Brave browser for sensitive financial online matters

Consider using the Brave browser for internet access to your sensitive financial websites . . . . and other internet browsing as well if you are a privacy and security-minded person. More information here:

Brave browser for privacy and security

Cost: this is a free browser

This is an automatically-generated Wiki post for this new topic. Any member can edit this post and use it as a summary of the topic’s highlights.

You are implying that sensitive financial websites should be visited using a more secure browser than other websites. That doesn’t make much sense, because the financial websites are actually more secure, so your choice of browser or privacy rules makes little difference.

Security and privacy-minded people should be using a hardened browser for everything, but especially so for non-financial websites, because those are the sites that lack security and sell your data to the highest bidder.

There are a few bullet points in my privacy thread related to web browsing.

I tried it last year but it was very underwhelming honestly. It was breaking a bunch of sites, was messing up with Lastpass autofill features, and did not do things better than Firefox with my privacy/popup blocker/script management extensions.

Beyond that, I really disliked their BAT setup. I know it’s optional but really why get Brave otherwise. But to extend the BAT crypto rewards to you or allow mining scripts, some kind of tracking of your activity will be necessary. That’s the kind of stuff I try hard to get away from in the first place with my browser privacy settings.

I think it’s a very good idea to do online banking and other sensitive stuff in a different browser than generic web browsing, social media, etc. For example, Firefox for financial stuff and Chrome for everything else. The reasons:

• A common class of bugs is cross-site scripting, or one tab accessing data of another.
• Banking sites sometimes require third-party cookies (e.g. when it kicks you over from main banking site to bill pay provider). I enable them on the financial side, but not in the “main” browser.
• Many browser extensions get full access to the web site data. I use some for convenience on the generic side, but wouldn’t install them on the banking side for this reason.
• I let the main browser save passwords, but not the banking one.

(many of these things can be achieved by using different profiles within the same browser, rather than different browsers)

You make some excellent points, as usual. This is next level stuff and I think it’s a good idea for most people.

I do use multiple Firefox profiles for various reasons, but I don’t have a separate profile just for financial sites. I’ve just thought about it, and here are MY reasons for not doing it just yet:

• XSS should be prevented by NoScript. I’m consciously aware of cross-tab vulnerabilities and have made a habit of not having anything else open while logging in to financial sites. I guess I wouldn’t have to do this with a separate profile, but I think it’s a good habit. I generally don’t keep lots of open tabs as that requires a level of multitasking that I’m not comfortable with. I think people who keep their browser open for weeks with dozens or hundreds of tabs are unorganized procrastinators .
• I don’t block third-party cookies in browser settings, because Adblock and NoScript should prevent most of them, and the rest get deleted periodically with Cookiebro.
• I currently use 10 extensions and I’d need 6 of them in the financial profile, so that would be almost moot.
• I never let the browser save passwords. I save some cookies that keep me logged in to many sites, but banking sites all use session cookies for the logon, which can’t be saved (saving the cookie to prevent the “we don’t recognize your device” warning works fine).

I’m not brave enough to try it. Sticking with trusty Firefox 2.0