5 Firefox extensions to protect your privacy

Keep your browser from leaking your data with these privacy-focused tools.
343 readers like this
343 readers like this
Cloud storage blocks

Opensource.com

In the wake of the Cambridge Analytica story, I took a hard look at how far I had let Facebook penetrate my online presence. As I'm generally concerned about single points of failure (or compromise), I am not one to use social logins. I use a password manager and create unique logins for every site (and you should, too).

What I was most perturbed about was the pervasive intrusion Facebook was having on my digital life. I uninstalled the Facebook mobile app almost immediately after diving into the Cambridge Analytica story. I also disconnected all apps, games, and websites from Facebook. Yes, this will change your experience on Facebook, but it will also protect your privacy. As a veteran with friends spread out across the globe, maintaining the social connectivity of Facebook is important to me.

I went about the task of scrutinizing other services as well. I checked Google, Twitter, GitHub, and more for any unused connected applications. But I know that's not enough. I need my browser to be proactive in preventing behavior that violates my privacy. I began the task of figuring out how best to do that. Sure, I can lock down a browser, but I need to make the sites and tools I use work while trying to keep them from leaking data.

Following are five tools that will protect your privacy while using your browser. The first three extensions are available for Firefox and Chrome, while the latter two are only available for Firefox.

Privacy Badger

Privacy Badger has been my go-to extension for quite some time. Do other content or ad blockers do a better job? Maybe. The problem with a lot of content blockers is that they are "pay for play." Meaning they have "partners" that get whitelisted for a fee. That is the antithesis of why content blockers exist. Privacy Badger is made by the Electronic Frontier Foundation (EFF), a nonprofit entity with a donation-based business model. Privacy Badger promises to learn from your browsing habits and requires minimal tuning. For example, I have only had to whitelist a handful of sites. Privacy Badger also allows granular controls of exactly which trackers are enabled on what sites. It's my #1, must-install extension, no matter the browser.

DuckDuckGo Privacy Essentials

The search engine DuckDuckGo has typically been privacy-conscious. DuckDuckGo Privacy Essentials works across major mobile devices and browsers. It's unique in the sense that it grades sites based on the settings you give them. For example, Facebook gets a D, even with Privacy Protection enabled. Meanwhile, chrisshort.net gets a B with Privacy Protection enabled and a C with it disabled. If you're not keen on EFF or Privacy Badger for whatever reason, I would recommend DuckDuckGo Privacy Essentials (choose one, not both, as they essentially do the same thing).

HTTPS Everywhere

HTTPS Everywhere is another extension from the EFF. According to HTTPS Everywhere, "Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology to rewrite requests to these sites to HTTPS." While a lot of sites and browsers are getting better about implementing HTTPS, there are a lot of sites that still need help. HTTPS Everywhere will try its best to make sure your traffic is encrypted.

NoScript Security Suite

NoScript Security Suite is not for the faint of heart. While the Firefox-only extension "allows JavaScript, Java, Flash, and other plugins to be executed only by trusted websites of your choice," it doesn't do a great job at figuring out what your choices are. But, make no mistake, a surefire way to prevent leaking data is not executing code that could leak it. NoScript enables that via its "whitelist-based preemptive script blocking." This means you will need to build the whitelist as you go for sites not already on it. Note that NoScript is only available for Firefox.

Facebook Container

Facebook Container makes Firefox the only browser where I will use Facebook. "Facebook Container works by isolating your Facebook identity into a separate container that makes it harder for Facebook to track your visits to other websites with third-party cookies." This means Facebook cannot snoop on activity happening elsewhere in your browser. Suddenly those creepy ads will stop appearing so frequently (assuming you uninstalled the Facebook app from your mobile devices). Using Facebook in an isolated space will prevent any additional collection of data. Remember, you've given Facebook data already, and Facebook Container can't prevent that data from being shared.

These are my go-to extensions for browser privacy. What are yours? Please share them in the comments.

Chris Short
Kubernetes | Voice of Hybrid Cloud on openshift.tv, Red Hat | CNCF Ambassador + @KubeWeekly | devopsish.com | Disabled Veteran | He/Him/His | Views solely mine

6 Comments

"NoScript Security Suite is not for the faint of heart."

Heh, I recently installed NoScript and it broke the Internet. Seriously, everything uses JavaScript and almost all pages simply wouldn't load. But after a month or so I've got it tuned pretty well and I like it. It also opened my eyes to simply how much of my web usage was being shared with sites like facebook.com.

Now, with NoScript, I can get the functionality I need from the sites I use without loading code from tracking sites or other sites I distrust. It's worth the effort.

I found Privacy Badger to miss a lot and require constant tweaking. I think uBlock Origin would serve most people better. Let the list creators presort things and you can reap the ridiculously low, resource usage, benefits. PB is great in concept, but the learning software has always taken way too much work, every single time something new comes along.

I do use NoScript and HTTPS Everywhere. I can't recommend them enough. NoScript makes your browser so much faster and more stable, while at the same time making you more secure. A lot of configuring, but it pays in the long run. Some say HTTPS Everywhere isn't really needed that much anymore, plus it breaks a site occasionally, but I still like it.

I recommend Decentraleyes and either Cookie AutoDelete or ForgetMeNot.

Decentraleyes makes you faster and a bit more secure by moving third party content deliveries, localized. You do have to configure your other security programs, but the payoff is nice.

The other two handle cookies and other stuff. Forget Me Not is slightly more advanced, but a counter-intuitive interface. I prefer Cookie AutoDelete, which will help you dodge both tracking and other bad cookies, while constantly cleaning your browser. I'm not the type to think I have to constantly log out of places or clear cookies, but I do like being able to go back to sites anonymously and take advantage, like dodging reading limits or entering for something twice (Outside of IP tracking stuff, of course). Extra security is a nice added benefit.

Along with Privacy Badger, Noscript, and HTTPS Everywhere, I also use Disconnect, and Adblock Plus (with "acceptable ads" disabled!) I have also disabled Pocket in Firefox, and have all of its settings tuned for maximum privacy.

uBlock origin is a very good adblocker. Its sidekick, uMatrix, gives you the most precise control on what you want to allow, and from where, on a web page. Give it a try, although a bit tricky to use in the beginning, it shows its power very quickly as you learn to use it.

Hello, another great extension is "Firefox Multi-Account Containers". You can isolate your session into container and use two gmail account in the same browser, or isolate facebook in one container ...
"Multi-Account Containers helps you keep all the parts of your online life contained in different tabs. Custom labels and color-coded tabs help keep different activities — like online shopping, travel planning, or checking work email — separate."

I do all of the above and before each and every FB visit I blow away all cookies, and again after I leave FB.

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.