I appreciate the list of potential harms. I'm curious about your last point though. Isn't it trivially easy to wipe cookies from your browser?
I appreciate the list of potential harms. I'm curious about your last point though. Isn't it trivially easy to wipe cookies from your browser?
You should always configure your browser to automatically wipe all data on exit. The Arkenfox user.js user profile does this and more to mitigate fingerprinting.
I am logged into way too many sites to do that unfortunately. I do use a password manager with a browser plugin to make it easier, but it's still a lot of manual work to re-login to all the sites I use on a normal basis, for both work and home, every time I restart my browser.
Would be nice if there was some other solution, like maybe encrypting the browser profile and then requiring a pin/password/biometric/something to unlock it on each start.
It shouldn't take more than one second to log into a website using the Firefox password manager.
In my case it often can and does.
Many sites I use force email or SMS-based 2FA, sometimes in addition to "security questions" and/or have other multiple steps of authorization (like captchas) required; it's often not just a simple username/password for me.
Now multiply that by 25 different sites. Not happening.
One option for that is to use multiple Firefox profiles. The main general-purpose browsing profile would have a hardened configuration, while dedicated profiles are used for other websites that should remain logged in.
It's not just about cookies but also about fingerprinting, which is extremely hard to prevent.
No extensions that randomly change your fingerprint? I suppose that might trigger a lot of captchas.
There are but I'm not aware of anything that can reliably fool creepjs.
https://abrahamjuliot.github.io/creepjs/
And yes it often results in endless captcha loops.
Fingerprinting can be extremely sophisticated. Have a look at this test: https://coveryourtracks.eff.org/
Only Tor Browser can reliably fight with it.
Tor Browser will not even hide the OS you're using from javascript... so if you're on Linux, you are automatically more identifiable than >97% of people.
Also, that EFF site only checks against other people who visited the same site, so the results are skewed IMO. The other comment that links to creepjs is what I consider the best available open source tool.
It can be yes, although not everyone wants to do that because you will likely be logged out of all the websites you're using, shopping carts cleared out, etc.