Protect your personal information from being revealed by your browser

Browsers

863795 student with computer outdoors Protect your personal information from being revealed by your browser

Image courtesy stock.xchng user juliaf

Firefox Security and Privacy Settings

We recommend Firefox as the basis for configuring a safe browsing experience. We don’t recommend Google or Microsoft browsers since they are tied to companies that have search engines. It is therefore in their vested interest to design their browsers to cooperate as efficiently as possible with their search engines to gain and index the maximum amount of information. Firefox is far from perfect and has its own issues but they can be mitigated as described below.

There are other less popular browsers available. However, the uniqueness of these browsers will only aid search engines and web sites in tracking you. Anonymity is based on being one in a sea of many. Niche browsers won’t do that for you.

Tool bar and web site helper applications

Having tool bars from various companies or web site helper plug-ins installed on your browser will defeat all of the things mentioned below. Having a Toolbar from Google, Yahoo, etc. is an open invitation to track everything you do. Also, logging into a Google, Yahoo, Facebook, Microsoft or similar account will instantly allow them to track you.

How to prevent your browser form sending information to web sites
After following the steps below, you’ll be much harder to track. Coupled with our VPN service to mask your IP address and private email service, your Internet footprint will be as minimal as possible.

1) Cookies and history are the oldest of the tracking methods. Modern websites will not work well without them but they need to be managed.
Make sure cookies and history are deleted every time you close your browser.

Under Tools/Options/Privacy:
Do not check the ‘private browsing mode’ box (this is false security).
The following boxes need to be checked in order to properly clear your cookies/history:
Accept cookies from sites
Accept third party cookies (drop down box should say ‘Until I close Firefox’)
Clear history when Firefox closes
Click on the Settings tab in the Privacy window.
Check all of the boxes so that it clears everything when you close the browser.

Newer versions of Firefox include a box to ‘Delete Flash Cookies’. This is important and if you have an older version, upgrade to a newer one that includes this essential option. Or, you could use the plug-in named Better Privacy to clear the flash cookies. However, it is no longer necessary with the newer version of Firefox and adds an identifying marker to your browser that is unnecessary.

Following the steps above will allow browsing on sites to proceed without issues but will clear everything every time you close the browser, which you should always do when going from one web site to another.

2) Now add the plug-in No Script

This will prevent server-side scripts from running in your browser without your permission. This plug-in blocks all java scripts from running on web pages. This is both a privacy and security plug-in. By preventing the applications from running the instant you visit a page, there is little risk of malware affecting you in the background if you go to a compromised site.

Modern web sites have hidden links to a multitude of other web sites. Many of these scripts that load have nothing to do with the function of the site you are visiting. They are scripts that connect you to other sites like FaceBook, Google, Double Click, Twitter, etc. This allows these outside sites to track your activity across the Internet even though you never went to their site. By only allowing the essential java scripts that make the desired web site function, while preventing the others, you increase your privacy significantly.

After installing this plug-in most sites will not operate properly. You have to train the browser for each site you visit as to what to allow and not allow. No Script will give you a nice drop down menu telling you what sites are attempting to run scripts and then you can pick the ones that apply to the site you are on while rejecting the trackers.

By default No Script allows well known sites to operate freely. We suggest you change the default setting to restrict everything and then set all permissions manually. For example, If you go to a website that uses Google Analytics to track their visitors then Google will try to load google-analytics.com and run the java script to track you. If you have this disabled in No Script then you are less trackable without any functionality loss. All the search engines, tracking sites and social networking sites operate the same way. All of them are out to get every last bit of information on you in order to make money.

3) Prefetching

Firefox has a feature called Prefetching that downloads pages (in the background) that it thinks you are going to click on in the future. This is a serious security flaw since in order to make this guess it’s saving lots of information of your previously visited sites.
To turn this off, type:
about:config
into the address bar of Firefox and press enter.
Agree to the warning about making changes to the system.
Type:
network.prefetch-next
into the search bar
Right click on the option and select Toggle to change the setting to False.

 

4.) With Geo-location Firefox will try and tell websites where you’re located

To turn this off, type:
about:config
into the address bar of Firefox and press enter.
Agree to the warning about making changes to the system.
Type
geo.enabled
into the search bar
Right click on the option and select Toggle to change the setting to False.

5.) Mozilla has a feature called ‘DOM storage’ in recent versions of Firefox which can be used to track you.
To turn this off, type:
about:config
into the address bar of Firefox and press enter.
Agree to the warning about making changes to the system.
Type
dom.storage.enabled
into the search bar
Right click on the option and select Toggle to change the setting to False.

This article was provided by http://www.unspyable.com/.

my family survival

Comments

  1. Wonderful tips! There are several other steps I personally take to keep my computer secure in case somebody gets a hold of it. I partition my hard drive to create a hidden operating system. I then put all of the files on this other hard drive into true crypt. It’s done in such a way that you would never even know that the files are even on the computer unless you know specifically to look for them. You really just never know…

  2. SurvivorDan says:

    Nice. I have been very lax and am interested in reducing my profile despite my social media and blog visiting proclivities. I thought that I would have to simply stop such activities altogether but between MD’s recent post on the subject and yours I may be able to continue but with a lower profile. Thanks. Will study and implement this protocol later today. SD

  3. SurvivorDan says:

    I don’t have Firefox so I suppose it is easy to acquire and install?
    Yes….I am computer illiterate. ;)

  4. SurvivorDan says:

    The caveman avatar is mainly reflecting my level of expertise dealing with the computer age.
    Also my wild game and woman gathering techniques……wut?

  5. Wow. Some of this stuff I’ve never heard of. Thanks for this, M.D. Time to make some changes to my browser settings. A couple concerns I have regarding computing. I use Avast free antivirus, and the last couple program updates, they’ve automatically downloaded Chrome to my computer. There is an option to opt-out, but it flashes on the screen so quickly, it’s very difficult to catch before it installs. Talk about sneaky SOBs. After just un-installing Chrome, then links in my email wouldn’t open.

    Another pain in my neck is my ISP, who I also use for my main email account. They take it upon themselves to decide what is and isn’t SPAM, even when I’m sending email. I’m not talking about things going to the SPAM folder, I mean actual “blocking”. On several occasions, I’ve tried to share a website or forward an email, only to have them ‘reject’ it as spam. I just had this happen over and over the last couple days. A business was trying to email me a file, and it was blocked. It was finally deliverable using a free aol email account. While I haven’t had much of a problem with that account over the years, I’m still leery. Any suggestions on a reliable, free or low-cost email to use?

    (note to M.D.- I noticed my edited comment regarding computer OPSEC. I was pretty sure that part wouldn’t be posted, and I don’t blame you. Just wanted to share my thoughts on that. If I really thought that was the case, I wouldn’t donate. Appreciate your site and all you do!)

    • NANN!,

      Thanks… don’t want to give folks any wrong ideas all it takes is a spark and the next thing you know something false to start with has been blown out of proportion…

      p.s. I never add anything to a comment but if needed I might remove part of all of the comment.

    • NANN! – I understand about the ISP suddenly deciding that they won’t allow you to receive e-mails thinking they are some sort of SPAM. I have been a member of dieting/healthy living site for several years and suddenly most of the e-mail they send me never reaches me and the site resets my e-mail settings to “stop receiving e-mail” based on feedback from the ISP. Apparently, the ISP has decided they daily articles on healthy living are some sort of SPAM. Really?

  6. Georgeislearning says:

    I love firefox. The add on’s are fantastic. I use the” no script”, a great add on. The” ad block” is fantastic as will as it blocks all those pesty advertisements on sites….
    Hey thanks for that tip on the prefetch, I just turned that off. Thanks again

    • Georgeislearning,

      I hate the pop up ads on somme sites that are in your face – but the advertisers here (in the sidebars) help pay for this blog and keep it free for everyone.

  7. Libby77625 says:

    Hiya, M.D.,
    One of your pains in the butt is here again :)
    Thanks for posting the enhanced security tips. Some I do know, but did not know about the last few with Firefox, my preferred browser since it’s inception.
    Beefed up my security just a tad more, not that I’m hiding, but just want to sort of shield myself as much as possible from lottsa the bs being flung around in CyberWorld… and besidesI have never doubted that big brother IS lurking and learning.
    Good job, and a great service you do, M.D., and thanks ever so much!
    Libby

  8. Tactical G-Ma says:

    Thanks for the info. I will work on this.

  9. Suburban Housewife says:

    Thanks MD – I did all of what you said except the first thing (I don’t have tool bars – I’m talking about the history/cookies part)…now I’m a little nervous – I do a ton of my shopping and purchasing online, and I use my history to refer to a lot. The last time I cleared my cookies I had to re-enter all of my information back into all of the sites I regularly use. It was a pain – plus I ran into log in problems that required help from several of those sites. Huge hassle. What am I in for now? What if I don’t do the cookies/history thing?

    • Suburban Housewife,

      You may need to go back and adjust some of the setting to allow cookies on the sites visit most for shopping. But all you should have to enter is your email and password each time you visit the site.

      • Suburban Housewife says:

        Okey Dokey M.D. – I’ve been messing around on the net since I made your suggested changes and it’s different and a little more cumbersome but not too bad – I will work up my courage to do the cookies/history thing soon ;-)

    • Suburban Housewife,

      On many browsers now, if you press your ALT key, the tool bar will show up.

    • @Suburban Housewife,

      I use a program called 1Password to help manage all of my logins for various websites. All of your passwords are stored in an encrypted database on your own computer. The program also integrates with the major browsers (Internet Explorer, Firefox and Chrome) so you can log into your web-based accounts by simply clicking a button on your browser’s toolbar.

      They have a 30-day free trial but I noticed that the free trial continued to work in a stripped-down state beyond the 30 day mark. I eventually purchased it.

      Just be sure to backup your password database on a regular basis. ;)

      https://agilebits.com/onepassword

      • For a great, free Password management program that integrates with FireFox and Internet Explorer, try LastPass. I’ve been using it for about a year now, and it is awesome! and FREE for the standard version which should satisfy most user’s needs. Check it out at:
        https://lastpass.com/

  10. Hunker-Down says:

    Mr. Bill Binney, former senior technical director for the NSA was on the Glenn Beck show on 12-4-12.
    He says that the guberment has access to ALL 3rd party (our ISP, email,etc) electronic data. The government (he says) claims it is legal to collect that data according to section 215 of the Patriot act. This is the avenue whereby General Petraus was found to be having an affair. He did not say where that data is stored but did describe the following:

    In Bluffdale Utah a $2 billion data storage facility is under construction with the capacity to store all data except video FOR THE ENTIRE WORLD FOR THE NEXT 100 YEARS.

    So, I’m not going to attempt to hide electronically.

    I don’t intend to do anything illegal, and never have. The problem is, the government gathering my data may make some common everyday action illegal, for example, contributing to my church. My bank, a third party, will turn over that contribution transaction and the IRS will draw guns and knock down our door.
    Or some cyberspy zealot will make paranoid conclusions on my posted complaints (rants) and send some agency to shut down my freedom of thought.

    • Tactical G-Ma says:

      HD,
      The thing that bothers me is like in the movie Red Dawn, Boy Scouts were considered para-military. People who supplement their food by hunting, could be classified dangerous. Etc.
      Now, we can say we don’t like the guberment or a particular person and it is ok.
      It would only take a few exec orders and 123 any one of us could be in trouble.
      I have nothing to hide NOW. But in the future, this could become a weapon against the people it is designed to protect.
      And will they have an agency to catch the current bad guys?

  11. This might be a stupid question, but I don’t know the answer, so I’m asking.

    Step 4 – about ‘referer logging’…this isn’t something that’s going to deny M.D. getting credit if we click an ad on his site, is it? The title of that makes me wonder.

  12. M.D. you may want to change the wording of the first sentence for #2. The NoScript plugin will block of execution of “client-side” scripts, not “server-side” scripts. JavaScript runs on the client terminal, which in this case is the web browser. The NoScript plugin prevents certain client-side scripts from executing and “phoning home” to a web server and effectively snitching on you.

    This is a great blog by the way. I enjoy reading the comments as much as the articles.

  13. As a professional web programmer I would also recommend the following two browser plugins:

    1. AdBlock Plus: Does what it says it does. You can disable it for specific websites that you trust.

    2. Ghostery: Another plugin that blocks many of the tracking bugs that websites love to litter their pages with. Watch how much faster your pages will load when you don’t have to download and execute all those little turds every time.

    AdBlock Plus:
    https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/?src=search

    Ghostery:
    https://addons.mozilla.org/en-us/firefox/addon/ghostery/?src=search

  14. This is interesting. How would this integrated with web monitoring software though? (Such as OpenDNS, Covenant Eyes, etc…I prefer to keep an eye on what my teen is doing.)

    On a side note: I’m still new to this whole survival/prepper concept (thanks to Neil Strauss and then Rawles), and I wanted to take some training. I found a Surival school nearby and wondered if anyone here has heard anything about it? It is called Sigma III. Here is their page: http://www.survivalschool.us

    Thanks for any feedback!

  15. California Bob says:

    I didn’t realize that newer versions of Firefox make using Better Privacy unnecessary. Thanks for the tip. I use Firefox running under Puppy Linux with a “frugal install” to a USB flash. I boot up any PC I need to use from the USB flash and Puppy automatically configures itself to the PC hardware so I’m ready to go from where I left off last time. I also keep “portable apps” (including a windows version of Firefox) in a folder on the USB flash so I can run my programs on any PC that won’t let me boot from USB. I keep a little 4GB USB “chiclet” flash in my wallet so I have my data and tools ready when needed. You can use SD or microSD flash in the same way and be sure to keep the FAT32 format most flash drives come with to ensure compatibility with any PC, tablet, phone, etc. I keep my PC drives “clean” (don’t leave personal info on it) to make sure I won’t be at risk for identity theft is someone steals my desktop or laptop. That leaves more room for movies, music, and other stuff that doesn’t pose a security threat if stolen.

  16. Cory Brickner says:

    FYI, #5 turning off ‘DOM storage’ can have significant performance impact on your browsers. HTML5 incorporates DOM storage with JavaScript and AJAX in order to cache on the client side using a technique that Microsoft has created called Silo. http://static.usenix.org/event/webapps10/tech/full_papers/Mickens.pdf

    Those sites with significant JavaScript and CSS see a 20 – 80% performance gain. Just as an example, turn off DOM and attempt multiple searches in the Google engine. You’ll be waiting and waiting and waiting.

    Speed vs. Caching

  17. this was fantastic article thank you thank you
    NOW would you please write about or name companies that will erase your internet self. in other words how can I get references to login and what I said in various sites off the net?? I’ve heard about companies but i’ve also heard some are rip offs
    thank buddy

  18. Cory Brickner says:

    I’ve also found that setting Network.http.sendRefererHeader to 0 can impact functionality of some ASP / .Net apps. So if all of a sudden you can’t log into some site that you used to be able to, this setting is probably doing that.