Fireox Extensions for Privay and Security

April 2019 ยท 7 minute read

In this post I’ll recommend Firefox extensions focused on privacy and security. We’ll go through how to install an extension, a list of recommendations, why you should install them as well as some basic usage guidelines. Some of them are dead simple to use, requiring little to none configuration or user interaction. Others assume you have more techical know how and are comfortable setting things up on your own.

How to install add-ons

There are several ways to install add-ons/extensions. We will be doing it through the offical Mozilla Add-ons site:

  1. Open the add-ons AMO page (links below)
  2. Click the Add to Firefox button
  3. If you’re comfortable with the required permission, click the Add button

If the installation was successful you’ll notice a new toolbar button. Each extension in this post has their own toolbar button which is used to access the new functions.

To remove an extension, open the add-on page from the top right corner menu (or press ctrl+shift+a) and click the remove button.

Easy

Below are the add-ons I deem easy to use, just install them and go about your day. On the off chance that a site you visit is broken it can easily disable extensions on a site per site basis via the toolbar buttons. More on that later.

HTTPS Everywhere

When you connected to http://owlnical.net you used HTTP. Your phone/computer asked the server for data which it then displayed in your browser. You can think of sending data via HTTP as you receiving a postcard from me. Someone might read it along the way, but does it really matter though? It’s only a public blog post after all.

(edit: owlnical.net is actually https only now :)

Now, say that you visit a site with more sensitive data, like your bank, or anywhere you input a password really. You don’t want anyone along the way to read what the server sends to you, or what your response is. A password on a postcard is a bad idea. That’s where HTTPS comes in. The postcards are now encrypted, and for anyone but you and the bank it’s really really really difficult to figure out what it says. An attacker can’t even pretend to be the bank by sending encrypted postcards of their own. HTTPS automagically makes sure that you’re connected to the correct server 1.

So HTTPS is important, some sites support it, others don’t… There are also sites which offer some limited support, but makes it difficult to use. HTTPS Everywhere helps you out by making sure that postcards are encrypted when possible2. After the installation is complete you’ll notice a new button in the Firefox toolbar.

If you think a site is broken because of HTTPS Everywhere, click the toolbar button and uncheck all the rules.

Privacy Badger

You’ve just checked out that smartphone you’ve been thinking of buying after you next paycheck. Heading home you pass a couple of billboards just outside the store entrance, and now - unbeknownst to you - employees from multiple advertising agencies are following you around. They’ll be keeping track of where you go and what you do for quite some time. It’s good for business knowing as much as possible about everyone who visits one of their clients. A map of someones life is a valuable commodity.

Privacy Badger stops online advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web3.

If you think a site is broken because of Privacy Badger, disable it. Click the toolbar button and then clicking on Disable Privacy Badger for This Site button.

uBlock Origin

A really nice supplement to Privacy Badger is uBlock Origin. It blocks ads, trackers and malware based on entries in one or more lists 4. Some are enabled by default while others are optional. You don’t need to subscribe to any other lists, but if you’re curious; Just open the uBlock settings and check which filters you want to use under the3rd-party-filters tab.

I’ve activated most of the privacy lists and the one relevant for my region/language (SWE: Fanboy's Swedish). It’s up to you what you want to block really. Activating all the lists will have a major impact your browsers performance, so don’t do that. Also, be sure to remove any other adblockers you might have installed previously. E.g. adblock plus.

To disable uBlock Origin for a single site, click on the toolbar button and then on the huge enable/disable button. You’ll need to reload the page for the changes to take effect.

Decentraleyes

Some files are so common on all (yeah not really) websites that there are centralized servers which supply these files for free. Google Hosted Libraries is one of them, but there are plenty of providers of there. This is a good thing btw! It speeds up loading times for lots and lots of pages. But it also allows your browser to be tracked. This is why someone came up with Decentraleyes. It essentially stores these files localy on your computer instead of retreiving them more than necessary. This prevents communication with Google while but it also keeps sites intact.

This is how you disable the add-on, should you run into any issues.

  1. Click on the toolbar button for Decentralize
  2. Click the huge enable/disable button

Multi-Account Containers

This one actually requires a wee bit of user interaction to work correctly, so feel free to skip it. Keep all the separate parts of your online life neatly contained in different tabs with Multi-Account Containers. Cookies and other offline data can’t be accessed between containers, so it’s similar to using separate browser. Custom labels and colors helps to keep track of things. You configure it as you wish, for example you could have one container for Amazon and another for Facebook. Neither will be aware of the other (at least not easily). You can even log in to the same site with different account, assuming they’re not in the same tab group5.

I have two groups. Personal (orange) and Work (blue). In Work I’m signed in to my Offie 365 work account, visible in a blue tab. In Personal I’m signed in to my Office 365 school account, visible in an orange tab. No need to sign-in/out when you alternate studies and work. As you might have figured already, the add-on requires a bit of user interaction to work correctly. Upon installation a new button will be added to the Firefox toolbar allowing you to open tabs in one of five default containers.

Advanced

The add-ons below requires more user interaction than the ones above. By default the settings are strict and a majority of the sites you visit will be broken. These have to be “fixed” on a site by site basis.

NoScript

Programmers can write code to add advanced functionality to their site. Think of it as programs/apps running directly in your browser. Chats, games, livestreaming, live notifications, animations, shopping, banking, improved site speed, image/text editors, statistics, tracking, sending emails, record keystrokes, send keystrokes, download files, record video, record audio etc. And we’re only scratching the surface here.

NoScript allows JavaScript, Java and other executable content to run only with your approval. This protects you from all kinds of online attacks6. It’s a bit time-consuming at first, choosing which sites to allow and which to deny.

Say that you accidentally click on a link taking you to a site with malicious code. With NoScript installed that code wont be executed until you allow it. What might have infected your computer with a virus is now just a minor annoyance. Again, note that this requires a lot of tweaking.

uMatrix

It’s a kind of firewall, which just like NoScript can block JavaScript, but also XHRs, iframes, cookies and more. You’re in full control what data sites can execute and have access to. This requires a substantial amount of work as most sites with advanced functionality will be broken until you allow the required scripts etc. but if you find “uMatrix” interesting I think you’ll find very useful.

That’s it! I higly recommend that you at least install uBlock Origin.

  1. HTTPS Everywhere
  2. Privacy Badger
  3. uBlock Origin
  4. Decentraleyes
  5. Multi-Account Containers
  6. NoScript
  7. uMatrix
ab05dd0e53215a121c34bde509b822e5a6abfbc8