Web browsers and Addons / Extensions

In general, it's better to limit the number of addons/extensions as each one is another risk (e.g. if the developer goes rogue or abandons the project). Also, some can be detected by websites you visit, making you stand out from the crowd and more 'unique' and therefore less anonymous (you can test your fingerprint here). This is one reason the Tor browser people recommend to not add anything to Tor browser, as some people living in oppressive regimes literally have to trust it with their lives. 

Don't let that put you off, if your biggest concern is to avoid dragnet surveillance and tracking by corporations then most of the below will help you here. Just regularly check and clear out addons you are not actually using. 

There are two main 'types' of browser out there now, for simplicity, let's call them Firefox-based and Chrome-based. Each has their own addon/extension store, but most of the addons/extensions are available on both stores.

While you can just choose your flavour and stick to it, I recommend to use one of each. Keep one browser only for places you have to login to (Facebook, Amazon etc), and a second one where you don't (e.g. researching, checking news, wikipedia etc). Let's call this your login browser, and your search browser. 

There are two reasons for using a separate browsers: If, while searching for something, you come across a malicious site - the damage will be far less if it happens on a browser where you are not logged into anything (i.e. you don't have cookies with your data in that browser). Second, the places you are logged into can do what is known as 'cross site tracking' - which basically means in some cases being logged into Facebook/Google in your browser might allow Facebook/Google to know what other sites you visit in that browser. Using the right browser addons and settings should prevent this. Using a second browser makes it impossible.

The two browsers I recommend are Firefox, and Brave (Chrome-based, so use the Chrome store for extensions). I use them like this:

Login browser - Firefox: 'Firefox containers', where you can set a unique container for each major site (e.g. one for Facebook, another for Google), makes Firefox the perfect login browser. It also has a robust password manager, if you don't want to use a third party one. These browsers, unlike Brave/Chrome, also allow you to set a 'master password', again another reason to use this for places you stay logged in. If someone gains access to your computer, this is another step they have to bypass...

Search browser - Brave or Tor browser: Brave, with its option to use the Tor network, and privacy by default settings, makes it the perfect browser search browser. Tor browser itself is stronger, but I prefer the usability of Brave.

However both Firefox and Brave are solid browsers and either would make fine primary browsers.

No reason to stop at just two browsers.... I use Safari only for banking and booking flights, and Waterfox just for some particular addons I need sometimes but don't particularly trust - experiment with what works for you.

For ALL browsers

uBlock Origin

The only adblocker you should use. 

(Not needed for Brave, which has it's own adblocker built in)

Privacy badger

Intelligently stops tracking between sites. Not an ad blocker, so can be used in conjunction with one.

HTTPS everywhere

Ensures your connection to the site you are visiting is encrypted.

(Not needed for Brave, which has this built in)

I don't care about cookies (Brave)

Blocks those annoying popups asking about cookies. It just accepts them. Use only if you either set your browser to permanent 'private window mode' or you use an addon to delete cookies (see below)

UPDATE: better to use this, to deny them in the first place (it's not yet open source though)? https://ninja-cookie.com/

Cookie AutoDelete (Brave)

Delete cookies, unless its a site you care about staying logged into - in which case you whitelist them (works with Firefox containers too, so each container has its own rules)

(not needed if you set your browser to always open in private mode)

History Cleaner / History AutoDelete (Brave)

I won't ever need to remember which websites I visited more than a week ago, and data is a toxic asset, so may as well clear the history.

Behind the Overlay Revival

A kind of popup blocker.

Neat URL (Firefox or Brave)

Strips URLs (web addresses) of all the crap typically used to track you. Essential to do this if you share links.

Privacy Pass (Brave)

Prevents those annoying 'click all the traffic light' verification tests.

Terms of Service; Didn't Read (Brave)

Doesn't actually do anything. But warns you how shady the TOS of the website you are on is.

Decentraleyes (Brave)

Hard to explain what this does... but recommended by many who know their stuff.

Dark Reader (Brave)

The only non purely functional addon I use. Open source and approved by Mozilla (who make Firefox) so should be fine to add. Makes websites kinder on your eyes.

For login browser (Firefox)

In addition to those listed at the beginning 'For ALL browsers', I recommend the following for browsers where you login to websites:

Firefox Multi-Account Containers / Facebook Container

Makes containers for websites, to prevent you being tracked by them across tabs (e.g. you signed into Facebook ONLY it its container, so the 'LIKE' buttons you see everywhere won't link back to your facebook account. This is under-rated.)

Bloody Vikings

A very easy way to make single use anonymous temporary email addresses. Only available for Firefox-based browsers.

Bitwarden (or other password manager)

An addon for my choice of password manager. It generally better not to rely on the one built into your browser, as you are locking yourself into them and can be a nightmare to export/import them all later... 

N.B: The optimum, but inconvenient, solution is not to store passwords anywhere near a browser as they are inherently insecure environments... better to just copy/paste them from an offline encrypted database such as KeePass. But you should be fine if you don't use out-of-date Windows versions or obscure outdated browsers. 

Blur/Burner Emails/c0x0.com

Useful for when you need to give an email address... these services generate a site specific email that forwards to one of your actual email addresses

NoScript Security Suite

WARNING: Advanced users only - this will break many sites!

This can be a pain at first - it essentially blocks many of the scripts websites run, until you allow them. It takes a while for to train it, but once its set up it will really harden your browser. This is why I recommend it for your 'login browser', as you don't want to set it up for every new site you visit (and you will visit hundres on your 'search browser'). Also, the sites you login to are exactly the sites you want to control like this. For example facebook.com has dozens of scripts, only a few are needed to operate the site. Using this addon will allow for a more controlled, quicker, and more private use of many of the major websites on the web.

For search browser (Brave)

In addition to those listed at the beginning 'For ALL browsers', I recommend the following for the browser you use exclusively for searching. No need for password manager as you won't be logging in anywhere.

Privacy redirect (link)

Automatically takes you to privacy-centric versions of major websites, such as YouTube and Twitter.

Unpaywall (link)

Useful for research. If you find an article behind a paywall, this might help find another source.

Also interesting, but not essential

TrackMeNot / AdNauseam

These 2 go together well. The first conducts random searches on your computer (obscuring your actual searches) and the second silently clicks on the ads (reducing the value of ads). Better to just use uBlock Origin, but you might have a use for this if you don't have a VPN and want to pollute your data.

Joplin Web Clipper / Turtl

Addons to clip websites to these encrypted notebooks applications, if you have them installed (they also need to be running). Joplin is better, as it actually takes the entire website to your notes, so you can read them offline or add your notes directly to them and dont have to worry about sites going offline. Turtl just bookmarks the site with a nice icon.

ProtectIID

If you have your own domain and use a catch all email addres, this allows you to create on-the-fly email adresses.

Reggy

create fake sign-up information

(or use https://www.fakepersongenerator.com/)

Flowcrypt / Mailvelope

Two very easy ways to encrypt your webmail with PGP. But your friends also need to use PGP... better just to use ProtonMail / Tutanota...

Keybase

Allows you to send encrypted messages to people on Twitter/Facebook etc if they are also using Keybase.

User-Agent Switcher

You can make the internet think you are using a different browser or computer (to reduce the amount of info websites have on you). Some say this doesn't add much to your privacy.

Foxy proxy

Allows you to easily switch your internet traffic through a proxy (e.g. Tor or JAP network). Useful if you don't use a VPN or the Tor browser. Some VPN providers also have their own addon, so this is another option (one or the other, both not possible).

Ghostery / Duckduckgo

Similiar to uBlock Origin and Privacy Badger respectively.

Snowflake

It allows your browser to contribute to the Tor project

Choosy

Allows you to open links in other browsers. Useful if you use many different browsers for different purposes. I think is Mac only.

Pocket

Allows you to save articles you read, for reading later. Built into Firefox and endorsed by Mozilla, so probably 'OK' as far as privacy concerns, but would still use a fake generated email to register with them.

Mendeley / Send to kindle

Good for research/reading, but bad for privacy so maybe have in own browsers dedicated for research.

I2P In Private Browsing

Allows you to easily access I2P sites, uses Firefox Containers. Firefox based browsers only.

Zeronet Loader

Automatically load ZeroNet domains as well as use `z­.­net/` as shorthand or omnibox search keyword `zn`.

Alternative to Grammarly:

Grammarly is awesome, but is essentially a keylogger.... try this instead: https://www.languagetool.org/

Metamask 

An Etheruem web-wallet which allows you to interact with pages that accept ethereum or ERC tokens.