this post was submitted on 24 Aug 2023
26 points (96.4% liked)

Privacy

31951 readers
1071 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I am new to Librewolf and downloaded Multi Account Containers addon along with libredirect, skip redirect and ublock origin. I am currently signed in a container with a Google account and set the URL to always open in that container. However I do not want to allow any Google-affiliated redirecting links to automatically open within that container and sign me in with that account, letting Google know what I had been browsing or searching for even when I would not want them to. This issue is restricting me from making Librewolf my default browser.

How do I make it so that all these links, whether clicked on from somewhere within the browser or an external application, open in a separate container or without a container or in a private window, if possible?

top 10 comments
sorted by: hot top controversial new old
[–] igorlogius@lemmy.world 7 points 1 year ago* (last edited 1 year ago)

One of these might help

Or if you want to instead keep a mapping of special account containers for allowed sites i'd suggest you take a look at

[–] jet@hackertalks.com 4 points 1 year ago (1 children)

I would suggest using two different browsers.

Make your default browser one that has no history, no cookies, no login information.

And then use your current Libra wolf browser with your container setup.

Then you can copy and paste the link from the default browser to the container browser intentionally, and only do the container you explicitly want. This will prevent accidental clicking from opening things and revealing your information

[–] lemmyvore@feddit.nl 3 points 1 year ago* (last edited 1 year ago) (1 children)

no history, no cookies, no login information

If your concern is online tracking then it doesn't really matter, browser fingerprint + your exit public IP are enough to identify you uniquely pretty thoroughly even without any persistent information (cookies, local storage etc.) And yes, LibreWolf includes anti-fingerprinting protection, but it's not fullproof and it cannot be without ruining most JavaScript functionality. Do the EFF test to see.

If your concern is privacy from people using your computer then I suggest using multiple OS accounts and a screen lock.

[–] jet@hackertalks.com 1 points 1 year ago (1 children)

Using two separate browsers solves the fingerprint problem. If they only log in to their services using their LibraFox container then that will be a distinct fingerprint than they're logged out browser

[–] lemmyvore@feddit.nl 2 points 1 year ago (1 children)

You're thinking about canvas fingerprinting, but there are APIs which cannot be faked without messing with functionality, and there are enough of them to obtain a unique fingerprint even if you omit the canvas. Which advertisers can easily do if they figure out you're faking your canvas.

A lower entropy fingerprint plus the IP can still identify you across browsers. If you compare the results of the EFF test in the two browsers you'll see that most of the values will be the same.

[–] jet@hackertalks.com 2 points 1 year ago (1 children)

I'm sorry. I must have misunderstood. You just said that different browsers from the same IP address can be linked to the same person.

I find that difficult to believe, here's a counter example, a VPN endpoint. There's many different people with that originating IP address using different browsers. Being able to identify two that an individual is using would be very difficult.

Browser fingerprinting fingerprints a browser, not a user, not a computer. A browser. I would love to see data contradicting that, but I am not aware of that data

[–] lemmyvore@feddit.nl 2 points 1 year ago (1 children)

Browser fingerprinting fingerprints a browser, not a user, not a computer.

But how much of the fingerprint data comes from stuff that's common across browsers? Do the EFF test in a completely different browser and see how much will be the same in Chrome vs Firefox vs Librewolf for example.

[–] jet@hackertalks.com 2 points 1 year ago

That's a good point and it's always worth testing any setup you have.

My mullvad browser passes the fingerprint.com test with flying colors, it doesn't share system fonts and the like. That plus a VPN would make it really hard to say the librewolf browser and tbe mullvsd browser belong to the same person.

I still think there's value in using separate browsers for the scenario the original poster outlayed

[–] lckdscl@whiskers.bim.boats 2 points 1 year ago (1 children)

Just to be clear, what do you mean by Google-affiliated links, anything *.google.com ?

Is your default container the one with the Google cookies? Or is your default one not signed and you have a separate one you have to manually open to access the Google account?

Regardless, I would do the following:

  • Default container (not signed in to Google)
  • Special container for Google account

Therefore, any link you click on will go to the default container, and is isolated from the Google containers. If you do want to, say, go to Gmail, then just open a new tab in the special Google container manually. This is easier to set up than the inverse where you have to filter by links. Or, if you only use Gmail signed in, but say, not YouTube, then add a auto redirect rule so that Gmail always open in the special Google container.

Also look into Temporary containers if you don't care about cookies and want more isolation on top of the default container.

[–] sylowosa@lemm.ee -1 points 1 year ago

anything *.google.com ?

Yeah, pretty much it.

Is your default container the one with the Google cookies?

I personally haven't found a way to make a container default. I just have a separate container for my Google accounts and other accounts connected to it.

Thankfully I found the solution to my problem by using Temporary Containers