I filtered out some that are purely just for web development
- Don't Fuck With Paste
- Easy Auto Refresh
- EditThisCookie
- GoFullPage - Full Page Screen Capture
- JSONView
- New Tab Redirect
- Pushbullet
- Remove Element
- uBlock Origin
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
I filtered out some that are purely just for web development
- Amazon Container
- Google Container
Why not use Temporary Containers and the Multi-Account Container plugin? It's basically the same, but configurable for more websites.
Because I don't care to configure them :P
been using Greasemonkey since using browser add-ons
I use literally a dozen of them so I had to look at about:addons
lol
Given the attack surface of addons, I've downsized my addon usage.
I've replaced HTTPS-Everywhere with the built-in HTTPS-first/only modes in FF and Chromium.
In FF, I use userContent.css instead of Stylus.
I use uBlock Origin's url-rewriting filters in place of redirection addons.
In Chromium, you can choose to have an addon only be enabled on certain sites. I do this with Stylus and Dark Background Light Text.
EDIT: more information:
I use multiple browsers and profiles.
Normal browsers: Firefox with Cookie Autodelete, uBO, Stylus, Dark Background and Light Text; Chromium with uBO and Stylus. Stylus is only selective enabled.
For security-sensitive non-anonymous stuff, I run Chromium with flags to disable JIT and to disable JS by default, in a bubblewrap sandbox. This browser profile has no addons.
For peak anonymity (e.g. when using one of my anon alts), I run the Tor Browser in a Whonix VM. For quick anonymity I just use the regular Tor Browser Bundle in a bubblewrap sandbox. In an act of mercy towards my weak 2013 Haswell laptop's battery, I no longer run Qubes. The Tor Browser should not ever be used with custom addons if you want anonymity.
Because the Tor browser should never run with addons and because I use a browser profile that has none, I don't want addons to be a "crutch" that I depend on too much.
I do global hostname-blocking at the DNS level, so I can live without an adblocker. DNS blocking doesn't do fine-grained subpage-blocking, conditional blocks, cosmetic filtering, redirects, etc. so a more complete solution is still worthwhile.
I also try to avoid injecting content into webpages with JS enabled, since that is extremely fingerprintable and opens a can of (in)security worms.
Some addons that I do not recommend at all:
Canvas Fingerprinting Defender: injects JS into pages, which is very fingerprintable and can trigger a CSP report if you don't disable those. CSP reports can identify you even if you disable JS execution.
Anything that you can do without an addon, TBH. They do weaken the browser security model.
In Firefox I have:
Decentraleyes is dead, swap it for LocalCDN, an actively maintained fork.