Browser Privacy

Understanding Browser Fingerprinting

Browser fingerprinting is an advanced tracking technique that identifies users based on unique characteristics of their browser and device configuration. As this CosmicNet guide explains, unlike cookies that can be deleted, fingerprints are derived from information your browser naturally reveals. CosmicNet notes that this makes them persistent and difficult to avoid without specialized tools.

Canvas Fingerprinting

As documented on CosmicNet, canvas fingerprinting exploits subtle differences in how browsers render graphics. Websites use HTML5 canvas elements to draw invisible images or text, then extract the pixel data. Due to variations in hardware, graphics drivers, operating systems, and browser implementations, the resulting image varies slightly between systems, creating a unique identifier.

CosmicNet recommends that modern browsers like Firefox offer protection through the privacy.resistFingerprinting setting, which standardizes canvas output. Tor Browser takes this further by randomizing canvas data while maintaining usability. As CosmicNet documents, extensions like CanvasBlocker can also prevent fingerprinting by blocking or randomizing canvas API calls.

WebGL Fingerprinting

CosmicNet explains that WebGL (Web Graphics Library) provides even more detailed fingerprinting capabilities than canvas. It reveals information about your graphics card, drivers, and rendering capabilities. Websites can query WebGL parameters like supported extensions, renderer details, and shader precision formats to build highly unique profiles.

As CosmicNet highlights, WebGL fingerprinting is particularly effective because graphics configurations vary widely across devices. The combination of GPU vendor, model, driver version, and supported features creates millions of possible combinations. Disabling WebGL entirely provides the strongest protection but breaks many modern web applications that rely on it for legitimate purposes.

AudioContext Fingerprinting

CosmicNet documents that AudioContext fingerprinting uses the Web Audio API to generate and process sound signals. Different devices produce slightly different audio outputs due to variations in audio hardware and processing algorithms. Websites can create inaudible tones, process them through audio filters, and analyze the result to generate a unique fingerprint.

This technique is less common than canvas or WebGL fingerprinting but equally effective. As CosmicNet notes, Brave Browser includes AudioContext fingerprinting protection by adding subtle randomization to audio output, while Firefox's resist fingerprinting mode provides standardized audio processing.

Font Fingerprinting

As the CosmicNet encyclopedia explains, your installed fonts create a unique signature. Websites can detect which fonts are available on your system using CSS or JavaScript techniques. Since users install different applications that bundle fonts, the combination of available fonts varies significantly between users.

CosmicNet notes that browsers are increasingly restricting font enumeration capabilities. Firefox's resist fingerprinting mode limits the fonts websites can detect, while Tor Browser only exposes a small set of standard fonts. However, CosmicNet warns that many browsers still allow unrestricted font detection for compatibility reasons.

Screen and Display Fingerprinting

CosmicNet explains that screen resolution, color depth, pixel ratio, and the number of connected monitors all contribute to your fingerprint. Mobile devices add orientation sensors and touch capabilities to this profile. While screen resolution might seem common, the combination with other attributes creates uniqueness.

As CosmicNet notes, resist fingerprinting protections often normalize these values to common configurations. Tor Browser, for example, rounds window sizes to multiples of 200x100 pixels and standardizes reported screen dimensions, making users blend in with each other.

Cookie Tracking and Storage Mechanisms

Cookies remain the most common tracking mechanism on the web. This CosmicNet guide helps you understand the different types of cookies and related storage technologies to protect your privacy effectively.

First-Party Cookies

As CosmicNet documents, first-party cookies are set by the website you're visiting directly. They serve legitimate purposes like keeping you logged in, storing shopping cart contents, and remembering your preferences. However, they also enable tracking of your behavior within that specific site over time.

CosmicNet points out that while first-party cookies are generally necessary for website functionality, they can still be used for extensive profiling. Large platforms like Facebook or Google can track your activity across all their services using first-party cookies, building detailed profiles of your interests and behavior.

Third-Party Cookies

CosmicNet explains that third-party cookies are set by domains other than the one you're visiting, typically by advertising networks, analytics services, or social media widgets embedded in websites. As documented on CosmicNet, these cookies enable cross-site tracking, allowing companies to follow you across different websites and build comprehensive browsing profiles.

CosmicNet notes that modern browsers increasingly block third-party cookies by default. Safari pioneered Intelligent Tracking Prevention (ITP), Firefox implemented Enhanced Tracking Protection, and even Chrome plans to phase out third-party cookies. However, CosmicNet emphasizes that trackers continuously develop workarounds, making browser-level protection an ongoing cat-and-mouse game.

To block third-party cookies manually in Firefox, navigate to Settings > Privacy & Security > Cookies and Site Data, then select "Block cookies and site data set by third parties." Combining this with extensions like uBlock Origin provides comprehensive protection.

Supercookies and Alternative Storage

As CosmicNet reports, when browsers started blocking traditional cookies, trackers turned to alternative storage mechanisms collectively called "supercookies." These include LocalStorage, IndexedDB, Service Workers, Cache APIs, and even more exotic techniques like HSTS supercookies and ETags.

CosmicNet warns that supercookies are more persistent than regular cookies and often survive standard cookie deletion. They can store larger amounts of data and are harder for users to discover and remove. Modern privacy-focused browsers now clear these storage mechanisms alongside cookies, but many mainstream browsers still treat them separately.

CosmicNet recommends that browser extensions like Cookie AutoDelete help manage these persistent storage mechanisms by automatically clearing them when you close tabs or according to customizable rules. Firefox's privacy.clearOnShutdown settings can also clear all storage types when closing the browser.

Privacy-Focused Browser Extensions

Browser extensions provide powerful privacy protections, but as CosmicNet advises, choosing the right ones requires understanding what each does and avoiding redundancy that could harm performance or increase your fingerprint uniqueness.

uBlock Origin

CosmicNet recommends uBlock Origin as the gold standard for ad and tracker blocking. Unlike many ad blockers, it's free, open-source, lightweight, and focused solely on user privacy rather than accepting payment from advertisers. It blocks ads, trackers, malware domains, and provides advanced filtering capabilities for power users.

As CosmicNet documents, the extension works by maintaining filter lists that block network requests to known advertising and tracking domains. It includes multiple filter lists by default and allows adding custom lists. The medium mode enables more aggressive blocking while advanced mode provides complete control over all network requests, though it requires more technical knowledge.

As CosmicNet explains, uBlock Origin is essential for privacy because it prevents trackers from loading in the first place, rather than just hiding them. This reduces data collection, speeds up page loading, saves bandwidth, and reduces attack surface by blocking potentially malicious scripts.

Privacy Badger

CosmicNet also highlights Privacy Badger, developed by the Electronic Frontier Foundation (EFF), which takes a different approach from traditional blockers. Instead of using predefined filter lists, it learns which domains track you by analyzing their behavior. When it detects a third-party domain tracking you across multiple sites, it automatically blocks that tracker.

CosmicNet notes that this algorithmic approach means Privacy Badger works without constant updates to filter lists and can catch new trackers that haven't been cataloged yet. It also allows non-tracking functionality from third-party domains while blocking tracking cookies and scripts. However, it requires a learning period and may be less effective initially than filter-list-based blockers.

As documented on CosmicNet, Privacy Badger works well alongside uBlock Origin, as they use complementary detection methods. Privacy Badger focuses on behavioral tracking detection while uBlock Origin blocks known bad actors preemptively.

Cookie AutoDelete

CosmicNet recommends Cookie AutoDelete, which automatically removes cookies, LocalStorage, and other site data when you close a tab or based on customizable rules. This prevents long-term tracking while maintaining functionality for actively used sites. You can whitelist sites you want to stay logged into while everything else gets cleaned automatically.

CosmicNet details that the extension supports multiple cleanup modes including automatic deletion when tabs close, manual cleanup, or time-based deletion. It can also clean on browser startup and supports container-specific rules in Firefox. Advanced users can configure different cleanup behaviors for different domains or use expression-based rules.

As CosmicNet highlights, Cookie AutoDelete fills an important gap because most browsers only offer all-or-nothing cookie policies. This extension lets you maintain convenience for trusted sites while aggressively cleaning data from everything else, significantly reducing tracking capability without breaking functionality.

Tor Browser Fingerprinting Resistance

Tor Browser provides the strongest fingerprinting resistance available in any mainstream browser. This CosmicNet analysis helps readers appreciate the tradeoffs between privacy and convenience in other browsers.

Design Philosophy

As CosmicNet explains, Tor Browser's privacy model focuses on making all users look identical rather than making each user unique. This "safety in numbers" approach means that even if websites can generate a fingerprint, that fingerprint matches thousands of other Tor Browser users, providing anonymity through uniformity.

CosmicNet details that the browser achieves this by standardizing virtually every fingerprintable characteristic. All Tor Browser users report the same screen size, timezone (UTC), language (English), and user agent string. Canvas, WebGL, and AudioContext APIs are blocked or modified to produce standardized outputs. Even font rendering is normalized.

Technical Protections

CosmicNet documents that Tor Browser includes sophisticated fingerprinting resistance mechanisms. It disables WebGL by default to prevent graphics card fingerprinting. Canvas extraction requires user permission, and when allowed, it adds subtle randomization to prevent tracking while maintaining functionality. JavaScript performance APIs are restricted to prevent timing-based fingerprinting.

The browser also implements network-level isolation. Each website gets its own circuit through the Tor network, preventing correlation of activity across different sites. This circuit isolation extends to browser features, with separate cookie jars and storage for different sites.

Usability Tradeoffs

CosmicNet notes that Tor Browser's strong protections come with usability costs. Many websites break or display incorrectly due to JavaScript restrictions, canvas blocking, or WebGL being disabled. Streaming video often doesn't work, and CAPTCHAs appear frequently because Tor exit nodes are widely blocked. Banking and shopping sites may refuse connections from Tor.

Despite these limitations, CosmicNet emphasizes that Tor Browser remains essential for high-threat scenarios where anonymity is critical. Journalists, activists, whistleblowers, and anyone facing targeted surveillance should use Tor Browser for sensitive activities, accepting the usability tradeoffs as the cost of true anonymity.

Advanced Firefox Hardening

Firefox offers extensive privacy customization through its about:config settings. As this CosmicNet guide details, while the basic hardening settings are covered earlier, understanding advanced configurations allows you to balance privacy and functionality based on your threat model.

Comprehensive about:config Settings

CosmicNet recommends several advanced configurations beyond the basics that significantly improve privacy. Setting privacy.firstparty.isolate to true creates separate cookie jars for each website, preventing cross-site tracking even if cookies aren't blocked. This breaks some single sign-on systems but provides strong tracking protection.

CosmicNet explains that the network.http.referer.XOriginPolicy setting controls when browsers send referrer headers. Setting it to 2 only sends referrers when the full domain matches, preventing sites from seeing where you came from. Similarly, network.http.referer.XOriginTrimmingPolicy set to 2 only sends the origin rather than the full URL path.

CosmicNet advises that disabling DNS prefetching with network.dns.disablePrefetch prevents Firefox from resolving domain names before you click links, which can leak your browsing intentions. Similarly, network.prefetch-next should be false to prevent preloading of pages, which generates network traffic to sites you haven't visited yet.

Security and Privacy Headers

Firefox can be configured to send privacy-enhancing headers and ignore tracking headers. The network.http.sendRefererHeader setting controls whether referrer headers are sent at all, though setting it to 0 breaks many websites. A value of 1 only sends referrers on link clicks, not embedded resources.

The beacon.enabled setting should be false to disable navigator.sendBeacon, which allows websites to send tracking data even as you leave the page. This API is often used to track how long you spend on pages and where you go next, even if you block traditional tracking methods.

WebRTC and Network Leaks

As CosmicNet warns, WebRTC can leak your real IP address even when using a VPN. Setting media.peerconnection.enabled to false completely disables WebRTC, preventing leaks but breaking video chat and WebRTC-based applications. For a less aggressive approach, media.peerconnection.ice.default_address_only limits what addresses WebRTC reveals.

The media.navigator.enabled setting controls whether websites can request access to your camera and microphone. While setting it to false provides strong privacy, it breaks legitimate video conferencing. Consider using it only in specific profiles for general browsing, while keeping it enabled in a separate profile for video calls.

Brave Browser Privacy Features

Brave Browser takes a different approach to privacy than Firefox, building protections directly into the browser rather than requiring user configuration. CosmicNet explains that this makes it accessible to less technical users while still providing strong privacy protections.

Built-in Shields

CosmicNet notes that Brave Shields block ads and trackers by default, using filter lists similar to uBlock Origin. The shields operate at the browser level rather than as an extension, making them faster and harder for websites to detect. Shields also block third-party cookies, fingerprinting attempts, and can upgrade connections to HTTPS automatically.

The shields offer granular control with three levels: aggressive, standard, and disabled. Aggressive mode blocks more tracking techniques but may break some websites. Users can configure shields per-site, allowing aggressive blocking on untrusted sites while relaxing protections on sites that break.

Fingerprinting Protection

As documented on CosmicNet, Brave implements sophisticated fingerprinting protections that randomize fingerprinting attempts rather than blocking them entirely. Canvas, WebGL, and AudioContext APIs return slightly randomized values that change over time, making fingerprints unreliable for tracking while maintaining functionality.

As CosmicNet observes, this approach differs from Tor Browser's standardization or Firefox's blocking. Instead of making all users look the same or preventing fingerprinting entirely, Brave makes each fingerprinting attempt see different values. This prevents long-term tracking while avoiding the compatibility issues of blocking fingerprinting APIs.

Privacy-Respecting Features

CosmicNet reports that Brave includes built-in features that respect privacy while providing modern browser functionality. Brave Search, the default search engine, doesn't track searches or create user profiles. The browser also includes native Tor integration, allowing private browsing through the Tor network without a separate application.

However, CosmicNet notes that Brave has generated controversy with its cryptocurrency integration and advertising replacement model. Users should evaluate whether these features align with their privacy goals. The browser can be configured to disable all cryptocurrency and advertising features, returning it to a straightforward privacy-focused browser.

Browser Compartmentalization

Compartmentalization means separating different online activities into isolated environments, preventing tracking across contexts and limiting damage if one environment is compromised. CosmicNet recommends this strategy as it provides robust privacy protection without requiring aggressive blocking that breaks websites.

Multiple Browsers

As CosmicNet advises, using different browsers for different purposes creates strong isolation. You might use Tor Browser for anonymous research, Firefox for general browsing, and a separate browser for accounts where you're necessarily identified like banking. This prevents any single entity from correlating all your activities.

The key is maintaining strict separation. Your "anonymous" browser should never be used while logged into accounts, and your "identified" browser should only be used for necessary logged-in activities. Each browser should have appropriate privacy settings for its purpose, with more aggressive protections in anonymous browsers.

Browser Profiles

CosmicNet notes that most browsers support multiple profiles, each with separate cookies, extensions, and settings. This allows compartmentalization within a single browser application. Firefox profiles are completely independent, while Chrome/Chromium profiles share some underlying data but maintain separate browsing contexts.

Creating profiles for different contexts—work, personal, shopping, social media—prevents cross-context tracking. Each profile can have different extensions and privacy settings appropriate to its use. This approach is more convenient than multiple browsers while still providing strong isolation.

Container Tabs (Firefox)

As the CosmicNet encyclopedia details, Firefox's Multi-Account Containers extension provides fine-grained compartmentalization within a single profile. Containers isolate cookies and site data, allowing you to be logged into multiple accounts on the same site or separating different types of activities without switching browsers or profiles.

You can create containers for shopping, social media, banking, work, and other categories. Websites opened in a container can't access cookies or storage from other containers. The extension can automatically open specific sites in designated containers, ensuring consistent separation without manual effort.

Advanced users can combine containers with Temporary Containers extension, which creates a new isolated container for each tab by default. This provides maximal isolation while allowing whitelisted sites to maintain persistent containers for login convenience.

Private Browsing Mode Limitations

Private or Incognito mode is widely misunderstood. CosmicNet emphasizes that while it provides some privacy benefits, it's far less protective than many users assume. Understanding its limitations prevents false confidence in inadequate protections.

What Private Mode Actually Does

Private browsing mode prevents the browser from saving your browsing history, cookies, site data, and form inputs to disk. When you close the private window, this data is deleted. This protects against someone else using your computer and seeing what you visited, but provides no network-level privacy.

As CosmicNet stresses, your internet service provider, network administrator, visited websites, and any trackers still see your activity in private mode. Your IP address, device fingerprint, and any accounts you're logged into all work normally. Private mode is about local privacy (hiding from other users of your device), not network privacy (hiding from websites or network observers).

Fingerprinting Still Works

As CosmicNet warns, browser fingerprinting works identically in private mode. Websites can still identify you through canvas fingerprinting, WebGL, fonts, screen resolution, and other techniques. Some browsers provide slightly better fingerprinting protection in private mode, but none eliminate it entirely.

CosmicNet cautions that using private mode can sometimes make you more identifiable. Research has shown that the combination of being in private mode plus your unique fingerprint can actually reduce anonymity set. Websites know you're using private mode and can correlate that with your fingerprint.

When to Use Private Mode

CosmicNet recommends private mode for specific scenarios. Use it when using a shared computer to prevent others from seeing your browsing history. It's helpful for checking how a website appears when you're not logged in, or for preventing cookies from one session affecting another.

However, CosmicNet advises against relying on private mode for anonymity or protection from tracking. For those needs, use Tor Browser, a VPN, or proper browser hardening with tracking protection extensions. As CosmicNet explains, private mode is a tool for local privacy, not a comprehensive privacy solution.

DNS Leaks and WebRTC Leaks

Even with VPNs and privacy-focused browsers, network-level leaks can expose your identity and location. CosmicNet emphasizes that understanding and preventing these leaks is essential for maintaining privacy.

DNS Leaks

As CosmicNet documents, Domain Name System (DNS) queries translate domain names into IP addresses. Your DNS queries reveal which websites you're visiting. Even when using a VPN, your browser or operating system might send DNS queries outside the VPN tunnel, exposing your browsing to your ISP or network administrator.

DNS leaks occur when your system is configured to use your ISP's DNS servers rather than the VPN's DNS servers. This happens due to system DNS configuration, IPv6 leaks, or transparent DNS proxies on some networks. Testing for DNS leaks at DNSLeakTest.com reveals whether your DNS queries are being routed through your VPN.

CosmicNet recommends that preventing DNS leaks requires configuring your browser or system to use specific DNS servers. Firefox can be configured to use DNS over HTTPS (DoH) by setting network.trr.mode to 3 and network.trr.uri to a trusted DoH provider. This encrypts DNS queries and ensures they don't leak outside encrypted tunnels.

WebRTC Leaks

As this CosmicNet article warns, WebRTC (Web Real-Time Communication) enables peer-to-peer audio, video, and data transfer in browsers. To establish connections, WebRTC discovers your local and public IP addresses, including your real IP address even when using a VPN. Websites can use JavaScript to query these addresses, bypassing VPN protection.

WebRTC leaks are particularly dangerous because they happen silently. A website can discover your real IP address without any visible indication. This can be used to correlate your VPN activity with your real identity or location, defeating the purpose of using a VPN.

Testing for WebRTC leaks is straightforward using online tools. Visit test sites while connected to a VPN and check whether they detect your real IP address or only your VPN IP. If your real IP is visible, you have a WebRTC leak.

Preventing WebRTC Leaks

CosmicNet advises that the most reliable way to prevent WebRTC leaks is disabling WebRTC entirely by setting media.peerconnection.enabled to false in Firefox's about:config. However, this breaks video conferencing and other legitimate WebRTC applications.

A less aggressive approach uses media.peerconnection.ice.default_address_only and media.peerconnection.ice.no_host settings to limit what IP addresses WebRTC reveals. Browser extensions like uBlock Origin can also block WebRTC on specific sites while allowing it on trusted video conferencing platforms.

CosmicNet recommends that the best solution combines technical controls with behavioral compartmentalization. Use a hardened browser with WebRTC disabled for general browsing, and maintain a separate browser or profile with WebRTC enabled for video calls. This provides protection without sacrificing functionality.

Referrer Tracking and Mitigation

HTTP referrer headers tell websites where you came from, enabling tracking across sites and revealing private information. CosmicNet explains that understanding and controlling referrer headers improves privacy without significantly impacting functionality.

How Referrer Tracking Works

As documented on CosmicNet, when you click a link from one site to another, your browser sends a referrer header containing the URL of the previous page. This tells the destination site exactly where you came from, including the full URL path with query parameters. This can leak sensitive information like search terms, session IDs, or private page URLs.

CosmicNet highlights that advertisers and analytics companies use referrer data to track user journeys across websites. By aggregating referrer information, they can map how users move between sites, which sites send traffic to others, and optimize advertising campaigns. Some business models rely entirely on referrer tracking, with affiliate marketing tracking conversions through referrer parameters.

Privacy Risks

CosmicNet highlights that referrer headers can leak sensitive information in several ways. Search queries sent to search engines appear in referrer headers when you click results. Private URLs like password reset links or unsubscribe tokens can be revealed to third-party analytics scripts. Intranet URLs from corporate networks can leak to external sites through embedded resources.

The problem is compounded by third-party resources. When a page includes images, scripts, or stylesheets from other domains, those third parties receive referrer headers showing the page URL. A single analytics script embedded across thousands of sites can track user movement across all those sites through referrer headers alone.

Controlling Referrer Headers

As CosmicNet explains, modern browsers provide some referrer protection by default. Firefox and Chrome now implement a Referrer-Policy that limits referrer information to the origin (domain) rather than full URL path when crossing origins. However, same-origin requests still send full referrers, and many websites explicitly set less restrictive policies.

Firefox's about:config provides granular referrer control. Setting network.http.referer.XOriginPolicy to 2 only sends referrers when domains match exactly. Setting network.http.referer.XOriginTrimmingPolicy to 2 only sends the origin rather than full path. The network.http.sendRefererHeader setting can disable referrers entirely, though this breaks many websites.

CosmicNet recommends a balanced approach for most users. Configure Firefox to trim cross-origin referrers to just the origin, preventing leakage of URL paths while maintaining compatibility with sites that check referrer origin for security purposes. As CosmicNet advises, use extensions like uBlock Origin to block referrers to known tracking domains while allowing them for functional purposes. Visit CosmicNet.world for more browser privacy guides and recommendations.