mirror of
https://github.com/privacyguides/privacyguides.org
synced 2024-12-12 12:53:31 +01:00
194 lines
12 KiB
Markdown
194 lines
12 KiB
Markdown
|
---
|
|||
|
title: "移动浏览器"
|
|||
|
icon: material/cellphone-information
|
|||
|
---
|
|||
|
|
|||
|
这些是我们当前推荐的移动网络浏览器以及标准/非匿名互联网浏览的配置。 如果您需要匿名浏览互联网,则应使用 [Tor](tor.md) 。 一般来说,我们建议将扩展程序保持在最低限度;它们在您的浏览器中具有特权访问权限,要求您信任开发人员,可以使您 [突出](https://en.wikipedia.org/wiki/Device_fingerprint#Browser_fingerprint), [弱化](https://groups.google.com/a/chromium.org/g/chromium-extensions/c/0ei-UCHNm34/m/lDaXwQhzBAAJ) 站点隔离。
|
|||
|
|
|||
|
## 安卓
|
|||
|
|
|||
|
在安卓系统上,火狐的安全性仍然低于基于Chromium的替代品。Mozilla的引擎, [GeckoView](https://mozilla.github.io/geckoview/),还没有支持 [网站隔离](https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture) 或启用 [isolatedProcess](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196)。
|
|||
|
|
|||
|
### Brave
|
|||
|
|
|||
|
!!! recommendation
|
|||
|
|
|||
|
![Brave标识](assets/img/browsers/brave.svg){ align=right }
|
|||
|
|
|||
|
**Brave浏览器**包括一个内置的内容拦截器和[隐私功能](https://brave.com/privacy-features/),其中许多功能都是默认启用的。
|
|||
|
|
|||
|
Brave是建立在Chromium网络浏览器项目之上的,所以它应该有熟悉的感觉,而且网站兼容性问题最小。
|
|||
|
|
|||
|
[:octicons-home-16: 首页](https://brave.com/){ .md-button .md-button--primary }
|
|||
|
[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="洋葱服务" }
|
|||
|
[:octicons-eye-16:](https://brave.com/privacy/browser/){ .card-link title="隐私政策" }
|
|||
|
[:octicons-info-16:](https://support.brave.com/){ .card-link title="文档"}
|
|||
|
[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="源代码" }
|
|||
|
|
|||
|
??? downloads annotate
|
|||
|
|
|||
|
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.brave.browser)
|
|||
|
- [:simple-github: GitHub](https://github.com/brave/brave-browser/releases)
|
|||
|
|
|||
|
#### 推荐配置
|
|||
|
|
|||
|
Tor浏览器是匿名浏览互联网的唯一途径。 当您使用Brave时,我们建议您更改以下设置,以保护您的隐私不受某些方的侵害,但除了 [Tor浏览器](tor.md#tor-browser) 之外的所有浏览器都可以在某些方面被 *个人* 追踪。
|
|||
|
|
|||
|
这些选项可以在 :material-menu: → **设置** → **Brave Shields & 隐私**中找到
|
|||
|
|
|||
|
##### 盾
|
|||
|
|
|||
|
Brave在其 [Shields](https://support.brave.com/hc/en-us/articles/360022973471-What-is-Shields-) 功能中包括一些防指纹的措施。 我们建议将这些选项配置为 [,在你访问的所有页面上全局](https://support.brave.com/hc/en-us/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings-)。
|
|||
|
|
|||
|
##### Brave shields global defaults
|
|||
|
|
|||
|
Shields的选项可以根据需要在每个站点的基础上进行降级,但在默认情况下,我们建议设置以下内容。
|
|||
|
|
|||
|
<div class="annotate" markdown>
|
|||
|
|
|||
|
- [x] Select **Aggressive** under Block trackers & ads
|
|||
|
|
|||
|
??? warning "Use default filter lists"
|
|||
|
Brave允许你在内部`brave://adblock`页面中选择额外的内容过滤器。 我们建议不要使用这个功能;相反,保留默认的过滤列表。 使用额外的列表会使你从其他Brave用户中脱颖而出,如果Brave中存在漏洞,恶意规则被添加到你使用的列表中,也可能增加攻击面。
|
|||
|
|
|||
|
- [x] Select **Upgrade connections to HTTPS**
|
|||
|
- [x] (Optional) Select **Block Scripts** (1)
|
|||
|
- [x] Select **Strict, may break sites** under **Block fingerprinting**
|
|||
|
|
|||
|
</div>
|
|||
|
|
|||
|
1. 该选项提供的功能类似于uBlock Origin的高级 [阻止模式](https://github.com/gorhill/uBlock/wiki/Blocking-mode) 或 [NoScript](https://noscript.net/) 扩展。
|
|||
|
|
|||
|
##### Clear browsing data
|
|||
|
|
|||
|
- [x] Select **Clear data on exit**
|
|||
|
|
|||
|
##### Social Media Blocking
|
|||
|
|
|||
|
- [ ] 取消勾选所有社交媒体组件
|
|||
|
|
|||
|
##### Other privacy settings
|
|||
|
|
|||
|
<div class="annotate" markdown>
|
|||
|
|
|||
|
- [x] Select **Disable non-proxied UDP** under [WebRTC IP Handling Policy](https://support.brave.com/hc/en-us/articles/360017989132-How-do-I-change-my-Privacy-Settings-#webrtc)
|
|||
|
- [ ] Uncheck **Allow sites to check if you have payment methods saved**
|
|||
|
- [ ] Uncheck **IPFS Gateway** (1)
|
|||
|
- [x] Select **Close tabs on exit**
|
|||
|
- [ ] Uncheck **Allow privacy-preserving product analytics (P3A)**
|
|||
|
- [ ] Uncheck **Automatically send diagnostic reports**
|
|||
|
- [ ] Uncheck **Automatically send daily usage ping to Brave**
|
|||
|
|
|||
|
1. InterPlanetary File System(IPFS)是一个分散的、点对点的网络,用于在分布式文件系统中存储和共享数据。 除非你使用该功能,否则禁用它。
|
|||
|
|
|||
|
</div>
|
|||
|
|
|||
|
#### Brave 同步
|
|||
|
|
|||
|
[Brave 同步](https://support.brave.com/hc/en-us/articles/360059793111-Understanding-Brave-Sync) 允许你的浏览数据(历史记录、书签等)在你所有的设备上访问,而不需要账户,并以E2EE进行保护。
|
|||
|
|
|||
|
## iOS
|
|||
|
|
|||
|
On iOS, any app that can browse the web is [restricted](https://developer.apple.com/app-store/review/guidelines) to using an Apple-provided [WebKit framework](https://developer.apple.com/documentation/webkit), so there is little reason to use a third-party web browser.
|
|||
|
|
|||
|
### Safari
|
|||
|
|
|||
|
!!! recommendation
|
|||
|
|
|||
|
![Safari logo](assets/img/browsers/safari.svg){ align=right }
|
|||
|
|
|||
|
**Safari** is the default browser in iOS. It includes [privacy features](https://support.apple.com/guide/iphone/browse-the-web-privately-iphb01fc3c85/15.0/ios/15.0) such as Intelligent Tracking Protection, Privacy Report, isolated Private Browsing tabs, iCloud Private Relay, and automatic HTTPS upgrades.
|
|||
|
|
|||
|
[:octicons-home-16: Homepage](https://www.apple.com/safari/){ .md-button .md-button--primary }
|
|||
|
[:octicons-eye-16:](https://www.apple.com/legal/privacy/data/en/safari/){ .card-link title="Privacy Policy" }
|
|||
|
[:octicons-info-16:](https://support.apple.com/guide/safari/welcome/mac){ .card-link title=Documentation}
|
|||
|
|
|||
|
#### 推荐配置
|
|||
|
|
|||
|
These options can be found in :gear: **Settings** → **Safari** → **Privacy and Security**.
|
|||
|
|
|||
|
##### Cross-Site Tracking Prevention
|
|||
|
|
|||
|
- [x] Enable **Prevent Cross-Site Tracking**
|
|||
|
|
|||
|
This enables WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp). The feature helps protect against unwanted tracking by using on-device machine learning to stop trackers. ITP protects against many common threats, but it does not block all tracking avenues because it is designed to not interfere with website usability.
|
|||
|
|
|||
|
##### Privacy Report
|
|||
|
|
|||
|
Privacy Report provides a snapshot of cross-site trackers currently prevented from profiling you on the website you're visiting. It can also display a weekly report to show which trackers have been blocked over time.
|
|||
|
|
|||
|
Privacy Report is accessible via the Page Settings menu.
|
|||
|
|
|||
|
##### Privacy Preserving Ad Measurement
|
|||
|
|
|||
|
- [ ] Disable **Privacy Preserving Ad Measurement**
|
|||
|
|
|||
|
Ad click measurement has traditionally used tracking technology that infringes on user privacy. [Private Click Measurement](https://webkit.org/blog/11529/introducing-private-click-measurement-pcm/) is a WebKit feature and proposed web standard aimed towards allowing advertisers to measure the effectiveness of web campaigns without compromising on user privacy.
|
|||
|
|
|||
|
The feature has little privacy concerns on its own, so while you can choose to leave it on, we consider the fact that it's automatically disabled in Private Browsing to be an indicator for disabling the feature.
|
|||
|
|
|||
|
##### Always-on Private Browsing
|
|||
|
|
|||
|
Open Safari and tap the Tabs button, located in the bottom right. Then, expand the Tab Groups list.
|
|||
|
|
|||
|
- [x] Select **Private**
|
|||
|
|
|||
|
Safari's Private Browsing mode offers additional privacy protections. Private Browsing uses a new [ephemeral](https://developer.apple.com/documentation/foundation/urlsessionconfiguration/1410529-ephemeral) session for each tab, meaning tabs are isolated from one another. There are also other smaller privacy benefits with Private Browsing, such as not sending a webpage’s address to Apple when using Safari's translation feature.
|
|||
|
|
|||
|
Do note that Private Browsing does not save cookies and website data, so it won't be possible to remain signed into sites. This may be an inconvenience.
|
|||
|
|
|||
|
##### iCloud Sync
|
|||
|
|
|||
|
Synchronization of Safari History, Tab Groups, iCloud Tabs and saved passwords are E2EE. However, by default, bookmarks are [not](https://support.apple.com/en-us/HT202303). Apple can decrypt and access them in accordance with their [privacy policy](https://www.apple.com/legal/privacy/en-ww/).
|
|||
|
|
|||
|
You can enable E2EE for you Safari bookmarks and downloads by enabling [Advanced Data Protection](https://support.apple.com/en-us/HT212520). Go to your **Apple ID name → iCloud → Advanced Data Protection**.
|
|||
|
|
|||
|
- [x] Turn On **Advanced Data Protection**
|
|||
|
|
|||
|
If you use iCloud with Advanced Data Protection disabled, we also recommend checking to ensure Safari's default download location is set to locally on your device. This option can be found in :gear: **Settings** → **Safari** → **General** → **Downloads**.
|
|||
|
|
|||
|
### AdGuard
|
|||
|
|
|||
|
!!! recommendation
|
|||
|
|
|||
|
![AdGuard logo](assets/img/browsers/adguard.svg){ align=right }
|
|||
|
|
|||
|
**AdGuard for iOS** is a free and open-source content-blocking extension for Safari that uses the native [Content Blocker API](https://developer.apple.com/documentation/safariservices/creating_a_content_blocker).
|
|||
|
|
|||
|
AdGuard for iOS has some premium features; however, standard Safari content blocking is free of charge.
|
|||
|
|
|||
|
[:octicons-home-16: Homepage](https://adguard.com/en/adguard-ios/overview.html){ .md-button .md-button--primary }
|
|||
|
[:octicons-eye-16:](https://adguard.com/privacy/ios.html){ .card-link title="Privacy Policy" }
|
|||
|
[:octicons-info-16:](https://kb.adguard.com/ios){ .card-link title=Documentation}
|
|||
|
[:octicons-code-16:](https://github.com/AdguardTeam/AdguardForiOS){ .card-link title="Source Code" }
|
|||
|
|
|||
|
??? downloads
|
|||
|
|
|||
|
- [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id1047223162)
|
|||
|
|
|||
|
Additional filter lists do slow things down and may increase your attack surface, so only apply what you need.
|
|||
|
|
|||
|
## Criteria
|
|||
|
|
|||
|
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
|
|||
|
|
|||
|
!!! example "This section is new"
|
|||
|
|
|||
|
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress.
|
|||
|
|
|||
|
### Minimum Requirements
|
|||
|
|
|||
|
- Must support automatic updates.
|
|||
|
- Must receive engine updates in 0-1 days from upstream release.
|
|||
|
- 为使浏览器更加尊重隐私所需的任何改变都不应该对用户体验产生负面影响。
|
|||
|
- Android browsers must use the Chromium engine.
|
|||
|
- Unfortunately, Mozilla GeckoView is still less secure than Chromium on Android.
|
|||
|
- iOS browsers are limited to WebKit.
|
|||
|
|
|||
|
### 扩展标准
|
|||
|
|
|||
|
- 不得复制内置浏览器或操作系统的功能。
|
|||
|
- 必须直接影响用户隐私,即不能简单地提供信息。
|
|||
|
|
|||
|
--8<-- "includes/abbreviations.zh.txt"
|