Adds First Launch Security to Browser Section

README.md

@@ -88,7 +88,7 @@ For more browser security pointers, check out: [Here’s How To Get Solid Browse
 **Disable WebRTC** | Optional | [WebRTC](https://webrtc.org/) allows high-quality audio/video communication and peer-to-peer file-sharing straight from the browser. However it can pose as a privacy leak, especially if you are not using a proxy or VPN. In FireFox WebRTC can be disabled, by searching for, and disabling `media.peerconnection.enabled` in about:config. For other browsers, the [WebRTC-Leak-Prevent](ttps://github.com/aghorler/WebRTC-Leak-Prevent) extension can be installed. [uBlockOrigin](https://github.com/gorhill/uBlock) also allows WebRTC to be disabled. To learn more, [check out this guide](https://buffered.com/privacy-security/how-to-disable-webrtc-in-various-browsers/).
 **Don't Connect to Open WiFi networks** | Optional | Browsing the internet while using public or open WiFi may leave you vulnerable to man-in-the-middle attacks, malware distribution and snooping. Some hotspots may also be unencrypted, or even malicious. If you do need to briefly use a public WiFi network, ensure you disable file sharing, only visit HTTPS websites and use a VPN. Also remove the network from your saved WiFi list after. See the [networking](#networking) section for more details.
 **Use Tor** | Advanced | [The Tor Project](https://www.torproject.org/) provides a browser that encrypts and routes your traffic through multiple nodes, keeping users safe from interception and tracking. The main drawbacks are speed and user experience, as well as the possibility of DNS leaks from other programs (see [potential drawbacks](https://github.com/Lissy93/personal-security-checklist/issues/19)) but generally Tor is one of the most secure browser options for anonymity on the web.
-
+**First Launch Security** | Advanced | After installing a web browser, the first time you launch it (prior to configuring it's privacy settings), most browsers will call home (send a request to Microsoft, Apple, Google or other developer) and send over your device details (as outlined in [this journal article](https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf)). Therefore, after installing a browser, you should first disable your internet connection, then launch it and go into settings and configure privacy options, before reenabling your internet connectivity. This does not apply to all browsers, in [this article](https://brave.com/brave-tops-browser-first-run-network-traffic-results) Brave claims to be the on of the only browser to call out to a single, controlled TLD exclusively.
 **Use different browsers, for different tasks** | Advanced | Compartmentalizing your activity can make it significantly harder for a malicious actor, company or government to get a clear picture of you through your browsing activity. This may include doing online shopping on 1 browser, using another browser, such as Tor for general browsing, and then a 3rd for, say social media.
 **Disable JavaScript** | Advanced | Many modern web apps are JavaScript based, so disabling it will greatly decrease your browsing experience. But if you really want to go all out, then it will really reduce your attack surface. Read more about the growing [risk of JavaScript malware](https://heimdalsecurity.com/blog/javascript-malware-explained/).
 **Route all desktop traffic via Tor** | Advanced | [Whonix](https://www.whonix.org/) allows for fail-safe, automatic, and desktop-wide use of the Tor network. It's based on Debian, and runs in a virtual machine. Straight-forward to install on Windows, OSX or Linux.