mirror of
https://github.com/privacyguides/privacyguides.org
synced 2024-11-30 15:03:32 +01:00
fa64257fcd
Signed-off-by: Jonah Aragon <jonah@triplebit.net> Co-Authored-By: redoomed1 <161974310+redoomed1@users.noreply.github.com>
438 lines
22 KiB
Markdown
438 lines
22 KiB
Markdown
---
|
||
meta_title: "Privacy Respecting Web Browsers for Android and iOS - Privacy Guides"
|
||
title: "Mobile Browsers"
|
||
icon: material/cellphone-information
|
||
description: These browsers are what we currently recommend for standard/non-anonymous internet browsing on your phone.
|
||
cover: mobile-browsers.webp
|
||
schema:
|
||
-
|
||
"@context": http://schema.org
|
||
"@type": WebPage
|
||
name: Private Mobile Browser Recommendations
|
||
url: "./"
|
||
relatedLink: "../desktop-browsers/"
|
||
-
|
||
"@context": http://schema.org
|
||
"@type": MobileApplication
|
||
name: Brave
|
||
image: /assets/img/browsers/brave.svg
|
||
url: https://brave.com
|
||
applicationCategory: Web Browser
|
||
operatingSystem:
|
||
- Android
|
||
- iOS
|
||
subjectOf:
|
||
"@type": WebPage
|
||
url: "./"
|
||
-
|
||
"@context": http://schema.org
|
||
"@type": MobileApplication
|
||
name: Cromite
|
||
image: /assets/img/browsers/cromite.svg
|
||
url: https://cromite.org
|
||
applicationCategory: Web Browser
|
||
operatingSystem:
|
||
- Android
|
||
subjectOf:
|
||
"@type": WebPage
|
||
url: "./"
|
||
-
|
||
"@context": http://schema.org
|
||
"@type": MobileApplication
|
||
name: Safari
|
||
image: /assets/img/browsers/safari.svg
|
||
url: https://apple.com/safari
|
||
applicationCategory: Web Browser
|
||
operatingSystem:
|
||
- iOS
|
||
subjectOf:
|
||
"@type": WebPage
|
||
url: "./"
|
||
---
|
||
<small>Protects against the following threat(s):</small>
|
||
|
||
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
|
||
|
||
These are our currently recommended **mobile web browsers** and configurations for standard/non-anonymous internet browsing. If you need to browse the internet anonymously, you should use [Tor](tor.md) instead.
|
||
|
||
## Brave
|
||
|
||
<div class="admonition recommendation" markdown>
|
||
|
||
![Brave logo](assets/img/browsers/brave.svg){ align=right }
|
||
|
||
**Brave Browser** includes a built-in content blocker and [privacy features](https://brave.com/privacy-features), many of which are enabled by default.
|
||
|
||
Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues.
|
||
|
||
[:octicons-home-16: Homepage](https://brave.com){ .md-button .md-button--primary }
|
||
[:simple-torbrowser:](https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion){ .card-link title="Onion Service" }
|
||
[:octicons-eye-16:](https://brave.com/privacy/browser){ .card-link title="Privacy Policy" }
|
||
[:octicons-info-16:](https://support.brave.com){ .card-link title="Documentation" }
|
||
[:octicons-code-16:](https://github.com/brave/brave-browser){ .card-link title="Source Code" }
|
||
|
||
<details class="downloads" markdown>
|
||
<summary>Downloads</summary>
|
||
|
||
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.brave.browser)
|
||
- [:simple-appstore: App Store](https://apps.apple.com/app/id1052879175)
|
||
- [:simple-github: GitHub](https://github.com/brave/brave-browser/releases)
|
||
|
||
</details>
|
||
|
||
</div>
|
||
|
||
### Recommended Brave Configuration
|
||
|
||
Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.
|
||
|
||
=== "Android"
|
||
|
||
These options can be found in :material-menu: → **Settings** → **Brave Shields & privacy**.
|
||
|
||
=== "iOS"
|
||
|
||
These options can be found in :fontawesome-solid-ellipsis: → **Settings** → **Shields & Privacy**.
|
||
|
||
#### Brave shields global defaults
|
||
|
||
Brave includes some anti-fingerprinting measures in its [Shields](https://support.brave.com/hc/articles/360022973471-What-is-Shields) feature. We suggest configuring these options [globally](https://support.brave.com/hc/articles/360023646212-How-do-I-configure-global-and-site-specific-Shields-settings) across all pages that you visit.
|
||
|
||
Shields' options can be downgraded on a per-site basis as needed, but by default we recommend setting the following:
|
||
|
||
=== "Android"
|
||
|
||
<div class="annotate" markdown>
|
||
|
||
- [x] Select **Aggressive** under *Block trackers & ads*
|
||
- [x] Select **Auto-redirect AMP pages**
|
||
- [x] Select **Auto-redirect tracking URLs**
|
||
- [x] Select **Require all connections to use HTTPS (strict)** under *Upgrade connections to HTTPS*
|
||
- [x] (Optional) Select **Block Scripts** (1)
|
||
- [x] Select **Block third-party cookies** under *Block Cookies*
|
||
- [x] Select **Block Fingerprinting**
|
||
- [x] Select **Prevent fingerprinting via language settings**
|
||
|
||
<details class="warning" markdown>
|
||
<summary>Use default filter lists</summary>
|
||
|
||
Brave allows you to select additional content filters within the **Content Filtering** menu or the internal `brave://adblock` page. We advise against using this feature; instead, keep the default filter lists. Using extra lists will make you stand out from other Brave users and may also increase attack surface if there is an exploit in Brave and a malicious rule is added to one of the lists you use.
|
||
|
||
</details>
|
||
|
||
- [x] Select **Forget me when I close this site**
|
||
|
||
</div>
|
||
|
||
1. This option disables JavaScript, which will break a lot of sites. To unbreak them, you can set exceptions on a per-site basis by tapping on the Shield icon in the address bar and unchecking this setting under *Advanced controls*.
|
||
|
||
=== "iOS"
|
||
|
||
<div class="annotate" markdown>
|
||
|
||
- [x] Select **Aggressive** under *Trackers & Ads Blocking*
|
||
- [x] Select **Strict** under *Upgrade Connections to HTTPS*
|
||
- [x] Select **Auto-Redirect AMP pages**
|
||
- [x] Select **Auto-Redirect Tracking URLs**
|
||
- [x] (Optional) Select **Block Scripts** (1)
|
||
- [x] Select **Block Fingerprinting**
|
||
|
||
<details class="warning" markdown>
|
||
<summary>Use default filter lists</summary>
|
||
|
||
Brave allows you to select additional content filters within the **Content Filtering** menu. We advise against using this feature; instead, keep the default filter lists. Using extra lists will make you stand out from other Brave users and may also increase attack surface if there is an exploit in Brave and a malicious rule is added to one of the lists you use.
|
||
|
||
</details>
|
||
|
||
</div>
|
||
|
||
1. This option disables JavaScript, which will break a lot of sites. To unbreak them, you can set exceptions on a per-site basis by tapping on the Shield icon in the address bar and unchecking this setting under *Advanced controls*.
|
||
|
||
##### Clear browsing data (Android only)
|
||
|
||
- [x] Select **Clear data on exit**
|
||
|
||
##### Social Media Blocking (Android only)
|
||
|
||
- [ ] Uncheck all social media components
|
||
|
||
#### Other privacy settings
|
||
|
||
=== "Android"
|
||
|
||
<div class="annotate" markdown>
|
||
|
||
- [x] Select **Disable non-proxied UDP** under [*WebRTC IP handling policy*](https://support.brave.com/hc/articles/360017989132-How-do-I-change-my-Privacy-Settings#webrtc)
|
||
- [x] (Optional) Select **No protection** under *Safe Browsing* (1)
|
||
- [ ] Uncheck **Allow sites to check if you have payment methods saved**
|
||
- [x] Select **Close tabs on exit**
|
||
- [ ] Uncheck **Allow privacy-preserving product analytics (P3A)**
|
||
- [ ] Uncheck **Automatically send diagnostic reports**
|
||
- [ ] Uncheck **Automatically send daily usage ping to Brave**
|
||
|
||
</div>
|
||
|
||
1. Brave's [implementation of Safe Browsing](https://support.brave.com/hc/en-us/articles/15222663599629-Safe-Browsing-in-Brave) on Android **does not** proxy [Safe Browsing network requests](https://developers.google.com/safe-browsing/v4/update-api#checking-urls) like its desktop counterpart. This means that your IP address may be seen (and logged) by Google. Note that Safe Browsing is not available for Android devices without Google Play Services.
|
||
|
||
=== "iOS"
|
||
|
||
- [ ] Uncheck **Allow Privacy-Preserving Product Analytics (P3A)**
|
||
- [ ] Uncheck **Automatically send daily usage ping to Brave**
|
||
|
||
#### Leo
|
||
|
||
These options can be found in :material-menu: → **Settings** → **Leo**.
|
||
|
||
<div class="annotate" markdown>
|
||
|
||
- [ ] Uncheck **Show autocomplete suggestions in address bar** (1)
|
||
|
||
</div>
|
||
|
||
1. This option is not present in Brave's iOS app.
|
||
|
||
#### Search engines
|
||
|
||
These options can be found in :material-menu:/:fontawesome-solid-ellipsis: → **Settings** → **Search engines**.
|
||
|
||
- [ ] Uncheck **Show search suggestions**
|
||
|
||
#### Brave Sync
|
||
|
||
[Brave Sync](https://support.brave.com/hc/articles/360059793111-Understanding-Brave-Sync) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices without requiring an account and protects it with E2EE.
|
||
|
||
## Cromite (Android)
|
||
|
||
<div class="admonition recommendation" markdown>
|
||
|
||
![Cromite logo](assets/img/browsers/cromite.svg){ align=right }
|
||
|
||
**Cromite** is a Chromium-based browser with built-in ad blocking, fingerprinting protections, and other [privacy and security enhancements](https://github.com/uazo/cromite/blob/master/docs/FEATURES.md). It is a fork of the discontinued **Bromite** browser.
|
||
|
||
[:octicons-home-16: Homepage](https://www.cromite.org){ .md-button .md-button--primary }
|
||
[:octicons-eye-16:](https://github.com/uazo/cromite/blob/master/docs/PRIVACY_POLICY.md){ .card-link title="Privacy Policy" }
|
||
[:octicons-info-16:](https://github.com/uazo/cromite?tab=readme-ov-file#docs){ .card-link title="Documentation" }
|
||
[:octicons-code-16:](https://github.com/uazo/cromite){ .card-link title="Source Code" }
|
||
|
||
<details class="downloads" markdown>
|
||
<summary>Downloads</summary>
|
||
|
||
- [:simple-android: F-Droid](https://www.cromite.org/fdroid/repo/?fingerprint=49F37E74DEE483DCA2B991334FB5A0200787430D0B5F9A783DD5F13695E9517B)
|
||
- [:simple-github: GitHub](https://github.com/uazo/cromite/releases/latest)
|
||
|
||
</details>
|
||
|
||
</div>
|
||
|
||
### Recommended Configuration
|
||
|
||
These options can be found in :material-menu: → :gear: **Settings** → **Privacy and security**.
|
||
|
||
#### Browsing data
|
||
|
||
- [x] Select **Close all open tabs on exit**
|
||
|
||
#### Incognito mode
|
||
|
||
- [x] Select **Open external links in incognito**
|
||
|
||
#### Security
|
||
|
||
- [x] Select **Always use secure connections**
|
||
|
||
This prevents you from unintentionally connecting to a website in plain-text HTTP. HTTP is extremely uncommon nowadays, so this should have little to no impact on your day-to-day browsing.
|
||
|
||
#### Adblock Plus settings
|
||
|
||
These options can be found in :material-menu: → :gear: **Settings** → **Adblock Plus settings**.
|
||
|
||
Cromite contains a customized version of Adblock Plus with EasyList enabled by default, as well as options to select more filter lists within the **FIlter lists** menu.
|
||
|
||
Using extra lists will make you stand out from other Cromite users and may also increase attack surface if a malicious rule is added to one of the lists you use.
|
||
|
||
- [x] (Optional) Select **Enable anti-circumvention and snippets**
|
||
|
||
This setting adds an additional Adblock Plus list that may increase the effectiveness of Cromite's content blocking. The warnings about standing out and potentially increasing attack surface apply.
|
||
|
||
#### Legacy Adblock settings
|
||
|
||
These options can be found in :material-menu: → :gear: **Settings** → **Legacy Adblock settings**.
|
||
|
||
- [ ] Uncheck the autoupdate setting
|
||
|
||
This disables update checks for the unmaintained Bromite adblock filter.
|
||
|
||
## Mull (Android)
|
||
|
||
<div class="admonition recommendation" markdown>
|
||
|
||
![Mull logo](assets/img/browsers/mull.svg){ align=right }
|
||
|
||
**Mull** is a privacy oriented and deblobbed Android browser based on Firefox. Compared to Firefox, it offers much greater fingerprinting protection out of the box, and disables JavaScript Just-in-Time (JIT) compilation for enhanced security. It also removes all proprietary elements from Firefox, such as replacing Google Play Services references.
|
||
|
||
[:octicons-home-16: Homepage](https://divestos.org/pages/our_apps#mull){ .md-button .md-button--primary }
|
||
[:octicons-eye-16:](https://divestos.org/pages/privacy_policy){ .card-link title="Privacy Policy" }
|
||
[:octicons-info-16:](https://divestos.org/pages/browsers#tuningFenix){ .card-link title="Documentation" }
|
||
[:octicons-code-16:](https://codeberg.org/divested-mobile/mull-fenix){ .card-link title="Source Code" }
|
||
|
||
<details class="downloads" markdown>
|
||
<summary>Downloads</summary>
|
||
|
||
- [:simple-fdroid: F-Droid](https://f-droid.org/en/packages/us.spotco.fennec_dos)
|
||
|
||
</details>
|
||
|
||
</div>
|
||
|
||
<div class="admonition danger" markdown>
|
||
<p class="admonition-title">Danger</p>
|
||
|
||
Firefox (Gecko)-based browsers on Android [lack](https://bugzilla.mozilla.org/show_bug.cgi?id=1610822) [site isolation](https://wiki.mozilla.org/Project_Fission),[^1] a powerful security feature that protects against a malicious site performing a [Spectre](https://en.wikipedia.org/wiki/Spectre_(security_vulnerability))-like attack to gain access to the memory of another website you have open.[^2] Chromium-based browsers like [Brave](#brave) will provide more robust protection against malicious websites.
|
||
|
||
</div>
|
||
|
||
[^1]: This should not be mistaken for [state partitioning](https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning) (or dynamic [first party isolation](https://2019.www.torproject.org/projects/torbrowser/design/#identifier-linkability)), where website data such as cookies and cache is restricted so that a third-party embedded in one top-level site cannot access data stored under another top-level site. This is an important privacy feature to prevent cross-site tracking and **is** supported by Firefox on Android.
|
||
[^2]: GeckoView also [does not](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196) take advantage of Android's native process sandboxing by using the [isolatedProcess](https://developer.android.com/guide/topics/manifest/service-element#isolated) flag, which normally allows an app to safely run less trusted code in a separate process that has no permissions of its own.
|
||
|
||
Enable DivestOS's [F-Droid repository](https://divestos.org/fdroid/official) to receive updates directly from the developer. Downloading Mull from the default F-Droid repo will mean your updates could be delayed by a few days or longer.
|
||
|
||
Mull enables many features upstreamed by the [Tor uplift project](https://wiki.mozilla.org/Security/Tor_Uplift) using preferences from [Arkenfox](desktop-browsers.md#arkenfox-advanced). Proprietary blobs are removed from Mozilla's code using the scripts developed for Fennec F-Droid.
|
||
|
||
### Recommended Mull Configuration
|
||
|
||
We would suggest installing [uBlock Origin](browser-extensions.md#ublock-origin) as a content blocker if you want to block trackers within Mull.
|
||
|
||
Mull comes with privacy protecting settings configured by default. You might consider configuring the **Delete browsing data on quit** options in Mull's settings if you want to close all your open tabs when quitting the app automatically, or clear other data such as browsing history and cookies automatically.
|
||
|
||
Because Mull has more advanced and strict privacy protections enabled by default compared to most browsers, some websites may not load or work properly unless you adjust those settings. You can consult this [list of known issues and workarounds](https://divestos.org/pages/broken#mull) for advice on a potential fix if you do encounter a broken site. Adjusting a setting in order to fix a website could impact your privacy/security, so make sure you fully understand any instructions you follow.
|
||
|
||
## Safari (iOS)
|
||
|
||
On iOS, any app that can browse the web is [restricted](https://developer.apple.com/app-store/review/guidelines) to using an Apple-provided [WebKit framework](https://developer.apple.com/documentation/webkit), so a browser like [Brave](#brave) does not use the Chromium engine like its counterparts on other operating systems.
|
||
|
||
<div class="admonition recommendation" markdown>
|
||
|
||
![Safari logo](assets/img/browsers/safari.svg){ align=right }
|
||
|
||
**Safari** is the default browser in iOS. It includes [privacy features](https://support.apple.com/guide/iphone/browse-the-web-privately-iphb01fc3c85/ios) such as [Intelligent Tracking Prevention](https://webkit.org/blog/7675/intelligent-tracking-prevention), isolated and ephemeral Private Browsing tabs, fingerprinting protection (by presenting a simplified version of the system configuration to websites so more devices look identical), and fingerprint randomization, as well as Private Relay for those with a paid iCloud+ subscription.
|
||
|
||
[:octicons-home-16: Homepage](https://apple.com/safari){ .md-button .md-button--primary }
|
||
[:octicons-eye-16:](https://apple.com/legal/privacy/data/en/safari){ .card-link title="Privacy Policy" }
|
||
[:octicons-info-16:](https://support.apple.com/guide/iphone/browse-the-web-iph1fbef4daa/ios){ .card-link title="Documentation" }
|
||
|
||
</details>
|
||
|
||
</div>
|
||
|
||
### Recommended Safari Configuration
|
||
|
||
We would suggest installing [AdGuard](browser-extensions.md#adguard) if you want a content blocker in Safari.
|
||
|
||
The following privacy/security-related options can be found in :gear: **Settings** → **Apps** → **Safari**.
|
||
|
||
#### Allow Safari to Access
|
||
|
||
Under **Siri**:
|
||
|
||
- [ ] Disable **Learn from this App**
|
||
- [ ] Disable **Show in App**
|
||
- [ ] Disable **Show on Home Screen**
|
||
- [ ] Disable **Suggest App**
|
||
|
||
This prevents Siri from using content from Safari for Siri suggestions.
|
||
|
||
#### Search
|
||
|
||
- [ ] Disable **Search Engine Suggestions**
|
||
|
||
This setting sends whatever you type in the address bar to the search engine set in Safari. Disabling search suggestions allows you to more precisely control what data you send to your search engine provider.
|
||
|
||
#### Profiles
|
||
|
||
Safari allows you to separate your browsing with different profiles. All of your cookies, history, and website data are separate for each profile. You should use different profiles for different purposes e.g. Shopping, Work, or School.
|
||
|
||
#### Privacy & Security
|
||
|
||
- [x] Enable **Prevent Cross-Site Tracking**
|
||
|
||
This enables WebKit's [Intelligent Tracking Protection](https://webkit.org/tracking-prevention/#intelligent-tracking-prevention-itp). The feature helps protect against unwanted tracking by using on-device machine learning to stop trackers. ITP protects against many common threats, but does not block all tracking avenues because it is designed to not interfere with website usability.
|
||
|
||
- [x] Enable **Require Face ID/Touch ID to Unlock Private Browsing**
|
||
|
||
This setting allows you to lock your private tabs behind biometrics/PIN when not in use.
|
||
|
||
- [ ] Disable **Fraudulent Website Warning**
|
||
|
||
This setting uses Google Safe Browsing (or Tencent Safe Browsing for users in mainland China or Hong Kong) to protect you while you browse. As such, your IP address may be logged by your Safe Browsing provider. Disabling this setting will disable this logging, but you might be more vulnerable to known phishing sites.
|
||
|
||
- [ ] Disable **Highlights**
|
||
|
||
Apple's privacy policy for Safari states:
|
||
|
||
> When visiting a webpage, Safari may send information calculated from the webpage address to Apple over OHTTP to determine if relevant highlights are available.
|
||
|
||
#### Settings for Websites
|
||
|
||
Under **Camera**
|
||
|
||
- [x] Select **Ask**
|
||
|
||
Under **Microphone**
|
||
|
||
- [x] Select **Ask**
|
||
|
||
Under **Location**
|
||
|
||
- [x] Select **Ask**
|
||
|
||
These settings ensure that websites can only access your camera, microphone, or location after you explicitly grant them access.
|
||
|
||
#### Other Privacy Settings
|
||
|
||
These options can be found in :gear: **Settings** → **Apps** → **Safari** → **Advanced**.
|
||
|
||
##### Fingerprinting Mitigations
|
||
|
||
The **Advanced Tracking and Fingerprinting Protection** setting will randomize certain values so that it's more difficult to fingerprint you:
|
||
|
||
- [x] Select **All Browsing** or **Private Browsing**
|
||
|
||
##### Privacy Preserving Ad Measurement
|
||
|
||
- [ ] Disable **Privacy Preserving Ad Measurement**
|
||
|
||
Ad click measurement has traditionally used tracking technology that infringes on user privacy. [Private Click Measurement](https://webkit.org/blog/11529/introducing-private-click-measurement-pcm) is a WebKit feature and proposed web standard aimed towards allowing advertisers to measure the effectiveness of web campaigns without compromising on user privacy.
|
||
|
||
The feature has little privacy concerns on its own, so while you can choose to leave it on, we consider the fact that it's automatically disabled in Private Browsing to be an indicator for disabling the feature.
|
||
|
||
#### Always-on Private Browsing
|
||
|
||
Open Safari and tap the Tabs button, located in the bottom right. Then, expand the :material-format-list-bulleted: Tab Groups list.
|
||
|
||
- [x] Select **Private**
|
||
|
||
Safari's Private Browsing mode offers additional privacy protections. Private Browsing uses a new [ephemeral](https://developer.apple.com/documentation/foundation/urlsessionconfiguration/1410529-ephemeral) session for each tab, meaning tabs are isolated from one another. There are also other smaller privacy benefits with Private Browsing, such as not sending a webpage’s address to Apple when using Safari's translation feature.
|
||
|
||
Do note that Private Browsing does not save cookies and website data, so it won't be possible to remain signed in to sites. This may be an inconvenience.
|
||
|
||
#### iCloud Sync
|
||
|
||
Synchronization of Safari History, Tab Groups, iCloud Tabs and saved passwords are E2EE. However, by default, bookmarks are [not](https://support.apple.com/HT202303). Apple can decrypt and access them in accordance with their [privacy policy](https://apple.com/legal/privacy/en-ww).
|
||
|
||
You can enable E2EE for your Safari bookmarks and downloads by enabling [Advanced Data Protection](https://support.apple.com/HT212520). Go to :gear: **Settings** → **iCloud** → **Advanced Data Protection**.
|
||
|
||
- [x] Turn on **Advanced Data Protection**
|
||
|
||
If you use iCloud with Advanced Data Protection disabled, we also recommend setting Safari's default download location to a local folder on your device. This option can be found in :gear: **Settings** → **Apps** → **Safari** → **General** → **Downloads**.
|
||
|
||
## Criteria
|
||
|
||
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
|
||
|
||
### Minimum Requirements
|
||
|
||
- Must support automatic updates.
|
||
- Must receive engine updates from upstream releases quickly.
|
||
- Must support content blocking.
|
||
- Any changes required to make the browser more privacy-respecting should not negatively impact user experience.
|