These can't prevent all fingerprinting but they can make it less reliable and more difficult and costly for a fingerprint to be relayed back to the mother ship.
Personalized advertising is one of the dumbest ideas of the 21st century. Studies show it is less effective than context sensitive ads and it costs more. Participants in ad auctions are essentially flying blind with little reliable, verifiable insight into the process.
https://chromereleases.googleblog.com/2025/01/stable-channel...
You are still just as vulnerable or more vulnerable to malware stealing browser sessions, passwords, and everything you have on the AppVM the browser is running on than you are on a regular Fedora Workstation. Unless you only use disposable VMs, which you probably don't. If QubesOS had hardened templates, I would use it. When I used it, SELinux was not enforced, and I believe it still has passwordless sudo. Not sure what other mitigations are disabled in the default templates compared to regular, non-QubesOS Fedora Workstation.
This is significantly underestimating the benefits of Qubes. Are you using your online banking in the same browser that you use for random web surfing? I do it in separate VMs with hardware isolation. Same compartmentalization with all other things.
> You are still just as vulnerable or more vulnerable to malware stealing browser sessions, passwords, and everything you have on the AppVM the browser is running on than you are on a regular Fedora Workstation
This is not true. I'm not using the same VM for everything but dedicated VMs for bank, email, HN, instant messaging and so on. A malware on a random website would only get the access to an empty VM, nothing more. Passwords can be securely saved in the related single-purpose browsers and in a plain text file (in an offline VM).
> If QubesOS had hardened templates, I would use it.
You misinterpret the Qubes' approach to security. If your VM is compromised, no hardening will save your data (https://xkcd.com/1200/). On Qubes, you should compartmentalize your digital live into security domains, such that you never run anything untrusted in trusted ones and never have anything valuable in untrusted ones. With such approach, hardening is irrelevant. More examples: https://www.qubes-os.org/news/2022/10/28/how-to-organize-you...
> Unless you only use disposable VMs, which you probably don't.
I don't understand why one wouldn't use them for everything not requiring saving the data. Of course I do use them and wrote this comment from one.
More benefits: https://forum.qubes-os.org/t/how-to-pitch-qubes-os/4499/15
What about NetVM? All AppVMs us that so what if that get's compromised? Since the templates are not hardened at all, could the attacker jump from NetVM to AppVM?
> I'm not using the same VM for everything but dedicated VMs for bank, email, HN, instant messaging and so on. A malware on a random website would only get the access to an empty VM, nothing more.
So how many Templates and AppVMs do you have? Each of those dedicated VMs would need their own AppVMs at least. You have Domain: Bank, Domain: Email (do all email accounts get their own domain?), Domain: HN, Domain: Github, Domain: Stackoverflow, Domain: Signal and so on.
> If your VM is compromised, no hardening will save your data
So that means layered security is totally meaningless and instead of keeping it default, let's remove mitigations?
> you never run anything untrusted in trusted ones and never have anything valuable in untrusted ones.
In practice, this is close to impossible.
> I don't understand why one wouldn't use them for everything not requiring saving the data
Disposable VMs were the best part of QubesOS, but unfortunately, it's is pretty common that you need to login to something or save something, which means you can't use DisposableVMs for everything.
I do wish I paid for Brave but again - I don't see ads online so I don't what they do with my information anyways.
I don't wonder about Google or Microsoft.
This data will allow us to correlate telemetry IDs with download tokens and Google Analytics IDs.
I care less about privacy than I do an annoying Internet. There NO ADS with Brave Browser - like I just DO NOT SEE ADS anywhere on the Internet.
Anyone that has been using Chrome can't possibly care about privacy anyways and they can't know what I mean about ads online.
There are no ads with any browser provided that you press one button and install a browser extension that blocks them.
Brave isn't an issue regarding privacy, it's a security issue, see what I said on https://news.ycombinator.com/item?id=42656123.
There are no ads on Brave. Not on the side of the pages, not in the middle the content scroll, not behind the content scroll, not before or after - no ads.
If you use pirate streaming sites - I rarely, rarely have a popup ad on those when I do use them.
It's not just ads, it's all about the user with Brave - most sites open in reader mode, I have to actually select to see the website itself, otherwise I just get all the content I want by default and only that content.
I have 2 different compromised gmails - both of which happened during my years using Chrome, tho one was the Experian hack I'm pretty sure, Google is not secure, I don't know why anyone would ever think that.
Seems like a user issue.
Don't opt-in and enjoy an ad free experience.
Brave was caught inserting their own referral code in signup forms on websites. This is basically exactly what Honey is doing and under fire for right now.
Brave basically does a man-in-the-middle attack on those websites. This goes MUCH further than just a privacy issue, it's a security issue.
I don't care about privacy, it doesn't exist, and I use Chrome. But I won't compromise my security by using a browser that is happy to pirate the pages I view.
I use Edge occasionally - which is far superior to Google and I don't kno how ppl deal with browsing the Internet like that, it's wildly frustrating.
Overall Brave is pretty good, they build in ad-blocking by default and their own ad service is opt-in. They also have Tor and IPFS support that does not exist in Chromium, and are maintaining Manifest V2 support.
Even identical models of iPhone have minor variations in hardware and configuration and will produce different fingerprints.
In fact, Safari narrows you way down all by itself.
Browsers can block known sources of advertising and fingerprinting code.
It's hard to produce a fingerprint when the browser won't load the code.
Can't remember when I last saw an ad (except for some static one within the page), and the last time I actually clicked on an ad was about 20 years ago.
Oh and BTW, I use a dumb/feature phone for telephone, my smartphones have no SIMs and they connect to the net via a WiFi router (usually a pocket type), and no email is sent from smartphones. Nor do I use any social media (perhaps one if by some stretch HN could be classified as one).
And Gibson Research's ShieldsUP can't find anything of note.
Finally, without JS the web runs like a grayhound. Sites that break without it are not worth visiting anyway (and they're usually the worst privacy offenders).
I've no need of them, as they say, there are pleanty more fish in the sea.
All this nonsense is only a problem if you expect something for nothing and or like the trinkets and pretty baubles Google pretends to offer for free.
PS: and I don't send or receive email from those who've gmail addresses. Boycotting those with gmail addresses sends a message that one is actually serious about privacy.
In the meantime Safari/Firefox as appropriate.
It's a shame really, because as a piece of software engineering Chrome is incredible.
Chrome is the abstraction layer to WindowsMacOSiOSLinuxAndroidBSDx86ARMRISC-Vspaghettisoup.
My assumption is that every site that knows how to do fingerprinting is doing fingerprinting and probably deanonymizing against a shared signature database.
Probably only slightly hard to link all the things you do using a given installation of the browser to each other. They do at least try, but it's still basically Firefox, and it's not clear that it's even possible to make an unfingerprintable browser.
Doesn't make it any less sad, though. The web is very hostile to the end user these days.
You might get some relief from some tracking, including via fingerprinting, by using comprehensive ad and tracking blockers. Or you might not, since CDNs are still probably going to track you.
Because that is so blatantly anti competitive the adtech industry manipulates it into a sort of war of opaque identifiers (“user resettable device identifiers”) , attached to things like Roku, smart TV and phones, which then can be passed along with bid requests for ads and later used to effectively target people even on other devices in the same household, conveniently only by some players in the adtech world who then charge more.
Breaking the Chrome monoculture will not solve this problem by itself, but it is a necessary step in getting there.
My personal, controversial, conception of the future is to return to the notion of the Internet as a network of other networks, and then enable devs and content creators to sell apps and experiences which operate privately within those networks.
While I think that would be good, I did say personalized advertising, not all advertising. If every visitor to site.com sees the same rotation of ads, there's no need to track anybody. Still obnoxious and a vector for malware, of course. But not really the same problem.
> My personal, controversial, conception of the future is to return to the notion of the Internet as a network of other networks, and then enable devs and content creators to sell apps and experiences which operate privately within those networks.
It never really was that, you know. And I think putting everybody in walled gardens would be even worse than ad spyware.
No comment on "this or that browser", they all suck, but if use a client that does not run Javascript then this may reduce the amount of data, e.g., number of data points, contained in the "browser fingerprint". Every "browser fingerprinting" technique I have ever seen tries to use Javascript to add more data points to the fingerprint.
With respect to HTTP headers, a client that only sends Host and Connection headers provides less data for a "browser fingerprint" than one that provides User-Agent and a number of other headers.
Yes, one can still produce a "browser fingerprint" from a combination of minimal data points such as IP address, timestamp, TLS configuration and 1-2 required headers (no User-Agent). But this print contains less data than a browser fingerprint made from those data points _plus_ User-Agent string, other HTTP headers, data gathered using Javascript and so on. Consider that the print with less data may be easier to duplicate or mimic. If so, that might make it less reliable.
"Using a less common browser makes that eassier... not that it will ever be hard."
The mistake of this "argument" which we have seen countless times on HN is that it assumes the goal to stop browser fingerprinting 100%. What if the goal is only to reduce the amount of data in the fingerprint, making it potentially less reliable. For this purpose the popularity of the client, e.g., a browser, is irrelevent. The focus here is the quality and quantity of what the client sends. Popularity of the client only becomes important if the goal is to "blend in", i.e., for all clients to send the same data where possible. Arguably sending _less_ data would make that endeavour, i.e., all clients coordinating to send the same data, easier. Needless to say, "blending in" by using a popular, complex browser is a fantasy. It only makes fingerprinting easier.
As such, the common HN reply along the lines of "using a less common browser makes fingerprinting easier" is nonsensical. It imagines that HN readers believe it is possible to have zero "fingerprint" by any server. It ignores the achievable goal of a fingerprint that contains minimal, i.e., less, data. It presumes that any "less common browser" sends the same amount of data to the fingerprinter as the more popular ones. That may or may not be true. The choice of client is siginificant in this regard.