How to Harden Your Browser Against Malware and Privacy Concerns

 

One of the first lines of defense we have against the plague of security and privacy problems that stalk the internet resides within our browsers. This article is meant to help you to harden your browser against all types of problems. However, do note that I would strongly suggest that even if your main concern is only about privacy you should still read through the security sections as well. Preventing your computer from communicating with potentially dangerous sites, and helping to avoid malware, plays a very important role in increasing your online privacy. Thus, protecting your privacy really does require that you also increase your security.

 

Also, note that for true protection you should also read my article about How to Stay Safe While Online. To achieve true privacy you should also read my article about How to Protect Your Online Privacy. The article you are currently reading is meant to be used in conjunction with both of these other articles. It is not really meant to be viewed in isolation, although it is certainly useful in that respect as well.

 

Notice that this article is not really as long as it seems. By this I mean that you really only need to navigate to the section applicable to the browser you are using. You really don't even need to worry about the other sections. Also, note that all instructions are provided assuming that no other changes to the configuration have been made. When configuring these browsers I installed them with default configurations and modified them from there. Also, unless otherwise noted, any instructions provided are applicable to all browsers within the below categories. Whenever specific browsers required different changes I noted that in my instructions.

 

Index

1. General Changes To Browser

2. Use A Privacy Focused Search Engine

3. Modify Your Current Browser To Achieve Improved Security And Privacy

    A) Instructions For Chromium Browsers

    B) Instructions For Firefox (And Firefox Variants)

    C) Instructions For Opera

    D) Instructions For Internet Explorer

4. Alternatively Use JonDoFox To Greatly Improve Your Privacy

5. Periodically Clear Browsing Data

 

1. General Changes To Browser

 

If you are running Adobe Flash, as most people are, then there are a few changes to the settings you should make. Regardless of which browser you use you should modify your flash player settings to make sure that third-party flash cookies are disabled. If you are running Windows Vista or Windows 7 do this by going to the control panel on your computer. Then go to the subsection for "System and Security". If you are running Windows XP you should go to the control panel and make sure that it is set to "Classic View". At this point you should see the icon for "Flash Player". Open it. Under the Storage tab make sure the option to "Block all sites from storing information on this computer" is selected. Also, under the Advanced tab make sure that the option to "Allow Adobe to install updates" is selected.

 

In addition, it's important to know that Java is constantly being exploited in order to install malware on users computers. Also, the java plugin is not even needed for most sites to work properly. Thus, if the java plugin is in fact installed in your browser, my advice would be to remove it unless you find it necessary. In addition, assuming you uninstalled Java entirely from your computer, which I would recommend unless you are actively using it, you should also use the built-in Windows search to find the file "npDeployJava1.dll" on your C-drive and, if it exists, delete it. For some reason this file is not removed with the Java uninstaller. In addition, if there are any plugins you don't use I would recommend that you remove them as well. These may pose a threat to your security.

 

2. Use A Privacy Focused Search Engine

 

Google’s search engine records your searches and aggressively tracks you. So do many of the other top search engines. For this reason I would suggest that you use an alternative search engine. One of the best anonymous search engines I've found is called StartPage. This search engine allows you to search using Google's search engine, but it blocks Google's ability to track you. Its not quite as powerful as using Google alone, but it's definitely a very good search engine. More information can be found on this page, and an explanation of how to make it the default search engine of your browser can be found on this page. The same company that makes StartPage also makes a search engine called Ixquick. This gathers its results from many different sources and thus may be even more useful than StartPage. More information about it can be found on this page, and an explanation of how to make it the default search engine of your browser can be found on this page. Both search engines have been certified by an independent third-party to not record your IP address or use tracking cookies.

 

Another very good option is called DuckDuckGo. This search engine will also not record any information about your searches. DuckDuckGo gathers its search results from a compilation of many sources. It also displays possible answers to the question you asked right at the top of the results page. It can be a very useful search engine. More information about DuckDuckGo can be found on this page, and an explanation of how to make it the default search engine of your browser can be found on this page. Just navigate to the browser you are using and follow the directions provided.

 

3. Modify Your Current Browser To Achieve Improved Security And Privacy

 

A) Instructions For Chromium Browsers

 

All Chromium browsers use the Google Safe Browsing blacklist to protect users from known dangerous sites. The browsers I have reviewed are Google ChromeComodo Dragon, and SRWare Iron. All have built-in secure sandboxing, which make them especially difficult for outsiders to exploit, and are quickly patched against any known vulnerabilities. However, I have certain problems with Google Chrome.  Although it does have minor privacy concerns, which are discussed on this page and on this one, the major problem I have with it is that it is made by Google. Google is well known for having problems respecting the privacy of others. A good listing of relevant incidents can be found on this page. Because of this I find it very difficult to trust Google Chrome and thus will not recommend that anyone use their products.

 

Luckily, Comodo Dragon and SRWare Iron do not have these privacy concerns. All of the code has been screened by the developers of these products to make sure that these privacy concerns have been removed. Also, Comodo Dragon comes with the option to enable Comodo Secure DNS, which will automatically stop you from connecting with most malicious sites. I would recommend enabling that, unless you are currently using another secure DNS server and do not want to switch. This will increase the security even higher than what you get by just using the Google Safe Browsing blacklist.

 

For the below Extensions, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How to Increase Security

 

If you are using Google Chrome you will want to go to the settings and, at the bottom of the page, select the option to "Show advanced settings". Then select the option to "Check for server certificate revocation". For SRWare Iron you should navigate to the same area and do the same. Then also select the option to "Enable phishing and malware protection". No changes are required for Comodo Dragon.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • BitDefender TrafficLight: With this installed if you happen upon a dangerous site, which is blacklisted by BitDefender, it will block the page from loading. These include malicious pages, phishing sites, and fraudulent sites.
  • Adblock Plus for Google Chrome (Beta): After installing this it will load a page. Near the bottom you can select which additional lists you would want to use. Personally, I select all, but the choice is yours.

Recommended Only For More Advanced Users

  • ScriptSafe: This add-on will block nearly all scripts, and other possibly dangerous content, from executing. This means that even if you stumble onto a dangerous site you cannot be attacked unless you manually add the scripts on that site to your whitelist. Thus you are protected from harmful scripts and many privacy threats. However, many sites use these scripts, and plugins, for legitimate purposes. Thus these sites will not work correctly unless you manually add the scripts on that site to your whitelist. This extension makes this relatively easy to do. Also, under the options you should select ‘Antisocial Mode’. Using ScriptSafe takes some getting used to, but if you are serious about staying safe online then this add-on is a must have.

 

How to Increase Privacy

 

All chromium browsers provide users with the option to start the browser in incognito mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. In addition I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration for improved privacy

Recommended For Both Beginner and Advanced Users

Go to Settings and click on the box at the bottom of the page that says "Show advanced settings".

Under the privacy section uncheck the box to "Use a prediction service to help complete searches...". Note that this change is not required for Comodo Dragon or SRWare Iron. Also make sure the option to "Predict network actions to improve page load performance" is unchecked for all browsers. For all browsers you should also select the option to "Send a 'Do not track' request with your browser traffic". Google Chrome users will also want to deselect the option to "Use a web service to help resolve navigation errors".

Now open the ‘Content Settings’ and select the box to ‘Block third-party cookies from being set’. This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked with very minimal negative side effects on your browsing. The only time you may have problems, and need to temporarily disable this, is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine.

 

Recommended Only For More Advanced Users

Under the Privacy section, in the main settings menu, check the box that says 'Do not allow websites to know where you came from (suppress HTTP Referrer header)'. Note that this option is not available in Google Chrome and is not required for SRWare Iron. However, do note that this can cause problems with some websites and may need to be disabled in order for some sites to function properly.

More advanced users may wish to just block cookies globally. Then, when it becomes necessary, they can manually add sites to the whitelist. However, this can be somewhat annoying since many sites will not work properly without cookies enabled. You can configure your browser to do this by going to the privacy content settings and selecting the option to not allow sites to set any data. Then you can allow cookies for individual sites through an icon near the URL bar. If blocking cookies globally is too annoying for your tastes then you can instead use the Vanilla extension, which is discussed below. This will allow you to easily decide which cookies to keep, and which to delete. Although it cannot prevent cookies from being placed on your computer, it does allow you to decide how long unwanted cookies should be kept.

Also, advanced users may want to check the option to delete cookies and other site and plug-in data when the browser is closed. What this will do is that each time you close your browser it will clear all cookies, DOM Storage, and most other data. This means that nearly all information from your previous browsing session will be lost each time. Make sure when you've completed making whatever changes you would like to make to your configuration you select OK to save them.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • HTTPS Everywhere: This forces many sites, which have the option to encrypt your connection, to actually encrypt it. Therefore your connection with these sites will be much more secure. Although the version for Chromium browsers is technically still in beta I have noticed no problems with it.
  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Do Not Track Me: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. More information is given in this review. Note that this may cause issues on Facebook and need to be disabled for all aspects of that site to work correctly. Other than that most sites should work fine with no changes to the configuration.
  • Window Name Eraser: This add-on helps prevent sites from identifying you, which is possible even if you have cookies disabled. It is specifically designed to help protect you from evercookies.

Recommended Only For More Advanced Users

  • Vanilla: This is a very good cookie manager for Chromium browsers. However, if you decided to block all cookies globally, as mentioned above, then this extension is not needed. One major downside to this extension is that it can’t block cookies automatically. However, in the options you can select to ‘Auto delete unwanted cookies after 5 minutes”. You can also configure it to clear unwanted cookies on startup. If you decide to use it I would strongly suggest enabling both features. You also have the option to add sites to the whitelist so that those cookies will never be deleted.

 

B) Instructions For Firefox (And Firefox Variants)

 

FirefoxComodo IceDragonPale Moon, and Waterfox (which is only for 64 bit systems) all use the Google Safe Browsing blacklist to protect users from known dangerous sites. All of these browsers are also being constantly updated to protect you from new vulnerabilities.

 

If you are installing Comodo Ice Dragon I would suggest that you enable the Secure DNS servers, unless you are currently using another secure DNS server and do not want to switch. Comodo DNS servers will block certain dangerous sites which even Google Safe Browsing does not.

 

Also, I would like to say that any of these browsers would be a good choice in terms of both security and privacy. I suppose that Comodo IceDragon may provide slightly higher security, since it has Comodo DNS Servers to also block known dangerous sites, but any of the browsers are really very good.

 

For the below Add-ons, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How To Increase Security

 

Use These Add-ons

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • BitDefender TrafficLight: With this installed if you happen upon a dangerous site, which is blacklisted by BitDefender, it will block the page from loading. These include malicious pages, phishing sites, and fraudulent sites.
  • Adblock Plus: This allows you to subscribe to many different filter lists, which help block unwanted or malicious content. These can be found on this page. You can subscribe to any of the lists on that page, but be aware that subscribing to too many will slow down your browsing experience. I'd advise subscribing to the EasyPrivacy+EasyList combination and Malware Domains. Note that after doing this you should go into your subscriptions and delete the Easylist one, as it will be covered by the combination list and is redundant.  This can be found by going to the settings for ABP in the extensions window.

Recommended Only For More Advanced Users

  • NoScript: This add-on will block nearly all scripts, and other possibly dangerous content, from executing. This means that even if you stumble upon a dangerous site you cannot be attacked unless you manually add the scripts on that site to your whitelist. Thus you are protected from harmful scripts and many privacy threats. However, many sites use these scripts, and plugins, for legitimate purposes. Thus these sites will not work correctly unless you manually add the scripts on that site to your whitelist. Using NoScript takes some getting used to, but if you are serious about staying safe online this add-on is a must have.

 

How To Increase Your Privacy

 

All of these browsers provide users with the option to start the browser in Private Browsing mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration for improved privacy

Recommended For Both Beginner and Advanced Users

Go to the dropdown menu and click on options. Then go to the Privacy tab. Make sure that the option that reads "Tell websites I do not want to be tracked" is selected. Now, under "History" select "Use custom settings for history" from the dropdown menu. Make sure that the option to "Accept third-party cookies" is unchecked. This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked. The only time you may have problems and need to temporarily disable this is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine.

Recommended Only For More Advanced Users

More advanced users may wish to prevent cookies from being set at all. To do this please use the Cookie Controller add-on, which is explained below. However, if blocking cookies globally, and whitelisting them manually, seems like too much of a hassle you can instead select the option to only keep the cookies until the browser is closed, which is an option from the dropdown menu under the history section of the privacy tab.

Some users may also want to select the option to Clear history when the browser closes. To do this you can click on "Settings" and select the type of data you would like to have removed. I would advise removing the cookies, cache, and "Offline Website Data" as this will be able to remove most types of tracking data. That said, nearly all information will be lost each time you close your browser, but if you're willing to make the sacrifice it will certainly help improve your privacy. Once you're done making your changes to the settings you can click OK to save them.

 

Use These Add-ons

Recommended For Both Beginner and Advanced Users

  • HTTPS Everywhere: This forces many sites, which have the option to encrypt your connection, to actually encrypt it. Therefore your connection with these sites will be much more secure.
  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Do Not Track Me: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. More information is given in this review. Note that this may cause issues on Facebook and need to be disabled for all aspects of that site to work correctly. Other than that most sites should work fine with no changes to the configuration.
  • Self-Destructing Cookies: This deletes the cookies related to a site as soon as you close it's tab. Thus, it should increase privacy without reducing usability.
  • BetterPrivacy: This will automatically prompt you to delete all local shared objects (LSO's) from your computer each time Firefox closes. For more information on why these are such a privacy risk please read this article.

Recommended Only For More Advanced Users

  • RequestPolicy: This will block cross-site requests by default. Thus you will be protected from Cross-site request forgery, which otherwise could send information about your browsing habits to unknown parties. When installing this I would advise that you leave the settings at default. Also, I would advise that you do not whitelist any sites unless you are experiencing difficulties.
  • Cookie Monster: This add-on extends your privacy protection by blocking all cookies by default. It allows you to quickly and easily allow or block cookies globally and then manually add exceptions for individual sites. Like NoScript this takes some getting used to since many sites will not work correctly without cookies enabled. However, if protecting your privacy is important then this is a must have. Note that if you use this you shouldn't need to also use Self-Destructing Cookies.
  • Secret Agent: This add-on will impede most of the fingerprinting-based tracking that is used to track users. After installed it will continually randomize your browser profile. Thus it is not possible to fingerprint your actual browser. However, sometimes this will cause sites to not work correctly. In those cases you may need to disable it for those sites.

 

​C) Instructions For Opera

 

Opera can be downloaded from this page. In general I do like this browser. It is very configurable and also has a lot of very useful extensions which can be added.

 

For the below Extensions, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How To Increase Security

 

How to change configuration of Opera for improved security

Recommended Only For More Advanced Users

Go to the Content section. If you are an advanced user you may want to deselect the option to "Enable JavaScript". This will protect you from any JavaScript based malware or privacy threats, but it will also mean that many websites will not work until you manually allow them.

Under the content section advanced users can check the box to "Enable plug-ins only on demand". This will mean that flash and java can only run on a page if you allow it, thus providing you with protection from many security and privacy threats.

Exceptions for both of these can easily be made for sites by right-clicking on any site and selecting "Edit Site Preferences". Then go to the content tab and manually uncheck the relevant box, and select OK, to add the site to your exceptions.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • Adblock Plus: This allows you to subscribe to many different filter lists, which help block unwanted or malicious content. These can be found on this page. You can subscribe to any of the lists on that page, but be aware that subscribing to too many will slow down your browsing experience. I'd advise subscribing to the EasyPrivacy+EasyList combination and Malware Domains. Note that after doing this you should go into your subscriptions and delete the Easylist one, as it will be covered by the combination list and is redundant.  This can be found by going to the settings for ABP in the extensions window.

 

How to Increase Privacy

 

Like most browsers Opera provides users with the option to start the browser in Private browsing mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration of Opera for improved privacy

Recommended For Both Beginner and Advanced Users

Under the settings part of the drop-down menu go to Preferences. Then go to the advanced tab. Under the Cookies section most users will want to select the option to "Accept cookies only from the site I visit". This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked. The only time you may have problems, and need to temporarily disable this, is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine. Also, under the security section select the option to "Ask websites not to track me".

Recommended Only For More Advanced Users

Under the Cookies section more advanced users can select the option to "Never Accept Cookies". This will block any cookies from being set, which will stop some websites from working. For these cases you will need to manually add cookies to the whitelist. It greatly affects your browsing experience as this is not easy to do with Opera. An alternative to this is to check the box labeled "Delete new cookies when exiting Opera". This will mean that sites do not continue to remember your information, but it will still allow the sites to operate correctly. Also, as before right-clicking on the site, and going to "Edit Site Preferences" allows you to remember cookies from that particular site. Also, under the network tab, users can deselect the option to "Send referrer information". It may also be helpful to disable "Enable geolocation". However, do note that this can cause problems with some websites and may need to be re-enabled.

Also, advanced users may want to go to the History section and turn off the cache for the disk, although this will mean that each time you visit a page it will have to reload from scratch. Thus this will slow down your browsing experience, but it will make it much more difficult for sites to track you. When you are done making your changes select OK to save them.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Disconnect: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit.

 

​D) Instructions For Internet Explorer

 

Note that with Internet Explorer you need to enable add-ons after installing them. This will appear as a popup at the bottom of the screen.

 

For the below extensions, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How to Increase Security

 

Recommended For Both Beginner and Advanced Users

Open the "Internet Options" and go to the Advanced tab. Then scroll down to the security section and select the option to "Enable SmartScreen Filter". This will check all sites, and downloads, against lists of known dangerous sites and files. Although this has certain privacy concerns I believe that the additional security it provides outweighs the privacy risks. That said, the choice is yours as to whether you want to enable it or not, but I would strongly recommend it.

 

  • Adblock Plus: This will block most ads, and tracking bugs.

 

Recommended Only For More Advanced Users

To disable flash globally go to tools, then safety, and click on "ActiveX filtering". After doing this flash, and all other ActiveX type content, will be blocked until you click the icon to enable it. This icon can be found on the address bar. You can then choose whether to turn ActiveX off or leave it on. This is a relatively good way to protect yourself from many threats, although I would prefer individual site whitelisting.

 

Use these add-ons

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.

 

How To Increase Privacy

 

Internet Explorer provides users with the option to start the browser in InPrivate Browsing mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration of Internet Explorer for improved privacy

Recommended For Both Beginner and Advanced Users

Open the "Internet Options". Under the Privacy tab most users can select the option to "Never allow websites to request your physical location". If needed you can manually add exclusions for particular sites, but this is almost never necessary. Also, most users will want to change the privacy settings to "Medium High".

Recommended Only For More Advanced Users

Open the "Internet Options". Under the General tab advanced users may want to select the option to "Delete browsing history on exit". This means that nearly all information will be lost each time you close your browser, but if you're willing to make the sacrifice it will help improve your privacy.

Under the privacy tab advanced users can click on the option for Advanced. Then select the option to "Override automatic cookie handling". Then uncheck the option to "Always allow session cookies". I would then advise that you select the option to Prompt for "First-part Cookies" and Block for "Third-party Cookies". Then select OK. When going to a site you will be prompted whether you want to accept the cookies or not. When making a decision I would suggest you select the option to "Apply my decision to all cookies from this website". However, this can be very annoying and you essentially have to do this for every site. Another alternative is to select Block for "First-party cookies" as well. However, this can be somewhat annoying since many sites will not work properly without cookies enabled. You then need to go back into the settings to manually add a site to the whitelist. Managing the cookies in such a way does greatly increase your level of privacy, but that comes at a great price in terms of usability.

Advanced users may want to go to the Advanced tab and disable the option to "Enable DOM Storage". This is located under the Security section. For an explanation of what that is please see this site.

 

Use these add-ons

Recommended For Both Beginner and Advanced Users

  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Do Not Track Me: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. More information is given in this review. Note that this may cause issues on Facebook and need to be disabled for all aspects of that site to work correctly. Other than that most sites should work fine with no changes to the configuration.

 

4. Alternatively Use JonDoFox To Greatly Improve Your Privacy

 

Note that for this browser I am not even considering security or usability concerns. This browser is truly oriented mainly towards privacy. For a more balanced approach please see my advice above. In addition to using this browser I would also advise that you change your default search engine to one which is discussed in section 2.

 

To surf the web with even greater anonymity than can be achieved with any of the above browsers, download JonDoFox from this page and install it. During installation it will prompt you to have it download Firefox. Assuming you don't already have Firefox installed let it install it for you. However, if you already have Firefox installed it will ask you whether you want to merge it with your Firefox configuration. You must either do that or install it as a portable browser. The choice is yours.

 

During the installation it will ask you if you want to download JonDo, which is a proxy program. I would recommend that you do not and instead use a virtual private network (VPN). This will provide you with an encrypted connection, much faster browsing speed, and an even higher level of privacy. To choose the best VPN for your needs please read this section of my article about How to Protect Your Privacy While Online. Make sure that if you do choose to use a VPN, you start it up each time before using JonDoFox to browse the internet. Also, if you do decide to use a VPN you should start up JonDoFox, left-click on the JonDoFox icon, and select the option for "No Proxy". When prompted you should also select the option to not show warnings about the proxy.

 

At this point JonDoFox is ready for you to begin browsing the internet with a very high level of privacy. No further changes are required for the configuration and no additional add-ons are required.

 

5. Periodically Clear Browsing Data

 

Even if the configuration changes suggested above some browsing data will still get saved to your computer. In addition you should be aware that the advice I give above will not prevent flash cookies from being stored on your computer from the site you are visiting. You have only disabled this for third-parties. Thus, to clear these flash cookies, and most other browsing data which may be on your computer, you may want to periodically clean your computer with a program called CCleaner. To download it you should download the Portable version from this page to avoid inadvertantly installing unwanted software.

 

After installing it there is one change you must make in order for it to clear flash cookies, as well as normal cookies and other browsing data. Please click on the Cleaner icon and go to the Applications tab. Then, under the Multimedia section, make sure that "Adobe Flash Player" is selected. Once you have made sure that CCleaner is configured properly you just make sure that all other programs are closed and then click on the button to "Run CCleaner". Running this periodically will help to increase your online privacy.

 

 

 

 

I realize that the configuration options, and available add-ons/extensions, for these browsers change over time. Thus I need your help in staying up to date with the best ways to protect all of these browsers from both safety and privacy concerns. Please help me by letting me know when you believe the advice I am providing is no longer entirely accurate, or that new approaches are now available.

In addition, please help by rating this article. If you believe this article deserves anything less than 5 stars, please leave a comment below explaining how you think it can be improved or where you find fault. This article is written by me but fueled by the community. Thus your opinions and advice are not only much appreciated, but actually necessary in order for this article to grow and improve.

 

If you found this article useful then perhaps you'd like to check out some of my others.

How to Avoid Spam

How to Clean An Infected Computer

How to Fix a Malware Infected Computer

How to Install Comodo Firewall

How to Know If Your Computer Is Infected

How to Protect Your Online Privacy

How to Report Dangerous Websites

How to Report Malware or False Positives to Multiple Antivirus Vendors

How to Report Spam

How to Stay Safe While Online

How to Tell if a File is Malicious

How to Tell If A Website Is Dangerous

 

This software category is maintained by volunteer editor Chiron. Registered members can contact the editor with any comments or suggestions they might have by clicking here.

 

Share this
4.798075
Average: 4.8 (208 votes)
Your rating: None

Comments

by RandyDoqa on 4. November 2013 - 3:58  (111993)

Dear Chiron,

I just installed the latest version of Opera "17.0.1241.53", and tried to install the extensions mentioned in the review, but two of them didn't accept to be installed and they are:

- NoAds Advanced.

- Swiss Knife.

Both of them give me the following message when i try to install them: "This extension is only supported in Opera 11 and 12."

Please check that and tell me if their is a way to install them or to use other extensions instead of them.

Thank you so much for your time.

by Chiron on 4. November 2013 - 4:30  (111998)

Thank you. It turns out that NoAds Advanced does not work because there is now a version of AdBlock Plus available for Opera. I've therefore added that link instead.

For Swiss Knife, it is no longer supported. I also could not find another extension to redirect to https connections. I therefore removed it from the article.

If anyone knows of an extension which works with Opera to redirect http to https connections please let me know.

Thank you.

by ChaosReigns on 3. November 2013 - 15:27  (111978)

Chiron,
This is not a multi-browser extention, but for the Firefox variations, Adblock Plus Pop-up Addon goes hand-in-hand with Adblock Plus. I think it's at least worthy of investigation for your readers. Information, screenshots, and the download link can be found at....
http://jessehakanen.net/adblockpluspopupaddon/

by Chiron on 3. November 2013 - 18:21  (111985)

This is an interesting extension. However, as far as I've seen, most browsers do a very good job of blocking popups without the need to add popups. However, for those who are having issues, this could be very helpful.

That said, as I believe that most users will not need this, I will not add it to the article. The reasoning is that the article is already quite long as it is, and I'm trying to keep it as focused, and concise, as possible.

However, if it becomes apparent that there is a wide-spread problem with popups I will consider this extension.

Thank you.

by ShorePatrol on 3. November 2013 - 14:12  (111977)

Please consider informing users of Waterfox's 64 bit as to whether these measures will function here. I just tried to install Window Name Eraser and I can not find it although there seems to be a variant by the name Eraser. Do you feel this is a good alternative. I use LastPass, WOT, HTTPS, Ghostery(and yes I know their Issues),StartPage,AdBlocker Plus and have Norton from Comcast.Additionally I have gone into the BIOS and changed the values as you have suggested in the past to clear cookies upon closing the browser.I never open an unknown or unsolicited email. My question is, when is it sufficient to say "I have done enough or all that I believe is possible or necessary to protect myself from these issues" aside from something totally new.

by Chiron on 3. November 2013 - 18:19  (111984)

The difficulty I have found with extensions is that they usually are only guaranteed to work with the most popular variants. Thus, sometimes there may be instances, such as what you have found, where the extension does not work. I'm assuming you mean that Windows Name Eraser does not work with Waterfox, which I have not personally checked.

As for the rest of your approach, I think it looks good. My only concern is that you are using Norton, which is not bad, but is largely detection based for its protection. As I mention in my other article, I prefer default-deny protection.

by wekslap on 31. October 2013 - 1:07  (111903)

DoNotTrackMe is now severely effecting usage of Facebook

by Chiron on 31. October 2013 - 3:00  (111905)

Can you please be more specific as to what issues you are experiencing?

by wekslap on 1. November 2013 - 20:44  (111947)

Recently a lot of Facebook features were not working. After some investigation I disabled your suggested chrome extensions one at a time and found it was donottrackme that was causing the problem. Maybe a recent update has effected this. when I googled this, other users had had the same problem, also in comments on the chrome app site. I have always followed all your recommendations and apart from this issue have had no problems. thankyou for all your advice.

by Chiron on 2. November 2013 - 0:52  (111949)

Thank you. I've now updated the article to let other users know that it may need to be disabled for FaceBook.

Thanks again.

by RandyDoqa on 23. October 2013 - 23:50  (111707)

Dear Chiron,

First of all, I want to send you a very special thanks because of your articles, not just this one, but all your articles, they are awesome, I follow your steps in every single article and really you are a professional in what you are doing, I hope to become like you one day.

Secondly, regarding this article, I am a Chromium Browsers fan, mainly because of it's speed, my questions is:

- What is the best chromium browser between "Google Chrome, Comodo Dragon, SRWare Iron"? (I know that Google Chrome have privacy issues and i want to know the best alternative).

- Is Firefox better than Chromium Browsers in general to be my default browser or not?

- What is your favorite Browser and why?

Thank you so much for your articles again, and keep the good working.

My Best Regards.

by Chiron on 27. October 2013 - 20:10  (111810)

Thank you for your kind words. They really mean a lot, both to myself and hopefully also to all of the readers who have contributed such great advice. It is largely because of this feedback that these articles have grown the way they have.

As for choosing the best browser among the Chromium variants, that is a difficult question to answer. However, as you noted, I would not advise Google Chrome, due to the built-in tracking. Between the rest it's really up to you. What I would advise doing is trying out a few and sticking with what seems to best fit your needs.

There are a few differences you can consider, such as how often they are updated, extra security features implemented, speed, responsiveness, etc..., but as long as you are taking my advice on securing your computer I wouldn't really worry about how often they are updated. As long as it is updated somewhat often, and you are taking a preventive approach towards securing your computer, I personally don't believe that exploits are a major concern.

As for Firefox vs. the Chromium browsers, the same advice I gave above is true. However, I will note that Firefox is currently able to be better secured in terms of privacy, although the Chromium variants are improving as well. That said, with my advice you can achieve a moderate level of privacy with both types of browsers.

Currently I use Comodo Dragon. This is largely because of the speed and because, honestly, I am used to it. It also allows me to try out some of the new security extensions Comodo comes out with from time to time, such as PrivDog, without having to worry about incompatibilities.

Sorry this turned out to be such a long reply, but I hope it answered most of your questions. If not please feel free to reply.

Thank you.

by Blacklab on 18. September 2013 - 14:06  (110841)

@Chiron: AdBlock Plus 1.0 for Internet Explorer has been released by Wladimir Palant on the main AdBlock Plus website: https://adblockplus.org/releases/adblock-plus-10-for-internet-explorer-r... and the comments mention a few teething troubles. ABP for IE downloaded, installed easily and so far seems to work normally for me on IE8. Hooray!

AFAICS ABP for IE has two drawbacks compared with ABP Firefox installations:
1. The "Settings" page drop-down menu only appears to offer the EasyList Filter + it's language varieties.
2. The ABP button only displays on the Status bar (at base of pages) and cannot be moved via "Customise" into toolbars.

Curiously a search for "AdBlock Plus for IE" also brings up Simple Adblock site: http://simple-adblock.com/ which states it is now "AdBlock Plus for Internet Explorer" as well? Not tried this - is it the same thing or not?

However this looks like some very good news for IE users at last?

by Chiron on 18. September 2013 - 15:27  (110844)

I have added AdBlock Plus for IE to the list. Thanks for pointing this out to me.

Also, it looks like simple adblock has decided to become adblockplus for IE. They look like the same thing now.

Thanks.

by TimeServed on 31. August 2013 - 18:21  (110432)

Thanks for a very useful article! About those pesky Flash cookies....

After I first read this article, I selected the option to "Block all sites from storing information on this computer". Previously, it was set to "Ask". (Mind you, it never did Ask, so I've relied on Flash Cookies Cleaner -- which I believe is no longer available?) I had cause to re-read the article today and went to verify my Flash settings. It had gone back to Allow. So I re-set it to Block.

Pondering on possible causes, I saw that I'd installed a Flash update between my two readings of the article. Maybe the update imposed default settings? Half an hour later, having decided to post a comment, I checked my Flash settings. They'd all reverted to the defaults! I altered them again, waited another half-hour, and re-checked. This time, they were as I'd set them. One final point: rather than allowing Flash to automatically install updates, as your article suggests, I prefer to have it Ask. But, as it never does Ask, I must periodically check for updates.

Is it me, or is it Flash? My OS is WinXP SP3; I access the Flash control panel as administrator; my firewall allows Adobe Flash full internet access both in/out.

by Chiron on 27. October 2013 - 20:21  (111811)

I'm sorry I did not respond to this sooner.

It's possible that the update resets the selections to default. If this is so please report this as a bug to Adobe. I believe that your selection should be kept between updates. If I see this resetting I will report it as well.

As for Adobe not asking, I'm not sure why this would be. Has anyone else seen that setting it to Ask does not work? It works correctly on my computer. If it is not working for you please let me know by responding to this post.

Thank you.

by drchetan5 on 29. July 2013 - 8:43  (109726)

I was surprised not to find Sanboxie listed here. It is the program which will prevent ANY malware from entering your PC>

by sicknero on 30. July 2013 - 23:15  (109790)

Sandboxing is only as effective as the person using it. It can't in itself recognise malware or other dangerous code and depends entirely on a person not removing unsafe software from the sandbox.

I'm not having a dig at Sandboxie or any of the other options for sandboxing, indeed I use it a lot myself. I just think that the claim of its being able to prevent any malware infection might be perhaps a little misleading.

by Chiron on 29. July 2013 - 18:53  (109735)

Sandboxie is a very good program. However, this particular article concentrates on modifications you can make to your browser in order to protect yourself from malware and privacy concerns.

For a more comprehensive guide, please see my article about How to Stay Safe While Online:
http://www.techsupportalert.com/content/how-stay-safe-while-online.htm-0

If you believe anything is missing from either article please do not hesitate to let me know.

Thanks.

by tension on 28. July 2013 - 1:52  (109679)

“How to Harden Your Browser Against Malware and Privacy Concerns”,nice article

by Chiron on 28. July 2013 - 2:23  (109680)

Thank you.

Do you have any questions about software, or anything else you would like to know more about?

by JanTh on 28. July 2013 - 1:16  (109678)

I haven't seen this mentioned anywhere, so forgive me if this is a repeat. I have recently been trying a new addon (for me) for Firefox called "Dr.Web LinkChecker". I've had it a few weeks and may have even picked it up from your great site. I use it frequently and have never had a positive result for malware, but I haven't had a malware incident lately either. Use at your own risk...just passing along in hopes it helps.

https://addons.mozilla.org/en-US/firefox/addon/drweb-anti-virus-link-che...

It may also be available for other browsers

Thanks for all the great tips and progs

by sicknero on 31. July 2013 - 8:04  (109785)

A nice find, I've just now installed it for a test drive.

I see that as well as the link scanner it also has flash blocking, ad blocking (including selective blocking for page content), and anti-tracking. Good stuff.

I was wondering though Chiron, what do you think about the pros and cons of running multiple anti-tracking add ons? For instance I already use Ghostery, TrafficLight, and Cookie Controller ... some writers recommend not using more than one anti-tracker so I just wondered what thoughts you might have on the matter.

by Chiron on 31. July 2013 - 16:47  (109822)

Of those add-ons you listed I would really only classify Ghostery as mainly anti-tracking. However, I have run more than one dedicated anti-tracking add-on in the past and noticed no problem. I don't think there's a problem running multiple anti-tracking add-ons, but of course if you start witnessing issues you can just disable one of them and that should solve the problems.

In addition to this, I just wanted to let you know that I no longer recommend that users use Ghostery. It was this article which convinced me to abandon Ghostery and look elsewhere:
http://www.businessinsider.com/evidon-sells-ghostery-data-to-advertisers...

Thanks.

by Nodrog on 31. July 2013 - 20:35  (109832)

How on earth would this article convince you to abandon Ghostery? All it says is that they finance their operation by telling advertisers what their users don't want.

Since you have "looked elsewhere" what do you recommend to replace it?

by Chiron on 31. July 2013 - 20:56  (109833)

I did not mean to imply that I thought it was stealing users data, it's just that I was a little uneasy with the extension to begin with, seeing as it's owned by an advertising company.

I would advise using either Do Not Track Me, as advised by the current version of this article, or Disconnect. I really like both of these, but am currently unsure about which I would advise. Both are very good.

Please try out both and let me know what you think of them. This may help me in deciding which I should be advising.

Thanks.

by Nodrog on 31. July 2013 - 23:27  (109837)

As I understand it (but I may have got it wrong), Do Not Track Me is downloaded as part of AdblockPlus, which I already use in Firefox and Chrome - it is listed separately as an extension in my installation of Chrome but I do not see it in the list of extensions I have in Firefox.

I have added Disconnect to both browsers and will try it out as you ask - it seems to incorporate the Collusion extension, which works in Chrome but has never worked in Firefox for me.

EDIT - In fact Disconnect IS Collusion with an alternative "list" view which adds nothing to the party - at least with Ghostery you can allow individual widgets or other elements to enable functionality on trusted sites, with this one it seems to be all or nothing.

by Chiron on 1. August 2013 - 2:48  (109842)

DoNotTrackMe can be downloaded from this page:
http://www.abine.com/dntdetail.php?
It should be entirely separate from AdblockPlus.

Check it out. I think it has the granular control you're looking for. However, you can also selectively allow individual elements with Disconnect, at least with Chrome, which is what I briefly evaluated it with. You can also do the same for DoNotTrackMe.

by sicknero on 2. August 2013 - 9:06  (109867)

I tried Disconnect yesterday in Firefox and IceDragon... I was expecting from the comments to get Collusion installed along with it, or something similar, but in both try-outs the relevant button was inactive in the drop-down menu even after I installed Collusion separately.

(Nodrog - yes I also gave up on Collusion for a while as it never seemed to work, but I tried it again recently and it seems fine now. My only issue is that in IceDragon it has to be disabled and then re-enabled to make the button appear, but then that's the case with a few extensions in IceDragon. I have it running now in FF 22 and 23 Portable, no problems.)

Must admit I didn't much like Disconnect really, but to be fair that could well just be because of the unfamilar interface, which is why I wasn't very keen on DoNotTrackMe either.

At the moment I see no reason not to stick with Ghostery... as far as results go, it seems to me to pick up more trackers than any alternatives that I've tried and also works very well as an ad-blocker. I do think it's the best of it's type as far as effectiveness goes.

The title of the article you posted could I think be a little misleading if people don't go on to read the whole thing, or indeed Ghostery's own info on the subject. They don't collect personal data, which some people might take from the article's title at first glance.

TrafficLight does include anti-tracking, and Cookie Controller controls tracking cookies of course. Collusion now includes an option to view cookie-based tracking separately, so you can indeed see this in action.

Very interesting discussion anyway, thanks for your comments.

by Nodrog on 2. August 2013 - 11:06  (109869)

Neither Disconnect nor Collusion will work in my FF 22, so it must be because of my particular configuration/extensions. I did check Disconnect out in Chrome but did not see anything that would draw me away from Ghostery.

As for DoNotTrackMe, I compared its findings with Ghostery's on this and three other sites I visit every day - Ghostery finds 3 here, DNTM none, for the others the scores were Gh - 10,7 & 6 to DNTM's 1,0 & 1. This is probably explained by DNTM only having around 600 trackers in its library whereas Ghostery has almost 1600 - no doubt DNTM will increase this over time.

DoNotTrackMe does seem to do better in Chrome, but I was irritated by the pop-up being two-thirds advert, with the tracker info in very small print.

So for me, with Firefox, it's the trio of Ghostery, Priv3 and AdblockPlus that fits the bill and, although not part of Chiron's purpose in this article, I would also recommend Safe Preview and/or Webutation for checking out links.

Gizmos Needs You

Gizmo's Freeware is Recruiting

 We are looking for people with skills or interest in the following areas:
 -  Mobile Platform App Reviews for Android and iOS
 -  Windows, Mac and Linux software reviews       Interested? Click here