Switching to Brave- Two Settings Questions & Security Extension Migration

linux

#1

I’ve always used a number of privacy extensions in Chromium & FF. While trying to add extensions to handle some forms of fingerprinting, I stumbled on Brave. I’d like to switch, and need some help in that task. I’ve been using:

All of Gorhill:

EFF:

  • Privacy Badger
  • HTTPS-Everywhere [No longer needed.]

Others:

  • Decentraleyes [Probably still needed - no indication that Brave touches content delivery networks.]
  • User-Agent switcher for Google-Chrome [Appears still needed.]
  • Cookie Autodelete [Appears still needed. Brave lacks First Party Storage Isolation.]

Here are my questions:

  1. I’m not clear if Strict Site Isolation is default? If not, how do I enable it? With isolation, is there any longer a point to autodeleting cookies?

  2. Why is fingerprint protection only set to “3rd party?” Any difficulties with “Block all fingerprinting?” Would ScriptSafe or BrowserPlugs, which I had been looking into for fingerprint protection, give me any finer control?

  3. I had been blocking all ads, and for the moment would like to continue. I also like the fine control of scripts. Which of the Gorhill/EFF addons will I need?

  4. Let me know if there’s some reason I don’t need decentraleyes or the user-agent switcher.

Thanks for your input!


#2
  1. Its enabled by default. Can read get more info here.
  1. You can set it to "Block all fingerprinting" via global shields settings. You have the control on global settings that you can apply
  1. Again you can block all scripts at global level and using shields (lion icon in URL bar) you can selectively allow scripts to run on the page. Do mind this is allows all scripts from a domain. Individual control of script to run is not yet available.

  2. There’s no recommendations for this. Its a user decision if they want to use an extension to change the user-agent. Brave currently has the same user-agent as Chrome.

Hope this helps


#3
  1. Ok, got the site isolation sorted, thanks. Now, with site isolation, is there any reason that I still need to autodelete cookies? (Ok, Site Isolation is not the same as First Party Storage Isolation. So it appears I still need autodelete cookies.)

I know, and that’s what I’ve done. My question is why this is not default. Are there issues with site breakage or anything else that I should have in mind, which might give me reason to use what appears to be finer control in ScriptSafe.

Ok, so I need uMatrix. Still not clear on uBlock Origin{, Extra} and PrivacyBadger.

Ok, so I need the user-agent switcher. Still not clear on Decentraleyes, though I’m guessing I probably do.


#4

This is because most popular site will break with this enabled. The default settings is less restrictive to make it user friendly. For an average user the default shields settings works just fine. Advanced users have the choice of making settings more strict as they can make their way around with strict settings.

Regarding 3 and 4 there is nothing that we can recommend. Its all based on user need that they can install.

Do note certain extensions might have conflicting behaviour with shields so you might see some undesired behaviour.


#5

sriram - thanks for your second reply. Regarding fingerprinting:

If you can, I would appreciate more details on which forms of fingerprinting Brave blocks, which of those might break sites, and how. The reason being that my other option could be to turn off Brave’s fingerprinting protection and use ScriptSafe instead. Some details on what Brave is doing and where the problems might lie will give me a basis on which to make a comparison.

I am not asking for a recommendation, per se. I am asking for some input regarding what Brave is doing with it’s “Ads & Trackers Blocked” settings. That would give me a basis for comparison to uBlock Origin and to PrivacyBadger.

I am guessing Decentraleyes is necessary and that Brave doesn’t do anything with content delivery networks.


closed #6

This topic was automatically closed after 30 days. New replies are no longer allowed.