How to Optimize Google Chrome for Maximum Privacy

How to Optimize Google Chrome for Maximum Privacy


http://www.howtogeek.com/100361/how-to-optimize-google-chrome-for-maximum-privacy/

 

I actually wrote a guide for making Chrome (and Firefox) more private and secure.
https://insanitybit.wordpress.com/2012/06/02/the-definitive-guide-for-securing-chrome/
https://insanitybit.wordpress.com/2012/06/02/the-definitive-guide-for-securing-firefox/

It covers most of what the howtogeek wrote but I included security tips and extensions like https-everywhere and noscript.

 

Nice blog Hungry Man!

 

Great job, both I never do use Instant, and learned a good bit more from these links. I think disabling plugins goes a long way towards security even in Chrome, though I went with the slightly less annoying "click to play" rather than white-list websites.

Edit: Regarding your suggestion to use PDF.js...I respectfully disagree here. I personally see no reason to risk exploitation by opening these files within the browser. In my opinion, it's not only more efficient (as many content-heavy pdf files won't even work properly, even with the Chrome built-in reader), but more secure to have a separate program to handle them. I'd also suggest turning javascript off in these programs to further secure yourself. Personally I think Adobe-Reader X with javascript turned off and the browser plugin disabled will suit 99% of users just fine, and keep them pretty safe. My 2 cents

 

Thanks AlexC/DW.

That's a fair point dw. Ironically I think that PDF.js is way more fitting for Chrome, which runs all Javascript in a process that's unable to write to the filesystem. As Firefox does not separate or sandbox the renderer you're running the code with lots of rights.

The idea behind PDF.js is to lower the trusted code and attack surface. Chrome does this by treating the PDF plugin as untrusted, so does Adobe, and Firefox does this by simply eliminating a separate plugin entirely, it's handled by Javascript, which has the renderer already there. The problem with Chrome/Adobe's implementation is that there's now a ton of code that's exploitable whereas Firefox has added very little code and the rest is handled entirely within the renderer.

I'll put a note in about that.

I'm planning on updating these guides further, like when I get a guide on convergence. I want to do an entire post on convergence first though so it'll probably wait until tomorrow. (edit: I finished the convergence guide and edited the FF post)