If you're serious about browser privacy, you should probably pass on Edge or Yandex, claims Dublin professor

Re: GDPR

All current EU laws (GDPR included) will stay in effect in the UK and the UK regulator will still exist, GDPR will be required if there is to be any meaningful data transfers at any level between UK & EU. This will continue until parliament gets around to changing laws piecemeal, but with BoJo & co. pushing international trade one could (with rose tint specs) expect (hope?) that the UK GDPR regs keep their teeth.

Re: GDPR

Firefox policy & practices is pretty clear to me. I don't need a splash page every time I fire it up.

The Settings menu | Privacy page is really nicely laid out.

Yeah, I've just been through the settings in Edge, Yandex and Firefox and it's easy to turn it off, you just turn off search suggestions. Duh. As it says, it's a very narrow study, I wouldn't sweat it.

Re: Private browsing?

Asking for a friend?

Re: Private browsing?

Um ... I always search in private mode, no exception. Mostly because I don't want the sites I click on to track me. I am not trying to hide anything from other people, just from other companies.

And phones home with the URL's you're browsing.

and presumably the PC Retailer where you got your PC/Motherboard/Network card from has your Credit Cards details linked to the unique hardware ID's of the kit they sold you.

It's a Stasi Wet Dream.

Re: Is this relevant though?

I kind of agree, what would be useful is to know what settings can be changed in these browsers, either through the main settings, or via advanced options.

Can you have a separate search bar and disable search in the address bar? Disable search suggestions altogether? Is DuckDuckGo easily available as a default search engine or does it take manual steps? etc etc.

Re: Actual data transmissions.

In this case (mostly), 'more' requests == more granular data.

For example, where they said edge sent every keystroke typed into the address bar. Which means it gets even aborted (deleted/corrected) typed in data.

e.g. pornhub^H^H^H^H^H^H^Htheregiser

Since edge sends every keystroke, Microsoft will know that you were at least considering going to pornhub, then changed your mind and decided to go to the register instead.

Of course, they could have still sent all that information as a single 'bundle' of information, but the generality is that usually more frequent data transmission is more granular data.

Re: Didn't test...

Opera doesn't have a VPN, what they are shilling as a VPN is really just a data gobbling and very limited web proxy.

Re: With Firefox

Firefox has been painful for this sort of thing for years.

I don't like autocomplete, and don't like having the url bar automatically send information to a search engine when an address is wrong. When I first started using Firefox, it did neither of these things. Over time, various updates introduced them. Over time, I went into about:config, and set various flags to try to switch them off.

Over time, various updates re-introduced them as the flags were no longer relevant. So I set more flags. At one point, Firefox decided that it would re-introduce them in a way that about:config couldn't disable (version 66?). So I found out about userchrome.css and used that.

On Monday I upgraded to version 73, and again spent half an hour setting flags, and adding lines to userchrome.css to try to get rid of them.

I still use Firefox, but their developers do make it difficult to like.

You can configure that in Options under Search.

Re: Off (with) the Edge

I find Winaero Tweaker helps with some of that.

Rather than a true randon identifier just a set of ten.

Then they would get so much conflicting data, from so many sources, their "experience improving" "targeted advertising" would effectivly be hitting random audiences?

Re: Hardware IDs

Not convinced the same can be said about Linux though. /etc/machine-id exists, and is discouraged from being used (by sternly worded documentation), but do you trust every application you run to follow the rules?

You can use strace on any program when started to observe attempts to open that as a file, but if they are really sneaky there is probably some way to obscure the access.

Re: Hardware IDs

If you really want, you can set it up to create a new value on every reboot.

Although, it seems it is only strictly necessary to reboot on changing the /etc/machine-id if you use D-Bus (if you use systemd, you are using d-bus) because d-bus uses it as a machine identifier (duh!) for the bus on the local machine for IPC (Inter-Process Communication).