9 Firefox Extensions to Protect Your Privacy
May 22nd, 2008 (11:00am) Mike Gunderloy 7 Comments
In light of the continuing brouhaha over online privacy (as exemplified most recently by the deal between Charter and NebuAd) it’s worth asking the simple question: what can you do to keep control of information about your online activities? While some folks think it’s paranoid to worry about this, others prefer to choose what they tell the data collectors. Fortunately, there’s a tool as close as your desktop that can help you considerably in this area: the Firefox web browser.
Firefox’s privacy controls start with its built-in preferences. Here you can decide whether to accept cookies, and specifically whether to accept third-party cookies (which are often used for tracking your travels around the net). You can also decide when your cookie stash should be deleted. These are relatively blunt instruments, though. For enhanced privacy protection, you need to turn to Firefox extensions. Fortunately, there are a number of good choices in this arena.
Cookie Control – A good place to start is with exercising more control over your cookies. There are a number of add-ons in this area, including Cookie Monster and Cookie Whitelist, These add-ons generally let you see what cookies a site is leaving behind, give you finer-grained control over when cookies are deleted, and let you set site-by-site permissions for leaving cookies. I like CookieSafe Lite, which also adds a blocklist of known tracking cookies that you can deny with a single click.
Proxy Surfing – Another line of defense is to push your surfing through a proxy server, so that it’s harder to track it back to your own IP address. While you can do this by setting up Firefox with a proxy server in your network settings, you’re better off with more granular control, since using an anonymizing proxy can be slow. FoxyProxy is a hugely flexible add-on here, letting you define URL patterns that automatically switch between multiple proxies, but its configuration options can be overwhelming (and confusing). For simpler alternatives, look at PhProxy, Tor-Proxy.NET Toolbar, or TorButton (my favorite due to the extra options available for extremely paranoid use).
Extra Protection – There are a few bits of extra privacy protection available that don’t fit into either of the above categories. SquiggleSR is designed to keep search engines from building up a good profile of you by randomly performing searches and clicking on results in the background. RefControl offers you fine-grained control over referrer headers, to prevent sites from knowing where you came from. BetterPrivacy protects you from data stored in Local Shared Objects, a sort of next-generation cookie.
You’ll need to find your own balance in this area – the more extreme steps you take to protect your privacy, the more inconvenient you’ll find random web surfing. But even blocking advertising cookies and switch to Tor when you’re going to a site you’d like to keep to yourself will go a long way to avoid broadcasting information indiscriminately.
Do you have your own favorite techniques for protecting your privacy on the web?
7 Comments Post your own comment
Scott says: May 22nd, 2008 9:50pm
NoScript is a great extension for managing the JavaScript to allow on a page. You can basically tell Firefox to accept JavaScript from specific domains and also tell it never to. You can even allow it temporarily during the session.
In an era of XSS attacks and the overabundance of 3rd party JS files that can overstep the privacy line, this is a nice add-on.
Alex says: May 23rd, 2008 2:07am
I’m surprised you left out NoScript. Safe History and Safe Cache are also good for the privacy-minded.
Mike Gunderloy says: May 23rd, 2008 4:44am
Indeed, NoScript (https://addons.mozilla.org/en-US/firefox/addon/722) is a great addition to the line-up; making JavaScript default to “off” is a great way to be more secure against attacks as well as preventing some information-harvesting.
I didn’t include Safe Cache (https://addons.mozilla.org/en-US/firefox/addon/1474), which helps prevent cross-site behavior tracking via included files, because I haven’t had good results running it. The code hasn’t been updated in a year and a half and it looks like FF3 is leaving it behind.
SafeHistory (https://addons.mozilla.org/en-US/firefox/addon/1502), preventing cross-site information sniffing via visited link displays, is another one that seems to be moldering.
l33t says: May 23rd, 2008 5:43am
I never consider Noscript a really security extensions. It disable javascript but even websites likes Google and similar that you consider trusted sites could be vulnerable at xss and so, even if you let noscript works with them, you’ll never keep really secure.
Noscript was good some years ago but now
the web is most based on js and use noscript is simple useless.
Brian Carnell says: May 23rd, 2008 7:40am
“I never consider Noscript a really security extensions. It disable javascript but even websites likes Google and similar that you consider trusted sites could be vulnerable at xss and so, even if you let noscript works with them, you’ll never keep really secure.
Noscript was good some years ago but now
the web is most based on js and use noscript is simple useless.”
Completely disagree. It’s all about reducing the risk. There are lots of sites I visit that are more than functional enough without running whatever js nonsense they’re running. Yes, my trusted sites could be vulnerable, but that’s not much of an argument against blocking js at non-trusted sites.
Pooch McGinty says: May 29th, 2008 10:28am
Basically none of this stuff can prevent you from getting raped so just be careful out there guys.
New Proxy Sites says: April 19th, 2009 6:33am
PHProxy sites are good for getting around local URL based browser restrictions but you are basically entrusting everything you submit to an unknown server so… not suitable for confidential stuff