FireFox, Top Security/Privacy Extension

Discussion in 'privacy technology' started by zpro, Aug 10, 2012.

Thread Status:
Not open for further replies.
  1. zpro

    zpro Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    38
    Thought I would ask the group, what would be your top 5 or 10 or more firefox extension to harden for security and privacy, against attack or trackers or hackers..etc

    noscripts
    ghostery
    https everywhere
    https finder
    do not track plus
    calomel ssl validation
    quickjava
    search engine security
    askforsanitize
    secure sanitizer
    user agent switcher
    adblocker plus
    adblocker plus pop-up addon

    Well thats mine list, what yours !!! :D
    cheers
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Switch to Chrome and use build in features like :D
    - block HTTP cookies, allow session HTTPS cookies
    - allow data (File:///*) for current session only
    - click to play plug-ins (flash)
    - deny javascript except from few high level domains (mine com, nl, org and net)
    - default flash and pdf ppapi plug-ins (fully sandboxed)
    - chrome safe browsing (websites and reputation scoring of downloads)
    - check invalid certificates (chrome will warn you)
    - no JAVA

    You will only need three extensions:
    - referer control, allow from/to https only block all others
    - KB SSL enforcer (or HTTPS everywhere which uses FF db).
    - Webutation (same as FF equivalent)
     
    Last edited: Aug 10, 2012
  3. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    Firstly I use the Jon Do Fox profile google if you haven't heard of it before.

    Instead of "user agent switcher" I would use Secret agent https://www.dephormation.org.uk/index.php?page=81 which is what I use, It automatically Randomizers you user agent every time you click a new link or even refresh the webpage.

    For Flash cookies some people use Better Privacy or have their browsers Sandboxed and have the contents deleted on exit, how ever this does not prevent Tracking during the actual browsing session. But I have since found a better solution which blocks the creation of flash cookies on your OS in the first place and that is to instead create a zero byte file named macromedia and replace it with the macromedia folder and no new flash cookies can ever be created.

    anyway my other addons are
    cookie monster to block normal cookies.
    noscript
    ghostery
    perspectives

    https everywhere. I only use this when not connected thru VPN otherwise it defeats the purpose of VPN because every site I connect to with https sees my real IP address.

    And I use Admuncher for ad blocking.
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Those measures do take care of some tracking, but not all tracking. I personally use Do Not Track Plus and Nimi Cleanser.

    @ zpro

    From those you mention, I've tried and am using the following in my Firefox Nightly build: Do Not Track Plus, HTTPS Everywhere + HTTPS Finder (I wish there was such an extension for Google Chrome :(), Adblock Plus and RequestPolicy. I'm also using BlockSite Plus to allow connections only to specific TLDs and/or websites.

    I also have HTTPFox to assist me with what kind of connections are happening. It's useful, IMHO.
     
  5. zpro

    zpro Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    38
    Thats for the tip of Secret Agent, I will sure check this out,
    as for right now, I just trying to harden firefox as much as I can, for surfing, and banking... check with others to see what security and privacy extension they have install, and why.

    Thanks Again.
    :)
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    @Moon

    Yes my friend you are correct

    Some advertising networks place tracking and referer cookies on every kind of traffic (also https), so indeed not all coockies, but simply blocking those few (e.g. H TTPS://www.doubleclick.net) in the cookie list stops them dead, at least the most common cookies.

    See pic after visiting some cookie infested websites

    Off course there is no 100% defense against png cookies containing only a few pixels (often two, one from the network and one to ID you). The RGB color code of those pixels contains of three values each containing 3 digits (so 1 pixel = a nine digit code). Do Not Track or any other of the Anti-Tracking tools you use, will protect you against those smart cookies.

    So I can say the same of your setup also :p :p :p
     

    Attached Files:

    Last edited: Aug 11, 2012
  7. tlu

    tlu Guest

    Is this documented somewhere?
     
  8. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    276
    Location:
    USA
     
  9. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
     
  10. Chiron

    Chiron Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    174
     
  11. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Well every addon I have is to harden for security/privacy, and I have 10, so I'd just list them all... but that'd be too easy.

    So I'll go with a top 5 instead. In order of my favorite:

    1. Adblock Plus
    2. NoScript
    3. CS Lite Mod
    4. WOT
    5. HTTPS-Everywhere

    I didn't list Keyscrambler because it's a program primarily, that just so happens to require an add-on to function properly. Not a pure add-on. Or it'd been in there at #4.
     
  12. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
  13. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    276
    Location:
    USA
     
  14. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    I've never used Cookie Monster, but I imagine all these cookie managers accomplish about the same thing. The only advantage would be the fact that you're comfortable/familiar with what you're using. And I've been a CS user for a long time. So when I saw that someone was continuing support for it I was ecstatic. It looked like it was going to die along with FF3.
     
  15. Warlockz

    Warlockz Registered Member

    Joined:
    Oct 30, 2008
    Posts:
    642
    I know its kinda offtopic to the op Q but to answer m00nbl00d......

    HTTPS Everywhere has an alpha version for chrome, and their is also HTTPS Enforcer for chrome, and if you need anti-tracking Ghostery has a version for chrome.
    .....................................................................................................

    must be some janky crap wannabe VPN from lala land lol
     
  16. klarm

    klarm Registered Member

    Joined:
    Apr 7, 2012
    Posts:
    23
    Location:
    europe
    Hi. I'm not sure what you mean. Is there some kind of add-on needed in FireFox to use keyscrambler properly o_O ?
    I've been using it for some time and didn't notice any problems.
    thanks.
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Just found it somewhere, from memory (first have 2 /, last have 3 /)

    HTTP://*
    HTTPS://*

    FILE:///*
    VPN:///*
     
  18. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Oh... I know those extensions exist for Chrome. I wasn't aware of HTTPS Enforcer, though.
    When I said I wish there was such an extension for Google Chrome, I was talking about HTTPS Finder. :) Sorry for the confusion.
     
  19. Chiron

    Chiron Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    174
     
  20. Warlockz

    Warlockz Registered Member

    Joined:
    Oct 30, 2008
    Posts:
    642
    My List for Firefox & Iron/chrome. Yes the 7 in this first list have versions compatible with Both Browser's.

    ........................................
    Other

    A Firefox plugin to impede fingerprinting-based tracking while maintaining browsing experience.
    ........................................................................................
    Web Proxy for quick anon to safe sites I dont want my IP to be recorded on.
    I know their is debate about this one, just dont use it to Hack or terrorize, or for Illegal Pron and youll be alright lol
    .......................................................................................
    Search Plugins https/ssl
    ............................................................................................
    More Anonymity
    ..............................................................
    Not an Addon but a must have and use.
    Did you know you can create your sandbox in an Encrypted Container, go settings and change sandbox location to match your encrypted container location then your Sandboxed Browser activity is Encrypted in a container not copied to your main HardDrive. :thumb:

    ..................................................

    EDIT: Added More fixed post!
     
    Last edited: Aug 12, 2012
  21. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
     
  22. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Just imagine.......

    You have spent and continue to spend many, many hours/months/years of research to find and configure the very best security software and practices.

    You purchase a new computer and get it home.
    You immediately reinstall the Operating System to make a "clean install" without the bloat/ad/tracking/trialware.
    You change the settings within the Operating System to make the computer more secure.
    You then install and configure Firefox with all the best add-ons using the best practices for security (or you install some other browser with it's best security configurations).
    You install and configure the best antivirus software.
    You install and configure the best firewall.
    You may even add and configure an additional HIPS program and perhaps other additional security programs.
    You even block any outbound attempts of the built-in firmware of Lojack that some computer manufacturers have so graciously added via a chip that cannot be turned off.
    You are now using the best proxy setup that you can configure and use.
    You may even be using a doubly secure VPN.

    Well guess what?You are not secure whatsoever.

    You can be tracked fairly easily by certain entities. What has been forgotten? No one knows how to obtain your IP address, correct? Cookies including the super cookies (flash) are disabled, right? You think you are not leaving any tracks anywhere. Hmmmm?

    Your browser is leaving a clear fingerprint.

    This subject has been mentioned already here in Wilders.
    For more information and a free test please visit the Electronic Frontier Foundation's site here ---> https://panopticlick.eff.org/
     
  23. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    I saw all the ones I use already mentioned except for Flashblock, and I only use it when surfing anonymously. I use flagfox, and Grease Monkey also, but not so much for security except flagfox gives good info about a site that can be useful when deciding wether to trust a site or not.
     
  24. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    it is one of the worst extensions I've ever used. :thumbd::p
     
    Last edited: Aug 13, 2012
  25. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    My top add-ons are AdBlock Plus, NoScript, RequestPolicy and Do Not Track Plus
     
Loading...
Thread Status:
Not open for further replies.