Why does Tor-Browser use private browsing? Should it change to normal mode?

I like the Tor-Browser and want to start using it more often (while at the same time maintaining a node to not be a leech).

But what really annoys me are the restrictions due to private browsing. There simply are different threat models and I want to discuss if private browsing actually makes sense. My ideas:


  • browser is always clean locally
  • you get the “privacy feeling” to not clutter the browser and leave it vanilla
  • cleaning up profiles may result in better performance and make updates easier
  • all data is deleted with one click


  • no container tab support
  • more restrictions (not aware of them)
  • not necessary for outgoing privacy?
  • makes installing safe addons harder (no I dont want to discuss the Addon question, I tested them using opensnitch and they are secure, I guess)
  • users can’t simply create a seperate profile, enabling saving session and tabs, as disabling private browsing is fingerprintable

Tor-Browser has preset settings. There it can easily state everything should be cleared. But local cleaning of history and session has no effect at all on privacy. Also there is no opt-in for Cookie saving, for example for the few sites you always visit, own yourself and/or trust. This makes combined use impractical, and as said this is totally opt-in.

Also: if users want to create a second profile, or simply save session and tabs in their normal one, whats wrong with that? By just settings the cleaning manually, instead of relying on “pRiVaTe BRoWsInG” this wouldn’t be necessary.

In Librewolf, I have this user.js override to deal with it:

// camera pipewire
user_pref("media.webrtc.camera.allow-pipewire", true);
// session
user_pref("browser.startup.homepage", 3);
user_pref("privacy.sanitize.sanitizeOnShutdown", false);
user_pref("privacy.clearOnShutdown.sessions", false);  // [DEFAULT: true]

This doesnt include Cache, which I also enable for performance and offline usage, but for sure is fingerprintable

So to make it clear:
Private browsing restricts lots of browser captabilities and clearing all data can easily be achieved by the settings. This could be enforced or preset, but clearing session, pinned tabs, tabs and history has no effect on “outgoing” privacy, meanig what sites see about you.

It is a huge comfort problem to not have open tabs or history, as this also saves the use of search engines or way too many bookmarks.

And even if this was opt-out and private browsing disabled but everything cleared the same, users could easily change the settings. If they would do this while private browsing was the default, their fingerprint would be way different.