ad/spy/tracking/malware as I can see in the DNS's logfiles. and others are using similar principles.

@fredl99 interesting. what's the benefit of this compared to a simple blocklist in say ublock origin? i've tried host files in the past but they're difficult to deal with if they block something you don't want to be blocked etc etc

Had to lookup ublock first :)
I read it's an extension, so has to be installed on every device and only works with a browser. Right?

My approach is a centralized service which answers requests from all local devices, regardless of the application.

Manual intervention takes a bit of effort, but is usually not necessary. If I insist to get to a blacklisted URL then I request the IP from an outside nameserver and enter it to the hosts-file of my machine, which is read prior (...)


- ClearURLs (remove UTM things etc.)
- Decentraleyes (disable CDN, local injection)
- FoxyProxy (easy proxy)
- HTTPS Everywhere (self explaining)
- KeePassXC-Browser (password manager)
- uBlock Origin (ad blocker)
- uMatrix (web firewall)
- Privacy Badger (blocks tracker)

that's about it

@duponin you saw that privacy badger is now just a blocklist based? seems like no reason to run it if you already have ublock origin

@markosaric since using uMatrix together with uBlock I feel safer, but 50% of websites appear almost empty until I selectively enable things in uMatrix. It however shows me how much external dependencies today's web sites have and which websites are tracking.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.