this post was submitted on 28 Aug 2023
180 points (95.5% liked)

Privacy

32103 readers
952 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

The Mullvad Browser is a privacy-focused web browser developed in collaboration with Mullvad VPN and the Tor Project. It aims to eliminate data collection and provide user-centric browsing services, ensuring online activity remains private and secure. The browser has the same fingerprinting protection as the Tor Browser, but connects to the internet without Tor Network or VPN instead. The Mullvad Browser provides anti-fingerprinting protections.

The idea is to provide one more alternative – beside the Tor Network – to browse the internet with more privacy. To get as many people as possible to fight the big data gathering of today. To free the internet from mass surveillance.

Here: >> mullvad browser official <<

you are viewing a single comment's thread
view the rest of the comments
[–] Pantherina@feddit.de 1 points 1 year ago (1 children)

I dont like that they also use private browsing. It sucks, is unnecessary, restricts extensions, containers and disabling it is fingerprintable

[–] Wave@monero.town 2 points 1 year ago (1 children)

You can still use a other web browser for other special usecases. Mullvad Browser has focus on privacy.

[–] Pantherina@feddit.de 1 points 1 year ago (1 children)

Yes. And private Browsing is useless.

Okay, it seems its not clear what I mean.

The purpose of private browsing:

  • one switch, different UI for the "amnesia mode", LOCALLY
  • use any persons Computer (probably) or leave no data on a computer others can access
  • maybe leave no trace on your own computer
  • easily cleanup lots of things combined

But the thing is:

  • its useful, but only for this threat model
  • you can delete Cookies, Cache, DOM data, Session, Downloads using seperate switches, most of them GUI
  • private browsing is fingerprintable. If you want to only delete cookies, but with exceptions for sites you trust...
  • if you want to save the session, which is local, does not cache sites and is not fingerprintable...
  • you have to disable private browsing (which is fingerprintable! On a browser that has to ne exactly the same to fulfill its purpose!) And set the settings yourself, possible without GUI as this was deactivated.

I asked the Mullvad devs about this, but they dont care. Private browsing also restricts the browser, for example containers dont work, temporary containers for instant cookie cleaning for example. And it has no purpose! These can be individual settings, and simply enabling Session or reven downloads saving will NOT leak data to the web.

This "leave no trace locally" simply does not work for most people. Its your PC, you are the one accessing it. This keeps people away from the browser, even though Firefox with Arkenfox or Librewolf or Mull are perfectly usable, I use them daily.

[–] jet@hackertalks.com 1 points 1 year ago (1 children)

And that's all totally fine. Mullvad is definitely going for the leave no trace local browsing people.

If you need to browser with persistence, you have the options that you outlined.

For people who want a daily driver with no persistence it's perfect

[–] Pantherina@feddit.de 1 points 1 year ago (1 children)

No it makes no sense... they could simply preset the settings:

  • delete cache
  • delete cookies
  • delelte downloads
  • delete session

And have the same thing, without the private browsing annoyance

[–] jet@hackertalks.com 1 points 1 year ago (1 children)

But then the data would be written to disk, and then it would be deleted from disk, which would leave a trace.

I get this isn't your threat model. But for the people whose threat model it is then that's unacceptable.

Deleting data on disk does not actually remove the data. It's still persists especially on SSDs.

[–] Pantherina@feddit.de 1 points 1 year ago (1 children)

In private browsing it would not be saved to disk? This is a real difference then.

Its not about "my threat model", its about if private browsing actually makes sense, or if it just restricts the browsers capabilities.

So in PB everything is kept in RAM? And this cant be reproduced with a setting?

[–] jet@hackertalks.com 1 points 1 year ago* (last edited 1 year ago) (1 children)

https://2019.www.torproject.org/projects/torbrowser/design/#disk-avoidance

If you're saying private browsing mode doesn't make sense for anybody, I'm going to disagree with you. If it doesn't work for you that's fine. But it is something for other people

[–] Pantherina@feddit.de 1 points 1 year ago

I will check if there are other settings to avoid writing to disk. If there are none, valid point and this cant be changed. If there are some, I stay with my point.