Most people think private browsing means no one can see what they’re doing. Open an incognito tab, visit a few sensitive sites, close it. Done. Safe.
It isn’t. Not even close.
Private mode in Chrome, Firefox, or Safari deletes your local history when you close the window. That’s all it does. Your ISP still sees your traffic. The websites you visit still log your IP address. Your employer’s network still records your DNS queries. And advertisers can identify you through browser fingerprinting — often with more than 99% accuracy — without ever setting a cookie.
Browsing without leaving a trace requires understanding what “a trace” actually means. Then you can do something about it.
Private Mode Doesn’t Mean What You Think
The FTC and several academic studies have repeatedly documented that users badly misunderstand private mode. In one widely cited study from the University of Chicago, more than half of participants thought private browsing hid their location from websites. It doesn’t.
Incognito mode stops your own device from recording your history. That’s genuinely useful: buying a birthday present on a shared laptop, checking a doctor’s symptom page without it showing up in your autocomplete, avoiding personalized ads based on what you just searched. For stopping external parties — websites, ISPs, network operators — it provides no protection whatsoever.
The confusion is partly the browser makers’ fault. “Private browsing” sounds like you’re invisible. You’re not. You’re just tidy.
What Actually Gives You Away Online
There are five major ways you leave traces while browsing, and most privacy advice only addresses one or two of them.
Your IP address is visible to every server you connect to. It maps to your approximate location (usually city-level) and to your ISP account. Under most legal frameworks, your ISP can tie your IP to your identity when presented with a valid request.
DNS queries happen before your browser even loads a page. When you type a URL, your device asks a DNS server to translate the domain name into an IP address. Most people’s DNS queries go to their ISP’s resolvers by default, giving the ISP a near-complete list of every domain you’ve visited — even for HTTPS sites. Encryption protects the content of a connection; DNS leaks reveal the destination.
Cookies and tracking pixels persist across sessions unless you actively clear them. Third-party trackers — small scripts or images embedded by companies like Google, Meta, or advertising networks — follow you from site to site, building behavioral profiles.
Browser fingerprinting is the sneakiest vector. It requires no cookies and no logins. Websites identify your specific browser by combining dozens of signals: your OS, screen resolution, installed fonts, WebGL renderer, time zone, battery status, available plugins. This combination is often unique to your device. Worse, trying to change your fingerprint by adding extensions or tweaking settings frequently makes you more identifiable, not less — you become the unusual one.
Account logins are the most obvious trace: when you’re signed into Google, Facebook, or any service, they track everything you do across every site that embeds their code. This is most of the web.
Test What Your Browser Reveals Right Now
Before changing anything, it’s worth knowing your actual exposure.
Cover Your Tracks by the Electronic Frontier Foundation runs a fast test that shows whether your browser has a unique fingerprint and whether you’re protected against known tracking techniques. The EFF has maintained this tool since 2010, and its methodology is publicly documented. It’s the best starting point.
BrowserLeaks goes deeper. It runs a full suite of tests across canvas fingerprinting, WebGL, WebRTC, JavaScript APIs, font enumeration, and more — then shows you exactly what each reveals to any site you visit. It’s useful as a benchmark both before and after you make changes to your setup.
For DNS specifically, DNS Leak Test checks whether your DNS queries are going to your intended resolver or leaking to your ISP. If you’ve enabled DNS over HTTPS and it’s not working correctly, this will catch it.
IPLeak checks your apparent IP address alongside WebRTC leak detection — a common problem where browsers expose your real local network IP even through a VPN, because WebRTC requests can bypass the VPN tunnel entirely.
None of these tools require an account. None store your results tied to your identity. They’re useful precisely because they work without signup.
The Browser You’re Using Already Decides a Lot
Extensions and settings help. But you can’t tune a leaky system into a sealed one. Browser choice is the foundation.
Firefox with the right settings is the most practical option for most people. Set Enhanced Tracking Protection to “Strict,” enable DNS over HTTPS under Settings → Privacy & Security → DNS over HTTPS, and install uBlock Origin. Firefox is open-source and funded by the Mozilla Foundation — not by an advertising company. That structural difference matters when you think about what incentives shape product decisions.
Brave is built on Chromium but includes aggressive fingerprint randomization and ad-blocking turned on by default. Nothing to configure for basic protection. The trade-off: Brave is a commercial company with its own advertising product (Brave Ads), which some people find philosophically inconsistent with its privacy positioning. It’s a reasonable choice if you want sensible defaults without manual tuning.
Tor Browser offers the strongest protection with the hardest usability trade-offs. It routes all traffic through the Tor network, anonymizing your IP through multiple relays before it reaches any destination. Fingerprinting is minimized by making all Tor users appear identical to websites — no unique browser signals. The cost is speed and occasional blocked access on sites that reject Tor exit nodes.
For most everyday privacy — stopping ad networks, encrypting DNS, reducing fingerprinting — Firefox or Brave is the right call. Reserve Tor Browser for situations where IP-level anonymity genuinely matters.
Chrome doesn’t belong in this conversation. Google’s core business is advertising. Chrome collects telemetry by default, doesn’t block tracking, and was slow to deprecate the third-party cookie infrastructure that made cross-site tracking profitable. Chrome’s dominant market share has materially slowed the web’s move toward stronger privacy defaults.
Extensions That Actually Help
Most extension recommendations online are noise. These aren’t.
uBlock Origin is the essential one. It blocks ads, trackers, and malicious scripts at the network level using well-maintained filter lists. It’s open-source with no monetization model. In independent benchmark tests it consistently outperforms every alternative in both block rate and resource efficiency. On Firefox, it has full access to the WebExtensions API. On Chromium browsers, Google’s Manifest V3 transition has limited some of its functionality — one more structural reason to use Firefox for privacy.
Firefox Multi-Account Containers isolates different sites from each other in color-coded containers. Your bank runs in one container, social media in another. Cookies can’t cross container boundaries, so Facebook’s tracking scripts on a news site can’t connect back to your Facebook session. It takes five minutes to set up and genuinely limits cross-site tracking.
Privacy Badger by the EFF learns to block invisible trackers based on observed behavior rather than filter lists. It’s complementary to uBlock Origin — it catches tracking patterns that a static list might miss.
One thing to actively avoid: privacy-branded extensions that aren’t open-source. A surprising number of VPN browser extensions and “privacy tools” in Chrome’s extension store have been found to sell browsing data. Check who made the extension, read the privacy policy, and look for the source code repository before installing anything.
DNS Over HTTPS: The Setting Most People Skip
DNS queries are a quietly complete record of your online life. Every domain you visit, even when using HTTPS.
DNS over HTTPS (DoH) encrypts your DNS lookups so your ISP can’t read them. Firefox has it built in under Settings → Privacy & Security → Enable DNS over HTTPS. Brave enables it automatically. Chrome has it under Settings → Privacy and Security → Security → Use Secure DNS.
The choice of DNS resolver matters. If you use Google’s public DNS (8.8.8.8), you’ve moved visibility from your ISP to Google — a trade, not an improvement. NextDNS is a privacy-focused resolver with a configurable no-logging option. Cloudflare’s 1.1.1.1 has a published privacy policy committing to no data selling and deletion of query logs within 25 hours. Read the policy before choosing; trust-but-verify applies here.
Run DNS Leak Test after enabling DoH to confirm it’s actually working.
No-Login Tools Remove the Account Problem Entirely
The simplest privacy improvement is often the most overlooked: stop creating accounts for things that don’t require them.
Every account is a data point. An email address, a browsing history, a behavioral profile tied to your identity. When a service requires a login, it can track everything you do within it indefinitely — and across any site that embeds its tracking code. When you use a tool without an account, there’s no profile to build and no data to breach.
This is the reasoning behind no-login tools as a category: a huge range of tasks — editing images, converting files, writing notes, running code, checking calculations — can be done in a browser without identifying yourself at all.
When you need a temporary email address to register for something and don’t want the resulting spam hitting your real inbox, Temp Mail generates a disposable address instantly, no registration needed. It disappears when you close the tab.
When you need to share a password or sensitive message, PrivNote sends a self-destructing encrypted note that deletes itself after the recipient opens it. No account. No server-side copy after reading.
| Tool | Purpose | Privacy angle |
|---|---|---|
| Cover Your Tracks | Tests browser fingerprint and tracking | See your exposure before changing anything |
| BrowserLeaks | Full browser leak audit | Identifies all leak vectors in detail |
| DNS Leak Test | Checks DNS resolver | Confirms DoH is actually working |
| IPLeak | Checks IP and WebRTC leaks | Catches VPN bypass via WebRTC |
| Temp Mail | Disposable email | No real address required for signups |
| PrivNote | Self-destructing notes | Nothing persists after the message is read |
The Limits Worth Being Honest About
No setup provides complete anonymity, and overclaiming does more harm than good.
If your threat model includes targeted surveillance by a sophisticated adversary, browser settings alone are insufficient. Tor Browser helps, but even Tor has known weaknesses against attackers who control enough of the network. Operational security — behavior, not just tools — matters at that level.
For the rest of us, the realistic goal is making mass commercial tracking significantly harder. That means: encrypting DNS so your ISP can’t sell your browsing history, blocking third-party trackers so ad networks can’t build behavioral profiles, choosing a browser that doesn’t phone home by default, and using no-login tools when there’s no reason to hand over your email.
There’s also the consistency problem. Using a fingerprint-resistant browser does nothing if you log into your Google account in the same window. Privacy tools work in combination. Isolating contexts — different browsers or containers for different activities — is more effective than optimizing any single setting.
The Cover Your Tracks test takes thirty seconds. Run it on your current browser right now, before making any changes. The result is often genuinely surprising — and seeing your own fingerprint in concrete terms is more motivating than any article about it.