What is your privacy setup like?

Discussion in 'privacy technology' started by blaze x, May 19, 2012.

Thread Status:
Not open for further replies.
  1. blaze x

    blaze x Registered Member

    Joined:
    Feb 26, 2009
    Posts:
    6
    I thought it would be interesting to see the different setups to see how everyone here fights ads and trackers.

    My setup right now:

    Firefox 12, I currently have these privacy addons installed:
    Adblock plus w/ Easylist+EasyPrivacy & Fanboy's Annoyance list
    Noscript
    Refcontrol
    RequestPolicy (i keep installing and removing it. I've tried it countless times and give up with it but I think plan on sticking with it because it is a very powerful extension. I can't wait until the new version comes out of alpha.)
    HTTPS Everywhere

    Do you guys think my setup is overkill / overlapping?
     
  2. JackReacher

    JackReacher Registered Member

    Joined:
    Mar 17, 2012
    Posts:
    67
    Location:
    South of the North Pole
    Not at all,
    Its definitely not overkill, and there is just the right amount of overlap. What are your Firefox setting? how do you deal with cookies?

    I've had much the same experience with Request Policy as you have. It's powerful, but damn it can be a pain sometimes.

    My setup is:

    Firefox: private browsing mode, third party cookies disabled, all history, cookies, and cache cleared at browser shutdown.

    Extensions pertaining to privacy:

    Adblockplus (Easylist+EasyPrivacy + Fanboy's Stats/Tracker Blocking + Facebook Privacy List)
    Ghostery ( blocks tracking, advertising, analytics, widgets etc)

    NoScript (Blocks Java/Javascript/Silverlight/Flash/Etc)
    Request Policy (Blocks 3rd party elements on sites)

    HTTPS Everywhere (Enforces HTTPS based on a whitelist)
    HTTPS Finder (Discovers and Enforces HTTPS)

    Cookie Culler (cookie manager / whitelist)
    BetterPrivacy (for super-cookies)

    Trackmenot (obfuscates search engine searches through automated searches)
    WOT (not necessarily privacy technology but has saved me from some nasty redirects and malicious sites)

    However, it's important to note that privacy tools only help so much. The most important steps you can take are changing your habits, learning how your system and the internet work, and becoming aware of the major threats to your privacy.

    Delete your cookies, and history often, Log out of sites immediately after using them. For particularly problematic sites like Facebook/Google/etc make sure to delete your cookies immediately after using the site.
     
  3. carat

    carat Guest

    I think HTTPS Everywhere is a nice idea but why should I read the news via HTTPS? Most of the time it makes no sense ... :)

    ABP is the most important add-on imho and you could keep the rest :) RequestPolicy is a powerful extension but it's difficult to allow/deny connections, I deinstalled it because I don't really need it :doubt:
     
  4. blaze x

    blaze x Registered Member

    Joined:
    Feb 26, 2009
    Posts:
    6
    Right now, I have it setup where I do have my history stored. I don't think that would be harmful in regards to trackers. I have 3rd party cookies blocked and I allow all first party cookies as session cookies, they get cleared when I close the browser. I was thinking about adding a cookie manager addon, but then that requires another addon to fiddly with. I see you have ghostery, isn't that unnecessary since you have RequestPolicy blocking most of the requests?
    I do agree with you, I'm not sure how necessary HTTPS Everywhere really is. I just installed it recently. Most of the important sites such as gmail, twitter, etc have https enabled by default. I guess it doesn't hurt to have it, just in case certain sites that should have it enabled don't.
     
  5. JackReacher

    JackReacher Registered Member

    Joined:
    Mar 17, 2012
    Posts:
    67
    Location:
    South of the North Pole
    This was my impression as well, however I have read in a number of places that websites are able to see and leverage this history if they choose to do so. Also I try to approach privacy/security from a default deny mindset, if it isn't necessary don't allow it.

    It sounds like you handle your cookies in a responsible manner. I use Cookie Culler because its very simple (hardly any configuration needed), allows me to clear all my cookies at browser shutdown except for a predetermined cookie whitelist, and makes it easy to clear cookies more frequently without closing the browser.

    Yes and No. It is redundant, but I use and appreciate features from both extensions. Request Policy and Ghostery both block third party elements. Ghostery uses a blacklist (default allow) approach while Request Policy uses a whitelist (default deny) approach. I think of it like this, RP goes above and beyond at blocking 3rd party elements and is much more powerful and customizable than Ghostery. But RP's weakness is that it relies on the end user (me) to make good informed decisions which I often do not. So I use ghostery as a fail-safe and a research tool. If I accidentally whitelist a 3rd party tracker, Ghostery's blacklist will block it if it is in their library. Also if I see an unknown (to me) element in RP I can easily check to see if it is a known tracker/advertiser through ghostery's documentation. So while these two extensions (3 if you include NoScript) are somewhat redundant, they allow me to fine tune and better understand my privacy system.

    I can think of a few reasons:
    • Hackers, LEOs, ISPs, VPNs, or TOR exit nodes do not have the right to freely eavesdrop on your browsing, even if you are just checking the weather
    • Because what someone reads in the privacy of their own home is private... and if taken out of context could be damaging.
    • Getting back to the default deny mindset, why wouldn't you encrypt all the traffic you can if it doesn't negatively effect you. HTTPS everywhere is easy to setup and painless to use and encryption slows your browsing down no more than 6% I believe which is unnoticeable in normal browsing.
    • You wouldn't send your mail through the postal system without an envelope (legally you can do this), so why would you send data over the internet without 'an envelope'
     
    Last edited: May 21, 2012
  6. Tomwa

    Tomwa Registered Member

    Joined:
    Feb 3, 2010
    Posts:
    162
    I run multiple Firefox installations all are sandboxed individually and all browsers receive 35 passes from Eraser upon closure:

    Tor Browser: (Main browser)
    Adblock Plus + Popup + Element Hider
    Better Privacy
    Cache Status (For clearing the cache between sites/pages)
    Cookie Monster
    DNS Cache
    Flashblock
    Ghostery
    HTTPS Everywhere + Finder
    Link Password (For encrypting bookmarks)
    MasterPassword+
    NoScript
    Redirect Remover
    RefControl
    RequestPolicy
    TorButton
    WOT

    Firefox Portable.
    Limited to grooveshark and youtube IPs all other Internet Access is blocked.
    Only Firefox and Plugin container have internet access.
    Additional Addons (Plus TorBrowsers)
    IPvFox (To find IPs to temporarily whitelist)


    Waterfox:
    Used for Flash games, java, etc. not available in other browsers.
    Additional Addons (Plus TorBrowsers)
    IPvFox (To find IPs to temporarily whitelist)

    It's a very strict setup.

    Firefox settings:
    DoNotTrack
    Use Custom Settings
    (Everything unchecked Cookie Monster manager allows cookies temporarily when necessary)

    DuckDuckGo instead of google.
     
  7. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    35 passes is overkill. A simple single overpass is enough. Too lazy to find the article. :D
     
  8. Tomwa

    Tomwa Registered Member

    Joined:
    Feb 3, 2010
    Posts:
    162
    35 passes isn't overkill when it takes less time than a tooltip popping up in the tray and disappearing. If its less than a few seconds why not?
     
  9. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    Ok, lol.
    Crazy erasing on new drives worth it?
     
  10. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    In terms of preventing cookies and ads my firefox simply has:
    Adblockplus
    NoScript
    Request Policy

    My firefox also sits inside a type 2 hypervisor (Linux Mint image) ;)
     
  11. Noscript, HTTPS Everywhere... And that's it. I don't bother with drive encryption, Tor, etc., on the basic theory that
    1. If you have nothing to hide, you should have nothing to fear.
    2. If the former does not hold true, then your country is sufficiently far gone that encryption won't protect you from anything.
    3. Using advanced encryption to hide totally mundane stuff is a bad idea. Nobody can tell what's behind the encryption, so they'll naturally assume it's something incriminating.

    Edit: Perhaps I'm generalizing a bit much there. Encryption certainly has its uses for civilians; and I see very clearly why they should have legal access to advanced encryption methods. I'm just not sure it's sensible for citizens of democratic countries to use those methods.
     
    Last edited by a moderator: May 24, 2012
  12. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    There are actually a lot of uses for encryption:
    When your laptop got stolen/lost
    1. Your important documents containing private information will be safe.
    2. Your pictures will be protected. (You don't want someone you don't know making fun of your pictures right? :D)
    3. etc. lol

    The quote "If you have nothing to hide, you should have nothing to fear." for me is stupid. While I do agree that some uses encryption for illegal purposes, many uses it to protect private data (passwords, important documents, etc). Without encryption, what will you do if your computer suddenly got stolen? (Well I know that not everyone keeps private information in their computers)

    Note: I don't do drive encryption, just file and folder encryption :D.
     
  13. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    gullible jones youre username seems to reflect your way of thinking xD, joke aside , encryption is the only way to keep youre private data yes that would be YOUR data safe from theft and unauthorized people, dont matter what it is and if its pictures of leaves falling into a toilet , dont matter , YOUR data is nobodys buisness period if you think otherwise then i wish you good luck with that , i just hope youl see the light at the end of the tunnel eventually as we all have once in our lives , not to mention times have simply changed ;)
     
  14. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    These are the thing's I do to help out my privacy. There are a ton more tweaks I can apply, but after a while thing's start to become too restricting.

    Search Engine/Homepage:
    I use DuckDuckGo HTTPS search as my default search engine/Homepage.

    All Cookies Disabled, Session allowed only when clicked:
    Accept cookies from sites, as well as Third Party cookies are disabled. If I need to access a site that requires cookies (Log-ins, etc.), I simply click "Allow for this session only" in the TeaBiscuit extension for Firefox. Works good.

    Geolocation disabled:
    about:config, geo.enabled value is set to False. This will disable Geolocation services in Firefox.

    Referrer disabled:
    about:config, network.http.sendSecureXSiteReferrer value is set to False
    about:config, network.http.sendRefererHeader value is set to 0
    This hides the referrer when visiting other sites, leaves no trace of visited pages if disabled.

    Tabs History:
    about config, browser.sessionhistory.max_entries value is set to 7.
    The lower you set the value, the less history of your tabs there is. I prefer 7, recommended is 2.

    User-Agent string:
    about:config, Right-click, new, string, Preference name to general.useragent.override, Value is set to Mozilla/5.0 (Windows NT 6.1; rv:10.0) Gecko/20100101 Firefox/10.0. This will change the information about your web browser, basically its tricking sites into thinking you're running in a different browser, numbers, etc. This can be a problem though with addons for Firefox. This value can be changed to anything you want, Chrome String, Opera String, whatever. But, the one I listed is the ideal recommendation.

    Local Storage:
    about:config, dom.storage.enabled value is set to False
    This will disable web storage, less tracks.

    Cache E-Tags:
    about:config, browser.cache.disk.enable value is set to False
    This prevents third party caching.

    Link reputation:
    WOT: Web Of Trust

    Ad-Blocking:
    AdBlock Plus with Easylist, EasyPrivacy, Fanboy Ultimate adblock and Malware Domains subscriptions.

    Plugin Control:
    I use the QuickJava extension for On the fly disabling of Java, Javascript, Flash, Silverlight and Proxy. Settings can be made permanent if needed.

    Do not Track:
    Do not track is enabled in Firefox

    Doing all these tweaks, as well as running these extensions give me a reasonable score at Panopticlick

    Here is a Screenshot before adding privacy:

    Before.jpg

    Here is a Screenshot after adding privacy:
    After.jpg

    Plus, Everytime I open and close Firefox, the number always gets lower and lower at Panopticlick. So in two days or even a week, it will probably be one in 29,000 people.
     
  15. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    interesting ...any other tweaks worth mentioning ? had most of em except for the about:config tweaks , you forgot about noscript , one of my favorites , fyi i wouldnt use WOT , read the privacy policy = not good ;)
     
  16. Izzle

    Izzle Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    26
    Hi Radeon0101:

    I can't grasp the uniqueness numbers on Panopticlick and could use a little help. Is there any easy way to explain them? I can't get past the part where 1 in a million is worse than 1 in 29K, but I know there is logic behind it (and that's the part which escapes me).

    I believe I understand the entropy/bits of identifying info number - the lower the better.

    Thanks :)
     
  17. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    You may be giving away less entropy, but you are becoming more unique. If the stats are correct, 1 in a million is better than 1 in 30,000. Extrapolate it:

    "You have added so many privacy options and custom code/settings to your browser that we can confidently predict that you are the only one using it. You have 0 bits of entropy" :D

    PD
     
  18. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I have been told that the lower the number, the better off you are (More than what I've heard below).

    I have also been told that the higher the number, the better off you are.

    HaHaHa, So what is it?
     
  19. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    the higher the number the worst it is.

    if you are the only person in 3 billions to have a particular setting they know exactly who you are. ;)

    i would not use that to dictate how i go about my privacy though.

    most likely, Joe and Jane Average would probably get good scores but they are just data mining cattle! ;)
     
  20. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163

    Thanks for the clarification, that makes sense...didn't think of looking at it that way. It *is* a little confusing.

    PD
     
  21. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I am not basing my whole privacy setup on Panopticlick, just thought it would be interesting to share what results I got.

    Thanks for describing on how it works, I appreciate it. It is a little confusing, but it all makes sense now.
     
  22. Izzle

    Izzle Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    26
    Thanks guys for explaining it.

    So am I correct with the following sample numbers?

    --------------------------------

    We’ll assume a sample base number of 1,000,000 users.


    1 in 1,000,000 = 1 user for every million users has that fingerprint
    1 in 100,000 = 10 users for every million users has the same fingerprint
    1 in 10,000 = 100 users for every million users has the same fingerprint

    -------------------------------

    For kicks and giggles I ran Pano under:

    Ubuntu 11.10 Virtual machine
    Tor w/Noscript, BetterPrivacy

    Pano numbers:

    Bits of id info: 6.01
    One in x browers have this value: 64.64
     
  23. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    Within our dataset of several million visitors, only one in 736,712 browsers have the same fingerprint as yours.

    Currently, we estimate that your browser has a fingerprint that conveys 19.49 bits of identifying information.


    i asume this is good enough ?, but tbh it keeps on going way lower than that atm im at 56,871 browsers ,depends on how many times i reload ;)
     
    Last edited: May 26, 2012
  24. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Indeed. If I allow javascript, this VM is unique in EFF's sample. But that's not a problem for mirimir, because he's the only one who uses this VM, and he never tries to hide who he is ;)

    My true identity is entirely "data mining cattle", and always has been.
     
  25. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Well, out of many years using WOT (Web Of Trust), I decided to stop using it. Although it has saved my behind on some sites, it isn't as reliable as I had thought. It flags good sites (Now I know why people say to get rid of it).

    I have decided to replace it with BitDefender Trafficlight.

    I figure the filtering from that and OpenDNS is plenty.
     
Loading...
Thread Status:
Not open for further replies.