How to Harden Your Browser Against Malware and Privacy Concerns

toggle-button

 

Malware imageOne of the first lines of defense we have against the plague of security and privacy problems that stalk the internet resides within our browsers. This article is meant to help you to harden your browser against all types of problems. However, do note that I would strongly suggest that even if your main concern is only about privacy you should still read through the security sections as well. Preventing your computer from communicating with potentially dangerous sites, and helping to avoid malware, plays a very important role in increasing your online privacy. Thus, protecting your privacy really does require that you also increase your security.

 

Also, note that for true protection you should also read my article about How to Stay Safe While Online. To achieve true privacy you should also read my article about How to Protect Your Online Privacy. The article you are currently reading is meant to be used in conjunction with both of these other articles. It is not really meant to be viewed in isolation, although it is certainly useful in that respect as well.

 

Notice that this article is not really as long as it seems. By this I mean that you really only need to navigate to the section applicable to the browser you are using. You really don't even need to worry about the other sections. Also, note that all instructions are provided assuming that no other changes to the configuration have been made. When configuring these browsers I installed them with default configurations and modified them from there. Also, unless otherwise noted, any instructions provided are applicable to all browsers within the below categories. Whenever specific browsers required different changes I noted that in my instructions.

Changelog:

11/23/2014-Replaced links to DoNotTrackMe to Blur as the name changed.

11/24/2014-I replaced Blur with Ghostery for Chrome and Firefox as it was brought to my attention that the new version has very bad reviews.

11/26/2014-Updated description for how to find the settings for Flash.

 

Index

1. General Changes To Browser

2. Use A Privacy Focused Search Engine

3. Modify Your Current Browser To Achieve Improved Security And Privacy

    A) Instructions For Chromium Browsers

    B) Instructions For Firefox (And Firefox Variants)

    C) Instructions For Opera

    D) Instructions For Internet Explorer

4. Alternatively Use JonDoFox To Greatly Improve Your Privacy

5. Periodically Clear Browsing Data

 

1. General Changes To Browser

 

If you are running Adobe Flash, as most people are, then there are a few changes to the settings you should make. Regardless of which browser you use you should modify your flash player settings to make sure that third-party flash cookies are disabled. If you are running Windows Vista or Windows 7 do this by going to the control panel on your computer. Then, if you have your Control Panel set to Category view, go to the subsection for "System and Security". If you have the Control Panel set to Large Icons view, or Small Icons view, Flash should already be available. If you are running Windows XP you should go to the control panel and make sure that it is set to "Classic View". At this point you should see the icon for "Flash Player". Open it. Under the Storage tab make sure the option to "Block all sites from storing information on this computer" is selected. Also, under the Advanced tab make sure that the option to "Allow Adobe to install updates" is selected.

 

In addition, it's important to know that Java is constantly being exploited in order to install malware on users computers. Also, the java plugin is not even needed for most sites to work properly. Thus, if the java plugin is in fact installed in your browser, my advice would be to remove it unless you find it necessary. In addition, assuming you uninstalled Java entirely from your computer, which I would recommend unless you are actively using it, you should also use the built-in Windows search to find the file "npDeployJava1.dll" on your C-drive and, if it exists, delete it. For some reason this file is not removed with the Java uninstaller. In addition, if there are any plugins you don't use I would recommend that you remove them as well. These may pose a threat to your security.

 

2. Use A Privacy Focused Search Engine

 

Google’s search engine records your searches and aggressively tracks you. So do many of the other top search engines. For this reason I would suggest that you use an alternative search engine. One of the best anonymous search engines I've found is called StartPage. This search engine allows you to search using Google's search engine, but it blocks Google's ability to track you. Its not quite as powerful as using Google alone, but it's definitely a very good search engine. More information can be found on this page, and an explanation of how to make it the default search engine of your browser can be found on this page. The same company that makes StartPage also makes a search engine called Ixquick. This gathers its results from many different sources and thus may be even more useful than StartPage. More information about it can be found on this page, and an explanation of how to make it the default search engine of your browser can be found on this page. Both search engines have been certified by an independent third-party to not record your IP address or use tracking cookies.

 

Another very good option is called DuckDuckGo. This search engine will also not record any information about your searches. DuckDuckGo gathers its search results from a compilation of many sources. It also displays possible answers to the question you asked right at the top of the results page. It can be a very useful search engine. More information about DuckDuckGo can be found on this page, and a link to add it to your browser is provided on the main search page.

 

3. Modify Your Current Browser To Achieve Improved Security And Privacy

 

A) Instructions For Chromium Browsers

 

All Chromium browsers use the Google Safe Browsing blacklist to protect users from known dangerous sites. The browsers I have reviewed are Google ChromeComodo Dragon, and SRWare Iron. All have built-in secure sandboxing, which make them especially difficult for outsiders to exploit, and are quickly patched against any known vulnerabilities. However, I have certain problems with Google Chrome.  Although it does have minor privacy concerns, which are discussed on this page and on this one, the major problem I have with it is that it is made by Google. Google is well known for having problems respecting the privacy of others. A good listing of relevant incidents can be found on this page. Because of this I find it very difficult to trust Google Chrome and thus will not recommend that anyone use their products.

 

Luckily, Comodo Dragon and SRWare Iron do not have these privacy concerns. All of the code has been screened by the developers of these products to make sure that these privacy concerns have been removed. Also, Comodo Dragon comes with the option to enable Comodo Secure DNS, which will automatically stop you from connecting with most malicious sites. I would recommend enabling that, unless you are currently using another secure DNS server and do not want to switch. This will increase the security even higher than what you get by just using the Google Safe Browsing blacklist.

 

For the below Extensions, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How to Increase Security

 

If you are using Google Chrome you will want to go to the settings and, at the bottom of the page, select the option to "Show advanced settings". Then select the option to "Check for server certificate revocation". For SRWare Iron you should navigate to the same area and do the same. Then also select the option to "Enable phishing and malware protection". No changes are required for Comodo Dragon.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • BitDefender TrafficLight: With this installed if you happen upon a dangerous site, which is blacklisted by BitDefender, it will block the page from loading. These include malicious pages, phishing sites, and fraudulent sites.
  • Adblock Plus: After installing this it will load a page. Near the bottom you can select which additional lists you would want to use. Personally, I select all, but the choice is yours.

Recommended Only For More Advanced Users

  • ScriptSafe: This add-on will block nearly all scripts, and other possibly dangerous content, from executing. This means that even if you stumble onto a dangerous site you cannot be attacked unless you manually add the scripts on that site to your whitelist. Thus you are protected from harmful scripts and many privacy threats. However, many sites use these scripts, and plugins, for legitimate purposes. Thus these sites will not work correctly unless you manually add the scripts on that site to your whitelist. This extension makes this relatively easy to do. Also, under the options you should select ‘Antisocial Mode’. Using ScriptSafe takes some getting used to, but if you are serious about staying safe online then this add-on is a must have.

 

How to Increase Privacy

 

All chromium browsers provide users with the option to start the browser in incognito mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. In addition I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration for improved privacy

Recommended For Both Beginner and Advanced Users

Go to Settings and click on the box at the bottom of the page that says "Show advanced settings".

Under the privacy section uncheck the box to "Use a prediction service to help complete searches...". Note that this change is not required for Comodo Dragon or SRWare Iron. Also make sure the option to "Predict network actions to improve page load performance" is unchecked for all browsers. For all browsers you should also select the option to "Send a 'Do not track' request with your browser traffic". Google Chrome users will also want to deselect the option to "Use a web service to help resolve navigation errors".

Now open the ‘Content Settings’ and select the box to ‘Block third-party cookies from being set’. This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked with very minimal negative side effects on your browsing. The only time you may have problems, and need to temporarily disable this, is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine.

 

Recommended Only For More Advanced Users

Under the Privacy section, in the main settings menu, check the box that says 'Do not allow websites to know where you came from (suppress HTTP Referrer header)'. Note that this option is not available in Google Chrome and is not required for SRWare Iron. However, do note that this can cause problems with some websites and may need to be disabled in order for some sites to function properly.

More advanced users may wish to just block cookies globally. Then, when it becomes necessary, they can manually add sites to the whitelist. However, this can be somewhat annoying since many sites will not work properly without cookies enabled. You can configure your browser to do this by going to the privacy content settings and selecting the option to not allow sites to set any data. Then you can allow cookies for individual sites through an icon near the URL bar. If blocking cookies globally is too annoying for your tastes then you can instead use the Vanilla extension, which is discussed below. This will allow you to easily decide which cookies to keep, and which to delete. Although it cannot prevent cookies from being placed on your computer, it does allow you to decide how long unwanted cookies should be kept.

Also, advanced users may want to check the option to delete cookies and other site and plug-in data when the browser is closed. What this will do is that each time you close your browser it will clear all cookies, DOM Storage, and most other data. This means that nearly all information from your previous browsing session will be lost each time. Make sure when you've completed making whatever changes you would like to make to your configuration you select OK to save them.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • HTTPS Everywhere: This forces many sites, which have the option to encrypt your connection, to actually encrypt it. Therefore your connection with these sites will be much more secure. Although the version for Chromium browsers is technically still in beta I have noticed no problems with it.
  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Ghostery: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. It is a good companion for Adblock Plus.

Recommended Only For More Advanced Users

  • Vanilla: This is a very good cookie manager for Chromium browsers. However, if you decided to block all cookies globally, as mentioned above, then this extension is not needed. One major downside to this extension is that it can’t block cookies automatically. However, in the options you can select to ‘Auto delete unwanted cookies after 5 minutes”. You can also configure it to clear unwanted cookies on startup. If you decide to use it I would strongly suggest enabling both features. You also have the option to add sites to the whitelist so that those cookies will never be deleted.

 

B) Instructions For Firefox (And Firefox Variants)

 

FirefoxComodo IceDragonPale Moon, and Waterfox (which is only for 64 bit systems) all use the Google Safe Browsing blacklist to protect users from known dangerous sites. All of these browsers are also being constantly updated to protect you from new vulnerabilities.

 

If you are installing Comodo Ice Dragon I would suggest that you enable the Secure DNS servers, unless you are currently using another secure DNS server and do not want to switch. Comodo DNS servers will block certain dangerous sites which even Google Safe Browsing does not.

 

Also, I would like to say that any of these browsers would be a good choice in terms of both security and privacy. I suppose that Comodo IceDragon may provide slightly higher security, since it has Comodo DNS Servers to also block known dangerous sites, but any of the browsers are really very good.

 

For the below Add-ons, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How To Increase Security

 

Use These Add-ons

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • BitDefender TrafficLight: With this installed if you happen upon a dangerous site, which is blacklisted by BitDefender, it will block the page from loading. These include malicious pages, phishing sites, and fraudulent sites.
  • Adblock Plus: This allows you to subscribe to many different filter lists, which help block unwanted or malicious content. These can be found on this page. You can subscribe to any of the lists on that page, but be aware that subscribing to too many will slow down your browsing experience. I'd advise subscribing to the EasyPrivacy+EasyList combination and Malware Domains. Note that after doing this you should go into your subscriptions and delete the Easylist one, as it will be covered by the combination list and is redundant.  This can be found by going to the settings for ABP in the extensions window.

Recommended Only For More Advanced Users

  • NoScript: This add-on will block nearly all scripts, and other possibly dangerous content, from executing. This means that even if you stumble upon a dangerous site you cannot be attacked unless you manually add the scripts on that site to your whitelist. Thus you are protected from harmful scripts and many privacy threats. However, many sites use these scripts, and plugins, for legitimate purposes. Thus these sites will not work correctly unless you manually add the scripts on that site to your whitelist. Using NoScript takes some getting used to, but if you are serious about staying safe online this add-on is a must have.

 

How To Increase Your Privacy

 

All of these browsers provide users with the option to start the browser in Private Browsing mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration for improved privacy

Recommended For Both Beginner and Advanced Users

Go to the dropdown menu and click on options. Then go to the Privacy tab. Make sure that the option that reads "Tell websites I do not want to be tracked" is selected. Now, under "History" select "Use custom settings for history" from the dropdown menu. Make sure that the option to "Accept third-party cookies" is unchecked. This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked. The only time you may have problems and need to temporarily disable this is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine.

Recommended Only For More Advanced Users

More advanced users may wish to prevent cookies from being set at all. To do this please use the Cookie Controller add-on, which is explained below. However, if blocking cookies globally, and whitelisting them manually, seems like too much of a hassle you can instead select the option to only keep the cookies until the browser is closed, which is an option from the dropdown menu under the history section of the privacy tab.

Some users may also want to select the option to Clear history when the browser closes. To do this you can click on "Settings" and select the type of data you would like to have removed. I would advise removing the cookies, cache, and "Offline Website Data" as this will be able to remove most types of tracking data. That said, nearly all information will be lost each time you close your browser, but if you're willing to make the sacrifice it will certainly help improve your privacy. Once you're done making your changes to the settings you can click OK to save them.

 

Use These Add-ons

Recommended For Both Beginner and Advanced Users

  • HTTPS Everywhere: This forces many sites, which have the option to encrypt your connection, to actually encrypt it. Therefore your connection with these sites will be much more secure.
  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Ghostery: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. It is a good companion for Adblock Plus.
  • Self-Destructing Cookies: This deletes the cookies related to a site as soon as you close it's tab. Thus, it should increase privacy without reducing usability.
  • BetterPrivacy: This will automatically prompt you to delete all local shared objects (LSO's) from your computer each time Firefox closes. For more information on why these are such a privacy risk please read this article.

Recommended Only For More Advanced Users

  • RequestPolicy: This will block cross-site requests by default. Thus you will be protected from Cross-site request forgery, which otherwise could send information about your browsing habits to unknown parties. When installing this I would advise that you leave the settings at default. Also, I would advise that you do not whitelist any sites unless you are experiencing difficulties.
  • Cookie Monster: This add-on extends your privacy protection by blocking all cookies by default. It allows you to quickly and easily allow or block cookies globally and then manually add exceptions for individual sites. Like NoScript this takes some getting used to since many sites will not work correctly without cookies enabled. However, if protecting your privacy is important then this is a must have. Note that if you use this you shouldn't need to also use Self-Destructing Cookies.
  • Secret Agent: This add-on will impede most of the fingerprinting-based tracking that is used to track users. After installed it will continually randomize your browser profile. Thus it is not possible to fingerprint your actual browser. However, sometimes this will cause sites to not work correctly. In those cases you may need to disable it for those sites.

 

​C) Instructions For Opera

 

Opera can be downloaded from this page. In general I do like this browser. It is very configurable and also has a lot of very useful extensions which can be added.

 

For the below Extensions, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How To Increase Security

 

How to change configuration of Opera for improved security

Recommended Only For More Advanced Users

Go to the Content section. If you are an advanced user you may want to deselect the option to "Enable JavaScript". This will protect you from any JavaScript based malware or privacy threats, but it will also mean that many websites will not work until you manually allow them.

Under the content section advanced users can check the box to "Enable plug-ins only on demand". This will mean that flash and java can only run on a page if you allow it, thus providing you with protection from many security and privacy threats.

Exceptions for both of these can easily be made for sites by right-clicking on any site and selecting "Edit Site Preferences". Then go to the content tab and manually uncheck the relevant box, and select OK, to add the site to your exceptions.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • Adblock Plus: This allows you to subscribe to many different filter lists, which help block unwanted or malicious content. These can be found on this page. You can subscribe to any of the lists on that page, but be aware that subscribing to too many will slow down your browsing experience. I'd advise subscribing to the EasyPrivacy+EasyList combination and Malware Domains. Note that after doing this you should go into your subscriptions and delete the Easylist one, as it will be covered by the combination list and is redundant.  This can be found by going to the settings for ABP in the extensions window.

 

How to Increase Privacy

 

Like most browsers Opera provides users with the option to start the browser in Private browsing mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration of Opera for improved privacy

Recommended For Both Beginner and Advanced Users

Under the settings part of the drop-down menu go to Preferences. Then go to the advanced tab. Under the Cookies section most users will want to select the option to "Accept cookies only from the site I visit". This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked. The only time you may have problems, and need to temporarily disable this, is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine. Also, under the security section select the option to "Ask websites not to track me".

Recommended Only For More Advanced Users

Under the Cookies section more advanced users can select the option to "Never Accept Cookies". This will block any cookies from being set, which will stop some websites from working. For these cases you will need to manually add cookies to the whitelist. It greatly affects your browsing experience as this is not easy to do with Opera. An alternative to this is to check the box labeled "Delete new cookies when exiting Opera". This will mean that sites do not continue to remember your information, but it will still allow the sites to operate correctly. Also, as before right-clicking on the site, and going to "Edit Site Preferences" allows you to remember cookies from that particular site. Also, under the network tab, users can deselect the option to "Send referrer information". It may also be helpful to disable "Enable geolocation". However, do note that this can cause problems with some websites and may need to be re-enabled.

Also, advanced users may want to go to the History section and turn off the cache for the disk, although this will mean that each time you visit a page it will have to reload from scratch. Thus this will slow down your browsing experience, but it will make it much more difficult for sites to track you. When you are done making your changes select OK to save them.

 

Use These Extensions

Recommended For Both Beginner and Advanced Users

  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Disconnect: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit.

 

​D) Instructions For Internet Explorer

 

Note that with Internet Explorer you need to enable add-ons after installing them. This will appear as a popup at the bottom of the screen.

 

For the below extensions, I would recommend that you read through the descriptions of all of them and install all which you believe would be helpful. Unless the instructions specifically mention a problem it should be safe for you to install all of them.

 

How to Increase Security

 

Recommended For Both Beginner and Advanced Users

Open the "Internet Options" and go to the Advanced tab. Then scroll down to the security section and select the option to "Enable SmartScreen Filter". This will check all sites, and downloads, against lists of known dangerous sites and files. Although this has certain privacy concerns I believe that the additional security it provides outweighs the privacy risks. That said, the choice is yours as to whether you want to enable it or not, but I would strongly recommend it.

 

  • Adblock Plus: This will block most ads, and tracking bugs.

 

Recommended Only For More Advanced Users

To disable flash globally go to tools, then safety, and click on "ActiveX filtering". After doing this flash, and all other ActiveX type content, will be blocked until you click the icon to enable it. This icon can be found on the address bar. You can then choose whether to turn ActiveX off or leave it on. This is a relatively good way to protect yourself from many threats, although I would prefer individual site whitelisting.

 

Use these add-ons

Recommended For Both Beginner and Advanced Users

  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.

 

How To Increase Privacy

 

Internet Explorer provides users with the option to start the browser in InPrivate Browsing mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. I would also advise that you change your default search engine to one which is discussed in section 2.

 

How to change configuration of Internet Explorer for improved privacy

Recommended For Both Beginner and Advanced Users

Open the "Internet Options". Under the Privacy tab most users can select the option to "Never allow websites to request your physical location". If needed you can manually add exclusions for particular sites, but this is almost never necessary. Also, most users will want to change the privacy settings to "Medium High".

Recommended Only For More Advanced Users

Open the "Internet Options". Under the General tab advanced users may want to select the option to "Delete browsing history on exit". This means that nearly all information will be lost each time you close your browser, but if you're willing to make the sacrifice it will help improve your privacy.

Under the privacy tab advanced users can click on the option for Advanced. Then select the option to "Override automatic cookie handling". Then uncheck the option to "Always allow session cookies". I would then advise that you select the option to Prompt for "First-part Cookies" and Block for "Third-party Cookies". Then select OK. When going to a site you will be prompted whether you want to accept the cookies or not. When making a decision I would suggest you select the option to "Apply my decision to all cookies from this website". However, this can be very annoying and you essentially have to do this for every site. Another alternative is to select Block for "First-party cookies" as well. However, this can be somewhat annoying since many sites will not work properly without cookies enabled. You then need to go back into the settings to manually add a site to the whitelist. Managing the cookies in such a way does greatly increase your level of privacy, but that comes at a great price in terms of usability.

Advanced users may want to go to the Advanced tab and disable the option to "Enable DOM Storage". This is located under the Security section. For an explanation of what that is please see this site.

 

Use these add-ons

Recommended For Both Beginner and Advanced Users

  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Blur: This used to be called DoNotTrackMe. It will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. More information is given in this review. Note that this may cause issues on Facebook and need to be disabled for all aspects of that site to work correctly. Other than that most sites should work fine with no changes to the configuration.

 

4. Alternatively Use JonDoFox To Greatly Improve Your Privacy

 

Note that for this browser I am not even considering security or usability concerns. This browser is truly oriented mainly towards privacy. For a more balanced approach please see my advice above. In addition to using this browser I would also advise that you change your default search engine to one which is discussed in section 2.

 

To surf the web with even greater anonymity than can be achieved with any of the above browsers, download JonDoFox from this page and install it. During installation it will prompt you to have it download Firefox. Assuming you don't already have Firefox installed let it install it for you. However, if you already have Firefox installed it will ask you whether you want to merge it with your Firefox configuration. You must either do that or install it as a portable browser. The choice is yours.

 

During the installation it will ask you if you want to download JonDo, which is a proxy program. I would recommend that you do not and instead use a virtual private network (VPN). This will provide you with an encrypted connection, much faster browsing speed, and an even higher level of privacy. To choose the best VPN for your needs please read this section of my article about How to Protect Your Privacy While Online. Make sure that if you do choose to use a VPN, you start it up each time before using JonDoFox to browse the internet. Also, if you do decide to use a VPN you should start up JonDoFox, left-click on the JonDoFox icon, and select the option for "No Proxy". When prompted you should also select the option to not show warnings about the proxy.

 

At this point JonDoFox is ready for you to begin browsing the internet with a very high level of privacy. No further changes are required for the configuration and no additional add-ons are required.

 

5. Periodically Clear Browsing Data

 

Even if the configuration changes suggested above some browsing data will still get saved to your computer. In addition you should be aware that the advice I give above will not prevent flash cookies from being stored on your computer from the site you are visiting. You have only disabled this for third-parties. Thus, to clear these flash cookies, and most other browsing data which may be on your computer, you may want to periodically clean your computer with a program called CCleaner. To download it you should download the Portable version from this page to avoid inadvertantly installing unwanted software.

 

After installing it there is one change you must make in order for it to clear flash cookies, as well as normal cookies and other browsing data. Please click on the Cleaner icon and go to the Applications tab. Then, under the Multimedia section, make sure that "Adobe Flash Player" is selected. Once you have made sure that CCleaner is configured properly you just make sure that all other programs are closed and then click on the button to "Run CCleaner". Running this periodically will help to increase your online privacy.

 

 

 

 

I realize that the configuration options, and available add-ons/extensions, for these browsers change over time. Thus I need your help in staying up to date with the best ways to protect all of these browsers from both safety and privacy concerns. Please help me by letting me know when you believe the advice I am providing is no longer entirely accurate, or that new approaches are now available.

In addition, please help by rating this article. If you believe this article deserves anything less than 5 stars, please leave a comment below explaining how you think it can be improved or where you find fault. This article is written by me but fueled by the community. Thus your opinions and advice are not only much appreciated, but actually necessary in order for this article to grow and improve.

 

If you found this article useful then perhaps you'd like to check out some of my others.

Best Free Antivirus Software

How to Avoid Spam

How to Clean An Infected Computer

How to Fix a Malware Infected Computer

How to Install Comodo Firewall

How to Know If Your Computer Is Infected

How to Protect Your Online Privacy

How to Report Dangerous Websites

How to Report Malware or False Positives to Multiple Antivirus Vendors

How to Report Spam

How to Stay Safe While Online

How to Tell if a File is Malicious

How to Tell If A Website Is Dangerous

 

This software category is in need of an editor. If you would like to give something back to the freeware community by taking it over, check out this page for more details. You can then contact us from that page or by clicking here

 

Please rate this article: 

Your rating: None
4.749335
Average: 4.7 (375 votes)
toggle-button

Comments

Yes fair comment, K9 is quite a powerful tool I guess, and I need to study it more myself to learn exactly how it is behaving in combination with my other security software.

Meanwhile though I have a couple of others that I'd like to mention...

* VTZilla (https://www.virustotal.com/en/documentation/browser-extensions/) is a Firefox add-on from Virus Total and installing this will add three very useful security tools to your browser.

Firstly, when you want to download a file you will find an extra option in the download dialog, so that before actually downloading the file you can select to "Scan With Virus Total". This will open the usual Virus Total page with scan results for the download link in question.

Secondly, any link on any webpage can be right-clicked, with again an added option to "Scan With Virus Total". An invaluable precaution if you have a link that you're uncertain about.

Both of the above work in email as well as in ordinary browsing, allowing you to scan attachments as well as links that people might send to you.

Lastly VTZilla adds a toolbar to Firefox, a very basic one which just has a "Scan Current Site" button, and a search box into which you can enter a website address or a file hash (SHA1, SHA256, or MD5) for the usual VT scan.

Although that last might not be for everyday users, I think VTZilla is still an indispensible security add-on, allowing as it does easy and quick access to VT's well known presentation of scan results from around 40 different sources. Also as well as Firefox, similar functionality is offered for Chrome and IE, though I've not tried those myself.

* Safe Preview (https://addons.mozilla.org/sl/firefox/addon/safe-preview/) is another Firefox add-on which I discovered just last week. This nifty little tool shows a pop-up for any link, that shows safety ratings from Google Advisory, McAfee, Norton Safe Web, WOT, Avast, TrustWave and DrWeb, and also allows you to preview a site in a larger pop-up, or to open it in a private browsing window.

Unfortunately you can't add your own ratings sources to it, though you can remove any that you don't want. It seems quite new and has a couple of bugs that need fixing (nothing serious, just a couple of non-working functions), but it seems pretty user friendly and has no impact on performance that I've noticed.

I've been giving Netcraft a test drive today since I read your post. Seems ok ... if it had any resource/performance issues before then they seem to have been sorted.
My only complaint so far is that clicking the options on the toolbar for more info opens that info in the same page that you're viewing, which is somewhat annoying and I can't find any option to change that. Otherwise, it seems pretty good though I'll have to spend some time with it to see how it compares to other blacklist-based security add-ons.

These are great suggestions. However, I am currently trying to focus on addons which protect you in real-time. Thus, VTZilla does not fit that criteria (although I do personally find it very interesting and a very good find). The reason for this is that I have received feedback that even as it is the lists are a little overwhelming. Thus, the most difficult issue I have with this particular article is keeping it powerful enough, and yet as short as possible. I hope you understand the difficulties I face in maintaining that. As for Safe Preview, I tried that out in Comodo Ice Dragon and it did not work. Thus, it appears it may not fully support browsers other than Firefox. I am only including addons which work with all listed variants of Firefox (once again to try to keep the article as short as possible). Thus, I will not include it at this time. However, if it eventually does support the listed variants I will take another look at it. Yet another very good find, and one I'll keep my eyes on. Thank you very much.

Thanks Chiron... yes I see your point about VT not being real-time protection as such, and perhaps aimed more at users who don't mind spending a little extra time to check out the safety of links and downloads etc. I can appreciate the point about your article though.

Safe Preview... Ice Dragon Portable is my main browser on both my PCs (W7 x86 and x64) and it works fine here so I guess there might be some compatibilty issue with plug ins. I must have been lucky as I run a lot of add-ons (80+ at the last count). It's a shame, as it is essentially like a very much cut down and more graphical version of VT in a way.
Hopefully this will be sorted as the add-on matures if it continues to be supported.

Cheers.

Okay, I did a complete uninstall of Comodo Ice Dragon. I then reinstalled, after deleting the old profiles manually, just to make sure nothing carried over. I then installed the Safe Preview addon. However, I experienced the same experience as before. It would work when run manually, but for Google results nothing was automatically generated. Thus, I'll keep my eye on this extension, and try it out periodically. Thanks.
Actually, SafePreview does work manually on my computer. However, it does not generate these reports automatically. Therefore, it may be due to a setting I changed, or an extension I added. I'll look into this more in depth. Thanks for bringing it to my attention that it works correctly for you.

What do you mean by automatically..? How it works here is, I hover my mouse over any link and two small icons appear. One of them when clicked shows the safety results from whatever sources are activated in preferences, while the other when clicked has shortcuts to preview the link.
If this is what you mean by 'manually' then afaik this is exactly how it's supposed to work... it doesn't show automatically on links in the same way that WoT or TL do, but that would be a bit messy I think given that it draws on half a dozen sources.

True the preview part is a little buggy.. :-) This has been commented on by people on the Mozilla page so hopefully will be fixed in an update. In the meantime the preview does work if accessed from the context menu.

In retrospect, I'd agree that its current state would justifiably disclude it from recommendation by you, but I'll also be keeping it installed to see if it progresses at all.

Oh, now I see. I apologize. I had glanced at the screenshot on their page too quickly and assumed that it automatically created those for each one, like WOT does. In that case it is working correctly on my computer, but as you noted it is not an addon I would recommend in general. However, it is very interesting, and useful. I'll keep my eye on it and see how it evolves.
Thanks for your feedback. I'm not entirely sure about TrafficLight, but I believe it is not scanning in real-time, but just checking a database of known bad sites. That said, I'm not sure and will be looking into it. Please let me know if you have any other questions.
This is from their site if it helps. MC - Site Manager: TrafficLight scans the pages you visit for malware and phishing attempts each and every time you access them to avoid the threat of legitimate but recently compromised websites. However, it won't block an entire website if just some pages within are malicious. Only the potentially harmful elements are blocked, leaving you free to view the rest of the site if you so choose. TrafficLight relies on intelligence provided by Bitdefender Cloud services to flag malware and phishing attempts in search results from Google or Bing. Not only that, but it also checks links in popular social network platforms and blocks them if they are suspect.

So much very useful information, thank you!

Thank you. Please let me know if you have any questions.

The Ghostery "bugs" has been renamed and categorised into sub-sections for a while.
It also has new advanced options.
eg. a white-list and whether to auto-apply new updates.

Opera can also easily be made more secure.

* Security prefs.
It has a tick-box option for refusing tracking cookies.
Fraud and malware protection is on by default.

* Content Prefs.
If you set "Enable plug-ins only on demand, Flash and java wait for your bidding (makes Youtube much faster). It also disables all flash advertising.

You can right-click on any page you trust and "edit site preferences" then enable plugins, so Opera remembers it.

* Cookies Prefs.
Change the default to "Accept cookies only from the site I visit".
Tick "Delete new cookies when exiting Opera".

Again you can right-click on any page you trust and "edit site preferences" then allow that site to keep it's cookies.

Opera gives you various options to tailor sites and cookies. You may prefer to set it differently.

* Opera content-blocking.
When using Opera's own right-click and block option, before clicking "Done" if you click on "details" you can delete the folder from the URL and just block the whole site.

* Network Prefs.
Some users may want to disable "GeoLocation".

* Opera itself
You can open Tabbed windows as a "Private Tab"

*Plugins
"Redirect to HTTPS" was superseded by "Swiss Knife"
Plugins such as "LinkRedirector" and "Redirect Bypasser" These can help you avoid going to a site you were not expecting.
There are redirect removers for google, but if you use one of the above, google is dealt with.
"Block Linkbucks" will also help avoid redirection in forums etc.
"Zscaler Safe Shopping" is also available for Opera.
"WebRank SEO" shows the site ratings from WOT, SiteAdvisor and SafeWeb.
"SurfPatrol" checks for exploits and helps protect against hijacking of your data.

For checking a site I am on, or intend to visit I also use "NetTools" and "GeoData for IP".

There are other AV browser plugins for all browsers, and a few site-plugins for social sites.
You may find a few more bits to add here (or one of your other guides) by checking http://my.opera.com/dr-flay/blog/online-anti-malware

Thankyou Chiron.
Very useful page, but your Opera info is very old.

There are other plugins I have left-out, as they are not stable enough, or other ones include the same functionality (and my comment has grown huge)
https://addons.opera.com/search/?query=redirect
https://addons.opera.com/search/?query=virus
https://addons.opera.com/search/?query=blocking
https://addons.opera.com/search/?query=security

I favour blocking bad sites at the hardware level with a "HOSTS" block-list, as my first-line of defence.
No plugins are needed, so it works for all software and OSs.
http://my.opera.com/dr-flay/blog/how-to-block-sites

NOTE
I don't use Norton or McAfee products in any form, due to too many false-positives, and poor detection ratio.
They give a false-sense of security, which can be worse than knowing you have no protection.

Sorry it took me so long to respond. Actually, I've recently become wary about ghostery and will probably be recommending a different product (PrivDog) in a few weeks. I'm just waiting for a few bugs to be ironed out and to ensure its stability. This would also replace AdBlock. Thanks for the feedback, and if I do end up putting Ghostery back in the article I will be sure to update my advice. I've also updated the Opera information. You provided a lot of information, of which some was new and some I already had in the article. I tried to pull out all of the most useful information (as including everything can get too cluttered), but if you feel I missed something crucial please let me know and I'll take another look. Thank you.

Pages