Starter Kit to browse Web in 2024/2025 (Must-have)
If you don't have this kit you will be bombarded to Temu's ads
Better version: https://lemmy.world/post/21245770
1379
Comments202View original on lemmy.world
If you don't have this kit you will be bombarded to Temu's ads
Better version: https://lemmy.world/post/21245770
I'd actually recommend consent-o-matic instead of IDCAC. It actually selects the minimum concent for you instead of just hiding it.
EDIT: Ignore my blind confidence. CAD is (mostly) broken in recent FF versions. (See ivn's reply to this post).
Consent-o-Matic with Cookie Auto Delete and Firefox's Multi-Account Container tabs covers it all nicely for me.
Cookie banners get handled, cookies I don't explicitly want to keep automatically disappear when I leave the site/close the tab, and those I do want to keep can be given their own containers to keep them separated.
Cookie autodelete doesn't work with strict mode and you should use strict mode. Just drop it.
You don't need an extension to auto remove cookies with Firefox.
You're right. I'll be damned. That'll teach me to set-and-forget then not keep up with changes to Firefox and their effects on extensions. Thanks for the heads up.
Here's how to auto-delete cookies without an extension: https://github.com/arkenfox/user.js/blob/128.0/user.js#L669
Set
privacy.sanitize.sanitizeOnShutdownandprivacy.clearOnShutdown_v2.cookiesAndStorage(I don't know ifprivacy.clearOnShutdown.cookiesis still needed) totrue. To allow a website to keep cookies do CTRL+I on the address bar then check "Set cookie" in the Permissions tab.Isn't this toggleable in the regular firefox settings, whitout using about:config flags?
Can I white list sites too?
Never mind, saw your other comment. Thanks!
I use uBlock Origin's picker mode instead. It lets you select which element you want block. It works on other annoying notices, popus and annoying stuff not just cookie notices
clicking the cookie notice away with the picker mode doesn’t mean the cookies don’t apply.
it would illegal if cookie apply before you accept, so just hide should work.
but bet they do it anyway.
It should according to eu law and siteadmins that still do it should be tarred and feathered
I use that one on iOS. In Firefox I use the native functionality (the
cookiebanners.service.modeflag). See https://community.mozilla.org/en/campaigns/firefox-cookie-banner-handling/. I also setcookiebanners.ui.desktop.enabledtotrueto make this setting appear in the settings menu.I didn't know it was native too!
Drop IDCAC and Privacy Badger, add consent-o-matic, sponsorblock and bypass paywall clean.
Check Arkenfox for Firefox config and extension recommendations.
https://github.com/arkenfox/user.js/wiki/4.1-Extensions
Only use temp mails for unimportant, one-shot account, otherwise use an email relay.
Why drop privacy badger? It's been working well for me.
Because it doesn't bring anything more than Firefox in strict mode and uBlock Origin.
Not exactly.
uBlock Origin blocks the widgets (with the "EasyList – Social Widgets" blocklist, I don't remember if it's on by default). As would any other blocklist based blocked do like Privacy Badger, uBO is just better.
FF's strict mode has something called Total Cookie Protection that makes it so Facebook widget on site A cannot read the cookie dropped by the Fackebook widget on site B. It isolate 3rd party cookies for each website.
It also has built-in Facebook Container to isolate Facebook links.
Ok any tips on how to manage email addresses to minimize their exposure and spam?
Yeah, use an email relay service like Firefox Relay, SimpleLogin, the one from Proton if you have an account with them (that's SimpleLogin behind)…
You can create email aliases, that will relay the email to your main address. Create a new alias for each website so they can't use your email address to correlate your identity and you can close it anytime, you can even configure an alias to only allow a set amount of messages and auto-close afterward.
If you use iCloud mail (I don't), they have an email relay service, too. They call them "email aliases."
Addy.io gives you email aliases as not to expose your actual email address. Everything gets funnelled into a single inbox of your choosing still. And the great thing is that if you use a unique email alias for all services, you know instantly who leaked your email address if you start getting spam. :D
Don't give out your email to spammers. Most legitimate businesses might send quite a lot of mail, but it's very often easy to unsubscribe so do that.
What about Decentraleyes?
Arkenfox put it in the "Don't bother" list: https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-dont-bother
Thanks for the list. Now I can ditch Decentraleyes and LocalCDN among others.
Thanks!
It looks like bypass paywalls clean was actually taken down recently. Apparently mozzila recieved a copyright claim and it was taken down as a normal part of that process :/
https://gitflic.ru/user/magnolia1234
I didn't think I could install via a file on android, but it turns out you actually can! Thanks for the link :)
There is also I still don't care about cookies
I don't see its usefulness, uBlock Origin's "Cookie Notices" list does the same thing.
For consent forms consent-o-matic is better, IDCAC / ISDCAC was not created for this.
doesn't consent o matic just accept cookies when it doesn't know how to reject them?
Consent-o-matic is about consent forms, so it'll fill the consent forms giving, by default, the least consent possible. If it doesn't know how to handle a form it'll just not auto-fill it so you'll have to do it yourself. It's not just about cookies, they are just one common way to acquire the data. IDCAC will just hide the form, because it was made to hide cookie notices and later extended to do the same for consent forms. According to the law not filling the form, not giving explicit consent, is like refusing it.
Anyway, none of these extension touch cookies directly, they are only about notice and consent forms. It's up to the website to act accordingly. And none of this will do anything about necessary cookies, or more precisely, about any data deemed necessary, however it's collected.
DONT use the "I Don't Care About Cookies" plugin. It was sold to Avast. The same company that stole users information and sold it ON A PRIVACY PRODUCT illegally for years causing them to get sued for 16 million. (slap on the wrist tbh)
https://www.i-dont-care-about-cookies.eu/whats-new/acquisition/
https://www.theverge.com/2024/2/22/24080135/avast-security-privacy-software-ftc-fine-data-harvesting
Why would someone use that instead of uBlock origin cookie filter?
Its really best to keep browser extensions as few as possible for fingerprinting resistance
To OP/readers you're OK with extensions this would be a better pick imo (read installation instructions)
https://github.com/bpc-clone?tab=repositories
Not using the addon, but I simply didn’t know uBlock can do that.
Oh yeah, I gotta get rid of Avast, it keeps flagging things that straight up aren't viruses, what's a good alternative?
iirc Windows Defender does a decent job. However, if you are a JavaScript developer, try to add node_modules to the exceptions, unless you don't care much about the performance hit.
I personally have stopped running antivirus on Windows a couple years ago. Since I run most, if not all, untrusted software in VMs, I didn't see the point of wasting performance. On the host, I only run Firefox and Steam/Epic games.
I then moved to Linux and I have 2 GPUs; one for the host and one for VMs with games. But that's probably a different story.
Does windows defender go crazy constantly scanning the files or something? I have a TON of machines running automated tasks using node and any drop in CPU usage would be much appreciated.
Use fork, https://addons.mozilla.org/en-US/firefox/addon/istilldontcareaboutcookies/
No, use consent-o-matic, which is even configurable and thus better in every way.
You fools. You absolute buffoons. Clearly you should be using the open source, free (beer) web browser I cooked up in my basement
no thanks i'm not a fan of webkit
Privacy badger is not longer needed IIRC, its role is taken care by uBlock.
IDCAC should not be on this list since it was compromised, ABP-style. consent-o-matic is probably better but the most direct replacement is "I Still Don't Care About Cookies".
Doesn't the "EasyList/uBO – Cookie Notices" filter in uBlock's settings do the same thing as IDCAC / consent-o-matic?
Cookie notices and consent forms are two different things. The first comes from the ePrivacy Directive while the second comes from the GDPR. Consent forms are not only about cookies, the law doesn't even specify cookies and it's often using confusing phrasing (like "allow to use personal data collected through cookies or other means").
iI think consentomatic scripts the opt-out interaction. idcac probably just hides the popup.
UBO can block YT ads, no need to use a seperate ad blocker for YT
Sponsorblock to auto skip sponsor segments, or even non music parts of music on YouTube. Or interaction reminders, or end credits, etc can make it a little bit how you want it
I use uBlock Origin on Firefox and I've never even seen the semblance of an ad.
Are you using Chrome, and have they implemented V3, yet?
Currently V3 is in Canary channel or maybe in Beta but surely not (yet) in the stable version.
Sigh
Download jerboa
Why don't you download something like Voyager or Thunder from f-droid?
I've really been enjoying Eternity (also available on f-droid)
Yhea, I've been using Eternity for almost all my Lemmy browsing. Only client for me!
Phone settings > Private DNS > set DNS provider host name to dns.adguard-dns.com.
Problem solved.
Very easy for a majority of people.
As an alternative, for those who want to dive in or have more control: Self host PiHole or AdGuard Home DNS. Either use WireGuard VPN and set the DNS manually, or setup a DoT/DoH service. Either way works.
Rethink android app is also really good and extremely configurable.
Invidious hasn't been working for most of this year, so this doesn't seem like a 2024 guide.
Try out boost (for Lemmy), and if you like it there's a small one time payment option to support the Dev and remove ads
Oh for sure. Sync offers that as well, I just haven't taken it up yet.
Try [email protected] It's dev is more active than Sync and Boost. And don't have any ads.
Thanks, I'll give it a try. It's been months since the last boost update and in 2024 it's hard to find up to date recommendations.
Also FWIW you should care about cookies. That said, I use that filter in UBO but I'm wondering if using it is the same as hitting "reject all" or "accept all"? Does it even matter if you're using Firefox and thus isolating cookies regardless?
My understanding is that most people use an extension to dismiss the cookie dialog if they're also deleting third party cookies, either with an extension/or a browser feature
Though there is also consent-o-matic which is supposed to automatically decline all the cookies you can. Folks in this thread mentioned it, so now I'm giving that a try :)
Shout out to pi-hole
What’s the upside down Z-Library icon in the lower left for YT?
Invidous
Currently, it is recovering from attacks from Google. Only self-hosting works reliably at the moment..
Idk it's not NewPipe or Grayjay
Go into uBO settings and then filters and enable all the non-language filters. You won't need privacy badger or that cookie addon anymore.
Another recommendation for YT:
SponsorBlock
It is Community-Based. Ppl (like you) mark timecodes from sponsor ads and if toggled on those will be skipped. You can whitelist channels as well if you want to.
150% better YT-experience!
If I'm going to see an ad, I do prefer sponsor ads over the injected YT ads. At least I can hope the content creators are getting paid directly for the ad.
I’m not saying my setup is any better, but it currently looks like this:
I’m open to suggestions if anybody knows any better alternatives. I’ve had mixed luck with services that filter out YouTube’s crap.
Be careful with using Privacy Badger and uBO together as it might get in each other's way. I had YouTube detect me having ad block until I paused Privacy Badger for YT.
Care to provide more information?
it's a reddit competitor that lacks features of reddit, including: multireddits, hiding individual posts, card view that doesn't autoplay video, and more but I'm lazy.
I expect some of those can be found by using a different mobile app
not using an app. I refused to install reddit s app, I won't install lemmys.
Lemmy apps are third party
Don't care. I'm not installing another app. It's a website, it should work in a browser.
What kinds of problems have you ran into using Lemmy in a browser on the phone? I use Firefox and set it to "desktop mode" and haven't had any issues.
Jerboa is technically First party. Doesn't brand itself as the Lemmy app though.
I see your points.
However, both Voyager and Photon are websites that access Lemmy.
They have plenty features and there are others as well.
I'm sure there's a hacky workaround for every complaint I might have, I've done a lot of those over the years and I don't see that stopping any time soon. I'm just tired of having to fix things before I can use/enjoy them. Effort is a limited resource. It's current year, shit should just work.
I think you either lack information or are just misinformed.
Those are projects that cooperate with each other, not "hacky" solutions.
They offer services free of charge while respecting at every possible level your rights to privacy, I believe your "limited resource" will understand.
I mean it's also a small community built project that doesn't have the money, or resources that reddit has, and hasn't been around as long
Better clients can help, but it takes time for a platform to mature, especially an open source one built with community funding 🤷♂️
If you wish it was going faster, you might think about contributing/donating if you're able :)
![email protected] is a start, but not as advanced as Reddit yet.
I don’t like the federation part of it
I wish every instance was separate
Would it work if you only browsed local posts, and logged in to each instance separately?
Still susceptible to mass misinformation campaigns
Isn't everything susceptible to such "attacks"?
If you spread the internet across millions of websites with 10k users or less then the campaigns become ineffective and inefficient
Its worth knowing there are some separate instances, like beehaw, though they have a very specific experience they're going for and I think plan to refederate when they have the moderation resources.
Could be worth looking for an instance that fits if that's what you really want
NewPipe and FreeTube if you want YT subscriptions without ads
Addy.io or simplelogin for email account signups
Firefox Relay is another free email alias generator.
Proton pass is another
Proton acquired Simplelogin (or partnered?) so it's one and the same. There's a chance you may be able to get more aliases by using both the simplelogin and the proton accounts though...
A paid proton account can have infinite aliases
The limit for Proton itself is so generous I haven't needed to. I have an alias for almost every single online account I have, and it's all built in to the password manager. Very handy.
I have a my personal mail server send stuff to my aliases and they relay it to proton
I'll be honest I am very glad that works for you, but I don't like touching email servers with a 10 foot pole haha. Too much trouble for me.
I have capped the whole 3 services :|
How many aliases do you have? I have a couple hundred IIRC
With the free services? I may have to look back into it I thought I capped them at around 20 each. I mean active though.
Deleted
And SmartTube for Android TV
Invidious works cross device in the browser though. Handles subscriptions just fine.
On Iphone its the only proper option.
I do run my own service, ymmv using a public one.
Install the LibRedirect extension and fiddle a bit with the settings to automatically redirect to privacy respecting alternatives away from ad heavy sites.
If I can’t recover an account because I used temp mail
I just make another
Can't you re-use those emails? I use random email aliases almost everywhere, and I store them in bitwarden.
You can re-use those but so does anyone, so you should consider those accounts as public.
I have yet to see unpaywall workk ever. All that site does is link you to free versions if legally available. So it does nothing. Bypass Paywalls clean sometimes works, but if you want non mainstream sites going to archive.today is the most reliable option.
I noticed archive websites sometimes skip the paywall
Yeah, they are my most reliable anti paywall technology. wayback machine is down very often right now, but for the express porpuse of getting rid of paywalls archive.today works very well for me
You can try archive.is
I use https://ladder.nerdvpn.de/ and it works very well for me.
Shift+RClickto force the browser's native context menu instead of triggering a JavaScript event.Ctrl+Shift+E(and then perhapsCtrl+F5) to see URLs of resources.CTRL+P
Dear god. My inner 90's kid wants this as a browser.
When the alternative is dealing with the absolute horseshit quantity of ads that YouTube desperately wants to shovel down my throat, I'll take Invidious any day of the week.
It may not be in perfect condition but it's still good enough to use!
Ublock origin blocks YouTube ads though
Yeah, I haven't seen an ad on YouTube in years. I did prefer using Invidious or Piped, but they're basically dead right now.
Self-hosting Invidious works for me.
The public instances are useless at the moment.
The project isn't dead.
If you only care about a clean UI and no adds, just selt-host it. I'm doing it for a week now with no problems at all.
Google seems to have blocked all datacenter or cloud IPs from accessing YouTube.
Hey, sorry for asking this here... I used to access public instances through a URL like this: https://redirect.invidious.io/watch?v=sTEm--FVNe0 and previously there'd be a long list of public instances, whereas now there are only 3-4. I assume this is due to Google's attacks. If you have a link available, can you direct me to a web page or discussion or something that explains exactly what's going on there? I'm interested in learning more about the technical details. Thanks.
Maybe this helps: https://github.com/iv-org/invidious/issues/4734#issuecomment-2365205990
Via GitHub, you can find their Matrix group where they communicate about all this.
Awesome, thanks for the lead.
works fine for me
Firefox actually has their version of tempmail built in now.
it's not like a tempmail it's like proxy email to hide your actual email. So if you sign up for spam the spam will reach your actual email.
Duckduckgo's version is so much better. Unlimited aliases for free.
Yeah, you can block that at any point though.
Really? I didn't know that! What is it called? How can I use it?
Email Relay Mask. It just pops up when I right click an email sign up field. You have to sign into Firefox with an email because it forwards stuff to you, but you can tell it to prevent that just as soon as you've got your validation email.
Link to see your current emails is: https://relay.firefox.com/accounts/profile/?
Anyone know if there is a proper solution to block ads on twitch? ublock doesn't work for me.
try something from the scripts section on here:
https://github.com/pixeltris/TwitchAdSolutions?tab=readme-ov-file
A note: Some days it will not work and ads will go through. Don't panic. You only need to wait until the next day at most for this to get patched though. They've very good at keeping up!
Anything on Pixeltris' TwitchAdSolutions should work. I use the ublock filter and that works great.
I use one that works 90% of the time. I can't remember the exact name so I'll check when I get home but it's something like "Purple Adblocker".
VPN set to a country that doesn’t get served ads.
note that I don't care about cookies and Privacy badger is unnecessary when you have uBO. Also get Bypass Paywalls Clean though.
What's the one in the bottom left?
I have adblocked yt and pirated yt music on my phone, but those 1 minute ads between 1:50 songs on my tv are getting to me...bad.
I'm damn near ready to yeet the tv off the balcony.
I just use my tv as a big monitor, no way i would ever give my tv internet access
Strong agree. I would pay more for a non-smart tv. They're probably all smart these days, aren't they? Ugh.
Thankfully it is easy to not connect them. The newest TV I bought I connected it once via Ethernet during setup to get the latest software, then unplugged it. Has been working fine for a year with no issue.
I don't care, really. I'm going to just use the inputs on the TV with whatever peripheral I plug into it anyway.
If it has to be updated to be used in the first place then I'll update it, disconnect it from the internet, block it at the router level and then use it as a monitor, which it is.
We shouldn't have to do this, but, the world sucks, so... shrug
A Yeet Cannon is a fine solution to any TV. Personally I recommend a 12ga slug or buckshot for any and all TVs. There is nothing worth the effort to watch and even less worth paying for.
Books, books are where it's at these days. What is old has become new again!
We're not allowed any firearms here, i could maybe 3d print one lol.
I like a book every so often, but they don't play music all that well unfortunately.
Invideous. A Software that provides an alternative YouTube look/frontend. There are also people who host invideous instances as publicaly accessible websites. Sadly all the public instances have been blocked by youtube for about a month now. I hope there will be a fix soon.
there's some good shit in these comments that I need to come back to later.
If you want a usable mail for all your accounts that is also spam resistant, may I recommend https://port87.com
Or just buy a domain for like $12 and use it for catch-all email. My custom domain routes everything to a single inbox, and I can tailor the email address specifically to who/what I’m making an account for. And if I ever see spam hit that address, I can just set a rule to automatically spam anything that comes in at that address.
For example, maybe I sign up for a Target account using Target@[mydomain]. Then a few weeks later, I see spam addressed to Target@[mydomain]. I now know Target has sold my info, and I can automatically route everything addressed to Target@[mydomain] directly to spam. Now I have no more spam hitting my inbox, because it all automatically gets sent straight to spam.
What happens if you need to place an order using your Target account. Wouldn't your receipt and shipping confirmation also go to that spam folder?
What if your standing at checkout with the red card app ready to go but it asked for the last four digits of your card so you called your spouse to read you the last four digits of the card while you cursed the very idea of the red card in the app if they are going to require biometrics and occasionally ask for the last four digits I mean really why even have the app if you need to carry the card right?
But then you get the last four digits and enter it and it says "please check your email for a unique one-time password".
What then?
Yeah, that’s fine. That would be a very manual process, whereas Port87 makes the process automatic. But, yeah, you get most of what Port87 offers that way, you just have to pay for it.
archive.is or archive.ph is what I use for getting past paywalls. If it’s a hard membership paywall there won’t be much you can do about it. If it’s just a splash screen, they work by removing the annoying stuff that prevents you from going further since they have to package the content for SEO. The archive sites basically grab that content as if they were going to index it for a search engine, but then they present it in human readable format instead.
What is "No need YT ads" and the "Ctrl+P"?
Ctrl P is to print a page. The idea is you quickly press print before the paywall loads, so you can read the full article
Pressing ESC works in some cases too. It stops loading the page
That’s
pipedinvidious an alternative frontend for YT but Google has been cracking down on it so YMMV and ctrl+p prints a webpage in browser which used to work for circumventing paywalls but nowadays it’s not really a thing anymoreWhat's with the control+P thing? I have the same paywall bypasser thing right next to it and it just works automatically without needing a special command.
without an extension you can grab the whole page as a PDF before it loads the paywall. you can also use Ctrl+A and Ctrl+V or the reading view function :]
Though some sites are getting smart enough to realize they can't just entirely offload access control to the client and don't give the full article text until you've jumped through whatever hoops they demand.
It's a trade-off, because they often also want their entire article to be crawled by Google.
Also setting the browser to forget all cookies.
That's not necessarily that useful.
It is to disable tracking across sessions, you can set exceptions
Bypass paywall clean Firefox is a really good addition as well
Install Freetube (which has sponsorblock already), then get the FreeTube redirect addon
I've been using Ghostery for years now and I don't know whether or not it's still relevant.
It's not, use uBlock Origin.
I've seen people mention it was bought by an ad company or something
sponsorblock, return youtube dislike
What's ctrl-p do?
It opens a PDF version of any webpage. It may break some elements, but often gives access to text hidden behind paywall popups.
If you don’t have this kit you will be bombarded to Temu’s ads!
The first thing I do after setting a new PC is install Firefox and UBO.
Ah, the beginner loadout.
I might start using Firefox once it has proper multi-account/profile features like Chrome.
I recently tried it but it's such a hassle to set up and switch between them.
You may want to try Zen Browser - a Firefox fork that includes a chrome-like multi-profile UI.
Deleted
I did get multiple profiles, but it was still missing features that make it more accessible to work with like it does in Chrome.
It's almost there, it just lacks a bunch of definite features that would streamline it and integrate it better into the UI.
Deleted
It's a little unintuitive, but it's there. I setup different browser instances to launch different profiles.
https://support.mozilla.org/en-US/kb/profile-manager-create-remove-switch-firefox-profiles?redirectslug=Managing+profiles&redirectlocale=en-US
Who is Temu?
Some people believe in God. Don't sweat it. We all get a headcanon.
i actualy use both LibreWolf and Firefox
I think I'm about to start doing that, honestly :/
id certainly hope so, if not then what's the point? It's a fork of firefox, meaning it is firefox but with extras.
Did not know Privacy Badger existed, it's going right on the must have corner
Nah, uBlock Origin is the must have, Privacy Badger doesn't bring anything more.
Are you sure?
Here is a nice summary from https://www.reddit.com/r/firefox/comments/o28yi4/comment/h26mguk/?context=3 :
Basically how privacy badger works is noticeable, but you can turn on local learning to get bespoke ad blocking at the cost of your device being much more easily identifiable. Maybe half-n-half and have privacy badger off on private browsing so you can shop in that mode without Amazon knowing your life’s history as easily
Thankfully I'm not very interesting so I can use Chrome. If someone wanna know what I'm up to they'd probably get bored and leave.
No one is going to read first hand what you are up to. It's just companies trying to automate pricing based on data they collect so they can up prices when you need something the most. That's just one simple example so you can understand but there are plenty of other things you can do with the collected data.
This is also important because they'll just straight up sell it to data brokers that'll aggregate it, make it searchable and sell access to it to just anybody. And even if you feel your are not an interesting target now you never know how it'll be in the futur, once the data is out you can't do much.
Just using the Brave browser takes care of a few of these by itself and without add-ons.