How to build a Firefox privacy arsenal

Found one called Biscuit .

 

What is the purpose of building your own privacy arsenal?

If you read the information on -https://anonymous-proxy-servers.net/ you will come to realize that it is hardly possible to build an effective Firefox privacy arsenal against anything more then low level threats.

 

i am fairly paranoid but whats the point of being a complete ghost on the web? I am more concerned about important aspects of things i want to remain hidden. I figure it is too much work to be completely invisible and too much of an inconvenience....hell i even use Opera (yea yea troll of way i love it) because i think FF is worthless as a primary browser :/

I have never heard of a real solid reason to keep all your activity hidden. I get important stuff but daily browsing hidden seems like a large waste of time. I may be naive so please enlighten me.

 

^ I agree with you, for what it's worth ^. I only go to such lengths as using VPN's+proxy for sensitive issues. If I'm just doing something like this right here... it's not worth the hassle/slowdown to me.

Though I strongly disagree with you about Firefox. Out of the box Chrome & IE are both more secure. Even tweaked, IE is probably more secure. But I have other means to cover that weakness, and what I care for from a browser is privacy & anonymity. And I believe FF can be made to be the best in those regards with the right poking & prodding. Not to mention the fastest, largely due to the EHH4ABP.

 

i just like Opera due to tab stacking and the ability to regain anything lost...if i close a tab...control z and its back...opera crashes always 100% recovers. If i close it...it recovers. Plus sessions and other great features. Supposedly chrome has those but you got to find them in some myraid cluster **** of widgets or whatever they are called. Plus other things i like about opera too. My only complaint is some sites are unstable and opera is single threaded so it eats crap when i use it for 24 hours. I have to restart fairly often but doesn't take long. I know it isn't private in the least but the ease of not loosing information and browsing work is awesome. I also hate chromes layout. Finding advance settings is a total pain. They made it like MS made win7/win8 *facepalm*

Also the bookmark system is opera is bomb. So yea the "switching costs" to me are huge -_- I use chrome or FF for banking and other stuff because that is largely what opera eats crap on so i am covered there. I do need to work on the privacy part but i am totally Fed on that area already :/

for an example...using opera and i can't use the quick reply :/

OOOO one other thing. Once i get a 4k screen i will be able to use Opera tile feature mmmmmmmmmmmmm

Plus i am already in a ton of guberment systems as is from work stuff so meh :/

 

Theres a pretty good guide to hardening FF tweaking about:config here-http://crunchbang.org/forums/viewtopic.php?id=24722

 

thx nice link

 

@ Gitmo East

Very good info & list Even though it's targetted @ mainly for Linux, there is lots of useful info for others, including FF users. I was able to make about another dozen changes via about:config

Re Linux - I was surprised to see this

I didn't expect that ?

 

Someone probably has mentioned this before: an extension like Ghostery is nice for showing a list of domains that you may not want to whitelist in NoScript and/or RequestPolicy. For NoScript users, see this tip from tlu about a NoScript feature which I'd forgotten about.

 

My response is at this thread.

In addition to privacy gains, some of these extensions can also boost performance (fewer scripts running and fewer files downloaded by browser) and improve security.

 

My security and privacy extensions:

a) "Higher fuss" computer:
Adblock Plus (EasyList, EasyPrivacy)
BetterPrivacy
Biscuit
Clear Recent History
Ghostery
LastPass
NoScript
RefControl
RequestPolicy
Web of Trust

May add HTTPS Everywhere

b) "Low fuss" computer:
Adblock Plus (EasyList, EasyPrivacy)
BetterPrivacy
NoScript (scripts allowed globally)
Web of Trust

Some other settings:
Third-party cookies off
Third-party Flash cookies off (set via http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html)

 

I use all that you mentioned more or less but biscuit which sounds neat but for me I do not trust any cookie period you can set last pass to auto login on ebay anyhow. Clear recent history and biscuit I just use this one:

http://www.hotcleaner.com/clickclean_firefox.html

click&clean, removes all browsing data and flash LSO cookies, has a nice cacheviewer to check.

Either way I have followed the guide gitmo posted above and all cache and settings are disabled to the point no cache or cookies or anything gets saved at all.

Never tried refcontrol, WOT again not really tried it any point when everyone and the entire internet's a criminal paradise

 

Really? I didn't know This. Thanks for the heads up. I will uninstall Better Privacy.

I have geolocation disabled. And I think I have no referrer done correctly. Are there other ones that are really important?

 

I don't need all that, for those who think that arguably the best browsers (privacy wise) is arguably the worst browser (security wise) can use IE or Chromium with some simple tweaks.

ON IE11 just
http://www.iegallery.com/en-us/trackingprotectionlists and
https://www.wilderssecurity.com/showthread.php?t=356987

On Chromium (add --no-referrers switch, select do-not-track), add Avast and ABP (or simular like Adguard) extensions

play with the cookie settings yourself, keep local data until I quit my browser,block third party cookies and add exceptions (besides * for wildcard, http, https, file there is also an VPN/// option in the cookie exceptions manager of Chrome, settings are allow, block and session only)

Motto: just use what is there, you won't need a plethora of add-ons (which increases attack surface for MITB).

 

With a heavy heart, I have removed RequestPolicy. Too much babysitting.

 

The arsenal isn't enough
https://panopticlick.eff.org/

 

Ok, let's remove all add-ons.

 

It can be blocked with this extension
https://addons.mozilla.org/en-us/fi...ction_id=5819dbb7-80b0-4999-8472-e10e8f631fb6

But depending on the setting you can break some websites.

You can find more security and privacy addons in the link on my signature

https://addons.mozilla.org/en-us/firefox/collections/l0rdraiden/favorites/?page=1

 

Yeah. You can go into your Flash settings and block the cookies in the first place, but most people didn't know where to look to do it for the longest time, until they put the icon in the Control Panel. Better Privacy can still be useful if you want to manage LSO's though. You might want to keep one, as they can be used to store settings. I used to keep one for my Flash settings, and you can use BP to store & manage them. But since I've moved on to HTML5 I have no use for that either. And on their own site they admit that since Firefox's change in how it now handles Flash cookies (like any other cookie), using BP to block them has become an obsolete agenda.

As for the second part of your post... I wish I wasn't such a lazy bum and would write up a list of all the tweaks I make to my about:config to post on here, or even create my own site with tips like that. But unfortunately I am (lazy). I've often thought of making one for XP too. It would probably be as thick as a novel because I make a ton of them. Out of the box XP is shite, but after tweaking and trimming dead wood, not so bad at all. But again, I'm lazy, and the OS is dying now anyway so no one would wanna read it anyhow.

And soon my obsession will shift to how to make Win7 32-bit (either Pro or Ultimate) bare bones & secure as possible. The good thing is I have a ton of material from posts in here already, favorited, by minds greater than my own. Guys like Sully, Windows Security, HungryMan, Mr. Brian, wat, mirmir (my anonymity guru), and tons more I've left out. I've got a great base to start with already, whereas with XP I started out self taught.

 

Oh and as for the list in the OP... I use the first 4 on that list (NoScript, ABP, RequestPolicy, CS Lite Mod). But not the last 2 (Ghostery & BetterPrivacy). I explained why BP became redundant. Ghostery is mostly overlap with me blocking cookies globally by default + my ABP lists/NS. Plus I flat out don't completely trust it now that it's owned by an advertising company. And after removing it I found it what was causing an occasional CPU spike issue while using Firefox... as it subsided after uninstalling it.

I find DNT+ to be pretty redundant with what I have too. The simple tick box/circle to tell sites not to track you in the FF options does basically the same thing, without the "medals" thing it has going on that I don't really like. While WOT should not be used as a straight arrow indicator, I still think it's valuable as an opinion (often a widely shared one at that, which makes it more credible). The Element Hiding Helper for ABP... is a god-send IMO. I block a ton of useless elements on my most frequently used sites with it, and it improves the page load times substantially. Calomel SSL Validation & Private Tabs are 2 I recently fell in love with too and added to the arsenal. I don't close my entire browser/sandbox as often now, but just the tabs every time I go to a new site or search.

 

I'll probably try RequestPolicy 1.0 Beta. I think its "default allow" setting will provide much better usability.

 

Scroll down to: B) Instructions For Firefox (And Firefox Variants)
Also check under:Recommended Only For More Advanced Users
Secret Agent addon looks interesting.
Has info on other browsers as well.


http://www.techsupportalert.com/con...wser-against-malware-and-privacy-concerns.htm

 

Has anyone used this Secret Agent Addon? What do people think about this Addon, is it safe?

 

Question, if Firefox is using the Google Safe Browsing blacklist, would this mean that it allows Google to track users of Firefox?

 

Been using it for months. Not all the time though, just when i feel like confusing certain www's Safe ? = Yes

Yes That's why i've disabled both items