Our website is made possible by displaying online advertisements to our visitors.

Please consider supporting us by disabling your ad blocker.
Guest

Personal Internet Privacy - Back from the Dead

24 posts in this topic

The intention of this thread is to provide some useful information on how to protect yourself from malware and general snooping. Please feel free to give your recommendations and/or stories about web privacy issues.

Disclaimer: I am not an IT professional and some of things to be discussed could screw-up your browser, computer, or router and perhaps get you in trouble with your ISP (specifically, changing your own IP address). If you choose to change settings on your computer, browser, or router, you do it at your own risk. Before you change anything, WRITE DOWN the previous settings (what you're changing, where it's located, how you got there, the default setting, etc.), so you can fix it if something goes wrong.

We will break the discussion up into different areas.

1) Operating Systems (OS) -- ex: Windows, Linux, Unix (Apple - Mac, OS X)
2) Browsers -- ex: Internet Explorer, FireFox, Chrome, TOR
3) Addons -- ex: NoScript, Ad Block Plus, User Agent Overrider
4) Antivirus and System Cleaning Software -- ex: Avast, Ccleaner, AVG, Norton, Spybot
5) Firewall -- ex: ZoneAlarm, Online Armor, Sygate, IPTables, Firestarter
6) Encryption
7) Proxies/VPN

The bad news first: If you're trying to block the NSA from tracking your online or cellular activity, you're fighting a losing battle. All electronic communications have been intercepted since the 90's. The only way to prevent gov interception is to NOT go online or use your cell-phone.

The good news: There are ways to protect yourself from unwanted snooping and malware/viruses. The TOR network and end-to-end encryption can protect you from gov snooping, but they're difficult to use for novices and it will raise a red-flag to those who continually monitor internet traffic (NSA, ISP's, hosts, etc.).

I'll break the general overviews of each area into different posts. More to follow...

 

Share this post


Link to post
Share on other sites

Operating Systems

General Overview:

Note on Hardware: All newer hardware is manufactured with gov backdoors and I'm not sure how you get around this - perhaps blocking known "backdoor" ports?

We'll focus on overall security and not get too bogged down with gov snooping. Any newer OS from Microsoft or Apple has gov backdoors built in. It's safe to assume that the popular Linux distributions have backdoors as well.


Windows: Microsoft has built backdoors into their systems since the last version of Windows95. The swiss-cheese security of Windows95-XP was probably due (in part) to MS's early versions of backdoor coding. Over time, they've gotten better at backdoor coding and they made many other adjustments, so the newer versions are more secure from non-gov hacking. There seem to be endless viruses that target Windows machines, so in general, they need more tweaks for security. Also, Windows systems seem to constantly broadcast information to Microsoft.

Apple: Unix (Mac OS, OS X) is generally known as a more secure OS than Windows. It was originally developed by AT&T for mainframes/servers. Apple converted it for use as the basis for their products. There are very few viruses that target Unix. I have very little experience with Unix.

Linux: These are open-source operating systems. Most distributions are free and anyone has access to the programming. Linux is very similar in structure to Unix. Linux is widely known as more secure than Windows. From my experience, Linux is much more secure than Windows products. The popular distributions (Ubuntu, Mint) have the same issue of dumping your information, just like Windows (and probably newer Apple versions). In addition, I believe that Ubuntu and Mint, both have gov backdoors. There are very few viruses that target Linux and when new ones appear, many different people are on top of it to provide security updates (one of the attributes to open-source coding).

My recommendations:

Most companies still use Windows systems. Most software companies now release versions for both Windows and Apple. If you need to be able to use Windows/Apple specific software for your job (working offsite) and you don't have multiple computers, then stick with what your company uses. Linux distrubutions rely on open-source personnel to figure out how to make Windows programs compatible or make their own software versions that will handle the Windows stuff. The popular Linux distributions are faster at compatibility than the more-secure, more-obscure versions.

If you have multiple computers or your job is not dependent on corporate software, then Linux is the way to go. If you're new to Linux, there are distrubutions that are geared for novices and much easier to learn - Ubunutu, Mint, Debian, Zorin (thus, the popularity of these).

We'll go into detail about installing/trying Linux later.

Share this post


Link to post
Share on other sites

Browsers

General Overview:

Most browsers can be configured to protect your privacy. Out of the box, most browsers dump or broadcast your information to various entities.

Internet Explorer: I haven't used this as my default browser in many years. You can probably configure it to make it secure, but I haven't tried this in a long time. If you use Windows8, you can't completely disable IE without messing up connections for other programs on your computer. IE is one of the main components to allow your Windows computer to communicate with Microsoft. I found that the best way to secure IE is to block it from accessing the internet and then, unblocking it as needed. The newest versions do a great job of stopping malware. However, since it is still the most common browser, it will be targeted more than the others.

FireFox: Is/was an open-source project. It's a business now and they bring in mega-bucks from Google. FF dumps/broadcasts your information to Google, but this can be stopped through adjustments in about:config. FF was originally much faster and consumed fewer resources than IE, but it has grown bloated over time and hogs a large chunk of RAM. The default settings leave FF unsercure. The default malware sniffer isn't nearly as effective as IE. However, through about:config changes and addons, you can make FF very secure.

Chrome: Google's browser. Google is the NSA and it's safe to assume that it constantly dumps/broadcasts your information to various entities. I have limited experience with it. I've heard that it uses less resources than other browsers and is one of the fastest browsers available. I don't recommend it.

TOR: Linux-based browser created for maximum security. Basically, it runs your connection through different nodes before connecting to the general internet flow. This effectively masks your IP address. There are other security features built in, but I'm not entirely familiar with it. I can tell you this for sure - if you use it, it will raise a red flag with entities tracking/collecting internet traffic. The more people who use it, the better the security becomes; because it is harder to trace where all of the signals are coming from when lots of people are using it.

Others: Opera/Safari/SeaMonkey - I have no experience with these. Others can chime in with recommendations.

My recommendations:

If you're sticking with Windows, block IE and unblock it as needed (for updates, connecting to your place of work, or giving internet access to various programs). For normal browsing, install FireFox and make major changes to about:config and install privacy addons.

If you're using Linux, go with FF or one of the FF-based browsers. If you're really hardcore, you can use TOR, but read-up on it before even trying it out. I don't recommend it for casual users.

We'll go into more detail about specific settings later...

Share this post


Link to post
Share on other sites

Addons

General Overview:

Addons are programs added to your browser to perform specific functions. There are a ton of available addons for FireFox and FireFox-based browsers. I'm not sure what's available for Internet Explorer, but as I stated before, I don't recommend using it anyway (except for specific circumstances).

Be aware that the people who make the addons can also code them to dump/broadcast your information to whomever. You need to research addons before installing them - not just reviews, but other sources on the web. Some addons leave malicious remnants even after completly uninstalling them. Due diligence is necessary before installing.

The privacy addons that are of the most use do one or some of the following.

1) Script-blocking
2) Malware domain blocking
3) Advertisement blocking
4) Cookie management/deletion
5) Broadcast information masking

My recommendations:

Most browsers have built-in systems for some of these. However, their effectiveness is questionable. There are several addons that can make your browser/computer much safer than the pre-installed systems in your browser. Again, before you install an addon, research it to make sure it's not just a data-mining trap.

More later on.

Share this post


Link to post
Share on other sites

Antivirus and System Cleaning Software

General Overview:

If you have a computer, I don't need to explain antivirus. System Cleaning/Malware software blocks and/or looks for specific threats. Antivirus and the malware/cleaning software have become essentially the same thing.

If you're using Windows, you must have up-to-date Antivirus and cleaning programs. Windows8 is much safer than older versions because it acts in the same manner as non-root Linux. However, since most viruses/malware target Windows, you still need multiple safety programs.

On Windows, active antivirus/malware programs are your first line of defense at the computer (in addition to browser addons). They will block viruses/malware or at least, notify you that there's a problem.

System/malware cleaners often catch stuff that gets by everything else. They scan your computer and isolate and/or delete malicious software that your blocking software missed (especially important in your registry).

Linux/Unix: It is much more difficult for malicious software to be installed on Linux or Unix. The most popular scanner for Linux is Clam. It's just a scanner, not an active blocker. I assume Apple has many different products for their systems. Antivirus/malware software isn't as critical with these systems. The main line of active defense for Linux is to NOT run it in root mode.

My recommendations:

For Windows - you need multiple programs to protect your system. You need a good up-to-date antivirus program (ex: Avast) and secondary programs to block/scan your system (Spybot, Ccleaner, etc.).

For Linux - run it as a normal user (not root), use Clam routinely, and seal-up your browser and firewall.

We'll look at specific programs for Windows later.

Share this post


Link to post
Share on other sites

Firewall

General Overview:

Your Firewall (whether at your router or your computer) can be used to block ports, types of communications, and specific IP addresses. The blocking can be adjusted for incoming and outgoing communications separately.

Most users will prefer a default permissive outgoing setting (allows all outgoing traffic - you have to specify (blacklist) types of outgoing traffic you don't want). Conversely, most will prefer a restrictive incoming policy (block all incoming connections - you have to specify (whitelist) who you want to be able to connect to your computer).

There are many different types of communications involved (TCP, pings, UPD, ICMP, HTTP, HTTPS, POP3, FTP, etc.). You need to know what services you use before specifically blocking these types of communications. For example, if you use local email software that operates through a web-based email host, you don't want to block that form of communication (ex: POP3).

Many common Windows firewall programs are ZoneAlarm, Online Armor, and Sygate. For Linux, there are IPTables, Firestarter (interface for iptables), and Shorewall. The Linux firewalls are much more difficult to configure and use.

My recommendations:

Before installing any program, research it first.

You must have a firewall, if not multiple firewalls (ex: one on your router and one on your computer). Pick a program you're comfortable with and keep it on. If you experience connectivity issues, don't give up on the firewall, research it and configure it so it work for you.

More on this later.

Share this post


Link to post
Share on other sites

Encryption

General Overview

Encryption is used to either protect the contents of a drive or protect sent/received electronic communications (email). I my experience with encryption is very limited. I'll leave it to others to provide their experiences.

Effective email encryption is notoriously difficult to use (ex: PGP).

Here are a few of articles for those who want to go down that road.

http://www.linux.com/learn/tutorials/784...l-in-linux

http://lifehacker.com/180878/how-to-encrypt-your-email

http://www.digitaltrends.com/how-to/how-...-mail-app/

Again, the best privacy guard is to avoid electronic communications.

 

Proxies/VPN

General Overview

Proxies and Virtual Private Networks are used to hide yourself behind a third party. There are many free services. You've probably wondered how so many foreign posters on GLP display better grammar than their American counterparts. It's not just an education thing. Many of those foreign posters are Americans using proxies or VPN's.

Online proxy websites are very easy to use. You just go to their website and enter the website address you want to visit and viola, you're anonymous guy from the Netherlands.

VPN's aren't as simple. The main difference between proxies and VPN's is that with a VPN, you have a secure/encrypted connection between your computer and their server. Many VPN's require you to download their software to gain access to their services.

Free services typically have various restrictions. If you want an experience as close to normal internet browsing, you'll probably have to use a pay service.

By using either a proxy or VPN, you are agreeing to allow that organization to track your activity (just like your ISP).

One online proxy example:
http://www.freeproxy.net/

A couple of articles to get you started:
https://www.bestvpn.com/blog/11801/5-best-free-vpn/
http://anonymous-proxies.net/index.php?r.../show&id=4

Hopefully, others will chime in with their experiences with these.

Share this post


Link to post
Share on other sites

Specifics on Operating Systems

I'm not going to spend much time on Windows and Apple. Almost all of you are familiar with one or both.

My personal experience with Windows:
Old IBM Desktop - Windows98: Blue screen of death, a hacker's dream, lots of viruses, crashed during Windows Update, upgraded to XP, hard drive died during Windows Update a few years later

Custom Desktop - WindowsXP: installed lots of antivirus/anti-malware programs, relatively virus/malware free compared to 98, system crashed during Windows Update, sent back to shop, reinstalled XP, child pushing buttons crashed system, saved computer through Parted Magic (live Linux OS on USB) and installed a Debian version of Linux (still running like a champ - no virus/malware issues)

Desktop - Windows8: no problems, runs fine, I keep it on Windows8 for work-related things, seems to burn .iso images better than my Linux systems (probably because the latest version of Unetbootin hasn't been adapted for the Linux systems I use), running Classic Shell, disabled IE, use FF with many addons/config changes, several antivirus and anti-malware programs

Laptop1 - Windows7: ran great for a few years, AGAIN Windows Update crashed system, apparently damaged hard drive, Windows7 refused to reinstall, saved computer through Parted Magic, installed Zorin Linux (ran great until newer software (Adobe Flash/Shock) refused to install), recently installed Linux Mint, working fine so far

Laptop2 - Windows8: By the time I got this one, I was sick of dealing with Windows, ran Windows8 for about a year and decided to upgrade to Linux, installed Zorin, then decided to try other distributions, installed Ubunutu, Ubunutu became a resource hog, installed a version of Debian, runs like a champ

Laptop3 - WindowsXP (very low RAM / slow CPU): former computer of relative, no one could get it to work, got it running with Parted Magic, installed Puppy Linux, runs fine for surfing net

Windows8 appears to be more secure than earlier versions. However, both MS and Apple build gov backdoors into their OS. In addition, newer hardware has backdoors built in.

Side note on Windows 8: if you want your desktop to operate like an actual computer and not a cell-phone, then install Classic Shell. It allows you to modify your desktop so it operates like older Windows versions. I use this on my Windows 8 machines and does exactly what I need it to do.
http://classicshell.net/

Linux

Typically, Linux OS are free and easy to download. Installation can be messy (formatting and partitioning hard drives, buring images onto CD/DVD/USB). I have successfully installed several different distributions of Linux on former XP, Windows7, and Windows8 machines.

Here's a good site with reviews of different Linux distributions:
http://distrowatch.com/

Take your time and research which distribution will work best for you. If you've only used Windows, then Ubuntu, Zorin, or Mint would probably be the easiest to get used to.

Most Linux versions can be used "live" - running via CD/DVD/USB in the RAM of your computer. So, you can leave your Windows OS intact and run Linux on the same computer. While running Linux in RAM, you can access all of your documents from your hard drive.

In theory, RAM-only systems would be more secure because once you shut down the system, any malicious threats will disappear (unless you save your session prior to shutting down).

My experience with Linux:

Zorin - first one I tried because at the time, it was the most similar to WindowsXP. It's not as popular as other distributions, so support and compatibility with newer software was a little slower (probably better now)
http://zorin-os.com/

Ubunutu - the most popular distribution, lots of programmers working on it, fast at adapting to newer software, has more software options, uses a lot of resources, seems to dump/broadcast information somewhere, pretty easy to get used to, easy to update
http://www.ubuntu.com/

Puppy - normally used as RAM-only from CD/DVD/USB, I successfully loaded onto a hard drive, not as many software options, more difficult to get used to, very good for older computers, was a pain in the ass to load on hard drive (but it's doable)
http://puppylinux.org/main/Overview%20an...tarted.htm

Kali - designed for penetration testing, more secure than the normal Debian distribution (fewer repositories), smaller total support, not all Debian updates are compatible, slower to respond to compatibility issues with software, old version refused to recognize one of my USB ports, new version sees it, runs great, need to get very familiar with terminal (typing commands without graphical user interface (GUI)), if you have time and you're somewhat computer-savvy it's a great system, many forums/blogs to offer advice
https://www.kali.org/
http://www.blackmoreops.com/category/linux/kali-linux/

Parted Magic - this distribution has saved my ass several times, runs in RAM (live system), doesn't use a lot of resources, loaded with formatting/partitioning/system testing programs, if you have a crashed hard drive - you can probably recover everything with it, I highly recommend keeping a USB or DVD with this for emergencies, you can get older versions for free, however, I would recommend spending $10 and download the latest version, then you can sign-up on their help forum and install other packages (LibreOffice (Linux version of MS Office)), they do a good job of keeping up with newer software (Flash), very limited on additional software
http://partedmagic.com/

Mint - another popular distribution (like Ubuntu), works great on high-speed computer, easy to update, very good support, fast reaction to newer software
http://www.linuxmint.com/

My recommendations for Linux:
Try any distribution that can be loaded Live (RAM-only). That way you don't have to change anything on your computer. Try several versions to see what you like.

*Note on USB sticks - do NOT use a "Windows8 Compliant" USB stick to burn a Linux image onto, Microsoft had these sticks formatted so they appear as a hard drive and not an USB drive, I successfully unf**ked one of these, but it was a major pain (the manufacturer states that it cannot be done - SanDisk Cruzer 32G)

Before you install anything, back up your documents onto a flash drive or transfer to another computer or external hard drive.

To try-out or install Linux, you'll need an image burning program (Unetbootin - USB, ImgBurn - CD/DVD). You'll also need to check your boot settings in your computer's BIOS menu. You want CD/DVD/USB to boot before the hard drive.

http://unetbootin.sourceforge.net/
http://www.imgburn.com/

*Don't forget to export your bookmarks and save with the rest of your files before installing any new operating system.

Share this post


Link to post
Share on other sites

Specifics on Browsers

To pick up the speed, I'm not going to go into Internet Explorer, Chrome, Safari, etc. There are plenty of online tutorials and articles about securing these browsers. Also, I haven't messed with IE in a long time.

One note on Internet Explorer - IE is the main avenue for several systems on Windows machines to access Microsoft. If you want to block IE (and other programs from broadcasting/connecting to the internet), then do the following:

Open Internet Explorer
Tools
Internet Options
Connections
LAN Settings
-UNcheck "Automatic Detect Settings"
-CHECK "Use a proxy server for your LAN"
-enter 0.0.0.0 as the address and 80 as the port
-OK

To reverse, just UNcheck "Use a proxy server for your LAN" and CHECK "Automatic Detect Settings"

This should have no effect on other browsers accessing the internet. I run Firefox on my Windows8 machine and leave IE blocked, unless I find that some program I'm using needs it open to access the internet (like copying certain elements from a webpage into Word).

*This probably disables Windows Updates from accessing Microsoft, but I'm not sure

I highly recommend NOT using IE, but keeping it installed, and blocking it via the instructions above. Hopefully others will provide specific tips on making IE or the others more secure.

Link to article about making IE more secure:
http://www.bleepingcomputer.com/tutorial...rer-safer/


Firefox

We'll get into Addons in the next post.

The main way to change settings in FF is through about:config. To access this, you merely type about:config in the address bar of FF. The first page will be a warning about screwing up your system and voiding the warranty?? Just click "I'll be careful, I promise".

*Whenever FF updates to a newer version, the changes you make to about:config disappear and you have to re-enter them. I just remembered that and noticed in about:config that my changes were gone. Doh! Probably how I got banned from GLP again.

Before you make any changes - document the prior settings! If you make any changes to "integer" or "string" entries, you should first document what the original entry was (so you can go back and fix it if you don't like it or if it causes a loss of function). Also, some Operating Systems require you to modify certain string entries (not just leave it blank).

Remember, you're changing values, NOT deleting the entire preference!


First, you can disable location tracking (the variables have changed over the years, so you might not have some of these on your version of FF).

Diabling Location Tracking
Type geo in the search bar

look for geo.enabled - double click it to change it to false (automatically changes from true to false)

On this next one, I think Windows machines need something entered in place of the Google address. Linux machines can leave it blank. Research this before doing anything!

look for geo.wifi.uri - double-click it and delete the entry (https://www.googleapis.com/geolocation/v...ey=API_KEY) or change to another address - research it!

Now, your location tracking should be disabled

Default value for the above:

geo.wifi.uri
https://www.googleapis.com/geolocation/v...ey=API_KEY

Disable Browser from telling other sites where you've been

type network.http.sendRefererHeader in the search bar - double-click (or right-click and modify) and change value to zero

Now, FF doesn't automatically tell other websites where you've been.


Disabling FF from broadcasting/sending your info to Google
*Before you do the following, make sure you have several security addons installed (ex: NoScript, AdBlock Plus, etc).

Again don't do this until you install other programs to ensure browsing security! We are turning off the automatic malware filtering and safe-site filtering programs. The problem with these programs is that they send all of your browsing and download actions to Google to check for malware/virus threats. So, everytime you visit a webpage, the location is sent to Google. Everytime you download something, the download location is sent to Google.

If you disable this, you need addons to perform the same basic functions.

Write down the original settings before you change anything!

If you use Gmail or Google+, then these will probably prevent you from connecting to those sites. I have an old Gmail account and I unintentionally went there. I decided to go in and see if there were any emails and Gmail wouldn't let me in because it thought I had cookies turned off (which I didn't). So these settings are preventing me from going there (I don't care, I don't use it).

UPDATE: I had google.com completely blocked from installing cookies in my FF preferences. I deleted that entry and Gmail worked fine.

type browser.safebrowsing in the search bar

look for browser.safebrowsing.enabled - double-click to change to false

look for browser.safebrowsing.malware.enabled - souble-click to change to false

This should prevent FF from sending your info to Google. If you really want to make sure, then you can delete the values for the following:

browser.safebrowsing.appRepURL
browser.safebrowsing.gethashURL
browser.safebrowsing.malware.reportURL
browser.safebrowsing.reportURL
browser.safebrowsing.updateURL

Here are the default entries for the above:

browser.safebrowsing.appRepURL
https://sb-ssl.google.com/safebrowsing/c...E_API_KEY%

browser.safebrowsing.gethashURL
https://safebrowsing.google.com/safebrow...%&pver=2.2

browser.safebrowsing.malware.reportURL
https://safebrowsing.google.com/safebrow...ALE%&site=

browser.safebrowsing.reportURL
https://safebrowsing.google.com/safebrowsing/report?

browser.safebrowsing.updateURL
https://safebrowsing.google.com/safebrow...E_API_KEY%

We're done with about:config for now

Preference Settings - Cookies

On your main menu bar in FF, click Edit - Preferences - Privacy

Under the History Title, are your cookie settings. You do not want these hanging around from session to session. You can disable cookies completely, but that will prevent you from visiting certain sites or using certain functions on sites. So, I've found the best settings to be:

Use custom settings for history
Check accept cookies from sites
Accept third-part cookies - Always (probably better to use Never, but may prevent some functions)
Keep Until: I close FF
Check Clear History when FF closes

Then, go to settings (next to the clear history entry) and check everything in the window except
Saved Passwords and Site Preferences. FF, upon closing, will delete your browsing and download history, cookies, active logins, cache, and form and search history.

If you depend on any of the above, then leave them unchecked.

I'm sure I'm missing some things here, but others can fill in the gaps.

 

 

Miscellaneous tweaks for FireFox (not security related)

Again, document the original settings before changing anything.

To speed up the loading of webpages in FireFox, do the following.

about:config

type pipelining in search bar

go to network.http.pipelining - double-click to enable (TRUE)

go to network.http.pipelining.max-optimistic-requests - double-click, change value to 8

look at network.http.pipelining.maxrequests and make sure it's set to 32 (older versions were set to a lower number)


To prevent FF from using your hard drive as a cache and use only RAM as cache
This will help to prolong the life of your disk(s).

about:config

type browser.cache into the search bar

Required:

go to browser.cache.disk.enable - double-click to change to false

go to browser.cache.disk.smart_size.enabled - double-click to change to false

go to browser.cache.disk_cache_ssl - double-click to change to false

go to browser.cache.memory.capacity - double-click and set to any number (7 digits long)
if you don't have this entry, then you add the entry by right-clicking, selecting NEW, selecting INTEGER, enter the name as browser.cache.memory.capacity, OK, enter the value as any 7-digit number (if you have a small amount of RAM, then probably OK with 6-digits, I've never really had any issues with this setting)

look for browser.cache.memory.enable - make sure it's set to TRUE

look for browser.cache.memory.enable - make sure it's set to TRUE


Optional (just to make sure everything is disabled)

go to browser.cache.disk.capacity - double-click and set to zero

go to browser.cache.disk.max_entry_size - double-click and set to zero

go to browser.cache.disk.metadata_memory_limit - double-click and set to zero

go to browser.cache.disk.smart_size.first_run - double-click to change to false

go to browser.cache.disk.smart_size.use_old_max - double-click to change to false

go to browser.cache.disk.smart_size_cached_value - double-click and set to zero

Share this post


Link to post
Share on other sites

Addons

Again, I'm going to look specifically at FireFox. There are probably similar addons for the other browsers (or the exact same addons).

To browse/install/enable/disable/uninstall addons, go to Tools - Addons and a new tab will appear in your browser.

Note on Shockwave-Flash: if you have this installed (necessary for running a lot of videos in webpages), change the default setting to "ask to activate". It makes browsing a little more cumbersome, because you will have to click on each video to enable it. However, it provides much better security. You'll see it in the "plug-ins" section of your addon tab.

Script-Blocking
Whenever you visit a website, various scripts will attempt to run. These can provide the formatting for fonts, enable videos, enable text entry/formatting, etc. They can also be used to gather your information or redirect you to malicious pages.

NoScript is considered the best script-blocking addon for FF. To install, go to the "get addons" part of the addons tab. Type noscript in the search bar. You can click the underlined "more" to read more about it. Click the install button to install it. You may be required to restart FF after installation (just close FF and open it back up).

After installation, you can go to the Extensions part of the addon tab and change the preferences. The first thing I do, is go the Whitelist tab in preferences and remove everything except addons.mozilla.org and about:blank. You can leave Google and Yahoo and YouTube if you want, but we're discussing privacy and we know that those organizations are all about data-mining. If you really need to visit those sites, then you can temporarily allow their scripts when you go there (with a button on your browser).

Then, I go to Embeddings and make sure everything under "Additional restrictions for untrusted sites" is checked.

For "Apply these restrictions to whitelisted sites too" and everything below it, I ignore because I don't have any sites whitelisted except Mozilla addons. If you're going to whitelist sites, then you should research it and select what makes sense for you.

There are many other settings, you'll need to research them and decide what you like.

Once you start browsing with it on, you'll notice that not everything loads as normal in the webpages. If you really need to see something (like a YouTube video on DJ), you can hover over the main NoScript button in your browser and temporarily allow the scripts that you need (ex: doomjunkie.com, youtube.com, and ytimg) or you can install the "temporarily allow all this page" button on your browser tool bar and temporarily allow all scripts on the page. You can also install the "revoke temporary permissions button" to disable temporary scripts. All of these can be performed through the default NoScript button, but the two additional buttons make things quicker.

Another example: I can reply to messages in DJ with everything blocked, but I can't format the text. In order to format the text, I need to allow doomjunkie.com and ajax.googleapis.com. If I merely press the "temporarily allow all this page", then googlesyndication.com will load also (I'm not sure what it does).

By default, the two temporary script control buttons aren't on your browser. Right-click on a dead space next to your tabs and select "customize". You'll see the two additonal NoScript buttons and you can drag&drop them where you want them.

I'll continue with more addons in later posts...

 

 

Addons Continued...

Malware Domain Blocking and Advertisement Blocking

I've found two addons that work well for this.

Bluhell Firewall and Adblock Plus

Bluhell Firewall is a lightweight ad and domain blocker. It installs a button to turn it on/off with one click. It's based on EasyList, but works uses fewer rules and resources to block malware and ads.

Adblock Plus is one of the most popular ad-blocking addons. It uses EasyList as the basis for blocking ads/sites. You can add lists via "filter preferences" or go to their website to add lists. It's interesting that the "EasyPrivacy" list isn't included in filter preferences - you have to go to the website to get it.
https://easylist.adblockplus.org/en/

As brought up on another DJ thread, Adblock Plus allows certain ads to pass through if you don't UNclick "Allow some unintrusive advertising" in filter preferences. If you want all ads blocked, then UNclick it.

The other complaint about Adblock Plus is that it can be a resource hog for low-resource computers. It also slows down page loading. However, if you disabled the native filtering (safebrowsing), enabled pipelining, and installed NoScript, then pages should still load faster than before making these changes / installing addons.

There are many other addons to perform these functions, but research them thoroughly before installing to make sure they're not malicious addons used for data-mining.

Having both Bluhell and Adblock Plus may be redundant, but Bluhell uses so few resources, that it's worth having both running.

More to follow...

Share this post


Link to post
Share on other sites

Addons, continued

Cookies

You should have already set your cookie preferences in the privacy section of Edit-Preferences in FF. If you are accepting cookies, then you should have configured FF to delete all of the them on closure. Remember, cookies are essentail for functionality on some websites. If you disable them and have problems, then you'll need to go back into preferences and allow them.

Websites deposit cookies in your browser when you visit. When you go to another site, those cookies are still there and can be used to gather information. You can block all cookies in your FF browser, but it causes problems on some sites. To restore functionality, you have to go back into preferences and allow the cookies. There are addons to allow easy access to cookie preferences, but I haven't examined those in detail.

Better Privacy and Cookies Manager+

Better Privacy deletes long-term cookies (specifically LSO's from Flash). These are typically not effectively handled through FF. I rarely watch videos, so I set it to delete the default Flash Player cookie. This nullifies my Flash settings. However, every site you visited and activated flash on is contained in that cookie. So, everytime you activate Flash, that site can access the cookie and see where you've been. You have to go through the addon tab - extensions to modify your preferences (unless you configure it to have a button on your browser - I don't think that's necessary since I don't change the preferences often).

Cookies Manager+ allows you to delete cookies without closing FF or going back into preferences to delete them. So, before you leave a webpage and don't want the next website to check out your stuff, you can delete the cookies first. It also gives an easier view of what cookies are being deposited in your browser.

There are addons that allow you to select individual cookies to accept and block everything else. I haven't tried those and it will take some trial and error to find which ones you need. Once you get through the heartache, then it would be a very good system for ensuring privacy. Maybe someone else can give some insight on these.

Share this post


Link to post
Share on other sites

Addons, continued...

Broadcast Information Masking

User Agent Overrider

This addon is used to mask the details about your computer and browser. Whenever you visit a website, this information (along with your IP address) is delivered. User Agent Overrider (UAO) masks your OS and browser information by supplying fake details. For example, you can set it to tell websites that you're using an Apple Mac with a Safari7 browser. Potentially, this could prevent some malicious actions through misdirection.

Sometimes it will cause problems with websites, because they think you're operating a different system than what you really have. For example, if you visit Adobe for updates and you're running UAO, the website will suggest updates for the OS/browser combination you're broadcasting. So, when you run into this, you simply turn it off by pressing the button on your browser and reload the page.

Share this post


Link to post
Share on other sites
Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   You have pasted content with formatting.   Restore formatting

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor


Our website is made possible by displaying online advertisements to our visitors.

Please consider supporting us by disabling your ad blocker.