Five must-have security/privacy extensions for Firefox

CNet.com Article here.

Good to know, as I had only two of the five.

-- Tom

 

I only have one of the five and wheres RefControl or any cookie-related extension?

 

I do not have the five but I have finjan /keyscrambler/ad blocker plus . but good info though thanks

 

I wonder how many extensions we need to install, update, manage and to live with their bugs/ vulnerabilities( known or unknown). Every extension increases the time FF takes to launch and I hate that. I tried for a minimum and still I have 4 extensions and 1 theme.

I use Opera mainly and have no such hassles. My PC is still safer. But sure likings are different among people.

 

Since Google is blacklisted here by BlockSite, I don't need any CustomizeGoogle extension. BTW, Orkut is the only service from them I am using, and the access to their site is only working by using a HTTPS protocol, so my filter is not working only for them: ( http:*.google.* ).

I already have Noscript installed on XeroBank, and the others are installed now. What I don't understand is what SafeCache/History exactly are doing in my benefit:

Use SafeCache/SafeHistory to impose cookie policy on history/cache (new option available here).

Since Firefox is configured to erase after he is closed:

History
List of downloads
Cache
Cookies
Authenticated sessions

Options not selected (to improve my performance and buy me a lot of time):

Forms data
Logins and passwords

Should I keep them?

Regarding the Locationbar, I think this is a question of which one is fooled by bogus address. Am I right? Most people goes everywhere by clicking on every address sent by 3rd parties to their email (and since I don't have an email...). I still don't know what their options can do, there is no manual available on Mozilla's website. The only change I see here is that the domain is highlighted.

I need some help to understand why these are "must-have" extensions.

 

Hi Jim,

Read the technical (PDF) papers hyperlinked from the CNet link in my first msg.

-- Tom

 

If cookies are deleted when you leave firefox, and if you use Ccleaner often when using IE, then what purpose would CustomizeGoogle serve if the cookies are being deleted all of the time?

 

Excellent point, because every extension is like installing a separate software program -- any one of them can cause problems at some point in the future.

Huh? How is it safer without the security extensions you have when you use FF? Does Opera have built in security comparable to the best FF security extensions? The reason I ask is because I'm going to stop using FF due to it suddenly dumping half of the web sites I had open while I was trying to open a site that probably had a buggy script. So I'm interested in finding a stable replacement that has the best security.

 

I did not suggest for any FF user to replace it with Opera. It,s upto you and depends upon ur liking. Opera seems to be more safer or atleast equally safe as compared to FF. It,s definitely lighter and faster.

NoScript can be emulated via built in site preferences function( short of protection against XSS). Adblocker will be replaced by block content. U will miss so many extensionsused with FF.( Interestingly when I put a long list of content block, Opera loading became slow just like FF so I removed this list, I am not blocking ads).

I am not using due to security reasons. For me Opera is more fast, takes less memory, lot of built in functions and equally secure.

 

I, also can attest to - Opera, being lighter & much faster than the 2 other majors!

Opera seems to have the knack of incorporating features that veteran surfers expect & related plugins that needed to be procured to have some of those were considered very good choices. Security-wise, pretty neat and up to date too, but without extra baggage unlike FFox.

Btw... what if MozDev would suggest to opensource contributors that some features can be synergized by consolidating it into bundle? Or maybe someone needs to program a consolidating-aggregator which can "bundle" a user's choices into one seemless package - at site (MozDev) & download those in one go

The real-time 'view' of downloading selected plugins and thereafter, rebooting to have it hooked and sometimes... you will be notifiy that some plugins are 'incompatible'... that to me was, a bit irritating. C?

 

It's not so much what happens when you leave FF as when you use Google during a session.

With CustomizeGoogle, the UID (if privacy option checked) is anonymized so that Google cannot then build a profile of your use of its services.

When you access certain websites with GoogleAnalytics turned on (e.g. NoScript is not used nor is CustomizeGoogle) certain information about you including your IP address can be transmitted to Google via the cookies (again it is during your session use that counts rather than when you leave FF) so that what happens to the cookies when you leave FF have no bearing on anything at all except cookie history and other information stored in the cookie which without the protection offered by CustomizeGoogle would be in the hands of Google via being transmitted during a session of your computer connected to the Internet.

-- Tom

 

Hello,
I would not say must have...
Mrk

 

You've hit the mark, Mrk. I've always been a bit wary of "must have" things, it usually means something you don't really need but everyone else has it so ...., sort of like fashion accessories.
Having said that I think NoScript is a must have extension.

 

There's always this one ...

 

This is hardly a problem if you're using Noscript to block any of Google services, such as Google Analytics. I am only using Orkut.com which is one of their services, and BlockSite is configured to block those entries:

http://*.google.* (Orkut.com is using HTTPs)
*.gmail.*

Even if I was using Google search (and other features from Google), PrefBar extension from XeroBank itself have a "Clear Cookies" button which can be placed aside of the navigation bar. So, you may push that button everytime you want, before start surfing on new pages and your problem is solved. I also push the following combination to clear my cache: Control + Shift + Del. And yes, my XB is configured to erase anything (cache, cookies) everytime after FF is closed.

 

Hello,

It's hardly convenient, clearing cookies / cache every time.
For instance, if you search for images via google, you'll have the moderate search on every time you clear the cookies. And setting this one up every time is quite annoying. And what about forums and such. Login every time?

So much simpler using CustomizeGoogle...

Mrk

 

That's the price everyone (myself included) must pay if wants more privacy, and not have any cookies placed forever on their hard disks (if that's not what CustomizeGoogle does, so it's worth to use it, for people who wants to use any of Google services).

I need to make a new login everytime, always, on this board and every website I have an account. I suggest you use Secure Login extension developed for Firefox and store your login/passwords on him. S.L. = autologin feature.

As for serch engines, I am still looking for suggestions on this thread:

https://www.wilderssecurity.com/showthread.php?t=186691

But for now, I am only using Clusty.com and Sapo.pt. Both don't have any family filter enabled by default like Google or Altavista (this option require cookies to be modified). They are not a good choice, however, if you are using the image search function (they have bad results).

 

Personally, I would add KeyScrambler, RoboForm, and Firekeeper to that list.