<<-- That's a bunch of broken cookies. The other day I was speaking with a colleague and we got around to the topic of computers. He was moaning about some nasty stuff which happened to him online and how he was sick and tired of it. He also talked about how his girlfriend was getting scared by the Wall Street Journal about web tracking and "What they know about you". I explained that with a minimum of effort he could go anywhere on the web and look at anything and not be tracked He need not be afraid of any page and every site. His initial reaction was "Oh yeah, right". So I said I would write up a brief description of what I do to make myself safe and unworried about bad stuff online. Here ya go, Henry... Caveat: This list will not protect you from every web nasty (notably the “evercookie”), but it *will* get you a long way to avoiding bad advertising, cross site tracking and other security and privacy issues. The goal is to keep the web useable but much, much safer than just surfing “naked”.
Here we go:
Got get the latest version of Firefox from http://www.getfirefox.com
(EDIT – October 15 2011: The newest versions of Firefox are significantly faster than a year ago. Running these extensions will now have significantly less of an impact of overall speed.
Having installed the latest version of Firefox go to “Tools” and then “Add-Ons” and then look for the following:
* Ablock Plus – https://addons.mozilla.org/en-US/firefox/addon/1865/ – (also at http://adblockplus.org/en/) –
VERY IMPORTANT NOTE: Please *disable* AdBlock on the sites you find the most useful and use the most. Many great sites on the web are free because of advertising and if you like the site, letting them have a little access to your eyeballs is cool.
* NoScript – https://addons.mozilla.org/en-US/firefox/addon/722/ – (also at http://noscript.net/)
This blocks scripting on pages. Scripting is the single most dangerous avenue of attack on the web. This add-on allows you to selectively enable scripts on your important sites. I tell it to let sites like my bank and amazon run scripts. If you only go to a site occasionally and it looks broken when you get there, just temporarily allow the root of that domain and it should work nicely. You can also temporarily allow all scripts on a given page. (EDIT – October 15 2011: I have found that the best installation for most folks is to use the Options dialog “Allow Top-level sites by default”.
* Flashblock – https://addons.mozilla.org/en-US/firefox/addon/433/
To prevent flash objects and ads from running unsolicited. Gives you a little icon which you can click to see the content.
* Beef Taco – https://addons.mozilla.org/en-US/firefox/addon/180650/
This installs over 100 opt-out cookies in an instant. Easier and much more thorough than going to the NAI site.
* Better Privacy – https://addons.mozilla.org/en-US/firefox/addon/6623/
To deal with LSO / Flash cookies. I accept the cookie and then it is deleted on exit. I also let it keep the Macromedia/Adobe Flashplayer settings cookie.
* CS Lite – https://addons.mozilla.org/en-US/firefox/addon/5207/
Puts a little icon on the bottom of the browser and allows you quickly and easily allow cookies permanently or for the session
*Google (DoubleClick) Advertising Cookie Opt-Out – http://www.google.com/ads/preferences/plugin/
Opts you out of tracking cookies from DoubleClick, now owned from Google.
* Google Analytics Opt-out Browser Addon – http://tools.google.com/dlpage/gaoptout – (also available for IE & Chrome)
Google analytics is ubiquitous on the net. If for some reason you have allowed Google Analytics in the NoScript settings, this will prevent it from communicating with the server about the site visit.
* Ref Control https://addons.mozilla.org/en-US/firefox/addon/953/
Simply control what is sent as refferer. I set it to forge. Thus the server at the destination site will see itself as the originator of the visit. This helps prevent profile building.
* Track Me Not – https://addons.mozilla.org/en-US/firefox/addon/3173/
Sends not quite random search requests in the background. This prevents accurate profiles being built from your real search queries.
*Bonus, possibly unnecessary, add-on as it replicates and consolidates some of the above : Ghostery
EDIT – October 15 2011:
Ghostery has been coming on leaps and bounds over the last year. It now blocks 600+ tracking bugs and cookies and is getting granular enough to use in concert with everything above. Using Ghostery is a good way to avoid places like Facebook tracking you even when you are logged out of Facebook.
*Visit the Mozilla plugin check once a month https://www.mozilla.com/en-US/plugincheck/
All of the above should work to protect you on all OSs. Also, the default installations of all of them is pretty protective and will require almost no extra configuration. It’s mostly “set it and forget it.”
I also keep an installation of Opera or Chrome around just in case I encounter a website which completely refuses to work under these conditions. I think of these installations as my “promiscuous” browsers and use them as little as possible. As I’m on Windows, when all else fails I use IE.
Some other things to do, not related to Firefox add-ons and mostly for Windows users:
*Use a host file with known tracking and malware addresses nulled. I use the one found here: http://www.mvps.org/winhelp2002/hosts.htm
It is an ugly page, but it is comprehensive and the information is good. As simple or as complicated as you care to make it. While a huge hosts file *may* slow down your browsing a little, most modern computers are able to deal with it well enough. Note that properly configured hosts file will prevent even your “promiscuous” browser from finding the site. All network connected computers use a hosts file of some sort, so this one is not just for Widows users.
*Use a good free anti-virus and a good free malware detector. Currently, I use Avira (http://www.avira.com/en/support-download-free-antivirus) and Malwarebytes (http://www.malwarebytes.org/). Microsoft Security Essentials is another good choice, but is not available for XP 64 bit.
*Set Windows to notify about updates automatically. Your choice as to whether to install automatically.
*Run Secunia PSI once a month to make sure your applications are up to date
*If you are on broadband, make sure your computer is behind a router and not connected directly to the modem.
*Don’t use Adobe Acrobat Reader for PDF reading. Use an alternative PDF reader. I use Foxit Reader with “Safe Reading” turned on.
Of course, there are many more things you can do with regard to particular services on the web (locking down Facebook and using its applications carefully comes to mind), but these steps are easy enough to do that even my technophobic ex-boss is able to follow the program easily and I don’t need to help him out of trouble every week.
Henry, you put petrol in your car, right? You also change the oil, check the fluids and tires regularly. Think of this as the same thing. Your car is a tool, so is your computer. They both require just a little effort to keep you safe while you are in them.
Do you have a favourite tool? Let us know in the comments.