A secure browser that protects your privacy is absolutely essential for staying safe online and keeping your data secure from third parties.
Unless properly configured, most browsers contain vast amounts of private information that can potentially be exploited – or simply collected – by third parties:
- Browsing history: all the websites you visit
- Login credentials: usernames and passwords
- Cookies and trackers: these are placed on your browser by the sites you visit
- Autofill information: names, addresses, phone numbers, etc.
Aside from all of the data mentioned above, browsers can also expose your identity – even if you are using one of the best VPN services available. In other words, even when using a VPN to hide your true IP address and location, your browser may reveal your identity through WebRTC leaks or browser fingerprinting.
Fortunately, there are relatively simple solutions to all of these problems, which we will cover in this guide:
- Popular browsers to avoid
- Best secure browsers that respect your privacy
- Browser privacy compartmentalization
- Secure browser add-ons
Choosing the right browser, based on both privacy and security considerations, is crucial since your browser can reveal so much private information. With that in mind, we’ll first examine popular browsers to avoid.
Browsers to avoid
While some browsers claim to be secure against vulnerabilities, they may also be abusing your privacy by collecting your data, which is often shared with third parties and advertisers. First up on the offender list is Google Chrome.
Google Chrome may be the most popular browser that is secure and hardened against exploits, but it’s horrible when it comes to privacy.
At heart, Google is fundamentally a data collection company that works hard to know everything about you. This helps Google to dominate the advertising industry. For this basic reason, it’s a good idea to consider alternatives to all Google products, including Chrome.
While it may be secure against exploits, Chrome is not worth the privacy tradeoff and handing over your data to Google.
Microsoft Internet Explorer/Edge
Edge is another browser that’s offered by a data collection behemoth: Microsoft.
Just like with Windows, it’s a good idea to avoid all Microsoft products, including Internet Explorer, and their newest browser called Edge. Internet Explorer and Edge are also closed-source, so there’s no telling what’s going on behind the scenes.
You can see above that Opera is explicitly stating that your data will be collected and shared with third parties. Additionally, Opera was sold to a large Chinese conglomerate and it’s not clear if there are any protections of user data under Chinese law – unlike, for example, with the GDPR in Europe.
Best secure browsers
In this section we will examine the best secure browsers based on two main factors:
- Security: How well does the browser protect you from hackers, vulnerabilities, and online exploits?
- Privacy: How much data is the browser itself collecting about you and who is this data being shared with? How does the browser protect your privacy?
Just like with Tor, opinions about browser privacy and security can be wildly divergent and contentious, particularly in various online forums.
This guide is not meant to sell everyone on the single “best secure browser” for 2019. Rather, it is just a summary of information about different web browsers that do well with both privacy and security.
What is the best secure browser?
Ultimately, there is no “best secure browser” that is the same for everyone. Instead, you should choose the best secure browser for you based on your unique needs and threat model.
Now let’s examine the best secure browsers for 2019 that respect your privacy:
Firefox is a great all-around browser for privacy and security. It offers strong privacy protection features, customization options, excellent security, and regular updates with an active development team. The newest version of Firefox, Firefox Quantum, is fast and light-weight with many customization options.
Out of the box, Firefox is not the best for privacy, but it can be customized and hardened, as explained in the Firefox privacy guide. Be sure to disable telemetry in Firefox, which is a feature that will collect “technical and interaction data” and also “install and run studies” within your browser. However, there are recent reports suggesting that Mozilla is still collecting telemetry data, even when disabled.
Another great benefit with Firefox is the ability to use numerous browser extensions that will enhance your privacy and security. We’ll go over some of these extensions below.
- Open source code that was also audited by a third party
- Active development with frequent updates
- Excellent privacy features and customization options
- Many browser extensions supported
- Telemetry and tracking need to be manually disabled (but data may still be getting collected by Mozilla)
- Other modifications necessary for more privacy and security
If you want to keep using older add-ons that are no longer supported by Firefox Quantum, you can go with the Firefox Extended Support Release (ESR), or one of the Firefox forks discussed below. If you want a privacy-focused version of Firefox for Android, you could try Firefox focus.
For additional customization and privacy settings, check out the Firefox privacy guide.
Waterfox is a fork of the open source Firefox browser, mentioned above. It may be a good browser for people who still want Firefox functionality, but without using standard Mozilla Firefox. After all, Mozilla has enabled telemetry options to collect user data with Quantum, while also collecting user browsing history through Cliqz.
The main drawback with Waterfox, and other Firefox forks, for that matter, is slower security updates. Waterfox is based on Firefox 56, and although it will work with older add-ons, some may opt for the newer version of Firefox Quantum for security reasons.
Alex Kontos, the developer behind Waterfox, is also working on an alternative search engine and is a strong advocate for online privacy, which is why he removed all of the tracking and other non-essential items, as he explained:
We offer complete anonymity. It’s a moral issue. You don’t want to feel that there is always someone looking over your shoulder when you’re online, so I removed all the tracking features.
From a privacy perspective, Waterfox is much better than Firefox by default – especially for those who don’t trust Mozilla after all the recent privacy issues. But from a security standpoint, Firefox would be slightly better, due to faster updates. Nonetheless, Waterfox remains a popular Firefox alternative among privacy-focused users.
- Based on Firefox 56 (with ESR security patches)
- Open source
- Allows you to use older Firefox add-ons
- Tracking, telemetry, data collection, startup profiling, and sponsored tiles have been removed
- Less active development and slower security updates in comparison to standard Firefox
Brave is a Chromium-based browser that is fast, secure, and very privacy-focused by default with a built-in ad blocker. The main developer behind Brave is Brandon Eich, who formally worked for Mozilla. For out-of-the-box privacy and security, Brave is a great option.
The main drawback, however, is that Brave is based on Chromium. Chromium is the open-source code behind the Google Chrome browser – but with all of the proprietary and privacy-abusing features stripped out. One other drawback with Brave is that it is vulnerable to WebRTC leaks, but there’s a simple solution for fixing WebRTC with Brave.
Brave does well with its default privacy settings and extra features. Here is a brief overview:
- Blocks ads and trackers by default
- Protects against browser fingerprinting
- Built-in script blocker
- Automatically upgrades to HTTPS (HTTPS Everywhere)
To protect against the possibility of WebRTC leaks, simply set the Fingerprinting protection option to “Block All Fingerprinting”:
Keep in mind, however, that to effectively “block all fingerprinting” you will probably need to consider other factors as well. You can read more about Brave’s privacy and security features here.
Next up we have the Tor browser. The Tor browser is a hardened version of Firefox that is configured to run on the Tor network. It is built on Firefox 60 ESR (Extended Support Release). By default, the Tor Browser is a secure browser that protects you against browser fingerprinting, but it also has some disadvantages.
By default, the Tor browser may not be the best alternative for most users. Because it uses the Tor network, which routes traffic over three different hops, download speeds are quite slow. The default version may also break websites due to script blocking. Finally, there are also drawbacks with the Tor network itself, including malicious exit nodes, slow speeds, ties to the US government, and some consider it to be fundamentally compromised. (See also the Tor guide for more pros/cons of Tor and the Tor browser.)
Another option is to use the Tor browser with a VPN service and the Tor network disabled. The instructions for this are in the browser fingerprinting guide. Be careful when adjusting the settings for the Tor browser, however, as this may compromise the browser’s privacy and security functionality.
Ungoogled Chromium is a 100% open source project to provide a Chromium browser, without the Google privacy issues:
ungoogled-chromium is Google Chromium, sans integration with Google. It also features some tweaks to enhance privacy, control, and transparency (almost all of which require manual activation or enabling).
ungoogled-chromium retains the default Chromium experience as closely as possible. Unlike other Chromium forks that have their own visions of a web browser, ungoogled-chromium is essentially a drop-in replacement for Chromium.
Ungoogled Chromium receives regular Chromium security updates.
Iridium is a secure browser that is also based on Chromium, configured for more privacy. As explained on their official site:
Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers.
Our ambition is to get builds for Debian, Ubuntu, openSUSE, Fedora, RHEL/CentOS, Windows and macOS a couple of days after a new release of Chromium. To achieve this, we need help from individuals and organisations who have the same intention. Currently, there are weeks between a new release of Iridium and Chromium.
Pale Moon is another open-source fork of Firefox, based on older version of Firefox (Firefox 38 ESR). This gives it the look and feel of an older browser. While Pale Moon does support some older Firefox add-ons, many of the newer extensions are not supported.
Similar to Waterfox, Pale Moon strips out all of the dubious features of Firefox that undermine user privacy. Pale Moon is based on Goanna, rather than Gecko, and is available on Linux and Windows. The user interface is also very customizable, although it does feel a bit dated.
Opinions on Pale Moon are mixed. Because it’s based on an older code base, some consider Pale Moon to be sub-standard in terms of security. There was also some controversy over Pale Moon blocking AdNaseum, an extension that generates “noise” through false advertisements “clicks” while the user browses different sites.
Worth mentioning, but not recommended
There are also a few options that are worth mentioning, even though they are not recommended.
Safari is the default browser for Mac OS and iOS devices. Overall, Safari is not a horrible choice in terms of privacy and tracking protection – but it also cannot be recommended for a few reasons:
- Apple is a partner in the NSA PRISM program
- Apple was caught “hoarding” Safari browsing history – even after it was deleted
- Apple was found to be collecting Safari history even when used in private mode
On a positive note, however, Apple does somewhat better with privacy than other large companies, such as Microsoft and Google. The Safari browser blocks third-party cookies by default and also implements cross-site tracking protection.
Vivaldi is a Chromium-based browser with source-code modifications that can be seen here. It is less popular than other browsers, with less active development than Firefox, for example. Being based on Chromium, it is also vulnerable to WebRTC leaks.
When you install Vivaldi browser (“Vivaldi”), each installation profile is assigned a unique user ID that is stored on your computer. Vivaldi will send a message using HTTPS directly to our servers located in Iceland every 24 hours containing this ID, version, cpu architecture, screen resolution and time since last message. We anonymize the IP address of Vivaldi users by removing the last octet of the IP address from your Vivaldi client then we store the resolved approximate location after using a local geoip lookup. The purpose of this collection is to determine the total number of active users and their geographical distribution.
Being assigned a unique ID and the inability to opt out of this data collection are good reasons to avoid this browser.
Browser privacy and compartmentalization
One problem that often comes with browser privacy and security is that people want to remain logged in to various accounts, while also browsing the web. This is problematic because it allows these sites to track your browsing activity and link that up to your identity. For example, with Facebook and Google products.
One potential solution to this problem is browser compartmentalization. This is when you use different web browsers for different online activities. For example:
- Browser #1 will only be used for accessing your online accounts that require a password.
- Browser #2 will only be used for web browsing, with various privacy configurations (private mode) and no cookies or history being stored on the browser.
- Browser #3 could be completely locked down for maximum privacy and security.
You can also utilize different browsers, configured exactly the way you want, for various use cases purposes, depending on your needs and threat model. The key is to keep the compartmentalization strict and not break the rules/uses for each browser.
Password managers – It should also be noted that storing your passwords in the browser may be risky depending on the browser you are using, especially since browsers typically store this in cleartext. A better alternative would be to utilize a secure password manager, such as KeePass or LessPass.
Secure browser add-ons
In addition to adjusting the settings within your browser, there are also a number of different add-ons or extensions you can install to improve the browser’s privacy and security.
Here are a few different options, but they may not all be supported by the browser you are using:
- uBlock Origin – This is one of the best browser-based ad blockers available that will also protect you against tracking.
- HTTPS Everywhere – An add-on from the folks at Electronic Frontier Foundation, this will force websites to use a secure HTTPS encrypted connection (when available).
- Privacy Badger – Privacy Badger is also from EFF that blocks spying ads and trackers.
- Cookie Autodelete – This will automatically delete cookies that are no longer needed from your browser.
- Decentraleyes – This protects you against tracking via content delivery networks.
- uMatrix – This gives you control over all the requests that may be tracking you as you visit different websites (extensive configuration necessary).
- NoScript – NoScript allows you to customize exactly which scripts run on the websites you visit. Like uMatrix, this is for advanced users and requires lots of customization, since it will break most websites by default.
- Random User Agent – Available for Firefox and Chrome, this add-on will cycle through various user agents, allowing you to spoof different browsers and operating systems (see their GitHub page for more info).
Warning: Be cautious about using third-party add-ons and browser extensions. Many of these function as spyware and will collect your data for profit. This is especially true with free VPN or browser proxy add-ons, even if they are highly-rated in the Google Play or Apple stores. Do your research before installing any browser add-on or extension.
Conclusion on secure browsers and privacy
A well-configured secure browser is crucial for protecting your data as you browse the web. This is simply because most browsers contain vast amounts of private data by default, which makes them ripe targets for exploitation.
If you are looking for a high degree of online anonymity, the top three privacy tools to consider (in my opinion) are:
- A secure browser – Any of the recommended browsers in this guide will do.
- A good VPN service – See the best VPN guide for the latest info; both ExpressVPN and NordVPN remain among the top recommendations.
- An advertisement and tracking blocker – See the ad blocker guide.
All of the secure browsers featured in this guide are customizable and can also be used with various add-ons to further enhance your privacy and security.
Last updated on February 25, 2019.