cross-posted from: https://lemmy.dbzer0.com/post/52731585
I was reading around about private browsers and I came across mullvad’s browser (only know them for the VPN), do you have experience using it? does it do anything different? I currently use librewolf and from what I can see the mullvad browser also is build from firefox. I generally prefer firefox-like browsers to chromium since i like way its set up and what it allows me to do. Its supposedly build by the same guys who made the tor browser (tbh i feel like thats just marketing). From their website it says its tor without tor but instead with a VPN. So technically I can accomplish the same thing with librewolf and a VPN?? Does the mullvad browser do anything new/different? One thing they do mention is browser fingerprinting does it do anything special to combat that? if i switch to mullvad instead but still have the same extensions is it more private?
Mullvad Browser doesn’t collect your data, so the second paragraph is wrong. I completely agree with you on the first paragraph though. Also make sure not to change the window size in Mullvad Browser as that can also be used to track you. If you are using a tiling WM set a rule for it to make it floating at all times if possible. Also don’t forget to disable Encrypted DNS if you’re using a VPN.
I disagree; while Mullvad is very good with their no logs policies and collecting minimal info, it is generally good opsec not to centralize too many assets or data points into one company. Example: using android with chrome and google vpn, all your data is, from start to finish, in the hands of Google. Mullvad is miles better than Google of course, but I believe the same strategy applies
No, you’re wrong in the sense that they literally collect 0 data on your Mullvad BROWSER usage. It can’t be another data point because Mullvad likely doesn’t even know if you’re using Mullvad Browser, let alone what you’re doing with it.
Your point is only valid in the case of internet services, which a browser isn’t. A browser is a piece of software that can be replaced in a minute if let’s say Mullvad’s whole development team and CEO went full batshit crazy and placed backdoors in the public (and FOSS, so it can be forked) codebase, unlike e-mail etc. And your Google example is invalid because you can’t compare something like Google Chrome to Mullvad Browser.
I stand by what I said, and you’re misunderstanding my point. I’m not comparing mullvad to google, it was an analogy. Plus a browser handles processes in the Application layer (layer 7) in the OSI model, and therefore is a very essential part of the chain of services required for telecommunication. This is a first year cybersecurity concept.
Mullvad does collect a very small amount of info; see their privacy policy., especially in regards to payment. Seeing that most users probably don’t use Monero, Mullvad does have a small amount of info on them. However, this is not what my point is.
While this is a very mininal amount of data, my point is that consolidating more information points into 1 company is a bad idea, no matter the company, and no matter the degree of data collection. You cookies, browsing history, dns record, etc. are all now potentially linked to your payment info as well as http requests, tls encrypted traffic, and network activity via the same company via both browser and VPN.
Side note: a similar opsec strategy to prevent this is defederation, which denies complete control to any 1 entity. (Lemmy!)
If mullvad ever became unhinged (which I doubt would happen, but let’s entertain the thought), your entire internet access would be compromised at the browser and the network level, rather than just one or the other. You can break this up over multiple trustworthy applications to fix this. Another analogy would be to use librewolf on linux with Mullvad VPN, which are all tustworthy and come with a degree of separation as well. Now if mullvad were to go crazy, it would not affect your OS or your browser, since you were using librewolf and linux. There are less information points to work with.