What Does Your Browser Know About You? The Answer May Surprise You
Thought you were doing everything possible to protect your online privacy?
You may be forgetting something: ensuring that you’re using a secure browser. Here’s our guide to ensuring the best web browser that doesn’t also leave a treasure trove of your personal information in its wake.
If you’ve been reading SecureThoughts for any length of time, you’re probably already familiar with the basic steps to minimize data collection and protect your online security.
But which browser is best for privacy is a question that you may never have asked.
While taking basic steps to protect your online security, such as using a VPN and running an online security service, are never bad ideas, it’s also vital that you minimize the digital footprint left by your web browser – that software you may entrust with all your closest secrets.
If exploited by hackers, it could provide all the clues needed for digital criminals to – literally – take over all of your online assets. And it’s all perfectly legal for them to do so.
Here’s how to choose the safest browser and keep your breadcrumbs where they belong – in your head.
What Information Does Your Browser Store
Unless you’ve taken steps to customize your browser’s recording habits, simply browsing the net will generate a stream of information which your browser records on your computer. If you’re syncing data to the cloud through Google, some of it, such as saved passwords, your browsing history, and automatic form filling information, also travels there.
But what is browser data? The most important pieces of data that most browsers store are:
- Browsing history: This is a list of websites that you have visited along with the time you accessed them. Unless you are using a history blocking plugin (History On/Off works well for Google Chrome) or browsing the internet in private mode (on Chrome, this is called ‘Incognito’), all websites you visit will be recorded by default.
- Download history: This is a list of files that you have downloaded from websites.
- Cookies: These are small data files sent from websites designed to remember particular pieces of ‘stateful’ information about your use of the website – such as what items you had added to your shopping cart on an e-commerce website, for example. Because of concern from legislators including the European Union, consent must often be sought for cookies that store non-essential information.
- Cache: This is a grouping of files from websites that you visited, stored locally on your machine. On Microsoft Edge and Internet Explorer, they are known as ‘temporary internet files.’
- Autofill information: Have you ever been asked by your browser whether you would like it to remember personal particulars, such as your address, to avoid you having to fill it out every time? Or asked if you’d like to save a username and password? Password manager software functionalities are built into most modern browsers such as Chrome, Firefox, and Microsoft Edge. This information is perhaps the most sensitive as it might contain access information to your online banking, Paypal account, or cryptocurrency wallet, as well as your home and business addresses.
How is This Information Used?
Having a list of your browsing history allows you to easily locate a page that you visited previously and may wish to access again. If you’re monitoring other users’ activity at the device level, it also gives you an easily understandable means of seeing exactly what they’ve been up to on the internet at certain times.
Browsing histories are also often integrated into the autocomplete functionalities of modern browsers, such as Google Chrome’s Omnibox. This allows you to receive prompts about websites that you accessed before but whose exact name you may have forgotten.
Cookies can be used by websites to track your movement around the pages they host, although other websites will not have access to this information. Without cookies, in fact, it wouldn’t be possible to buy things online as shopping carts would empty themselves every time you navigated to a new link on the website.
Additionally, a service can use its own cookies to modify the content it serves to you through an advertising program. If you’ve ever seen banner ads that felt just a little too targeted to your interests, this is likely the reason.
Caches improve the speed of websites that you visit often. When most connections were made by dial-up modem and bandwidth allowances were less generous, the cache was also an important means of decreasing the bandwidth that consumed while browsing the internet, although this is less applicable today.
Do Browsers Store Passwords?
Practically all modern browsers have the ability to store passwords in a built-in password manager, but generally, this requires that users consent to a prompt, such as the one from Google Chrome below.
In addition, every browser we have tested that stored passwords also provides users with the ability to delete them.
If you do not want your browser to store your passwords:
- In Google Chrome: never answer ‘yes’ to the password storing prompt. Periodically clear all passwords to be extra sure.
- In Mozilla Firefox: untick the ‘remember logins and passwords for website’ checkbox in the ‘browser privacy’ area of preferences.
- In Microsoft Edge: disable the autocomplete setting for storing passwords in the control panel. Or follow this video for detailed instructions.
Which is the Safest Browser to Use?
The best internet browser in terms of speed and performance may not also be the safest browser in terms of protecting your privacy. Here’s how some of the most popular browsers fare in terms of their security:
Chrome provides relatively transparent options for users that want to safeguard their privacy.
To maximize privacy in the Chrome web browser, users should:
- Disable syncing or use the browser without being signed in to a Google account.
- Disable notifications for all sites.
- Change the default cookie options to store information locally under computer shutdown and block third-party cookies.
- Block pop-ups.
Verdict: good security and customization options. Chrome was also the ‘winner’ at this year’s Pwn2Own.
Being an open source browser with the ability to easily customize many aspects of default behavior, Firefox has been the traditional web browser of privacy die-hards. Although, since the introduction of Firefox Quantum, many add-ons for increasing privacy are no longer functional, it continues to retain the lead over Chrome in this respect.
Privacy-savvy users of the Firefox web browser should:
- Enable ‘tracking protection’ to prevent known trackers from using intrusive cookies to build profiles of your content preferences.
- Routinely review the ‘site data’ tab and delete any pertaining to websites that you no longer wish to access.
- You can disable caching web content by manually limiting its size to 0 MB of space in the privacy preferences menu.
- Do not sign in to Firefox. Alternatively, disable as many options in the sync settings window as possible.
Verdict: Excellent customization, although its advantage over Chrome is less clear.
Internet Explorer / Microsoft Edge
Internet Explorer, and its latest incarnation Microsoft Edge, has some industry leading built-in security tools including phishing and malware protection (the latter includes the Microsoft SafeScreen technology). Although IE is now only the third most used browser by traffic estimate, it maintains an active extension library where users can install plugins to update aspects of the browser’s performance.
Like Chrome, Edge also has also fully implemented sandboxing, which separates the browser’s components – like tabs, windows, and plugins – as different processes, which makes it also impossible for a virus to corrupt the whole browser system.
Despite all these features, the browser came out last in the Pwn2Own hackathon event and was successfully exploited five times by participants.
For users that want to maximize their privacy, we can recommend disabling autocomplete and caching or…finding another browser.
Verdict: Windows users have plenty of non-default browsers to chose from.
Given the relatively small number of Mac devices in existence, it may come as a surprise to learn that Safari is currently the world’s second most used browser. That’s likely due to the platform’s popularity with mobile iPhone and iPad users. However you’re using it, it’s important to maximize security.
Safari users should be sure to:
- Limit cookie options to allow from websites I visit.
- Set location services to ask for a prompt each time.
- Enable ask websites not to track me.
Verdict: A nice browser, but being an Apple product the ability to customize settings is limited.
Linux users are spoiled for choice when it comes to choosing a web browser for their machines, with everything from terminal-only options to Linux versions of giants such as Chrome and Firefox available for their systems. Opera’s Linux version is one of the most popular platforms.
Opera has some worthwhile features such as built-in fraud and malware protection and extended validation (EV) support (the best guarantee currently available of a website’s authenticity). Privacy-conscious Linux Opera users should:
- Consider disabling cookies.
- Enable the browser’s built-in VPN
- Enable the ‘keep local data until I quit my browser’ option.
- Disable autofill and ‘offer to save passwords’. If any have been filled, they can be deleted.
Verdict: Strong customization options and a good choice for Linux users.
What Can You Do To Minimize Browser Data Collection
Delving into your browser’s customization settings is a must if you want to take control over the information they collect about your online habits.
If you’re using one of the above, follow the tips to minimize the digital breadcrumb you’re leaving behind.
Minimizing browser data collection is only one part of the internet security picture, however. Always browse using reliable VPN service and make sure that your machine has an up-to-date internet security and antivirus software installed.