I found that the uBlock Origin extension breaks the final result. To fix it, add adblock.turtlecute.org as an exception in uBlock rules.
Exactly the kind of belly laugh I needed right now. That side also falsely "measures" that my ad blocker lets all kinds of sites through when in fact my setup lets absolute zero third party sites through. Hilarious!
I wonder how many people fall for sites like that.
Two little-appreciated privacy features in Safari not mentioned in the article:
Each private browsing tab has its own cookie / data bucket[1]; and
Private browsing tabs and windows are preserved across restarts. (This is optional and can be configured to forget them upon restart.)
These make it practical to use private browsing for nearly all browsing, which isn't really the case in other browsers, where private browsing is clearly designed as an occasional-use thing. (And of course if you use private browsing for most things, you can still open regular windows for sites where you want to stay logged in.)
[1] If a link or script in a tab opens a new tab or window, then they share the same cookie bucket. This preserves compatibility with sites that require such a flow.
Not only that, but every private tab has its own proxy connection. You can see this if you turn off the iCloud Relay’s default setting of trying to find servers near your area - one tab will be in Texas, another in Tennessee.
In Settings, on the General tab, for "Safari opens with", select either "All windows from last session" or "All non-private windows from last session".
They're isolated by website but the tabs are not isolated from each other, like in Safari (in private browsing).
This distinction matters, if you primarily use private browsing, and have lots of tabs open from a site (say, Wikipedia, or Reddit, or pick a social networking service you don't want to track you by cookie[1]) - that particular website will know all the different tabs are from the same user potentially over a long stretch of time if at least one of those tabs remains open.
[1] Ad networks also track by IP address, so you need to take measures there too.
On the other hand it does have container tabs which reduce the need for private browsing mode a lot and is great for long standing isolated sessions <3
My goodness the container UX is tragic. I thought it was just an initial release, they would make it better It's been more than year. I can't even recommend it to non-tech friends because I have trouble using it myself.
I think the author might be misunderstanding the fingerprint test — having a unique fingerprint is bad, as it allows tracking of you by fingerprinting, without the need for cookies.
> having a unique fingerprint is bad, as it allows tracking of you by fingerprinting, without the need for cookies.
Correct.
FWIW (disclaimer: I'm the developer of StopTheMadness Pro, mentioned in the article) I just ran two tests in Mac Safari, with StopTheMadness Pro enabled and disabled, and the results were exactly the same each time: "at least 18.06 bits of identifying information". Alas, that's a unique fingerprint, but apparently my extension doesn't make anything worse. If you look at the detailed results, the identifiers are things like User-Agent, screen size, time zone, and language.
Thank you for the extension. I’ve been a Pro user for quite a while now. I wish it existed for Linux as well, as I really miss it when I’m not on the Mac.
One relatively small complaint if you don’t mind me hijacking this thread. The update process could be a lot better! Especially on Firefox. I’m used to it now, so it’s become just a bit of an annoyance but the first few times were tense moments, and especially panic inducing a couple times when I was pressed for time and couldn’t use the browser before updating the extension.
In any case, it’s an awesome extension and I recommend it to others frequently!
I don't really trust the EFF site. I'm not trying to be an annoying contrarian but as far as I can tell it always reports a unique result and nobody has explained to me yet why a freshly set up iPhone should look unique to them. Everyone talks about canvas fingerprinting or whatever but I mean it is literally the same GPU and screen size and font stack and colorspace as a million other iPhones. What are they getting? My time zone, maybe? IP? What do I actually do to reduce the number of bits?
That's the same amount of bits I got with every browser I tried (Safari, Chrome, Firefox). Not sure what the takeaway is, but at least for me, all browsers seem to leak roughly the same amount.
> having a unique fingerprint is bad, as it allows tracking of you by fingerprinting, without the need for cookies.
Having a unique fingerprint is ideal, as long as it's unique every time. It's insane to think that you can successfully account for every data point that can be collected from a browser. Fingerprinting techniques are changed and new methods are being discovered even while browsers themselves keep adding new features that can be used (or abused) to identify people.
Rather than praying that you (and some fingerprinting website) are 100% aware of every single technique that's ever been used anywhere and that nothing new will be discovered giving trackers even just a single unique data point which is all they need to tell you apart from everyone else, it's a lot safer to appear to be someone new with every request.
Yes, a unique fingerprint allows tracking. But which sites that most of us visit, without logging in, actually have and use that capability to build a unique profile?
I assume ad networks and analytics are the main ones actually fingerprinting based on client-side factors. I could be totally wrong.
Any reasonable adblocker that prevents requests to those services probably neuters 99% of any fingerprinting capability that anyone is going to encounter day to day.
Yup. I use a more generic setup (just AdGuard and Hush) and have a less unique fingerprint. At some point, adding more “privacy” extensions will just make you stand out more with very little tangible benefit.
Not the poster, but for me MacOS Orion (without stop the madness or little snitch etc) or anything else scores 16.07 bits and 98% ad block.
I had a look at Kagi official discord and Vlad (HN: @freediver) says they let the eff test run as non-malicious, i.e. other sites may not be able to see as much.
Hi! I'm the author, I have indeed misunderstood that (and updated the post text to reflect that better, thanks!), but also - can someone really avoid having a unique fingerprint? Or randomizing it is the only way to go? (Referencing something along the lines of this: https://www.reddit.com/r/browsers/comments/17mp39r/does_it_m...).
That being said I was a lifelong Windows user up until 5-6 years ago, and while everyone else in my family uses apple devices I was never interested in using one(since I like building my own PCs :p)
Safari is too good in this regard, it deletes first party cookies after 7 days, so any site you haven't used in a week it acts like it's never seen you before and is completely signed out.
What I liked about this article were these points:
> I try to stay positive about my choices
> As someone deeply embedded in the Apple ecosystem
author clearly mentioned these and that is nice. But then that is what it is. This post is "how to do few of X things in Safari browser". There are no comparisons, none - nothing at all. Because something like privacy stands nowhere until we know what else is out there, how better you can be protected. Because I am pretty sure Internet Explorer (current name is Edge, right?) must have been saying from the day 1 "we take your privacy very seriously", just like good old Zuck's toys say.
But then the author happily turns to the browser wars (something they explicitly said they are not into; repeatedly) and brings Firefox in the conversation. "For fun" of course :)
But still all good. Eventually it boils to that and author kinda says it - they just want to be happy about their setup and that is all. That is what this blog post is - a "so called" happiness post. That is nice. Very nice.
PS. And god, Hush never works. At least it doesn't work for me :D
The article misses the probably one of the biggest advantage Firefox offers privacy-wise versus other browsers: Firefox Multi-Account Containers. Containers allow you to isolate different websites into separate browsing environments.
Recently Mozilla integrated their VPN service directly into the browser too and it is Container aware.
"Starting with Safari 17, you can use profiles to keep your browsing separate for topics like work, personal, or school. Each profile has separate history, cookies, website data, extensions, Tab Groups, and favorites."
You can create profiles, but as I understand it, Firefox containers allow you to scope profile-like containment to specific websites, which is not possible with Safari containers. In fact, I abandoned my look at Safari profiles because you can't bind particular sites to particular profiles, nor can you open sites using a specific profile within a particular tab, it must always be a window.
Took another look at this and it looks like you can set a profile to use for a site in the website settings, Open Links With Profile settings. You have to visit first, but it does seem to work. Unfortunately still limited to a whole new window, which makes the whole thing rather awkward, but more useful that I thought.
I recently stopped using Pi-hole. I honestly think it’s great, but it just breaks too many websites in really subtle ways. With DNS caching it’s tricky to troubleshoot too.
The post conveniently forgetting Apple has at least two “helps us improve” toggles on by default, using content from Safari and Spotlight searches to “improve their services”. Privacy is really “redefined” here.
That site then says:
I found that the uBlock Origin extension breaks the final result. To fix it, add adblock.turtlecute.org as an exception in uBlock rules.
Exactly the kind of belly laugh I needed right now. That side also falsely "measures" that my ad blocker lets all kinds of sites through when in fact my setup lets absolute zero third party sites through. Hilarious!
I wonder how many people fall for sites like that.