Secure Browsers That Protect Your Privacy

In this new and updated guide, we’ll take a close look at the most secure browsers that also protect your privacy.

A secure browser that protects your privacy is a critical tool for staying safe online and keeping your data secure from third parties.

Unless properly configured, most browsers contain vast amounts of private information that can potentially be exploited – or simply collected – by various third parties:

• Browsing history: all the websites you visit
• Login credentials: usernames and passwords
• Cookies and trackers: these are placed on your browser by the sites you visit
• Autofill information: names, addresses, phone numbers, etc.

And even with a locked-down and hardened browser, there may still be exploits that reveal your data and potential identity. We discuss these issues (and solutions) in our guides on browser fingerprinting and WebRTC leaks.

In this browser security and privacy guide, we’re going to cover the following topics:

1. Best secure browsers that respect your privacy
2. Problems with other browsers
3. Browser privacy compartmentalization
4. Secure browser add-ons
5. “Private browsing” mode is NOT very private (and why you need a VPN)

WARNING: When using “private” or “incognito” mode in your browser, your real IP address and location are still being revealed to every website, ad, and tracker that loads in your browser. The best way to achieve true privacy while hiding your real IP address and location is to also use a VPN service in conjunction with a good browser. Here are our top two recommendations from the best VPN list (with discounts):

• NordVPN: A fast, secure, audited VPN with advanced privacy features and a strict no-logs policy, based in Panama [68% discount coupon]
• Surfshark VPN: A no-logs VPN service with a large lineup of privacy and security features, based in the British Virgin Islands [81% discount coupon]

Now let’s examine the most secure browsers that you can combine with a VPN for maximum privacy.

Secure browsers that protect your privacy

In this section we will examine the best browsers based on two main factors:

• Security: How well does the browser protect you from hackers, vulnerabilities, and online exploits?
• Privacy: How much data is the browser itself collecting about you and who is this data being shared with? How does the browser protect your privacy?

Conflicting opinions! Just like with Tor, opinions about browser privacy and security can be wildly divergent and contentious.

This guide is not meant to sell everyone on one browser that beats all others. Rather, it is just a summary of information about different web browsers that do well with both privacy and security. Choose the best browser for you based on your own unique needs and threat model.

So here are the most secure and private browsers:

1. Firefox (modified and tweaked for privacy)

Firefox is a great all-around browser for privacy and security. It offers strong privacy protection features, many customization options, excellent security, and regular updates with an active development team. The newest version of Firefox is fast and light-weight with many privacy customization options.

Out of the box, Firefox is not the best for privacy, but it can be customized and hardened, and we show you exactly how in our Firefox privacy modifications guide. Be sure to disable telemetry in Firefox, which is a feature that will collect “technical and interaction data” and also “install and run studies” within your browser.

Within the Privacy & Security settings area, there are many useful customization options for different levels of privacy: Standard, Strict, or Custom.

Another great benefit with Firefox is the ability to use numerous browser extensions that can enhance your privacy and security. We’ll go over some of these extensions further below.

Firefox highlights:

• Open source code that has been independently audited
• Active development with frequent updates
• Excellent privacy features and customization options
• Many browser extensions supported
• Telemetry and tracking needs to be manually disabled
• Other modifications necessary for more privacy and security

If you want to keep using older add-ons that are no longer supported by the latest Firefox release, you can go with the Firefox Extended Support Release (ESR). If you want a privacy-focused version of Firefox for Android, you could try Firefox focus.

For additional customization and privacy settings, check out our Firefox privacy guide.

https://www.mozilla.org/firefox

---

2. Brave browser

Brave is one of the best secure browsers with simple, out-of-the-box privacy. It is a Chromium-based browser that is fast, secure, and privacy-focused by default. It has a built-in ad blocker and browser fingerprinting protection. The main developer behind Brave is Brandon Eich, who formerly worked for Mozilla.

To summarize this browser, Brave is based on open-source Chromium, but configured for more privacy. It does well with its default privacy settings and extra features. Here is a brief overview:

• Blocks ads and trackers by default
• Protects against browser fingerprinting
• Built-in script blocker
• Automatically upgrades to HTTPS (HTTPS Everywhere)

Brave ads – Despite offering “ad blocking” in the browser, Brave officially launched its own ad program in April 2019. The ads will be vetted by Brave and there’s a revenue-sharing model for participants to get a percentage of the ad revenue. While there have been critics of these ads, it also helps to secure revenue for the project to continue active development and improvements.

One of the reasons we like Brave is because it offers simple, out-of-the-box privacy by default. This makes it ideal for those who do not have the time, patience, or know-how for browser customizations and tinkering with extensions. It can also be used with Chrome extensions, making it an ideal alternative for Chrome. Just download it and you’re good to go.

You can read more about Brave’s privacy and security features here.

https://brave.com

---

3. Tor browser

Next up we have the Tor browser. The Tor browser is a hardened version of Firefox that is configured to run on the Tor network. By default, the Tor Browser is a secure browser that protects you against browser fingerprinting, but it also has some disadvantages.

Because it uses the Tor network, which routes traffic over three different hops, download speeds with the Tor browser can be quite slow. The default version may also break some sites due to script blocking. Finally, there are also drawbacks with the Tor network itself, including malicious exit nodes, high latency, dependence on US government financing, and some consider it to be fundamentally compromised. There are also many websites that block IP addresses originating from the Tor network. (See the pros and cons of Tor here.)

Another option is to use the Tor browser with the Tor network disabled. In this sense, the Tor browser will work like the other browsers we’ve covered above. Additionally, you can simply run a VPN in the background. Like the Tor network, a VPN will also encrypt your traffic and hide your IP, but it will be much faster.

Be careful when adjusting the settings for the Tor browser, however, as this may compromise the browser’s built-in privacy and security features.

https://www.torproject.org/

---

4. Ungoogled Chromium browser

Ungoogled Chromium is an open source project to provide a Chromium browser, without the Google privacy issues:

ungoogled-chromium is Google Chromium, sans dependency on Google web services. It also features some tweaks to enhance privacy, control, and transparency (almost all of which require manual activation or enabling).

ungoogled-chromium retains the default Chromium experience as closely as possible. Unlike other Chromium forks that have their own visions of a web browser, ungoogled-chromium is essentially a drop-in replacement for Chromium.

Ungoogled Chromium receives regular Chromium security updates.

https://github.com/Eloston/ungoogled-chromium

---

5. Bromite (Android only)

Bromite is a Chromium-based browser for Android only (no desktop support). It comes with some great features by default, including ad blocking and various privacy enhancements. Here are some highlights of this browser from the official Bromite website:

• The main goal is to provide a no-clutter browsing experience without privacy-invasive features and with the addition of a fast ad-blocking engine.
• Minimal UI changes are applied to help curbing the idea of “browser as an advertisement platform”.
• All patches are published under GNU/GPL v3 to enable other open source projects’ usage.
• Bromite is only available for Android Lollipop (v5.0, API level 21) and above.

Another cool feature I like with Bromite is that you can use custom ad block filters — learn more here. Bromite is under active development and remains a great browser for Android users.

https://www.bromite.org/

---

Issues with other browsers

While some browsers claim to be secure against vulnerabilities, they might not be the best choice from a privacy perspective.

1. Google Chrome

Google Chrome is by far the most popular browser. Unfortunately, it’s a data collection tool as well and not a good choice for anyone looking for privacy.

You can safely assume that everything you do through Google Chrome is collected, saved to your data profile, and used for targeted advertising.

2. Microsoft Internet Explorer/Edge

Edge is a Microsoft product.

Just like with Windows, it’s a good idea to avoid Microsoft products, including Internet Explorer, and their newer browser called Edge. Internet Explorer and Edge are also closed-source, so there’s no telling what’s going on behind the scenes, and they’re also not the best for privacy reasons.

3. Opera browser

Opera started off as a decent browser, developed in Norway. However, in 2016 it was sold to a Chinese consortium for $600 million – and a lot has changed. Opera’s privacy policy explains how your data is being collected and shared when you use Opera products. Here’s what I found:

Opera also claims to offer a free VPN through the browser. However, as we covered in the Opera VPN review, it’s not really a VPN and does not offer full system-wide encryption. Additionally, your data is being collected when you use Opera browser and its “free VPN” feature.

4. Epic browser

Epic is a browser based on Chromium, created by “Hidden Reflex” which is based in India. Since 2014, Epic has been claiming they would open source the code, but it remains closed source today. What’s going on behind the scenes? How do they manage Chromium and remove invasive code? Who knows.

Just like with Opera VPN, Epic falsely claims to offer a “free VPN” through the browser, but this is not really true. The browser is merely routing traffic through a US proxy server. As we learned with Opera (and with many other “free proxy” services), proxies are often used for data collection (and they are often not secure). When reading the Epic privacy policy, we find that data from “video download and proxy services” is being collected.

One person who analyzed Epic found it to be connecting to Google on startup. This suggests that Epic is not, in fact, de-googled as it claims.

There are many better Chromium-based browsers to consider, such as Iridium, Ungoogled Chromium, or even Brave.

5. Safari browser

Safari is the default browser for Mac OS and iOS devices. Overall, Safari is not a horrible choice in terms of privacy and tracking protection – but it also cannot be recommended for a few reasons:

• Apple is a partner in the PRISM surveillance program
• Apple was caught “hoarding” Safari browsing history – even after it was deleted
• Apple was found to be collecting Safari history even when used in private mode

On a positive note, however, Apple does somewhat better with privacy than other large companies. The Safari browser blocks third-party cookies by default and also implements cross-site tracking protection.

6. Vivaldi browser

Vivaldi is a Chromium-based browser with source-code modifications that can be seen here. It is less popular than other browsers, with less active development than Firefox, for example.

Reading through their Privacy Policy, I did find some concerning information about data collection and the use of unique IDs:

When you install Vivaldi browser (“Vivaldi”), each installation profile is assigned a unique user ID that is stored on your computer. Vivaldi will send a message using HTTPS directly to our servers located in Iceland every 24 hours containing this ID, version, cpu architecture, screen resolution and time since last message. We anonymize the IP address of Vivaldi users by removing the last octet of the IP address from your Vivaldi client then we store the resolved approximate location after using a local geoip lookup. The purpose of this collection is to determine the total number of active users and their geographical distribution.

You can read more about Vivaldi here, although it’s not recommended for privacy reasons.

7. Waterfox

Waterfox is a fork of Firefox that was maintained by just one person for many years. In February 2020, news blew up on reddit that it had sold out to a pay-per-click ad company called System1. The news was also picked up by others, which resulted in Waterfox and System1 formerly announcing the acquisition (but only after the the news broke).

The problem here is the apparent contradiction of an ad company (that relies on data collection) owning a privacy-focused browser. As I previously reported, System1 also acquired a stake in Startpage, the private search engine based in The Netherlands. In researching the company’s background, it appears that System1 is fundamentally in the business of data collection:

“In our business,” Blend adds, “if we can gather as much data as possible, give it off to our engineers and data scientists, and then manage the two effectively, the business can quickly scale.”

So can Waterfox still be trusted now that it’s owned by an ad-tech company that collects lots of data? I’m no longer recommending it.

8. GNU IceCat

GNU IceCat is a fork of Firefox from the GNU free software project. IceCat is entirely “free software” as defined here and also includes various privacy add-ons and tweaks by default. Here are the privacy-protection features listed from the IceCat page:

• LibreJS
• HTTPS-Everywhere
• SpyBlock
• AboutIceCat
• Fingerprinting countermeasures

Slow updates – The big issue with GNU IceCat is that updates are very slow, and in some cases, years behind. This can expose IceCat users to security vulnerabilities, which is why we are no longer recommending it.

---

9. Iridium

Like Brave, Iridium is a secure browser that is based on Chromium and configured for more privacy by default. The following excerpt from Iridium’s website provides a good overview of this secure browser:

Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers.

Unfortunately, like IceCat above, updates to Iridium are few and far between.

---

Secure and private browsers on mobile devices

Many of the recommended browsers above also offer versions for mobile users on iOS and Android.

With that being said, here some good options:

• Firefox Focus – A privacy-focused version of Firefox for mobile users (iOS and Android).
• Brave – Brave is a great all-around browser for both desktop and mobile operating systems.
• Bromite – This Chromium-based browser is available for Android 4.4 and above.

I also like using standard Firefox on mobile devices with customization and configurations for more privacy.

Browser privacy and compartmentalization

One problem that often comes with browser privacy and security is that people want to remain logged in to various accounts, while also browsing the web. But this is problematic. When you stay logged in to Gmail or Facebook, for example, their trackers can record your activity as you browse the web.

One potential solution to this problem is browser compartmentalization. This is when you use different web browsers for different online activities. For example:

• Browser #1 will only be used for accessing your online accounts that require a password. You can stay logged in with only this browser, and it won’t be used for general browsing.
• Browser #2 will only be used for web browsing, with various privacy configurations and no cookies or history being stored on the browser.
• Browser #3 could be completely locked down for maximum privacy and security.

You can also utilize different browsers, configured exactly the way you want, for various purposes, depending on your needs and threat model. The key is to keep the compartmentalization strict and not break the rules/uses for each browser.

Virtual machines – On the topic of compartmentalization, using virtual machines is also a good idea for both privacy and security. You can easily run Linux VMs through VirtualBox (FOSS) on your host computer.

Password managers – It should also be noted that storing your passwords in the browser may be risky depending on the browser you are using, especially since browsers may store passwords in cleartext. A better alternative would be to utilize a secure password manager. We have reviewed many popular options, including Bitwarden, Dashlane, LastPass, and more.

Browser add-ons for security and privacy

In addition to adjusting the settings within your browser, there are also a number of different add-ons or extensions you can install to improve your browser’s privacy and security.

Here are a few different options, but they may not all be supported by the browser you are using:

• uBlock Origin – This is one of the best browser-based ad blockers available that will also protect you against tracking.
• HTTPS Everywhere – An add-on from the folks at Electronic Frontier Foundation, this will force websites to use a secure HTTPS encrypted connection (when available).
• Cookie Autodelete – This will automatically delete cookies that are no longer needed from your browser.
• NoScript – NoScript allows you to customize exactly which scripts run on the websites you visit. Like uMatrix, this is for advanced users and requires lots of customization.

Warning: Be cautious about using third-party add-ons and browser extensions. Do your research first, since add-ons could function as spyware and data collection tools for third parties. This is especially true with free VPN services or browser proxy add-ons, even if they are highly rated in the Google Play or Apple stores.

“Private browsing” mode is NOT private (why you need a VPN)

Many people falsely assume that using “private” or “incognito” mode in a browser actually provides some privacy. This is a false assumption.

Using “private” browsing mode only stops your browser from storing cookies, history, and passwords. But it doesn’t actually make you any more “private” to the outside world. Even when browsing in “private” or “incognito” mode, you are still exposed:

• Your internet provider can still see every site you visit. (And note that internet providers are now forced to log web browsing activity of their customers and provide this data to authorities on request.)
• Your real IP address and location remains exposed to all sites, ads, and trackers. This makes tracking and identification easy since your device has a unique IP address linked back to your identity through your internet service provider.

To easily solve these problems, we strongly recommend using a good VPN service. Using a VPN is simple. You just need to sign up for a VPN subscription, download the VPN app for your device, then connect to a VPN server and browse the web as normal. This offers many benefits:

• A VPN will securely encrypt your internet traffic, which prevents your ISP from seeing what you do online. (Your ISP will only see encrypted data, but not what you’re actually up to.)
• When you connect to a VPN server, the VPN server’s IP address and location will replace your real IP address and location. This allows you to appear to be anywhere in the world.
• A VPN will also allow you to access geo-restricted content, such as streaming Netflix with a VPN from anywhere in the world.

Below is a brief overview of the two VPNs that have come out on top in testing for the respective VPN review. Click the VPN name to read our full review, or check out the discount coupon:

• NordVPN: A fast, secure, audited VPN with advanced privacy features and a strict no-logs policy, based in Panama [68% discount coupon]
• Surfshark VPN: A no-logs VPN service with a large lineup of privacy and security features, based in the British Virgin Islands [81% discount coupon]

Short on money? There are also some good cheap VPNs that offer excellent features and performance, without breaking the bank.

Conclusion on secure browsers and privacy

A well-configured secure browser is crucial for protecting your data as you browse the web with privacy.

Finding the best secure browser all comes down to identifying the best fit for your unique needs. Since this is a personal decision with subjective criteria, I tend to avoid recommending only one option for all use cases.

In addition to using a secure browser that is configured to protect your privacy, you should also consider using a good ad blocker. Ads function as tracking to collect your browsing data and serve you targeted ads. If you aren’t blocking ads, your activities can be tracked by third-party advertising networks, with any site hosting ads.

In terms of privacy, you may also want to protect yourself against browser or device fingerprinting and WebRTC browser leaks, which can expose your identity even when using a good VPN service.

Other roundup guides on Restore Privacy:

• Secure Email Services
• Private Search Engines
• Password Managers
• Ad Blockers
• Best VPN Services
• Best Cloud Storage
• Best Secure Messaging Services

This guide was last updated on February 23, 2021.