All popular browsers collect information about users. Based on searches, pages visited, articles read and videos watched, a user’s digital profile is built, including his personal data and interests. In the struggle for the right to privacy, Internet users use various software tools. Among the currently available options for protecting confidential information, an effective and, at the same time, simple tool can be a browser that provides anonymity on the network and secure web surfing. Most popular browsers collect users’ personal data. It would seem that such a functionality is laid by the developers exclusively with the best intentions, but this behavior of the software creates certain risks when the information obtained by the programs can be used for malicious purposes, including being intercepted by intruders. Many of us buy on the Internet, specifying bank card data and other details, and also save this information in the browser for the convenience of placing orders, which is dangerous considering modern realities.
Private browsers do not collect information about user activities and provide blocking of ads and tracking trackers. Some users are worried about anonymity in the network, in particular because of the desire to visit resources blocked by the provider. Using an anonymizer solves the problem. Let’s consider the best browsers that are used for anonymous surfing on the Internet. They will protect your privacy, prevent you from seeing what resources you visit, and track your computer’s location.
In order to find out whether such programs should be trusted, I decided not to invent complex stands and not to engage in the construction of a special laboratory. Virtual reality with a freshly installed Windows and several online tests specially created to check the security level of similar programs is enough to save protected browsers.
Qualys Browser Check — checks the vulnerability of the browser and tests settings for working with cookies. By default, it is recommended to install a special plugin to pass the test, but you can use it without it by using the link on the site.
Cloudflare Browsing Experience security check – a test from the well-known company Cloudflare, checks the used browser’s DNS, certificates, cookie settings and the presence of known vulnerabilities.
Privacy Analyzer — a comprehensive browser check with the possibility of data extraction. IP tracking is checked, browser is printed, privacy settings are tested.
Panopticlick — third-party cookie testing and browser tracking.
Webkay is a service that displays all the information that your browser transmits to websites on the Internet.
Yes, the evaluation criteria have been sorted out. Now let’s move on to our questionable browsers – what results do they show us with the default settings?
Comodo Dragon is perhaps the most hyped solution for secure web surfing after Tor Browser. Dragon claims to be a one-size-fits-all solution for those who don’t want to wait half an hour for Tor to start. In fact, the guys at Comodo made two web browsers with the same set of features, but on different drives: Comodo Dragon based on Chromium and Ice Dragon based on Firefox. Among the claimed features are built-in protection against attackers, use of secure DNS, blocking of cookies and verification of domains to combat phishing.
I downloaded both versions of “Lizard” at once and started them on a virtual alternate basis. Externally, Dragon looks like a private Chrome and starts up about the same speed – in my virtual machine, its downloads took an average of 4.5 seconds. From “Chrome” the browser inherited and loved to the RAM – with one window and one open tab, Comodo Dragon immediately launched five processes into the system and ate 90 Mbytes.
Qualys Browser Check recognized Comodo Dragon Chrome in the browser, and an old version, after which it offered to download a new version from the Google website.
The Cloudflare Browsing Experience Security Check found that Dragon does not check the length of DNS server responses using DNSSEC and does not support SNI server name encryption when establishing a TLS connection, which could theoretically compromise privacy.
The Privacy Analyzer test showed that Dragon successfully transmitted my IP address, location, browser version, OS bitrate, and screen permission data to the remote host.
Panopticlick demonstrated that the browser has a unique “fingerprint” and does not send the DNT (Do Not Track) HTTP flag to the server, which allows the user to be tracked. All other security tests on this Comodo Dragon site have passed.
After, judging by the Webkay page, taking into account the version and bitrate of Windows, IP address and screen resolution, Dragon allows you to correctly recognize the battery charge level of my device and the type of processor. The browser did not allow scanning the local installation in search of available devices.
Qualys Browser Check did not find any flaws, the test was passed with 100% success.
Cloudflare Browsing Experience Security Check showed the exact same result as in the previous case.
After the Privacy Analyzer is finished, the browser exposes all the same data as its sibling, including IP address and OS version.
Panopticlick reported that the program does not block ad tracking attempts, does not send DNT and has a unique “fingerprint”.
Here, Webkay presented a surprise: it turned out that the browser has a unique User Agent IceDracon 65.0.2 and does not transmit any data about iron at all, except for the processor bitrate. Therefore, in addition to the external aipyshnik, Webkay was happy to show me the IP of the network interface of my local computer. With the help of a special button on the site, I tried to scan the devices available in the local network, but the search results did not come.
Comodo Ice Dragon outwardly, it is not much different from its “non-ice” counterpart. Firefox and Firefox, nothing special. It loads and works quite quickly: three seconds passed from clicking the mouse on the icon to launching the program.
This is another Firefox clone with a security guarantee that has versions not only for Windows, but also for macOS and Linux, and only the 64-bit version is available. In the “About the program” section of the official website, it is stated that in 2011, the browser was created by a sixteen-year-old schoolboy, Alex Kontos, who continues to update and maintain his brainchild to this day. The author claims that his application does not collect telemetry and only sends out data about browser and OS versions in order to receive timely updates. All others are confidential, the developer assures, in complete safety. The external program is the most ordinary Firefox – we are only ordinary, which is even boring. It works and loads at the same speed, I did not notice any significant differences from the usual “Fyx”.
Qualys Browser Check — the test was passed successfully, no problem was detected.
Cloudflare Browsing Experience Security Check Showed that Waterfox has problems with DDNSEC verification and Encrypted SNI application. Also, the browser does not support TLS 1.3.
Waterfox successfully failed all Privacy Analyzer tests, and according to Panopticlick and Webkay, spoofed my IP address, processor type and bitrate, and screen resolution settings, but all other data was used judiciously.
Notably, Waterfox is recognized as Firefox 56.0, currently the current version of “Fox” is 79.0. That is, the clone lags behind the original by about an eternity, and this may mean problems not with privacy, but with security.
Iron is not “irony”, but “iron”, which hints at the brutality and reliability of this browser. “Iron” is built on the basis of Chromium, uses the latest versions of WebKit and V8, and also includes its own ad blocking component. Note that the developer of the site has a Russian version – however, one realizes that it has been translated into a large and powerful one using the same Google Translate. According to the creators, Iron does not send telemetry to Google, does not send automatic bag reports and does not update in the background, which allows you to save traffic. And it also has an “elegant design.”
SRWare Iron resembles Chrome a little less than completely. The program starts in about 3.5 seconds and works quite quickly with several open tabs: I did not notice any significant slowdowns. I even found this browser to be faster than Chromium in the Comodo build.
Qualys Browser Check complained to me about an outdated version of Google Chrome (83.0.4250) and said it was unsafe.
Cloudflare’s test showed similar performance to Comodo’s browsers — TLS 1.3 support included, but claims to DNSSEC and Encrypted SNI.
Panopticlick ran into the standard set of privacy issues (all tests failed) and in passing noticed that if SRWare Iron had any ad blocker, it didn’t work.
Privacy Analyzer and Webkay reported that “Iron” provides information about browser versions, OS versions and bits, IP addresses, all information about the iron (including video card model, screen resolution and battery status), but the local network data remained with Webkay. secretly
The creators of the Brave browser claim that their Chromium-based product, like no other, does not allow tracking and possible data leaks. One of Brave’s features is the ability to send cryptocurrency payments to websites and content creators in the form of Basic Attention Tokens, a cryptocurrency platform developed by Brave Software based on Etherium.
In 2017, the code platform was launched for the first time, Brave Software sold more than 35 million US dollars worth of tokens, and distributed new users of the platform with the goal of raising a total of 300 thousand tokens. Brave browser users can earn tokens for viewing ads or pay content creators – either by sending microtransactions or by using Brave’s built-in feature, where a predetermined amount of reward is automatically distributed among owners registered on the system’s sites, depending on how much time the user spent on viewing content. There are versions of the browser for Windows, macOS, Linux, as well as Android and iOS. We consider only the first of them, the interface of which, as expected, is a Chrome cosplay.
Qualys Browser Check showed that the current version of Chrome is up to date, no updates are required.
Cloudflare’s test did not show anything new – the Comodo and Iron browsers had a similar result.
But Panopticlick gave an unexpected result: as it turned out, Brave successfully blocks advertising, automatic tracking, but at the same time does not send DNT and has a characteristic “print” by which it can be calculated.
Privacy Analyzer and Webkay did even more: the site did not show my IP address and location, although the services that gave birth to WhatIsMyIP identified it without problems. The browser transmitted data about versions and bits of the OS, hardware (including the processor, graphics adapter, screen resolution and battery status). Chrome 84.0.4147.125 is used as the User Agent.
In general, a good result. Taking into account the fact that the application works quite quickly (although it feels slower than Iron), it is clearly worth a look.
This browser is developed by a company based in Bangalore (India) with a representative office in Washington. I really wanted to joke about Hindu code here, but Epic, like its competitors, is based on Chromium, so the code there is Google. Alok Bhardwaj, the developer of the program, claims that Epic successfully blocks tracking, fingerprinting, intrusive advertising, cryptomining and voodoo magic. In addition to the version for Windows, you can download the release for macOS on the site, there are also links to Google Play and the App Store for downloading mobile versions.
Immediately after launching the program, the user sees a stern warning that some browser features, such as a built-in VPN, proxy, and ad blocker, must be installed separately as plug-ins available on a special Epic Extension Store page. In this case, how Epic differs from the usual “Chrome”, in which you can also configure proxies and VPNs with the help of plugins, remains a mystery to me. Well, let’s see what this browser can do out of the box with default settings.
Qualys Browser Check –there are no problems or comments.
Cloudflare – a result similar to Comodo and Iron.
Panopticlick – the browser successfully blocks ads and tracking attempts, but does not send DNT and has a distinctive fingerprint.
Privacy Analyzer – the test “hanged” on determining the IP address and geolocation, I did not wait for the result.
Webkay– the service successfully determined my IP and OS version, but did not show any data about the iron, except the processor bitrate. The browser is identified as Chrome 84.0.4147.105.
Looking at the name of the product, I felt that it would be possible to write about “epic fail”, but surprisingly the browser proved itself quite well. Blocking ads, tracking, and a minimum of data transmitted externally, all without additional plugins, is a pretty serious bid for success.
Development of this open source browser began twelve years ago. The Dooble interface is based on Qt, and the program itself is cross-platform: there are versions for FreeBSD, Linux, macOS, OS/2 and Windows, and in the form of a portable version for all platforms. The distribution can be downloaded from GitHub as a ZIP archive containing the executable and all required libraries.
By default, Dooble automatically deletes cookies, and data stored in the program is encrypted (except for information about user settings). The browser uses a session model using temporary keys, the passphrase can be changed without losing data. A master password must be created in the settings when you first start Dooble, otherwise all data saved in the browser will be erased when you close. These features allow Dooble to be tentatively classified as a safe browser.
On my virtual machine with Windows 10, Dooble refused to start, complaining about the lack of some library, but on the host machine with Windows 7, it unexpectedly worked. The external design of the program can be characterized by the phrase “hello from the nineties” – it even made me cry nostalgically. Dooble is a cross-platform browser based on Qt.
Qualys Browser Check -called Dooble an unsafe version of Google Chrome – apparently due to the User Agent used by the browser.
Cloudflare – a result similar to Comodo, Iron, Epic and Brave.
Panopticlick – a complete failure of the test on all points.
Privacy Analyzer і Webkay — browser transmitted IP address, OS and gland data, geolocation, screen resolution. The program appears to external services as Chrome 84.0.4147.163.
Dooble is probably the fastest of all the browsers I tested in this experiment. Given that it is presented in the form of a portable version, the application can be very useful for systems in which it is difficult to install programs. BSD and Linux users are also likely to like the browser. The functionality of the program in Windows 10 raises doubts.
The results of the experiment were ambiguous. Contrary to expectations, the best results were not shown by the products of the famous Comodo company, but by humble Brave and Epic. However, Comodo Ice Dragon is also not bad – it sends out less data about the device than its sibling. I would put Comodo Dragon in fourth place. Owners of devices with weak hardware and old versions of the OS may like Dooble, which is characterized by good speed. But Waterfox and Iron plunged to the very bottom of our modest rating — they cope worse than competitors with advertising and tracking blocking.
Obviously, none of the programs listed in today’s article can provide complete anonymity and security on the Internet. For this privacy, you need to use a VPN, disable script processing in the browser settings, use encrypted containers for storing form data and passwords. In addition, there is an assortment of plugins aimed at increasing the level of security when working on the network. But we will talk about them another time.