Firefox Plugin Configuration for safe browsing

Discussion in 'privacy technology' started by Assasin, Apr 22, 2013.

Thread Status:
Not open for further replies.
  1. Assasin

    Assasin Registered Member

    Joined:
    Apr 22, 2013
    Posts:
    17
    Good afternoon,
    I am reconfiguring my list of add-ons to make my browsing safer. I have a list of
    1) Ad Block Plus with custom lists enabled
    2) NoScript configured the way i want
    3) Self-Destructing Cookies

    Do I need anything else like DNT+ / Disconnect / BetterPrivacy?

    Suggest your own configurations.
     
  2. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    I would add something like WOT.
    BD trafficlight as well is a good add on too.
     
  3. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,088
    Define "safer". If you at least partially mean "safer from a privacy POV" I would suggest you use something to get referrer information under control. RefControl or an alternative.
     
  4. Assasin

    Assasin Registered Member

    Joined:
    Apr 22, 2013
    Posts:
    17
    Safer I mean less tracking from sites as possible.
     
  5. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    I used to use a lot of add ons but I found I was always having to tweak them so have reduced myself to NoScript but I'll give you a list of some that you may find useful.

    Request Policy: It allows you to configure cross site requests.
    Ghostery: Stops tracking
    Cookie White List with Buttons: Allows you to pick which sites are able to leave cookies.
    Browser Protect: Stops browser hijacks.
    Flash Block: Stops flash from auto starting.
    Empty Cache Button: (Self explanatory)
    Right to Click: Allows right clicks when you're stopped
    Flagfox: Lets you know the location of the site you're visting
    Better Privacy: Deletes flash cookies

    While you can do all this I just found it ruined using the internet and really all you need is No Script, WOT, ABP with a few filters that have different functions and use Sandboxie, the free version and set it to auto delete. This should be secure enough but it's worth finding your own configuration that you're happy with that balances security with ease of use.
     
  6. Assasin

    Assasin Registered Member

    Joined:
    Apr 22, 2013
    Posts:
    17
  7. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    Assasin, I'd say the best thing to do is to try out a series of combinations but I'd use No Script and ABP as your starting points. Many add ons replicate each other, I'm not sure you need to run DNT+ and Ghostery together. There are a number of add ons that block cookies. You won't find any consensus because everyone has their own combination of add ons. I'd say trying things out is half the fun. I must admit I really used to enjoy trying out lots of different add ons.
     
  8. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    What I use:

    ABP (EasyList, EasyPrivacy, Malware Domains, AntiSocial)
    CS Lite Mod
    HTTPS-Everywhere
    NoScript
    RequestPolicy
    WOT

    Element Hiding Helper for Adblock Plus (disabled - custom rules added on demand)

    Check "Tell websites I do not want to be tracked" in options. Use Private Browsing mode.

    Adobe Flash (always up to date) = only plugin

    If you take time to learn your way around your about:config some real privacy gains can be found in there.
     
    Last edited: Apr 24, 2013
  9. Assasin

    Assasin Registered Member

    Joined:
    Apr 22, 2013
    Posts:
    17
    @luciddream: request policy does not work in a way like noscript? Which are their differences?
    If you show us your about:config cheanges i would be grateful!
     
    Last edited: Apr 24, 2013
  10. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    I did a bit of testing using Collusion to see how I was being tracked and I found that the combination of No Script and Request Policy. This is because you have the opportunity to stop tracking before it even begins. For example, while I was using You Tube I was still being tracked by just using No Script, it took Request Policy to block the two third party scripts, gstatic and google.
     
  11. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    I've considered making a list of them and storing it, but just never got around to it. I've made so many, it's just too much to go through and organize right now. Main ones are to disable caching, prefetching, referrers, geo. I remember I got a lot from a site called "tweakguides". Several others from this very site in a thread called "Firefox - change these for better privacy".

    Also recommend highly using Ixquick for your searches, and for your URL bar, in SSL.
     
  12. anniew

    anniew Registered Member

    Joined:
    Mar 15, 2013
    Posts:
    92
    Assasin, have you already considered non-browser specific protections, which may help avoid certain tracking scenarios, such as OpenDNS, VPNs, etc.?

    Also, there is the "stylometric" issues:
    https://www.wilderssecurity.com/showthread.php?t=346140

    And, there is your computer's/browser's unique "fingerprint" (e.g. MAC address, specific combination of plug-ins and config options) coupled with browsing habits and stylometric can be pretty powerful. There are only a few operators who can do this (e.g. Google, if you use their search, or two or more of their products - also note that some non-google sites often require google owned scripts - e.g. for ajax).
    https://www.wilderssecurity.com/showpost.php?p=2204475&postcount=27

    So, depends on what your concern is and how far you want to take action to protect your privacy.
     
  13. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    I use.:
    Adblock plus.
    WOT.
    Noscript.
    Lastpass.

    I do not use any form of flash control as i changed the flash plugin to click to play in firefox settings.
     
Loading...
Thread Status:
Not open for further replies.