Yeah I've tried some of these extremely hardened configurations but ultimately there's too much breakage. My config now is basically:

- uBlock Origin in default configuration

- No 3rd party cookies (breaks some things, but not too many)

- Clear history and cookies on exit

Combined with an /etc/hosts file, and rather frequent browser restarts (generally daily).

> Clear history [..] on exit

Why the history? That's not readable by anyone except you, right?

> Clear [..] cookies on exit

So do you have to keep logging in to websites daily? Isn't that very annoying?

I use Cookie AutoDelete, which autocleans cookies shortly after closing tabs. I whitelist sites where I want to stay logged in or save settings.

I'm someone who clear cookies on exit to the sole purpose of having to login again every time. And I don't even use a password manager.

It does get annoying because I have to type my credentials all the time, but it just takes a few seconds so it's not a big deal. I'm sure this is not preventing me from doing anything better with my time.

I'm a person who clears cookies on exit. With a password manager with autofill it's not much of a burden but it does ensure that people can't resurrect old sessions and can't access my accounts without my password DB unlocked.

You can whitelist exceptions.

Which of course trades off against privacy.

> Why the history? That's not readable by anyone except you, right?

history sniffing

> Combined with an /etc/hosts file

Check out pi-hole and manage that for your whole family

If you're using OpenWRT/Lede you can implement this with the adblock package: https://github.com/openwrt/packages/tree/master/net/adblock/...

/etc/hosts travels with you. A LAN DNS server does not. It's a good idea to use both.