I've seen a lot of none responses which I don't quite understand... For example after installing Disconnect me, I've noticed a little speed increase. So if you are not worried about privacy, you may at least like the speed. Ghostery on the other hand has been completely opposite, it slowed down my FF to a crawl. DNT also slows me down. And so I think I will stay with Disconnect Me.
gorhill (HTTPSB) did a test regarding the network traffic overhead and unsurprisingly Ghostery came last, not only it's heavy on the CPU but also it slows down the web page loading... SlowClap.gif https://github.com/gorhill/httpswit...dd-a-significant-overhead-to-network-traffic?
None for most means "none of the above", not "I don't use a privacy extension". There are many more options available than what the poll choices indicate. I don't see why I would to choose any of them with Adblock Plus and HTTP Switchboard installed.
This is odd: I installed Ghostery on Chromium, and only Facebook and Gravatar were reportedly blocked, "s.stats.wordpress.com/w.js?21" wasn't reported as being blocked. If I search for the hostname in Ghostery tracker search tool (on the Options page), it is not found.
As I have already said, I don't trust anyone and I don't believe anything, my own mother included. From what has happened to me and to other people I've seen, your closest friend is your worst enemy. I'm not going to use those specially crafted privacy toolkits, especially the ones which came out after the NSA scandal. And besides, as J_L said, they're not the only options. You can block cookies, javascript, plugins, etc to speed up your internet experience within the browsers themselves. And some people, like me, prefer to have as little amount of extensions installed as possible. If we can achieve the same features of those privacy-oriented extensions with HTTPSB/NoScript which also offer the superior security protection, then why do we need them bogging down the browser while increasing our attack surface? Not worth it IMO.
Same here I am a minimalist as well. I got only 4 extensions on my Firefox and Disconnect Me is the 4th one. I would love to get rid of Disconnect Me. But I have not found a reliable way to block cookies, javascript, plugins, etc from advertising sites via the browser itself. Disconncet Me/Ghostery/DNT does that by maintaining a blacklist of advertisers that constantly updated. And while we can throw away the privacy out of the window you cannot refure that blocking advertisers speeds up the browsing.
A couple of questions. 1, What is the purpose of limiting your choices while ruling out the more effective options available? 2, Why are you limiting the options to browser extensions? I haven't looked into a replacement for Request Policy. I stopped using Ghostery, partly because it slows the browser too much and partly because it relies on blacklisting. If there is another option to Request Policy that can whitelist sites using the same parent-child arrangement, I'd like to try it. Have you looked into using a filtering proxy like Proxomitron? It can fill most if not all of your requirements without adding to the browsers workload or attack surface. IMO, it's more than adequate as a NoScript replacement. As a separate app, it can't be bypassed or disabled by a browser exploit. Sitting between the browser and the web, it becomes the primary attack surface in place of the browser. Combined with firewall rules that force the browser to connect through it, it can't be bypassed by killing it. That would effectively disconnect the browser in the process. It works with any browser that can use a proxy and runs on most any operating system.
Im looking more into blacklisting rather than whitelisting. I don't want to maintain any list of websites that I go to. I don't want to spend any time configuring NoScript or Request policy. Just my personal preferance. Pure ignorance (ie lack of knowledge). No. I was not aware of this. Are proxy safe to use? Does it slow down the browsing? After testing it I came to the same conclusion.
The term proxy doesn't always refer to a remote site or server that you connect through. Proxomitron is on your own PC. It's a proxy in that it sits between your browser and the internet, filtering content on the fly. It's a small, freestanding application that has few system dependencies. On linux, Wine will run it. There's very little to attack as compared to a browser. It's basically an unzip and use application. The user imports the filters and coinfigures the browser proxy settings to use it, default is 127.0.0.1 port 8080. If your firewall controls loopback connections, you'll have to allow those for it as well. It's a very light load in itself. It does use processor time during filtering, which is less than the browser would use processing the same content. For me, it speeds the browser up by removing unwanted content. If you don't configuring NoScript or Request Policy, you probably won't like Proxomitron. It requires a good amount of tweaking to match to your preferences. It's the web content equivalent of a classic HIPS or a rule based firewall in its requirements from the user.
I'm filtering HTTPS traffic. The necessary libraries for filtering HTTPS and updated certificates are available at http://prxbx.com/. The site is down at the moment so I can't get direct links.
Prxbx is back up. Here's links to the files and certificates. General info and links. More info. Patched Open SSL and zlib.dll libraries used to process HTTPS. Might be newer versions linked in the forums. These need to be unzipped into Proxomitrons program folder. Proxcert.pem. Certificate for Proxomitron that's imported into browsers. Utility to make your own proxcert.pem. Direct link. With Proxcert.pem imported into the browser certificate store, Proxomitron assumes the responsibility for verifying site certificates. Certs.pem, a list of "trusted authorities" used by Proxomitron. Please read this thread before deciding to filter HTTPS. There are some issues. Direct link to latest certs.pem zip file. Direct link to a utility and instructions for making your own certs.pem. Uses OpenSSL. The Un-Official Proxomitron Forum contains a wealth of info, including details on custom filters. I strongly encourage anyone interested in Proxomitron to explore it.
Thanks for the replies np. I wasn't sure Proximitron supported that. I looked around a bit. FYI: Your "this thread" link above is borken. FWIW: http://www.openssl.org/news/vulnerabilities.html
Link fixed. Thanks. I'm not sure what's involved in patching the SSL binaries for use with Proxomitron or how much it really matters. The only good thing about those OpenSSL vulnerabilities is that most of them cause crashes or denial of service. Myself, I don't use the internet for anything financial or with anything that's extremely private so HTTPS vulnerabilities aren't as critical. The more I see regarding HTTPS, the more I'm convinced that the whole thing is broken beyond repair, and won't stop anything beyond the casual snoop.
I'm sure that there's a few Ghostery users watching this thread. Could one of you check how many items are in each of their blocklists now? When Ghostery was young and its blocklists were only a few hundred items long, it didn't have much effect on my browsing speed. If I recall correctly, the lists were well over 1000 sites when I stopped using it. Every time it updated, the lists got longer and the browser got slower. I have to believe that these blocklists are stored in memory. There'd be a lot of disk activity otherwise every time you clicked on a link. Either way, checking every link or connection request against an ever growing list of sites you don't want to connect to is an extremely inefficient process. Ghostery is running into the same problem that signature detection AVs have. Lists that are getting large and unmanageable. Lists that rely on servers to keep them relatively up to date. Like it or not, those servers are part of the users attack surface. What mechanism rules out the possibility of malicious code being injected into those databases to be executed in the PCs memory? IMO, trying to maintain lists of sites/servers that you don't want to connect to or lists of content that you don't want to see is futile. Both are potentially infinite.
Right now there is 1809 blocked elements in all catagories. I feel no slowdown while using Ghostery and hope it stays this way. Regards, hqsec