Welcome to Saturday Hashtag, a weekly place for broader context.
|
Listen To This Story
 |
Browsers, once neutral gateways to the web, now enable surveillance, data harvesting, and corporate overreach. Despite assurances from Google, Microsoft, and Mozilla, modern browsers are plagued by vulnerabilities and privacy-compromising designs.
Firefox’s quiet retreat from its privacy commitments underscores a hard truth: no major browser is fully trustworthy.
Security Threats Masked As Innovation
Zero-Day Exploits Are Now Routine: A cyberattack that takes advantage of unknown software vulnerability. “Zero-Day” refers to the vulnerability being exploited on the first day it’s discovered. High-profile browsers like Chrome, Firefox, and Edge are frequent targets of these attacks. Flaws are usually found by external researchers and patched only after users are exposed. The persistence of such vulnerabilities, despite billion-dollar teams, raises questions about priorities.
Extensions: Trojan Horses by Design: Browser extensions, often marketed as convenience tools, are one of the most abused attack vectors. With minimal oversight, these tools can:
- Harvest personal and financial data
- Track every click and website visited
- Request alarming levels of access, which users routinely grant
Companies profit from the extension ecosystems, yet take little responsibility for their abuse.
Phishing: The Achilles’ Heel of ‘Smart’ Browsers: Despite years of anti-phishing tool development, browsers consistently fail to catch sophisticated phishing sites. This is not due to lack of capability — but arguably a lack of will. Browser vendors prioritize speed and features over defensive defaults.
Privacy: A Diminishing Priority
Tracking and Fingerprinting Are the Norm, Not the Exception: Even with cookies blocked, browser fingerprinting allows advertisers and surveillance firms to track users across the web using unique identifiers like device specs and screen settings. This is deliberately under-addressed because it serves advertisers, not users.
WebRTC and IP Leaks: Built-In Exposure: The WebRTC protocol, enabled by default in many browsers, can expose users’ real IP addresses — even while using a VPN. This is an astonishing failure in basic privacy design, and users must manually disable it. Why is this protocol still on by default?
Mozilla Firefox: A Privacy Leader No More: In a disturbing shift, Mozilla Firefox — once the gold standard for user-respecting software — has silently removed its long-standing promise not to sell user data from its FAQ.
Data Collection SOP
Chrome and Edge: Surveillance Tools in Disguise
- Google Chrome is a data-harvesting platform masquerading as a browser. It collects granular behavioral data — even when users opt out of tracking.
- Microsoft Edge, tightly woven into Windows, funnels usage data directly to Microsoft servers. Both browsers profit directly from user surveillance.
Even Firefox Collects Telemetry by Default: Despite its open-source roots, Firefox now enables telemetry and data-sharing by default — unless users explicitly disable it.
Default Search Engines Funnel Data to Advertisers: Most browsers default to Google, funneling every search into Google’s advertising and data infrastructure — regardless of the browser’s “private mode” or privacy promises.
Strategies for a Hostile Browser Landscape
If users want to protect their privacy, the burden falls entirely on them:
- Use privacy-first browsers: Brave, LibreWolf, and Tor Browser are among the few options that default to protecting user data.
- Limit or eliminate extensions: Browser extensions are small software tools like Adblock Plus and Grammarly added to web browsers to enhance or customize their functionality; most are unnecessary and pose serious risks.
- Disable WebRTC manually: This prevents IP leaks that defeat VPN protection.
- Avoid Chrome and Edge entirely: Their business models are incompatible with user privacy.
- Regularly audit your browser: Check permissions, clear data, and avoid “convenient” features that mine your information.
Browser Landscape
Mainstream: Chrome, Firefox, Edge, Safari, Opera, Brave, Vivaldi
Privacy-Focused: Tor, Brave, LibreWolf, Ungoogled Chromium
Minimal/Niche: Pale Moon, Midori, Epic, QuteBrowser, Falkon
Mobile: Brave Mobile, Firefox Mobile, Safari, Opera Mini
Legacy: Internet Explorer, Netscape, Konqueror
Modern browsers are no longer neutral tools — they are gateways to surveillance. The quiet removal of privacy promises by Mozilla, paired with the aggressive data collection of Chrome and Edge, shows that even once-trusted platforms can no longer be assumed safe. Users must assume that browsers work against their interests unless proven otherwise.
The path to reclaiming privacy is narrow and user-driven. Trust is no longer an option.
Google Is Winning on Every AI Front
The author writes, “Neither OpenAI nor Anthropic have a chance at this point.”
Phishing Scams Will Be Harder to Spot in 2025
The author writes, “Phishing emails have been a staple of cybercrime for decades. They’re usually the starting point for a broader infiltration at small and midsize businesses (SMBs), tricking employees into revealing sensitive information that can be used to gain access to larger systems and networks that house critical or confidential data. However, the incorporation of artificial intelligence (AI) into proven phishing tactics has revolutionized the effectiveness of these email scams.”
What Is a Browser-in-the-Browser (BitB) Attack?
From Perception Point: “A browser-in-the-browser (BitB) attack is a new phishing technique that simulates a login window with a spoofed domain within a parent browser window to steal credentials. This attack primarily exploits the single sign-on (SSO) authentication model, which allows users to log in to different websites using their existing accounts from services like Google, Facebook, or Microsoft.”
Google Chrome Secretly Shares Your Device Data — With Google
The author writes, “Somewhat surprisingly given DOJ investigations and Europe’s DMA, it now seems that Google may be using its dominant Chrome browser to advantage its own services over its competition. Chrome pulls device and performance data, and then shares it exclusively with Google. Following reports on X that first made this claim, Google has now confirmed to me that this hidden data sharing does indeed take place.”
Data Doctors: Do I Really Need to Stop Using Chrome?
From WTOP News: “If you’ve seen recent headlines, you might be wondering if Microsoft is sounding the alarm or simply promoting its own browser. The latest warning is tied to a newly discovered malware known as StilachiRAT, which has sparked concern because of its pervasive threats. Here’s a quick breakdown of what’s actually going on and whether switching browsers should be on your to-do list.”
How to Block Websites in Chrome, Mozilla, Safari, and Edge Browsers
The author writes, “It’s easy to get distracted by the endless array of websites at our fingertips. Whether you’re trying to focus on work, create a safer browsing environment for your kids, or avoid specific online distractions, learning how to block a website on your browser is a handy skill. In this blog post, we’ll walk through several methods to block websites on popular browsers like Google Chrome, Mozilla Firefox, Safari, and Microsoft Edge.”
Chrome, Edge, Firefox, Opera, or Safari: Which Browser Is Best for 2025?
From PCMag: “Don’t take your browser for granted! We help you narrow your options by comparing the best web browsers on speed, privacy, and other important features.”
Microsoft Warns Windows Users — Change Your Browser As New Attacks Underway
From Forbes: “Microsoft has just issued a new warning for Chrome users after discovering a sophisticated new attack that steals ‘credentials stored in the browser, digital wallet information, data stored in the clipboard, as well as system information.’ The warning comes from Microsoft’s respected Incident Response team, but it’s an awkward one.”
