Jump to content
Not connected, Your IP: 34.231.247.139
PortlyNinja

Browser setup for security and privacy

Recommended Posts

Hi im just asking what you guys do with your browsers for security and privacy. I use firefox and palemoon with addons= adblock edge,disconnect,mask me,self destructing cookies and secret agent addon from dephormation to change my useragent to the most used ones.Do you think changing useragents is needed to help against fingerprinting or not.I would like to know the best approach to being anonymous.Thanks for any feedback

Share this post


Link to post

You have two that I would recommend like Disconnect and self destructing cookies.  For Firefox I also use Click&Clean, better privacy, and webutation, Adblock Plus, Adblock Plus Pop up blocker, and if you really want to go all the way you can use NoScript. This addon can get annoying, so be warned.  Also, if you want a good app to secure passwords I would recommend LastPass. Check these out and see what you think! 

Share this post


Link to post

Browsers are in a bit of a sad state imo. If I had the ability I would make my own.

 

My firefox setup:

Addons:

adblock plus

better privacy

ghostery

noScript -> this does not stop all js - and I agree its annoying as hell so I use the below addon to totaly kill js.

You can setup noScript to allow the sites you freaquent. Then just hit the js switch button to kill all js.

JS switch -> 80% of the time I leave js completely disabled.

 

It saddens me to see the number of scripts loading in most of the sites I visit. Lazy devs are killing the internets...

 

about:config tweaks

network.http.sendRefererHeader "0"

image.animation_mode "none" ----> gif's piss me off lol... This shows the image but it doesn't load further / play it. -Very helpful on a slower connection

geo.enabled "0"

network.dns.disablePrefetch "true"

network.prefetch-next "false"

network.http.pipelining "true" -> just speed stuff

datareporting.healthreport.service.enabled "false" ->I also flat out delete all the url's for health reporting

browser.safebrowsing.enabled "false" ->again I delete the urls related to this.

general.useragent.override "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0"

just toss in any popular useragent.

 

I run linux as my desktop and move anything cache related to tmpfs aka a ram disk, firefox stuff included.

 

Move the firefox cache folder via about:config

Make a new string and name it = browser.cache.disk.parent_directory

then in the setting toss in -->> /path/to/ramdisk/or/tmpfs

My /tmp is loaded as tmpfs so I just toss it there.

 

I also move the firefox startup cache to tmpfs along with a few flash player cache folders. Normally I don't even leave flash enabled though.

 

If you're on windows you could do this with any ramdisk software.

 

There's prolly more about:config tweaks that I'm forgetting. If I remember them I'll post emm. -good luck.

Share this post


Link to post

I use;

Adblock Edge

Ghostery

Google/Yandex search link fix

HTTPS Everywhere

NoScript

RefControl

Self-Destructing Cookies

 

NoScript can be really annoying at the beginning but I'm used to it.

Share this post


Link to post

Is secret agent addon about user agent spoofing? I did some reading about this and came to the conclusion that user agent spoofing actually works against anonymity, because it actually makes your browser easier to identify uniquely. Hence, digital fingerprinting is easier to carry out, not harder. Or am I misunderstanding it?

Share this post


Link to post

Are all those security extensions still needed when using a VPN?

 

For example, do we need HTTPS-everywhere when in a VPN?

 

About the "Self-Destructing cookies" addon:

 

- How do I make it so it doesn't destroy lastpass cookies?

Share this post


Link to post

Hi im just asking what you guys do with your browsers for security and privacy

 

Pick addons you like from here. I personally use 1, 2, 8, 9 and HTTPS-Everywhere.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

@ epsilon  For self destructing cookies its in addons-extensions then click on options and there is a whitelist option half way down.

Share this post


Link to post

Are all those security extensions still needed when using a VPN?

 

I believe so but im no expert. There is browser fingerprinting which can be used to help find who a user is, but its alot of effort for whoever is trying to track you so i wouldn't worry so much.I just like to be as anon as possible. Here is a good site to test how unique your browser is, https://panopticlick.eff.org/

How effective fingerprinting is though i don't know.

Noscript is good for blocking flash ads that contain malware

Share this post


Link to post

Hello,

 

check out also Privacy Badger by Electronic Frontier Foundation (for Firefox and Chrome). We have not tested it but it looks very promising. It faces the challenging tracking problem with a completely different approach than various ad blocks, which are often powerless against tracking and anyway may have a questionable behavior.

 

https://www.eff.org/privacybadger

 

Kind regards

Share this post


Link to post

Are all those security extensions still needed when using a VPN?

 

You don't need to use them, even without a VPN. Haha..

 

It's recommended because a VPN doesn't stop the tracking.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

 

Are all those security extensions still needed when using a VPN?

 

You don't need to use them, even without a VPN. Haha..

 

It's recommended because a VPN doesn't stop the tracking.

 

This ^

 

I would love to see some sort of addon that runs js and or cookies virtually / sandboxed in such a way you could control the sandbox settings.

 

ie set the params of the sandbox - fake screen res, fake OS enviorment, and a user agent that conforms with the previous res and os settings. Thus any info pulled via a well written js script or a baddie cookie would look like 99% of the rest of the interwebs.

 

Its pretty absurd how much info can be pulled from simply clicking a page.

Share this post


Link to post

​After some testing just tossing out a little update.

Addons:

 

Privacy stuff:
Adblock Edge -> liking this more than adblock plus
JS switch -> Completely disables all javascript with a button press

Cookie Toggle -> Completely disables all cookies with a button press
noScript -> for when js is needed

BlockSite  -> Simple addon for easily blocking sites - Or sites loading stuff in the background

FlagFox -> shows info on the server location

 

Random Agent Spoofer -> Still testing this but its amazing thus far. It can change screen res, headers, useragent per page refresh and a LOT of other stuff. I would seriously consider donating to this guy.

 

Firefox link for it -> has less options

https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/

 

Git link -> additional features like screen res, timezone ect.

https://github.com/dillbyrne/random-agent-spoofer/releases/tag/0.9.4.1

​Helpful addons:

​HTitle -> kills the title bar on linux in firefox

​NoSquint -> Zooms pages both text and images for huge monitors.

​Downthemall -> just because

​Haven't had the time to test Privacy Badger yet, but it looks interesting.

Share this post


Link to post

For me the most comprehensive solution is to employ TBB (TOR browser bundle) in a virtual machine.  Its really difficult to approach all the security features by using a conventional FF and then tightening it up.  This method bridged by Air to my raw ISP seems to be so solid.

Share this post


Link to post

Does anyone know how i can correct the spelling in the title.It's annoying me.   Does anyone know of a good firefox extension to protect against phishing.I am using Elementary os for the first time.

Share this post


Link to post

​Helpful addons:

​HTitle -> kills the title bar on linux in firefox

​NoSquint -> Zooms pages both text and images for huge monitors.

​Downthemall -> just because

 

HTitle is useful thanks

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...