this post was submitted on 06 Sep 2025
27 points (96.6% liked)

Privacy

3742 readers
185 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 10 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
27
is it worth it to swicth to mullvad browser for better privacy? (lemmy.dbzer0.com)
submitted 2 days ago by kennedy@lemmy.dbzer0.com to c/privacy@lemmy.dbzer0.com
10 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.dbzer0.com/post/52731585

I was reading around about private browsers and I came across mullvad's browser (only know them for the VPN), do you have experience using it? does it do anything different? I currently use librewolf and from what I can see the mullvad browser also is build from firefox. I generally prefer firefox-like browsers to chromium since i like way its set up and what it allows me to do. Its supposedly build by the same guys who made the tor browser (tbh i feel like thats just marketing). From their website it says its tor without tor but instead with a VPN. So technically I can accomplish the same thing with librewolf and a VPN?? Does the mullvad browser do anything new/different? One thing they do mention is browser fingerprinting does it do anything special to combat that? if i switch to mullvad instead but still have the same extensions is it more private?

top 10 comments
sorted by: hot top controversial new old
[–] sp3ctr4l@lemmy.dbzer0.com 1 points 1 hour ago* (last edited 59 minutes ago)

I may be the odd duck here with all the librewolf suggestions, but I am fond of waterfox, just configure it / harden it along similar lines as librewolf, force DoH, force HTTPS, have some kind of anti fingerprinting/profiling solution, yada yada.

Uh then what I do is just run I2P and use a silly little 'assign a proxy to a tab type' addon, and now that is my 'private mode' that runs in its own window.

(i ended up with this because i wanted to be able to run and manage i2pd, specifically, also as a distinct thing, and i could not figure out how to do this with any of the existing i2pd -fox land addons... maybe i am just stupid, i dunno lol)

Ultimately, what I would suggest is to just test various configurations of various security oriented browsers in the eff cover your tracks thingie, and find a balance or use style that works for you, balancing functionality and security/privacy.

Like, do actually test things, don't just run with what someone says should work, not even me.

For me, what works is my weird little --just use one browser and have a 'mostly secure' default mode, and a 'more secure' private mode--...

... but maybe you'd get better mileage out of just two totally different browsers, one 'secure-ish' and one 'more secure'... or maybe theres some other way of switching between other levels of JS blocking / ad blocking / general security thresholds via other kinds of mode shifts or something?

[–] Dequei@piefed.social 9 points 2 days ago

Librewolf

[–] ShyFae@piefed.blahaj.zone 5 points 2 days ago

I normally use Mullvad and a hardend Librewolf.

Mullvad seems funtionally the same as the tor browser. I believe the idea with the tor brower was that they would be difficult to distinguish for one person from the next. And same goes for Mullvad. The only differince being that Mullvad does't naturally go through the tor netwok, doesn't onionize sites, and uses mullvad's own search engin and DNS server by default. (Mullard's brower exists so that you have a tor browser without the tor network; And that's different topic of conversation)

Librewolf is closer the firefox experince, and I would happily recommend it to everyone. I personally enabled the sync funtion, switch the default search to ecosia, and hardend up some other settings. I haven't felt the need to add any plugins yet( that wern't installed by default).

In my tests, both have shown to be exellent privacy browsers. But as such, they both also stick out like a sore thumbs.

Overall, if you want the most privet browser, Mullvad seems hide more of my identity and fignerprint. But you will will look very suspicious.

I still recommend Librewolf over Mullvad, does everything I want and need it to do

[–] Sophocles 5 points 2 days ago (1 children)

In my opinion it does offer the best in class for anti-fingerprint features out of the box. Personally I don't use it because I need browser addons. Adding addons to mullvad kinda defeats the purpose, as they will make your browser extremely unique. Librewolf + addons is more fingerprintable, but still less so than Mullvad + addons imo. I feel like it is useful to have both; Librewolf + addons for your daily driver, and vanilla Mullvad for extra anonymous browsing, web searches, etc.

As a side note too, I have also heard that using Mullvad browser + Mullvad VPN is a bad idea, because it gives Mullvad as a company more information points that might potentially deanonymize you. Part of the reason why Mullvad is so great is that when an entity subpoenas your info, Mullvad can say "we don't know anything sorry." So the more information points you give, the more that defense weakens, even though Mullvad itself is trustworthy

[–] blurb@sh.itjust.works 3 points 2 days ago (1 children)

Mullvad Browser doesn't collect your data, so the second paragraph is wrong. I completely agree with you on the first paragraph though. Also make sure not to change the window size in Mullvad Browser as that can also be used to track you. If you are using a tiling WM set a rule for it to make it floating at all times if possible. Also don't forget to disable Encrypted DNS if you're using a VPN.

[–] Sophocles 2 points 2 days ago (1 children)

I disagree; while Mullvad is very good with their no logs policies and collecting minimal info, it is generally good opsec not to centralize too many assets or data points into one company. Example: using android with chrome and google vpn, all your data is, from start to finish, in the hands of Google. Mullvad is miles better than Google of course, but I believe the same strategy applies

[–] blurb@sh.itjust.works 2 points 2 days ago (1 children)

No, you're wrong in the sense that they literally collect 0 data on your Mullvad BROWSER usage. It can't be another data point because Mullvad likely doesn't even know if you're using Mullvad Browser, let alone what you're doing with it.

Your point is only valid in the case of internet services, which a browser isn't. A browser is a piece of software that can be replaced in a minute if let's say Mullvad's whole development team and CEO went full batshit crazy and placed backdoors in the public (and FOSS, so it can be forked) codebase, unlike e-mail etc. And your Google example is invalid because you can't compare something like Google Chrome to Mullvad Browser.

[–] Sophocles 1 points 1 day ago

I stand by what I said, and you're misunderstanding my point. I'm not comparing mullvad to google, it was an analogy. Plus a browser handles processes in the Application layer (layer 7) in the OSI model, and therefore is a very essential part of the chain of services required for telecommunication. This is a first year cybersecurity concept.

Mullvad does collect a very small amount of info; see their privacy policy., especially in regards to payment. Seeing that most users probably don't use Monero, Mullvad does have a small amount of info on them. However, this is not what my point is.

While this is a very mininal amount of data, my point is that consolidating more information points into 1 company is a bad idea, no matter the company, and no matter the degree of data collection. You cookies, browsing history, dns record, etc. are all now potentially linked to your payment info as well as http requests, tls encrypted traffic, and network activity via the same company via both browser and VPN.

Side note: a similar opsec strategy to prevent this is defederation, which denies complete control to any 1 entity. (Lemmy!)

If mullvad ever became unhinged (which I doubt would happen, but let's entertain the thought), your entire internet access would be compromised at the browser and the network level, rather than just one or the other. You can break this up over multiple trustworthy applications to fix this. Another analogy would be to use librewolf on linux with Mullvad VPN, which are all tustworthy and come with a degree of separation as well. Now if mullvad were to go crazy, it would not affect your OS or your browser, since you were using librewolf and linux. There are less information points to work with.

[–] swelter_spark@reddthat.com 3 points 2 days ago

I've heard nothing but good things about Mullvad. I currently use Librewolf and love it, but if I had to switch, Mullvad might be my #2 choice.

[–] otter@lemmy.ca 4 points 2 days ago* (last edited 2 days ago)

The last time I did a comparison, it was much better about fingerprinting. The EFF has this test for example:

https://coveryourtracks.eff.org/

Personally I don't use it as my daily default browser, and I feel that I'd have to change the default privacy-focussed settings in order to do so. Rather I keep it installed/updated for if I need it someday