Firefox extensions for security & privacy

Discussion in 'other software & services' started by bellgamin, Apr 30, 2019.

  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,478
    Location:
    Hawaii
    For your comments & suggestions, here are the security & privacy add-ons I now use with Firefox:
    uBlock Origin, NoScript 10.6.1, HTTPS Everywhere, DuckDuckGo Privacy Essentials, & I don't care about cookies.

    I have TOR but seldom use it. I do not need VPN -- I don't venture into dark waters.

    Are my add-ons too much, just right, or not enough? I will appreciate any & all constructive comments.
     
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,972
    Location:
    Lloegyr
  3. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    396
    Privacy Badger is pretty neat. Doesn't play very well with Decentraleyes, though.
     
  4. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    979
    Has anyone tried the CSS Exfil Protection plug-in for Firefox?
    More info here: https://www.mike-gualtieri.com/css-exfil-vulnerability-tester

    I use uBO, Decentraleyes, Emsisoft Browser Security and the Kaspersky Protection plug-in. I'm not sure if it really makes sense to use both the Emsisoft add-on and the Kaspersky Protection plug-in.
     
  5. Be_Ta

    Be_Ta Registered Member

    Joined:
    Jan 15, 2019
    Posts:
    13
    Location:
    Earth
    My Main Fox: (i have other profiles/Browsers, where i test addons/user.js/Settings, and if they turn out to be good and dont make bad things in the Background, ill post em here ;) )
    My List:
    uMatrix
    uBlock Origin
    Decentraleyes
    First Party Isolation
    Cookie AutoDelete
    NoScript
    CanvasBlocker
    Smart Referer
    Skip Redirect
    Neat URL
    Firefox Multi-Account Containers
    Temporary Containers
    WebAPI Manager
    Privacy Settings

    *Yeeessss, they do work together without problems ;)

    and some user.js settings/modifications.
    https://github.com/ghacksuserjs/ghacks-user.js

    CHEERS...
     
    Last edited: Apr 30, 2019
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,791
    Location:
    Among the gum trees
    No need for extension for that. You can do that in about:config.
     
  7. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,520
    Location:
    Italy
  8. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    2,863
    neither nor, use containers

    for the TO - uBo is the only usefull there, the rest is doubled/trippled/useless.
    privacy badger only if not ublock, ublock plays well with decentraleyes.
    ofc this is biased to a current firefox, not an ancient build
     
  9. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,791
    Location:
    Among the gum trees
    I don't understand the need to use both uMatrix + NoScript.

    If you're using Temporary Containers why do you need Cookie AutoDelete?

    Personally, I would lose Smart Referer, Skip Redirect and Neat URL and replace them with CLEARURLs.
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,478
    Location:
    Hawaii
    I am learning a LOT from this thread. By the way, my interest in making FF browser as secure as possible is because, with the TOR browser, some sites now respond 404 or forbidden. I wonder why?
     
  11. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,783
    Location:
    Europe then Asia
    You dont need 20 extensions, they will eat lot of RAM at best and slow browsing at worse.

    I just use Netcraft (antiphising/xss) and canvas blocker (fingerprint noise), optionally I add Emsisoft (suspicious sites).

    Used to use NoScript but you will end wasting most of your time clicking on it instead of surfing.

    Imo, most of other extensions are useless and food for privacy paranoids freaks, you can't achieve total privacy on any sites anyway unless you want cripple your experience...
     
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    11,269
    Location:
    Here
    They probably detected that you've reached their site through Tor and they block you.
     
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,478
    Location:
    Hawaii
    Interesting! Hmmm... does that mean the site is overly interested in knowing who visits them? If so, I wonder why? :cautious:
     
    Last edited: May 3, 2019
  14. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    11,269
    Location:
    Here
    They probably subscribed to some service that blocks accessing their site from Tor network and/or VPN servers. For me it's usually a sign that they don't want people reaching their site from masked IP addresses. I usually don't visit such sites from my own IP address.
     
  15. Tinko

    Tinko Registered Member

    Joined:
    Sep 22, 2008
    Posts:
    5
  16. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    2,863
    installed here in nightly for testing purpose, for common usage i use the firefox dialog. firefox security for certs is very strong as people could experienced this morning :D
     
  17. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    607
    Location:
    usa
    Eventually, I've followed your idea and removed NoScript.
    After a few days without NoScript, I became sure - I don't need NoScript anymore.
    Thanks for your suggestion.
     
  18. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    548
    Location:
    Europe
    Yep it's a big bother. Ublock origin with some lists and block 3rd party cookies is enough
     
  19. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    1,353
    that's what @Umbra , me and a few others have been saying for a long time. ns is way too cumbersome, it was a good tool for pre-web 2.0 era, when the contents of a website were hosted on the same server with the website itself. but today, the contents of a website are provided by many independent/3rd party cdn's and noscript, by nature, is not suitable to handle this distributed traffic of cdn's. ubo, on the other hand, can handle them quite successfully.
     
  20. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,478
    Location:
    Hawaii
    I haven't seen a post by @Umbra in a long time. His comments are sometimes ascerbic, but often provide excellent suggestions & advice from a true professional. I wish him well, where ever he maybe.
     
  21. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    1,353
    indeed. i'm sure he'll be back in a week or two.
     
  22. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,176
    Location:
    Nicaragua
    For balance, here is one post in favor of NoScript. NoScript is so good at doing what is supposed to do (content blocking), that I wouldn't trade it for nothing, not even free licenses for all the paid programs in any security setup posted in the security setup tread here at Wilder's. For none. Thats how solid NoScript is for me. If you are into blocking content, there is nothing better than NoScript. The only content that runs is the one you want to allow to run. Nothing runs without you allowing it to run. What is allowed to run, doesn't depend on filters list but your personal choice. You, the user, is the one who decides whats allowed to run and what not to. If what I just said is important to you (you, the user being the one who decides whats allowed to run), then NoScript is for you. Otherwise, you are better off using programs that depend on lists created by other people and let them decide the content that runs in your browser.

    How easy or hard is it to learn NoScript? In my personal opinion, it takes a little while before NoScript clicks on your head, but once it does, everything starts making sense and what you used to think it was hard to understand about the program, all of the sudden it becomes easy. Making sense of what the program is for, is the key for making using NoScript easy. Based on my own personal experience learning and using the program, I can safely say that most of the people who find NoScript hard, are people who didn't put the time to learn it. You are not going to learn it in 2 days, nor perhaps a couple of months, it takes time, but once you learn it, using the program is a blast and you wouldn't wanted it in any other way. This is so, because the way NoScript works and functions is exactly the way you want it. Again, once you learn it and get used to, you wouldn't want NoScript in any other way than how it is designed to work..

    I said this before and I ll say it again. NoScript turns the sharks of the infected waters of the internet into sardines. Thats the feeling I get out of using NoScript. I can navigate infected webpages like nothing, and nothing will happen, while users visiting same webpage before and after me are getting infected left and right. Thats the power of NoScript.

    Bo
     
    Last edited: Jul 6, 2019
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    11,269
    Location:
    Here
    For me, whitelisting whole internet is just to troublesome. I just use uBo with some tweaks and add some filters and that's it. I've tried it in past but creating rules all the time is just not for me. I can use whitelist approach on my system but not on whole internet. For me it's a waste of time.
     
  24. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,176
    Location:
    Nicaragua
    If you knew and understood NoScript, you would know, 1. You don't create rules all the time, and 2. You don't white list the whole internet. Just saying. :)

    Bo
     
  25. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    1,353
    :thumb:
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.