How to build a Firefox privacy arsenal

Don’t want to be bombarded with Google ads while browsing the Net? Don’t want Google to track where you’ve been? Fear not, there is a way to prevent Google from monitoring where you’ve browsed and a way to prevent Google-based junk from being downloaded to your computer, all without too much inconvenience.

This particular guide is for users of Mozilla Firefox, arguably the best browser out there today. The reason Firefox is the best is because there is a huge universe of add-ons out there that extend the functionality of the browser. Six of those add-ons will do wonders for your privacy and security. They are:

  • NoScript – Prevents scripts from running by default, especially those on untrusted or unknown websites. Script execution can be blocked globally and selectively allowed for trusted websites. NoScript is essential if you want to stop Google from tracking you, because it has the power to block Google’s scripts from executing, thus preventing Google from capturing information about you. It’s even recommended by the U.S. government.
  • RequestPolicy – Stops websites from automatically passing along information about you to other sites. Basically, it blocks stuff from being loaded from external domains. It works in conjunction with NoScript by blocking elements that can be embedded without scripting, like images and frames. (NoScript won’t block those. Conversely, RequestPolicy doesn’t block scripting. You need both add-ons working together for a safer browsing experience.)
  • Adblock Plus – Ever been annoyed by all those ads and banners on the internet that often take longer to download than everything else on the page? This add-on makes it easy to block ads that aren’t being served with JavaScript (NoScript will block those).
  • CookieSafe – This extension will allow you to easily control cookie permissions. It will appear on your statusbar. Just click on the icon to allow, block, or temporarily allow the site to set cookies. Use this extension to block Google from putting cookies on your computer.
  • Ghostery – Tracks the use of web bugs and beacons, which are used to send information about you back to a company like Google. Ghostery can both alert a user to the presence of web bugs as well as block whatever doesn’t manage to get stopped by NoScript and RequestPolicy.
  • BetterPrivacy – A specialized tool for removing what are called Local Shared Objects or Flash cookies. These are similar to normal cookies, except they are used by plugins like Adobe Flash (not the browser), they never expire, and their maximum filesize is twenty five times that of what a normal cookie is allowed to be. BetterPrivacy has the ability to delete LSOs after the conclusion of a browser session, thereby getting rid of unwanted implants on a computer.

With these tools, you can vastly enhance your Internet experience, block all that garbage that poorly designed websites want to download your computer, and speed up your browser.

Here’s how to get started.

To install these add ons, visit the links above and click on the green button. A smaller dialogue will appear and ask you if you want to install the add-on. Click Install. Repeat this process for the other add-ons. Then restart Firefox.

Once you have restarted the add-ons will be active. RequestPolicy will offer to set you up with a preconfigured whitelist which makes exceptions for Google and its domains. Decline this offer by unchecking the “International” box, and then click OK.

NoScript, RequestPolicy, Ghostery, and CookieSafe icons will appear in the bottom right corner of your browser. Right clicking on these icons will allow you to customize their behavior.

NoScript needs to be set to “Deny scripts globally” and CookieSafe should be set to “Deny cookies globally” … otherwise these tools can’t do their job of keeping you protected as you surf the Net!

You’ll notice on your tabs bar that NoScript has automatically loaded a tab for its website. Go to this tab and click on the NoScript icon. Tell NoScript to block googlesyndication.com (this is Google’s useless AdSense domain). The page should refresh and the ads on the left side of the page on NoScript’s website should be gone. Do the same thing with CookieSafe.

Now, visit google.com and make sure NoScript and CookieSafe are set to block that as well.

These are very important steps – you MUST do this because NoScript and CookieSafe will mark Google as trusted by default. You don’t want that. Be sure to block all of Google’s many other domains, e.g. google-analytics.com, if they are not blocked.

Now, configure Ghostery. Right click on the ghost icon, and hover over the Blocking menu option. A submenu should open. Click On to activate Ghostery’s web bug blocking feature.

Finally, when you exit your browser session, BetterPrivacy will tell you how many LSOs it found, and allow you to delete them. You can disable this reminder so BetterPrivacy does its work in the future without needing a response to a prompt onscreen.

Is it ethical to block ads?
Some whiny webmasters and advertisers believe it isn’t, but think about this for a moment: Who’s paying for your Internet connection? Whose computer is being used to browse their websites? (Yours.) Why shouldn’t you have control over what content gets downloaded to your computer through your internet service provider? If all you want to do is view the HTML contents of a web page, not allow scripts to download junk onto your computer without your consent, shouldn’t you be able to do that?

Many websites appear to be loading incorrectly with NoScript, RequestPolicy, and CookieSafe enabled…
Yeah, that’s gonna happen. There’s a tradeoff to staying safe… poorly designed websites won’t work, at least not unless you decide to trust them. If you’ve stumbled across a website that requires JavaScript or other domains just to load *anything*, shame on the webmaster. You should be able to see what’s on a website without JavaScript. Websites where cookies, external domain content, and JavaScript are required for everything to work are poorly designed. It’s especially dumb to use JavaScript to display content. Nowadays, HTML content can be presented and styled exclusively with Cascading Style Sheets. All webmasters should know this. (This site, by the way, does not require JavaScript to function!)

However, if you need to sign in to online banking or some other service you trust, you can mark that domain as trusted using NoScript, RequestPolicy, and CookieSafe. That’s why these extensions are useful, because it just takes a few clicks to add a site to your whitelist, and then you can get back to business.

Go Anonymous
In addition to taking the measures above, it is possible to go anonymous on the Web, making it even harder for companies like Google to track and monitor you. You’ll need to download an anonymizer like Tor and additional privacy software to make this work.

2 thoughts on “How to build a Firefox privacy arsenal

  1. Pingback: My Homepage
  2. Pingback: Take control of your browsing privacy | Eric's Blog

Comments are closed.