Our mobile devices are also directly inspectable by customs agents when we cross international borders, and in some jurisdictions by police on the street.
Those who say that they have no care for privacy on the Internet have seemingly no idea of the abuse to which such information may be put. The Holocaust was perpetrated by a vicious regime primarily on the basis of household religious indications from a century of national census collection. No government of the past has ever had access to the amount of information available about the location and habits of individual citizens.
How can we possibly protect ourselves from a technically savvy authoritarian government that is willing to abuse this treasure trove of data?
Our browsers, those critical tools for our daily lives, are not currently our friends. They are the portal by which our personal information flees to corporate and government interests.
There are two fundamental approaches to securing our personal information in browsers. The first and easiest is to avoid recording your history from your local device. This is the primary tool behind browsers' privacy modes such as Firefox's private mode or Safari's incognito mode. No having local data will provide some level of protection if your phone or computer is seized.
Removing or avoiding local data storage does nothing to protect you from Web analytics companies who use data your browser happily sends to them during an online session. Advertising companies install trackers into their ads that are implemented in the JavaScript language understood by each browser. That computer code can and does read as much information as it can find, and combine it into a full picture of your individual browser through a process known as browser fingerprinting. It is this fingerprint, good perhaps to identify one person in tens of millions, that your browser happily passes back to the companies that asked for it.
The Electronic Frontier Foundation (EFF) has made a useful tool called Panopticlick to test browsers vulnerability to online tracking. The odd but fitting name is a reference to the Panopticon, a type of jail designed in 1787 by English philosopher Jeremy Bentham. A single jailer could see a large number of prisoners in the Panopticon.
This post reports on a series of Panopticlick tests on a variety of browsers. Desktop browsers were tested on a MacBook Pro. Mobile browsers were tested on an Apple iPhone 6 and a Sony tablet running Android Marshmallow.
Panopticlick asks four questions of browsers:
- Is your browser blocking tracking ads?
- Is your browser blocking invisible trackers?
- Does your browser unblock 3rd parties that promise to honor Do Not Track?
- Does your browser protect from fingerprinting?
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| My good browser | yes | yes | yes | yes |
A browser that failed all four tests would have a negative report. The last question would be answered by noting that a unique fingerprint could be calculated:
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| A terrible browser | no | no | no | unique |
It is naturally possible for some browsers to provide partial implementations to block tracking ads or other trackers. Partial implementations are marked in yellow.
Desktop Browser Tests
Tests were performed on an Apple MacBook Pro, running MacOS Sierra version 10.12.4.Safari version 10.1 (12603.1.30.0.34)
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Safari (Mac, default) | partial | partial | no | unique |
| Safari (Mac, private browsing, default) | partial | partial | no | unique |
| Safari (Mac, private browsing, block cookies and website data) | partial | partial | no | unique |
Chrome version 57.0.2987.133 (64-bit)
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Chrome (Mac, default) | yes | no | no | unique |
| Chrome (Mac, EFF Privacy Badger installed) | yes | yes | no | unique |
| Chrome (Mac, incognito mode, default) | partial | partial | no | unique |
| Chrome (Mac, incognito mode, block cookies and website data) | yes | yes | no | unique |
Blocking all sites entirely using manual control of Privacy Badger yielded the same results as having Privacy Badger installed.
Safari’s incognito mode blocks plugins including Privacy Badger, so using plugins is ineffective to increase privacy on Safari.
Firefox version 52.0.2
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Firefox (Mac, default) | no | no | no | unique |
| Firefox (Mac, EFF Privacy Badger installed) | yes | yes | yes | unique |
| Firefox (Mac, NoScript installed) | yes | yes | yes | yes |
| Firefox (Mac, private mode, EFF Privacy Badger installed) | yes | yes | yes | unique |
| Firefox (Mac, private mode, NoScript installed) | yes | yes | yes | yes |
Firefox’s private mode does not block plugins, so Privacy Badger could be used with private mode.
NB: JavaScript was disallowed for panopticlick.eff.org with NoScript; disabling JavaScript is a key way to avoid trackers. Unfortunately, it is also a key way to break modern Web pages.
NoScript maintains a white list of common sites to minimize the breakage of legitimate JavaScript functionality. It blocks all others, but gives a useful user interface to allow exceptions. As shown in Figure 1 below, most sites are analytics trackers such as Google Analytics, Facebook, and Doubleclick.
Figure 1. NoScript's list of recently blocked sites
Mobile Browser Tests on iOS
Tests on iOS were performed on an Apple iPhone 6, running iOS version 10.3.1.Safari iOS version 10.3.1
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Safari (iOS, default) | partial | partial | no | unique |
| Safari (iOS, private browsing, default) | partial | partial | no | unique |
| Safari (iOS, private browsing, block cookies and website data) | partial | partial | no | unique |
| Safari (iOS, Disconnect Privacy Pro installed and VPN active) | yes | yes | no | unique |
Firefox iOS version 7.1 (2565)
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Firefox (iOS, default) | no | no | no | unique |
| Firefox (iOS, private mode, default) | partial | partial | no | unique |
| Firefox (iOS, Disconnect Privacy Pro installed and VPN active) | yes | yes | no | unique |
Firefox Focus iOS version (current as of 17 April 2017)
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Firefox Focus (iOS, default) | yes | yes | no | unique |
| Firefox Focus (iOS, “Block other content trackers” option on) | yes | yes | no | unique |
| Firefox Focus (iOS, Disconnect Privacy Pro installed and VPN active) | yes | yes | no | unique |
The motto for Firefox Focus is “Browse, erase, repeat”, which shows its focus on erasing local history.
Chrome iOS version 57.0.2987.137
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Chrome (iOS, default) | no | no | no | unique |
| Chrome (iOS, incognito mode, default) | no | no | no | unique |
| Chrome (iOS, Disconnect Privacy Pro installed and VPN active) | yes | yes | no | unique |
Opera Mini iOS version 14.0.0.104835
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Opera Mini (iOS, default) | no | no | no | unique |
| Opera Mini (iOS, “Accept Cookies” turned off and “Block Pop-ups” turned on) | no | no | no | unique |
EFF suggests rather concerningly, “switching to another browser or OS that offers better protections.”
Mobile Browser Tests on Android
Tests on Android were performed on a Sony Xperia Z2 Tablet SGP511, Android version 6.0.1 (Marshmallow), kernel 3.4.0-perf-gc14c2d5Chrome Android version 57.0.2987.132
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Chrome (Android, default) | no | no | no | unique |
| Chrome (Android, incognito mode, default) | no | no | no | unique |
Firefox Android version 52.2
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Firefox (Android, default) | no | no | no | unique |
| Firefox (Android, private mode, default) | yes | yes | no | unique |
Opera Mini Android version 24.0.2254.115784
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Opera Mini (Android, default) | yes | yes | no | unique |
| Opera Mini (Android, private tab, default) | yes | yes | no | unique |
NB: Opera Mini tested “no” in all categories last week, but Opera seems to be adding an effective ad blocking technology, which seems to have come to Android before iOS.
Disconnect free edition for Android (no version number, as of 23 April 2017)
| Ads | Trackers | DNT | Fingerprints | |
|---|---|---|---|---|
| Disconnect in-app browser(Android, default) | partial | partial | no | unique |
NB: Disconnect Pro/Premium versions were not tested on Android because I was borrowing the device and didn't want to buy my friend a $50 subscription.
Conclusions
One clearly needs to shop around to find a browser that will protect your privacy. That is easier on a computer than on a mobile device.
The combination of Firefox and the NoScript plugin was the only way discovered to pass all EFF tests, and that combination is only available on desktop and laptop computers. That is a shame given the power performance of Safari, or the Google app integration with Chrome.
There is no apparent way to avoid browser fingerprinting on iOS or Android.
Apple users seem to have a choice between the new Firefox Focus and installing (and using!) Disconnect Privacy Pro. It is easy to forget to turn on Disconnect's VPN. There is a cost, of course, but that should be nothing new to Apple users. Better privacy is part of what we pay for with Apple. It is surprising that Apple hasn't done with browser privacy what they have done with server-side encryption of user data.
Android users fare reasonably well using either Firefox's private mode or (surprise!) the new Opera Mini. Both browsers have decent blockers for ad trackers and other online trackers. Unfortunately, neither option does a thing to stop browser fingerprinting. In 2017 and beyond, blocking direct tracking is just not good enough. One cannot help but wonder why one needs to use Firefox's private mode to access apparently built-in functionality.
In summary, be careful. Practice safe computing to avoid infections of one form or another. It might be wise to both use a browser with good privacy support and also to check the status of updates once in a while.
We remain with poor tradeoffs. Should we increase privacy and suffer inconvenience, or opt for convenience? Unfortunately, I am sure I know what most people will do. Browser vendors, especially the Mozilla Foundation, should ensure that privacy protection is enabled by default. Action against browser fingerprinting is urgently needed.
Your privacy is in your hands.
