This article was refreshed in September 2025 to reflect the latest changes and updates to the browsers discussed. We’ve also added Zen Browser and Ladybird to the list.
Your web browser is your window into the online world. On desktop PCs and laptops, it’s your primary means of accessing the world wide web and other internet services.
Thanks to the popularity of apps, the browser is less important on mobile platforms, but it’s still the main way to access most content on the web. And if you care about privacy, accessing a service using its website exposes much less of your data(nova janela) than using its app.
Your browser has direct access to troves of your most personal and intimate data. In theory, your browser could send a record of everything you do online back to its developers — even what you type into fields on individual web pages.
For that reason, we at Proton feel it’s important to explain to people which browsers they can use if they want to keep their online activity private. There are hundreds of browsers out there, so we could not examine them all. However, we assembled a list of eight open-source browsers that respect your privacy to varying degrees.
Proprietary browsers
You might notice that many of the most popular browsers, namely Google Chrome but also Apple Safari and Opera, aren’t included in our list above. That’s because they, like most popular browsers, use proprietary closed code, so we cannot know how they handle your data. Browsers that use closed code include:
- Google Chrome
- Microsoft Edge
- Apple Safari
- Opera
- Vivaldi
- Samsung Internet
- UC Browser
- DuckDuckGo Privacy Browser
These browsers are undoubtedly secure, as they have numerous highly effective protections against hackers. But should we trust them to respect our privacy?
Google’s entire business model is to invade our privacy so it can better target us with highly personalized ads. Microsoft also makes money from targeted advertising and has a long record of violating its users’ privacy(nova janela).
Apple markets itself as a champion of its users’ privacy, but it fully cooperated with the NSA’s PRISM spying program(nova janela) that Edward Snowden exposed in 2013. Its attitude to rival browsers on its iOS platform (discussed below) also makes it clear that the best interests of its users are not a top priority for the company.
The bottom line is that we simply don’t know how invasive these browsers are to our privacy because they are closed (although Chrome has been shown to use trackers to “absurd proportions(nova janela)”).
It comes down to how much you trust the developers with these browsers. Even if you do trust them, this is not how good security works.
Open-source browsers
Open source is not a miracle cure when it comes to ensuring software is private and secure. The sheer amount of code involved in creating a browser means things can be missed even by professional software auditors.
However, the fact that anyone can examine the code (and in the case of popular browsers, many have) provides the best assurance possible that its code is error-free and contains no hidden surprises.
That’s why we’re only considering fully open-source browsers in this article.
Browsers on iOS and iPadOS
Apple forces all browsers(nova janela) on its iOS and iPadOS platforms to use its own WebKit browser engine(nova janela). (A browser engine(nova janela) transforms an HTML file into a visual web page you can interact with.) This means that all third-party browsers on iOS are basically just rebranded versions of Safari (except that Safari for iOS offers advanced features that Apple blocks from its competitors).
Therefore, all comments about the browsers discussed in this article explicitly exclude their iOS versions. These browsers may still be useful on iOS (for example, for syncing bookmarks, open tabs, and browsing history across all your devices), but they’re not included among the apps discussed below.
Although not directly relevant to this article, it should be noted that in-app browsers on iOS, such as those used by the TikTok(nova janela), Instagram, and Facebook(nova janela) apps, can be very insecure and should be avoided at all costs.
Best secure and privacy-first web browsers
Mozilla Firefox
Pros
- Lots of privacy-enhancing features, with more always in development
- Large ecosystem of browser add-ons
- Secure cross-device and platform syncing
- The only open-source competition to Google’s browser engine
- Available on all major platforms
Cons
- Vulnerable to browser fingerprinting
- Too much telemetry
- Too reliant on Google for funding
Firefox is an open-source browser from the nonprofit organization Mozilla. It focuses on protecting your privacy with built-in enhanced tracking protection(nova janela), which includes fingerprinting resistance(nova janela). That said, in our tests performed, a clean installation of Firefox still had a unique browser fingerprint(nova janela).
Firefox’s default settings emphasize privacy, but you can customize them to provide even greater privacy. For example, you can fine tune which cookies and trackers you block.
The ability to customize Firefox is further enhanced by its support for a huge range of third-party add-ons(nova janela), many of which provide excellent privacy benefits. Great examples include Privacy Badger(nova janela), Cookie AutoDelete(nova janela), uBlock Origin(nova janela), Decentraleyes(nova janela), and more. And unlike Chromium-based browsers, Mozilla has no plans (nova janela)to depreciate older (Manifest V2) extensions.
The snag here is that each add-on you use increases the uniqueness of your instance of Firefox, making you more vulnerable to fingerprinting.
Outside of privacy considerations, Firefox is a lightweight, fast, and fully featured modern browser that can sync your tabs, bookmarks, and browsing history across multiple platforms using end-to-end encryption. Unfortunately, Mozilla has recently made a number of missteps that alienated many Firefox users. These include:
- Terms of Use — New language appeared to grant Mozilla a broad, royalty-free license to use any content you input into Firefox, which many feared implied ownership of their data. The removal of an explicit “never sell user data” promise also caused alarm. Following a backlash, Mozilla clarified(nova janela) that this license was solely for operating Firefox and did not imply ownership of users’ data.
- Pocket integration – The closed-source Pocket reading‑list service was initially mandatory in the installer, then optional, which many open‑source purists saw as a violation of the “fully open‑source” promise. Pocket was removed in July 2025
- Dependency on Google revenue — A deal with Google to make Google search its default search engine accounts for around 85% of Mozilla’s revenue(nova janela). Many consider this level of reliance on exactly the thing Firefox is supposed to be an alternative to unacceptable.
- Telemetry — Firefox also sends more metadata(nova janela) back to Mozilla by default than most people should be comfortable with (although you can disable turn this off).
It should be noted, though, that Firefox is also doing many things right: For example:
- Improved Certificate Management — Uses the CRLite(nova janela) technology to quickly and seamlessly check and instantly revoke untrustworthy TLS certificates.
- Total Cookie Protection(nova janela) — Now enabled by default in Standard mode, this ensures third-party cookies are blocked unless strictly necessary.
- Enhanced Tracking Protection(nova janela) in Strict mode — Includes Bounce Tracking Protection that prevents redirect trackers (bounce trackers) from collecting data as you navigate between websites.
- Unified Consent Dialog — Improves how data consent works for browser extensions.
And whatever your views on AI, its new shake-to-summarize(nova janela) feature for iOS is undoubtedly innovative.
At the end of the day, despite all Mozilla’s faults, Firefox is a great browser. It’s also Chrome’s only real free and open-source competitor. Its precipitous decline in market share(nova janela) should therefore be of deep concern to anyone who values their privacy.
Yes, you can use a Firefox fork instead (such as LibreWolf or Zen Browser, discussed below), but only Mozilla has the resources (problematic as these may be) to provide critical routine security updates and to develop new features that provide it with at least some measure of competitiveness against its commercial rivals.
Chromium
Pros
- It’s Chrome with all the proprietary code stripped out
- Supports Chrome browser extensions
Cons
- No built-in syncing solution
- No auto-update (by default)
- Vulnerable to browser fingerprinting
- It’s still a Google product
To see the value of making code open source, you need look no further than Chromium. Google makes the core code for its Chrome browser (easily the most popular browser in the world(nova janela)) open source so that the security community can review and audit it.
Chromium is a (mainly) open-source version of the Chrome browser with all of Google’s proprietary code stripped out. Or at least that’s how it’s supposed to work. However, the recent inclusion of the Google Safe Browsing(nova janela) binary to provide built‑in phishing(nova janela) and malware(nova janela) protection means that Chromium can no longer be considered entirely open source. Another concern is that, because of the sheer size and complexity of its code base, some undesirable Google code might remain undetected.
Chromium is available as pre-built downloads for Windows, macOS, Linux, and Android (for example, Bromite(nova janela)).
Other than some minor branding details, Chromium provides an almost identical browsing experience to Chrome. Unfortunately, in 2021, Google pulled support for syncing tabs, history, and bookmarks(nova janela) using your Google Account. Third-party syncing options exist, but most of these are not open source.
Syncing issues aside, Chromium offers a seamless way to transition away from Chrome (as long as you don’t mind still using code created by Google), and now includes some limited privacy-enhancing features, such as site isolation(nova janela) and sandboxing(nova janela).
Full support for Chrome browser extensions means you can install third-party privacy solutions, although any browser extension increases the uniqueness of your browser fingerprint. When we tested a new clean install of Chromium, Cover Your Tracks(nova janela) reported that it had a unique fingerprint.
Another issue is that, by default, Chromium does not auto-update, which we advise everyone to do since updates contain the latest security fixes. This isn’t a major problem on Linux, as most package managers will update the app. There are also several third-party tools designed to help with this on Windows and macOS.
Brave
Pros
- Fingerprinting resistant
- Lots of out-of-the-box privacy-enhancing features
- Compatible with Chrome browser extensions
- Secure cross-device and platform syncing
- Available on all major platforms
- No telemetry by default (opt-in anonymous user metrics available)
Cons
- Optional cryptocurrency and ad-supported features may not please purists
- Automatically redirected cryptocurrency searches to affiliate links
- Based on Google code
First released in 2016, Brave was developed by former Mozilla CEO and inventor of JavaScript, Brenden Eich. Built on Chromium, Brave is designed with a strong privacy focus. As with Chromium, Brave now includes the closed-source Google Safe Browsing binary.
One of the most notable things about this browser is Brave Search, a now fully-independent(nova janela) search engine that resolves all queries on-premises without forwarding them to any third‑party provider. This is primarily supported through “privacy-preserving” ads, although you can opt of these with a paid subscription.
The browser itself has tracking protection, a built-in ad and script blocker, built-in HTTPS-Everywhere(nova janela) functionality, and one-click anti-fingerprinting. In our tests, Brave was the only browser that was completely effective against browser fingerprinting on their desktop and Android app (although, unsurprisingly, not on iOS/iPadOS).
In a 2020 study(nova janela), it was also easily the most private browser in terms of telemetry sent back to its developers.
Brave blocks third-party cookies by default and can even block cookie consent notices (now using AI for improved performance). Because Brave is based on Chromium, you can use regular Chrome browser extensions (downloaded from either its own Brave Web Store or the Chrome Web Store). Brave also offers secure tab, history, and bookmark syncing across devices and platforms.
However, Brave also offers more controversial features. Brave Rewards(nova janela) allows you to earn BAT (Basic Attention Tokens, Brave’s own cryptocurrency that you can convert into cash) by opting to see ads from commercial partners. Even worse, payouts over $100 now require you verify your identity.
Other features include Brave News and Brave Wallet(nova janela), a cryptocurrency and NFT wallet built into the browser. Brave News(nova janela) is a personalized, ad-supported news feed (with the personalization performed on-device to protect your privacy). If you use the new Leo AI assista(nova janela)nt, it sends some metadata, query context, etc., to its backend.
It should be noted that all these “features” are strictly opt-in. However, in 2020, Brave had to apologize for automatically redirecting cryptocurrency searches to paid affiliate links(nova janela) that it was paid for. It did this without asking its users’ permission.
Tor Browser
Pros
- The best way to access the Tor anonymity network
- Strong privacy focus
- Provides partial protection against fingerprinting
- Available on most platforms (not iOS)
Cons
- Can lag behind Firefox in terms of features
- No syncing function
- Very slow when using the Tor network
Tor Browser is a forked version of Firefox ESR that routes all connections through the Tor anonymity network(nova janela). It’s also “hardened” to improve privacy, offering out-of-the-box features, such as as built-in HTTPS Everywhere(nova janela) support, script-blocking, and it always uses private browsing mode(nova janela).
Because all unmodified Tor Browsers look exactly alike, experts often recommend it as the best way to defeat browser fingerprinting. However, in our own tests, it only provided partial protection and was outperformed by Brave.
Tor Browser is built on Firefox ESR (extended support release for enterprise use), which usually trails behind the regular version in terms of features. Additionally, Tor extensively tests and modifies new versions for improved privacy before releasing them. The net result is that Tor Browser can lag behind Firefox’s latest features (these new features are often turned off for privacy reasons anyway).
Tor Browser can use regular Firefox browser add-ons, but this isn’t recommended because they add uniqueness to the browser. There is no syncing function.
When used with the Tor network, Tor Browser provides the highest level of true anonymity possible on the internet (but even this should never be considered 100% anonymity). The price for this is a huge reduction in browsing speeds (typically around 90% or more), making the Tor network impractical for most day-to-day internet tasks.
You can use Tor Browser without connecting to the Tor network. In this use case, it’s a good privacy-focused browser but provides a rather bare-bones experience for day-to-day browsing.
Firefox Focus
Pros
- Strong protection against tracking
- No telemetry by default
Cons
- Unique fingerprint
- Too minimal for day-to-day use
- Usage stats and Studies are opt-out
This mobile browser from Mozilla started life as a tracker-blocking app on iOS. You can still use it as a tracker blocker on iPhones and iPads even if you don’t use the browser itself.
Firefox Focus is, of course, based on Firefox, but it has a minimal aesthetic. There’s no support for syncing, browser add-ons, or even opening new tabs (tabbed browsing is only possible by opening a link in a new tab).
Unsurprisingly, Firefox Focus has effective tracking protection and ad-blocking (not unlike Proton VPN’s own Netshield Ad-blocker(nova janela) feature). In a welcome change, usage statistics are opt-in, and it now implements per-tab cookie isolation. However, it’s vulnerable to browser fingerprinting.
With its stripped-back feature set, Firefox Focus is too limited to recommend for day-to-day browsing, but it remains a good option if you need a high level of privacy (especially on iOS).
LibreWolf
Pros
- It’s Firefox, but with even better privacy protections
- A truly community-led, open-source project
- Supports Firefox Sync and add-ons
Cons
- Nearly-unique fingerprint
LibreWolf is a custom version of Firefox designed to increase protection against tracking and fingerprinting techniques while including many additional security improvements. It’s available for Windows, macOS, and Linux.
LibreWolf collects no telemetry, uses privacy-friendly search engines (DuckDuckGo, Searx, Qwant, etc.), has the uBlock Origin browser extension installed by default, and implements various other hardening features(nova janela) (notably built-in DNS‑over‑HTTPS (DoH)).
In our fingerprinting tests, LibreWolf scored better than vanilla Firefox with a “nearly-unique” fingerprint, but this is still a long way from ideal.
LibreWolf is always based on the latest version of Firefox and aims to release updates within three days of the latest Firefox release. Although not enabled by default, you can easily enable Firefox Sync in LibreWolf’s settings and sync your bookmarks, tabs, and browsing history across platforms and devices. It also supports standard Firefox add-ons, such as the Proton VPN(nova janela) and Proton Pass browser extensions.
Zen Browser
Pros
- It’s Firefox, but with a better UI (subjective)
- Not subject to Mozilla’s sillier missteps (for example, no telemetry)
- Supports Firefox Sync and add-ons
Cons
- UI will not be to everyone’s taste
- Still in beta at time of writing
A new (2024) Firefox-based kid on the block, Zen Browser hopes to shake up the browser landscape with a focus on privacy and providing a highly customizable minimal UI.
It pulls in Firefox updates within 72 hours after they’re released, collects no telemetry, blocks third-party trackers by default, checks for unsafe SSL certificates, automatically enforces HTTPS-only, etc. (basically, like Firefox does). Unlike LibreWolf (which ratchets them up by default), Zen Browser defaults to Firefox’s somewhat looser “Standard” privacy settings, although these can, of course, be changed.
It’s probably fair to think of Zen Browser as Firefox with an aesthetically improved design (if you like that sort of thing). Usefully, it supports Firefox add-ons and Firefox Sync, which make it easy to seamlessly hop between Zen and other Firefox-based browsers (including mobile browsers, which is handy since Zen Browser is currently desktop-only).
Ladybird
No one who cares about privacy wants a world where every browser is a version of Google Chrome (or Apple’s Safari if you use one of its proprietary and expensive locked-in devices).
Firefox is a genuinely fantastic open-source alternative to these, but bad management and a series of poor marketing decisions have alienated even many privacy-fanatics, hugely damaged its standing with the general public, and left Mozilla heavily (and very ironically) reliant on funding from Google (which it supplies for anti-trust reasons) for its continued existence.
Enter Ladybird(nova janela), an open-source and completely new browser that doesn’t yet exist. The first public alpha release is targeted for summer 2026 (Linux & macOS), with a beta release for 2027 and a full stable release for 2028. However, work on it has begun, using fresh built-from-scratch code that isn’t based on Chromium, Firefox (Gecko), or Safari (WebKit).
This is a potentially incredibly exciting project, but it’s currently far too early to know if it will even see the light of day, let alone pose a real challenge to the current status quo. After all, Firefox exists now, is very good, and is a mature and well-supported browser. But it has always faced an uphill struggle to compete with the sheer wealth, monopolistic marketing power, and global dominance behind Google and Apple’s browsers. Its also worth noting that any problems with Firefox have nothing to do with its core open-source code.
Final thoughts
All the browsers listed above are good for privacy. They each have different pros and cons that will appeal to different people’s priorities when choosing a browser, so we have not listed them in any particular order. We encourage you to try them all to see which one works best for you.
It is also the nature of open source that there are numerous lesser-known browsers (almost all forked from either Firefox or Chromium). These include the likes of GNU Icecat(nova janela), SeaMonkey(nova janela), Iridium(nova janela), Pale Moon(nova janela), Waterfox(nova janela), and others that have small but (no doubt deservedly) loyal fanbases.
While it has not been possible to examine them all in detail here, we encourage anyone with a keen interest in this subject to explore all options available.
