Leo, Steve and Paul all mentioned the EFF web browser tracking test site. I finally decided to try it out today on my Mac with Brave, Opera and Safari.
Brave was the first and came up with a clean bill of health:
Safari and Opera both had a unique browser fingerprint, which was to be expected, Brave radomises the fingerprint on each page. Looking at the header, it said it was using Mozilla, Chrome and Safari KHTML rendering engines!
Even though on each of them the only add-in I use is my password manager, the Mac used to use Pihole, but I switched to NextDNS and both do the same thing, they block several million tracking sites at the DNS level, so the site couldnāt run any tracking scripts or load any tracking images on any of the browsers, because the tracking sites ādonāt existā.
In Firefox I use the uMatrix extension and have it configured to default to disabling JavaScript on all sites by default. This means any time I got to a new site (which is by default untrusted) I have to make a conscious effort to allow it to show scripts, and also to chose which adjunct sites from which I will trust it to retrieve scripts. I canāt know for sure, because I also run adblocking extensions and block all 3rd party cookies, but whatever the combination is, I get very few ads and any I would get are generally very generic and untargeted. (Frequently targeted to women usually too, which is funny but fine with me.)
EDIT: It dawned on me that maybe someone would want to see an example of what this might look like, so I typed in a random collection of letters that I thought might lead to a site I have never visited before, and found one in Norway. Hereās what uMatrix looks like on a fairly modern site that uses āall the web 2.0 crapā sites use these days.
Also I should mention another extension I use that keeps local copies of a lot of shared JavaScript stuff, making it less likely that Iāll get trapped by malware while it tries to collect it from the web.
I feel like Steve discussed it on a podcast eons ago because he did the same thing. Even back then having JS was essential for any modern webpage. Itās only gotten more essential because modern web applications are React apps and if those canāt run JS they canāt really run at all.
And itās not sufficient to block JS either. Thereās literally a fallback for what to do if JS doesnāt run in the browser (noscript). 1x1px images have been used to track people since I first learned HTML.
