So as the title mentions, I’m wondering how much is too much?

I am currently using Brave with the setting to:

  • Aggressively block trackers & ads
  • Only connect with HTTPS
  • Block fingerprinting
  • Block cross-site cookies

In addition to that, I have installed the following extensions:

  • uBlock Origin
  • Ghostery
  • Decentraleyes
  • DuckDuckGo Privacy Essentials

So my question is: Is this overkill? If so, what should/could be removed that may be redundant? I want as much coverage as possible, but not have things bloated.

  • Skimmer@lemmy.zip
    link
    fedilink
    English
    arrow-up
    29
    ·
    edit-2
    1 year ago

    Please never do this! Read this thread from the developer of uBlock Origin. Using multiple content blockers together like this can and will cause issues, as well as will increase fingerprinting, etc, and there’s no gain or benefit at all from doing so.

    I would disable Brave’s built-in ad/tracker blocking (leave the rest of the Shields’ functionality enabled), and would solely use uBlock Origin, and remove the other extensions. (You could even just stick to Brave’s built in ad/tracker blocking if you want to, but I just prefer uBlock Origin for its advanced features and compatibility)

    As far as Decentraleyes goes, its essentially abandoned. You can use LocalCDN instead if you wish to do so, though its privacy benefits are debated. I mainly use it since I use uBlock Origin in Hard mode (which it complements uBo very nicely in both Medium or Hard Mode), and for the performance boost it gives, but its up to you. Ghostery and DDG Essentials should definitely be removed. (While DDG Essentials isn’t only content blocking, its other features are also just completely redundant and unnecessary with Brave)

    • Bitrot@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      DDG extension lets you enable and manage their private email forwarding service. It can also be done through their mobile browser but less convenient.

  • Etterra@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    ·
    1 year ago

    Brave is trash and its owned by an asshole. I use adblock browser in my phone and Firefox otherwise. Not sure about the owner or Dev or whatever, but it’s much better quality for blocking ads.

    An answer to the more pertinent question of how much is too much, however? None. There’s no such thing as too much ad blocking.

    • Ogygus@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      Why is it trash?

      And why are Americans obsessed with the politics of who makes a product?

      Its a free, as in free beer, browser. By using it you are not donating money to the CEO.

      • 9point6@lemmy.world
        link
        fedilink
        English
        arrow-up
        18
        ·
        edit-2
        1 year ago

        Someone correct me if I’m wrong, but I’m pretty sure he donated to (or still donates to?) homophobic action groups.

        That’s more than enough reason to boycott something that person is in charge of, imo

          • priapus@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            11
            ·
            1 year ago

            When you support software you support the company making it, allowing them to grow and profit. If someone does not want to financially support the actions of someone they disagree with, then that is fine.

          • 9point6@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 year ago

            I do not want success for that man, therefore I’m not going to give his project market share

            • Ogygus@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              Market share… Of something that can be had free? You are making less and less sense.

              • 9point6@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                ·
                edit-2
                1 year ago

                Yes, because if the browser has no market share, there is no point in it continuing to exist and the company folds.

                I don’t care if it’s free or costs money, the man gets paid if the product is successful. I don’t want to support him, therefore I don’t use the product. If enough people agree with me and do the same, the product dies & the man fails. Or at the very least the rest of the company kicks him out and the man still fails.

                Like this isn’t rocket science

                • Ogygus@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  This makes no sense.

                  How do you expect to convince a large group to stop using a product? Just by saying “he’s bad”?

                  Be honest with yourselves and admit it gives you a warm fuzzy feeling of “sticking up to the man” by doing… Nothing.

                  You see you are deluding yourselves in believing you are making a change, but it’s all in your head.

        • Bitrot@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          1 year ago

          In 2008 he donated $1000 in support of California Proposition 8. I don’t know of anything else, at least publicly. Californians also voted and passed the amendment 52%/47%, it was thrown out by the courts.

          More recently in 2020 he did say some of the typical conservative stuff about COVID lockdowns, mask mandates, calling Fouci a liar, etc.

      • bug@lemmy.one
        link
        fedilink
        English
        arrow-up
        14
        ·
        1 year ago

        Never mind the American politics nonsense, Brave has a history of slightly dodgy behaviour. Replacing websites ads with their own, keeping donations meant for creators, hijacking referral links and adding in their own, a lot of cryptocurrency shenanigans, and that’s just what’s on Wikipedia!

      • jayemecee@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        I agree with you, that’s irrelevant. What’s not irrelevant is that it’s chromium as in based on chrome, the browser trying to add drm to internet pages. Please use Firefox instead

      • geosoco@kbin.social
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        Given that the US has almost zero privacy legislation, the politics of the owner/maker often hints at decisions that eventually make it into the software. Many of the reasons to avoid chrome and chromium are similar to this, though not about a specific person but about the values that google holds in fucking over standards. We see this reflected in some of the decisions of say social media platforms (even “free-as-in-beer” ones) and many companies.

        In many cases, you’re still giving them money and/or power to continue fucking up open standards.

        • Ogygus@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          What money am I giving. I didn’t spend a singular cent.

          What power am I giving. I didn’t vote for anything.

          Who made you like this?

      • Klajan@beehaw.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        But uBlock also has javascript blocking functionality, so I’m not sure NoScript is needed

        • regalia@literature.cafe
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          It blocks JavaScript altogether. NoScript is more fine tuned to allow the minimal amount of js to function.

        • McBain@feddit.ch
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          NoScript also prevents clickjacking, redirection attack (if I remember correctly, also I’m not sure that it’s the correct term), and few more things that I can’t remember right now… From what I’ve heard one can replace them both with uMatrix, haven’t tried it though.

    • Decentralizr@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Yes for the browser i agree, sadly apps have trackers and ads too. A dns can be useful if it’s system wide for all that stuff. Nextdns, adguard, rethinkdns or decloudus comes to mind

  • Reversed Cookie@feddit.de
    link
    fedilink
    English
    arrow-up
    15
    ·
    1 year ago

    So. Since many people basically have no idea of anything, Quick explanation:

    Never use different Content Blocker Extensions together. They break eah pther in functionality, uBO Dev and a Adguard Dev made a official post about this problem on Twitter (aka. X). So, remove DDG, definitly remove Ghostery, there privacy pratices are worse, Decentralized Eyes is outdated, use it’s fork LocalCDN instead, uBlock Origin is u only necessary if you wanna use Features of it, which Brave Shields doesn’t have. uBO filters do work completly for Brave too, they both the the same syntax.

  • edric@lemm.ee
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    You can have what Brave does except block ads/trackers, which uBO can cover anyway, but on Firefox or Librewolf instead. For extensions, ditch Ghostery.

      • edric@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        1 year ago

        Ghostery used to sell (or just send back) user data to advertisers. While it was opt-in, that isn’t really a good look for a privacy tool. I stopped using it when that news broke out long ago, but I think now they are also showing ads of their own(?). Either way, uBO does almost everything now. I have Decentraleyes too, along with ClearURLs, and Privacy Badger (which supposedly is redundant to uBO now too).

  • Sebo@lemmy.one
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    My rule for this is if tor uses it its pretty dam good aka No script + Ublock Orgin

    • twei@feddit.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      tor using ublock origin would be new to me. do you mean they now ship it by default or do you mean that you can install it like a regular firefox extension?

      • Sebo@lemmy.one
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Oh come to think of it you might be right I don’t use tor a lot lol

      • Genghis@monero.town
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Firefox isn’t as secure as Chromium browsers due to its internal sandboxing and site isolation being substantially weaker (especially on Linux). If you are on a Linux machine, I recommend you use Brave with no ad blocking extensions because first, it comes with an ad blocker by default. Also, the more extensions you have, your attack surface increases.

        If you are on Windows, you should be using Microsoft Edge paired with UBO Lite as it offers the highest security and UBO Lite doesn’t have access to the site data. If you are concerned about the telemetry of using Edge, you can turn it off and if you’re still paranoid, you will have to switch to Linux at this point.

      • MangoPenguin@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        I don’t use it just because I’m not a fan of how chromium browsers work. They have had some controversies too around their crypto stuff and other things, but I’m not too familiar with them.

  • bbbhltz@beehaw.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Yup. Overkill. But, thankfully extension removal is just a click away. More users should ask questions like this.

  • lemmy689@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I’ve tested a few browsers using Eff’s Cover Your Tracks website. The best is TOR, but Brave with no extensions is second, it said it provided a randomized fingerprint. Tried it with Firefox with uBlock and it said my comp had a unique fingerprint. Mullvad browser faired slighty better, cant recall the score, but at least it wasn’t unique. I tried it with Librewolf also with a load of extensions and it was a poor score as well. So, imo, you don’t need extensions with Brave. I think my settings are the same as yours.

  • worfamerryman@beehaw.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Websites can also dingier print you by your browser settings and extensions.

    So, having a lot of extensions can defeat the purpose of privacy.

    I try to keep default settings and a minimal number of extensions.

    • Lemongrab@lemmy.one
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      It depends on what browser and what extensions. Previously addon could be fingerprinted by detecting what web resourves they used (i think just chromium). On firefox extensions can get detected by sensing certain telltale changes they provide. eg. Inserting js in dom or blocking of ad/tracking domains. Even if the extension itself isnt identified, unique settings and multiple content blockers will make kinds of fingerprinting possible.