Personal VPN - Security and Privacy

copyright 2007-2020 personalvpn.org

How to secure your Firefox browser

 

1 - Never use a tool bar

Tool bars or site helper plug-ins installed on your browser will defeat all your security and privacy precautions.

 

2 - Cookies and history

These are the classic tracking methods used by websites. Websites will not work well without them, but they have to be controlled as follows:


Under Tools/Options/Privacy:
Do not check the 'private browsing mode' box, as it's a waste of time and a totally false sense of security.  Don't waste your time checking 'do not track' either as it doesn't prevent anyone or any site from tracking you.
- Accept cookies from sites
- Accept third party cookies (the drop down box should say 'Until I close Firefox')
- Clear history when Firefox closes
- Click on the Settings tab in the Privacy window.
- Check all of the boxes so that it clears everything when you close the browser.
- Some versions of Firefox include a box to 'Delete Flash Cookies'. This is important. If your version doesn't have it use the plug-in named Better Privacy to clear the flash cookies.

 

3 - Add the plug-in 'No Script'

This plug-in blocks all java scripts from running on web pages without your permission. By preventing the applications from running the moment you visit a page, there is little chance of malware affecting you in the background if you go to a hacked site.

Most websites have hidden links to a multitude of other websites. Many of these scripts that load have nothing to do with the site you are visiting. These scripts connect you to other sites like FaceBook, Google, Double Click, etc. This allows them to track your activity across the Internet even though you never went to their site. By only allowing the essential java scripts that make the site you are visiting function, while preventing the others, you increase your privacy significantly.

After installing this plug-in, sites will not operate properly. You have to train the browser for each site you visit as to what to allow and not allow. No Script will give you a detailed drop down menu telling you what sites are attempting to run scripts and then you can pick the ones that apply to the site you are on while rejecting the trackers.

By default, No Script allows well known sites to operate. Change the default setting to remove everything and then set all permissions manually under the white list options.

 

FireFox configuration settings. The following changes are made in the FireFox configuration screen. To get there type about:config in the address bar and pres enter. Agree to the warning about making changes to the system. Now do the following.

 

1) - Prefetching

Prefetching downloads pages in the background that you may click on in the future based on your previous site history.
Type:
network.prefetch-next
into the search bar
Right click on the option and select Toggle to change the setting to False.

 

2) - Referer logging

Used to allow websites and web servers to identify what sites you already visited.  You don't want site B knowing that you came from site A.
Type:
Network.http.sendRefererHeader
into the search bar and set the entry to 0.

 

3) Geo-location

Reports your location to web sites.
Type
geo.enabled
into the search bar
Right click on the option and select Toggle to change the setting to False.

4) DOM storage

Can be used to track you.
Type
dom.storage.enabled
into the search bar
Right click on the option and select Toggle to change the setting to False.

5) Browser Session History

The greater the number of entries increases tracking ability.
Type:
browser.sessionhistory.max_entries
into the search bar and set the entry to 2 or 3.
This will limit how many pages the back button in FireFox will allow you to go since it's limiting how many pages it remembers and other sites and see.

 

6) Browser Display Fonts - Reduces the uniqueness of your browser making it more difficult to identify you.

Type
browser.display.use_document_fonts
into the search bar and set the entry to 0.
This will limit your browser fonts and change the look of some pages but also limits the number of fonts reported to web sites reducing the uniqueness of your browser.

 

7) media.peerconnection.enabled

Type:
media.peerconnection.enabled
into the search bar
Right click on the option and select Toggle to change the setting to False.
Prevents WebTRC connections from revealing your true IP. (This wil prevent a well known hack that allows your true IP to be revealed)