Web browsers - Criteria
After the operating system, the web browser is undoubtedly the most important piece of software
for most people. Users are encouraged to explore this space and use multiple of them depending of
their use cases.
Free and Open Source
Free and Open Source software is a requirement for trust and quality.
Adherence to web standards
To ensure the openness and cohesiveness of the web, browsers should adhere to the many existing web
standards chief among them HTML (markup language specifying webpages structure), CSS (stylesheet
language controlling webpages appearance) and JavaScript (programming language creating dynamic web
applications).
Web diversity
These web standards are implemented by browser engines. The three main ones being Gecko for all the
Firefox-based browsers, Blink for the Chromium-based ones and Webkit. The diversity of of web
browsers is not only important for technical reasons. If one browser were to control the market as
it is already almost the case the entity controlling it would de facto dictate the future of the web
and render web standards obsolete.
Security & Privacy & Anonymity
Up to date
The browser should have automatic update or up-to-date version provided by the package manager of
their operating system. If the browser is derived from another it should receive update from the
original project in a 24 hours window.
Strong anti-fingerprinting protection
By browsing the web users leave a lot of information behind used by websites to identify them.
Information related to the browser, operating system, timezone, language, privacy settings and
cookies are found in web headers attributes. With JavaScript enabled, hardware configuration, fonts,
plugins and many more can also be detected.
One piece of data cannot by itself identify users but aggregated a unique pattern emerge. To fight it
effectively users should refrain to tweak parameters. Instead they should use a browser with built in
protection. While hiding, randomizing techniques have been employed the most effective one is to
blend users into the mass. Either by forcing a unique fingerprint for everybody or more
realistically by putting users in large enough cohort and maintaining the uniqueness of fingerprint
within that group.
Mitigate cross site tracking
Block third party cookies
Websites often require cookies, small pieces of information sent by the server and stored on users
devices and sent on further requests. Cookies can either be first party and be set by the visited
website or third party when belonging to another server. Third party cookies are the more
problematic one as they track users through the web with one of its more prominent use being
targeted advertising.
State partitions
State partition provide seperate storage location for every website. As an example a third party
cookie is still aware of its state in a website but has no awareness in an other website context.
Content blocking
The browser should possess built-in content blocking mechanism to stop any harmful and unwanted
content.
No telemetry
The browser should by default not collect any user data even for seemingly legitimate interest.
Search engine
The browser should have a private search engine as a default.
Usability
Aforementioned criteria should not affect the user experience negatively.
Customizability
Similarly customization offered by the browser should not negatively impact users security and
privacy.
Lean
The browser should focus on its main objective to display websites and web apps and not have feature
creep for every technological craze be it so-called artificial intelligence or cryptocurrency.
Extensions
Many web browsers provide mechanisms to augment their native functionalities. Extensions are however
not without risk and should be avoided.