Web Browsers for Privacy: What to Use and How to Configure It

Your browser is where you do almost everything online, and most default browsers are configured to collect data, not protect it.

📖 The Basics

What It Is

A web browser is the software that controls your entire relationship with the internet. It loads pages, runs scripts, handles your passwords and cookies and form data, and decides which tracking code to execute and which to block. Every website you visit, every form you fill out, every video you watch passes through it.

Browser choice determines what data you leak by default, what tools are available to you, and how much configuration is required to reach a reasonable privacy baseline.

How It Works

What Browsers Actually Collect

The browser itself, separate from any website you visit, can transmit data back to its developers. Telemetry: usage statistics, crash reports, feature adoption, behavioral patterns. This data goes to whoever built the browser. Chrome sends it to Google. Edge sends it to Microsoft. Firefox sends it to Mozilla. The amount and sensitivity varies considerably, and so does whether it's opt-in or opt-out. For example, the telemetry Firefox collects isn't as invasive as what Microsoft or Google collects.

The browser is also distinct from the search engine, which are often conflated. You can use Firefox with Google search, Chrome with DuckDuckGo, Brave with any search engine you choose. The browser handles how you access the web, the search engine handles what you look for.

What "Privacy-Respecting" Means For a Browser

A privacy-respecting browser minimizes its own data collection (low or zero telemetry), blocks third-party tracking scripts by default rather than requiring an extension to do it, provides meaningful fingerprinting resistance, and doesn't have a business model that depends on your browsing behavior. These properties aren't all-or-nothing—they exist on a spectrum across different browsers that we'll discuss later in the article.

Extensions and Why Manifest V3 Matters

Browser extensions like uBlock Origin have historically been a highly effective tool for blocking ads and trackers. This is changing significantly in Chromium-based browsers due to Google's Manifest V3 (MV3) transition.

Chrome's extension architecture was rebuilt under MV3 with new restrictions on what extensions can do. The old framework (MV2) allowed extensions like uBlock Origin to dynamically intercept and filter network requests. MV3 replaced this with a more limited declarativeNetRequest API where extensions declare a capped set of static rules in advance. Google completed the MV2 phase-out so uBlock Origin in its original form no longer functions in Chrome. A "Lite" version exists but has substantially reduced blocking capability. It's worth being direct here: the company that made this architectural decision (Google) earns the majority of its revenue from advertising.

Firefox retains full webRequest API compatibility, uBlock Origin works on Firefox exactly as intended. Brave, as an independent Chromium fork, has maintained its own extended MV2 support and ships with native ad blocking (Shields) that doesn't depend on the extension API restrictions at all and still allows users to use uBlock Origin.

The Major Browsers Evaluated

• Firefox: open source, built by Mozilla. Retains full support for powerful extensions including uBlock Origin. Strong Enhanced Tracking Protection built in. Ships at a moderate default for broad compatibility, which means getting the most out of it requires some configuration. The most extensible privacy-focused mainstream browser available. Works on all platforms including Android, where it's one of the few mobile browsers that supports the full extension ecosystem.
• Brave: built on Chromium but with privacy modifications throughout. Ships with Shields enabled by default: built-in tracker and ad blocking, fingerprinting resistance, and more. Has maintained MV2 extension support independently of Google's Chromium deprecation. For most everyday users who want strong privacy with minimal configuration, Brave's defaults are a fast path to a meaningfully more private browsing experience.
• LibreWolf: a hardened fork of Firefox. Where Firefox ships conservatively on privacy settings for compatibility reasons, LibreWolf ships with those settings pre-configured toward privacy: telemetry disabled, stronger tracking protection active, fingerprinting resistance enabled. Reduces the configuration burden for users who want Firefox's architecture with fewer initial setup steps.
• Mullvad Browser: built by Mullvad VPN in collaboration with the Tor Project. Uses Tor Browser's approach to fingerprinting resistance (making all users' browsers appear as similar as possible) but connects to the regular internet rather than Tor. Designed to pair with a VPN. Ephemeral by design, so it clears all data on close. More likely to trigger CAPTCHAs and site compatibility issues. For users prioritizing anti-fingerprinting above all else.
• Tor Browser: routes all traffic through the Tor network. Provides the strongest anonymity available in a mainstream browser. Substantially slower than all alternatives. Covered in depth in the Understanding Tor article.
• Safari: Apple's browser, using the independent WebKit engine. Has meaningful built-in tracking protection (Intelligent Tracking Prevention). A reasonable default for users in the Apple ecosystem who don't want to change platforms. Limited extension ecosystem compared to Firefox and Chromium-based browsers.
• Chrome and Edge: Chrome is built by Google, Edge by Microsoft. Both carry significant telemetry and are not recommended for users with meaningful privacy goals. Chrome's MV3 transition actively reduced the effectiveness of third-party privacy tools. Chrome's tight Google account integration, usage telemetry, and advertising-aligned architectural decisions make it a poor choice for privacy. Edge is similar.

Hardening Firefox

Firefox ships at moderate defaults to stay compatible with the broadest possible range of websites. For users who want to go further than Firefox's defaults, manual hardening is the next level.

The primary tool for this is arkenfox user.js: a community-maintained user.js configuration file that overrides hundreds of Firefox's default preferences toward stronger privacy and security. It covers areas like disabling telemetry, strengthening tracking protection, reducing fingerprinting surface, enforcing HTTPS, and hardening various internal APIs. It's well-documented and actively maintained, with each setting explained so you can understand and adjust what you're changing.

The tradeoff with aggressive hardening is some settings will break specific sites, and maintaining the configuration requires occasional attention as Firefox updates. Arkenfox is aimed at users who want to understand what each change does rather than just applying a preset, it's a hands-on approach.

For most users, starting with Firefox + uBlock Origin covers the majority of practical privacy gains. Arkenfox is great for users who want to go deeper without switching browsers entirely. Nowadays, many hardening advantages can be achieved with a fork like Mullvad Browser or LibreWolf. A dedicated wiki article on Firefox hardening is planned.

A Note on Mobile

On Android, Firefox is one of the very few mobile browsers that supports the full extension ecosystem, including uBlock Origin, making it unusually powerful for mobile privacy. Brave for Android provides strong native blocking without needing extensions. On iOS, Apple's WebKit requirement means all browsers use the same rendering engine as Safari underneath; the differences come from privacy features layered on top. Brave and Firefox for iOS both add meaningful tracker protection above Safari's baseline.

There's a security tradeoff on Android worth knowing about. Firefox (Gecko-based) does not use Android's isolatedProcess API for its renderer processes, which means its per-process sandboxing is weaker than Chromium-based browsers. Brave, Chrome, and other Chromium browsers on Android do use isolatedProcess, giving each renderer stronger isolation from the rest of the system. For most users, this tradeoff is acceptable since Firefox's extension ecosystem (especially uBlock Origin) delivers significant real-world protection, but it's a limitation to understand.

---

🎯 Why It Matters

In June 2024, Google began phasing out Manifest V2 support in Chrome. For the tens of millions of people using uBlock Origin this meant the original extension no longer worked at all in Chrome. The replacement framework blocks fewer trackers, allows fewer dynamic rules, and is measurably less effective at the task the extension was built to do.

This decision was made by a company that earned the overwhelming majority of its revenue from advertising. The extension architecture that limited what ad blockers could do was the architecture they chose to enforce. Firefox and Brave both maintained full extension capabilities. The browser choice you make determines what tools are available to you, and who benefits from the architecture you're operating inside.

Switching browsers costs nothing and takes minutes. The alternatives discussed in this article reduce or eliminate the data collection that makes Chrome and Edge poor choices, and provide meaningful tracker blocking that the default browsers don't, often by default.

---

💡 Common Misconceptions

"I need to find the one perfect browser that does everything."

Most everyday users are looking for a single browser they can commit to forever. The honest answer is that no browser is best at everything. A workable real-world setup is one strong default (the browser where 95% of your time happens) plus one or two specialized browsers for edge cases. Like maybe a fingerprinting-resistant browser for sensitive research, Tor Browser for anonymity, and yes, sometimes a stock browser kept around purely for compatibility testing. Using multiple browsers is actually using the right tool for each job.

"A fork that doesn't collect telemetry is automatically a privacy browser."

It's privacy-respecting, which is a real and valuable property, but it's not the same thing as a privacy-focused browser. A fork that strips Mozilla or Apple telemetry isn't doing anything bad, but if it's not also adding active fingerprinting resistance, tracker blocking, and the other protections that define a true privacy browser, it sits in a different category than Mullvad Browser or Tor Browser. This is the distinction between the lack of doing something bad and the act of doing something good—both matter, but they're different properties. The Browser Fingerprinting article works through this distinction in more depth.

"Chrome should never be installed on a privacy-conscious person's computer."

Chrome is the default reference implementation of Chromium and has the broadest site compatibility on the web. Keeping it installed for development work, for testing whether a site is broken in your default browser, or for the rare site that genuinely will not work in anything else, is a perfectly reasonable tradeoff. The thing to avoid is making Chrome your default and the place you do the rest of your browsing.

There's also one genuinely legitimate security argument for Chrome: Chromium has the strongest browser sandboxing model available, and Google patches zero-days faster than almost anyone else. If your threat model prioritizes security over privacy (defending against zero-day exploits rather than preventing tracking), Chrome is defensible on those grounds alone. For users who want the Chromium security model without Google's data collection, Brave inherits the same sandboxing and nearly keeps pace with Chromium's security patches while removing the privacy-hostile defaults.

---

🗣️ Henry's Take

I run more than five browsers across my daily machines. Brave is the default, where most of the browsing happens. Mullvad Browser handles anti-fingerprinting work. Tor Browser stays installed for anonymity-sensitive tasks. Firefox stays installed because its extension ecosystem on Android is uniquely powerful, and Chrome stays installed for the troubleshooting and compatibility cases that genuinely require it. 95% of my actual time lives in Brave and Mullvad, the rest are there because the cost of keeping them installed for edge cases is practically zero, and the payoff when one of them is exactly the right tool is real.

I believe the single highest-leverage move for most people coming from Chrome or Edge is switching to Brave. It's a Chromium-based browser, so the muscle memory transfers immediately for features like extensions, sync, UI patterns, etc. It ships with tracker and ad blocking enabled by default (including on YouTube, RIP our ad revenue), maintains independent extension support through the Manifest V3 transition, and provides a measurably better baseline than stock Chrome with no configuration. Firefox is also a great choice if you don't care about the Chromium-feels-like-Chrome migration path.

Generally, I put less emphasis on browser-rank arguments, because the gap between Chrome/Edge and any of the browsers I'd recommend is far larger than the gap between the recommended options themselves. Moving away from Chrome and Edge is the move that matters. Which alternative you land on depends on the specifics of what you're using it for. So just pick your favorite.

Where I see the technical privacy conversation getting lost is in browser comparisons that omit things that matter to users. Sandboxing is real and matters, but so is having a working ad blocker. A browser that has best-in-class security features but can't run a proper ad blocker is making a tradeoff—just as the inverse situation is also making a tradeoff. The honest answer is that both properties matter and the best choice depends on which threats are more relevant to you. And the real solution is probably to use both browsers for different purposes.

---

✅ Henry's Picks

Brave: my day-to-day default. Strong out-of-the-box experience for users coming from Chrome. Ad and tracker blocking enabled by default, fingerprinting resistance through randomization, MV2 extension support maintained, native YouTube ad blocking.

Firefox: the right pick when extension flexibility matters most, and the only major Android browser with full uBlock Origin support. Ships at moderate defaults for compatibility, so getting the most out of it benefits from some setup.

Mullvad Browser: built by Mullvad with the Tor Project. Tor Browser's uniformity-based fingerprinting resistance, but connected to the regular internet. Designed to pair with a VPN. Useful as a secondary browser for research, account-free browsing, or any context where standing out is the threat. Note it ignores system-level DNS configuration by default, which can be handy as a DNS troubleshooting tool.

Tor Browser: for situations where network-level anonymity is the requirement. Covered in depth in Understanding Tor.

Mobile: Brave on iOS and Android for the same reasons as desktop. Firefox for Android is the rare mobile browser that supports full uBlock Origin and the broader extension ecosystem, which is a meaningful advantage if you want desktop-class blocking on your phone.

See the broader recommendation set at Techlore's SPA Tools.

---

🔗 Go Deeper

Related wiki articles:

• Threat Modeling
• Browser Fingerprinting
• Private Search Engines
• Encrypted DNS
• VPNs
• Security, Privacy, and Anonymity

Techlore content:

• Go Incognito v2, Lesson 4.5—Choosing Your Browser

External sources:

• privacytests.org—automated browser privacy comparison
• EFF—Browser Privacy Settings

---

Found an error? Report it here →