The main rule in setting these applications up is that you want a “Global Deny” policy, with a user-defined “whitelist” of trusted sites. The whitelist gets built up as you move around the web and slowly add sites to your list. That is, you don’t have to spend time creating these lists before you start, or before you’ll be secure. The point is that it’s easy. Having said that, this setup probably ain’t for granny. But if you have just a modicum of savvy, or the desire, this should work for you just fine.
Here are the add-ons I’ve installed in Firefox (and sometimes my email client, Thunderbird, too):
When you install this, you can also install a number of “filters”. I use EasyList, EasyPrivacy and fanboy-adblock. Don’t install a bunch of filters – it will be redundant, and will slow down your browser.
This add-on is not only good to block tracking sites, but it will block advertisements as well. I didn’t care about the latter initially, but there wasn’t a good way to just block tracking sites, so I installed the full set of filters. And boy – how much nicer the web became! Not only are ads generally annoying and intrusive (and we already see enough of them every day), they take up your bandwidth! For the bandwidth-limited, this add-on will improve your web experience even further by speeding things up.
This add-on controls what sites can put cookies on your browser.
You should set the preferences to “Deny cookies globally”. Whenever you come across a site that you trust, and that doesn’t seem to be working for you, click on the CS Lite icon in the status bar and set the site to either “allow cookies”, “allow cookies for session”, or “temporarily allow cookies”. I set up most of my cookies for the session (which deletes them after a time, so you have to log in again later).
This keeps your browser from telling sites where you came from. This is important because you can be tracked by these referrer strings. Let’s say you’re on your account page for a site, and there’s an ad from doubleclick on that page. Normally, even if you’re blocked cookies from doubleclick, they will see the site you came from when you see their advertisement. If there is identifiable information in the web address where you are (for example, an account number embedded in the URL), doubleclick could track you even without cookies (theoretically). Regardless, in general, it’s not a great idea to be sending around such information to sites that log your visits.
If you have problems with a site, right-click on the ref-control icon in the status bar, go to options, and add the site to your exceptions list (just like the cookies).
Default set to
Flash can set cookies also, but they’re different from normal cookies, so you need a different add-on to control them.
Set to delete cookies without asking upon shutdown
Other interesting plugins:
Noscript – starting to use this myself. Again, deny globally, with a user-defined whitelist.
Ghostery – show web bugs and other thingys that ad-block doesn’t catch.
Trackmenot – sends random searches to search engines in order to muddy their characterization of your web behavior.
One problem with this setup is that I need to allow some sites to track me, such as Google, in order to take advantage of their functionality. Google is the ultimate big brother. What we can do in this case, however, is to block “3rd party cookies”.
What that means is that, if you go see the google advertisements to the right of this blog post, google knows that *you* are browsing my blog (if you have google cookies). But those cookies don’t belong to blogspot.com – they belong to google.com. Hence, they are a “3rd party”. By blocking these 3rd party cookies, google and other sites you’ve allowed cookies for will only be able to track you, for the most part, when you’re on their respective pages (such as google.com), but not when you’re on other pages (such as nytimes.com). Unfortunately, CS Lite doesn’t have an option to block 3rd party cookies yet (I submitted a query about it – we’ll see if it gets addressed).
Regardless, even if we manage to block 3rd party cookies at some point, Google will still know the IP address from whence the request is coming. So if they’re smart (and they’re pretty smart), they’ll still probably be able to track you with your IP if you’ve visited google.com recently (which you probably have). One answer to the IP-tracking problem is to block ad in the first place, and that’s where Ad-block Plus comes in. By blocking your browser from getting the ads from google’s (or others’) ad-servers in the first place, google will have no way of knowing you’ve gone to pages where their ads are shown. Another option is to use a TOR (http://www.torproject.org/) proxy setup which changes your apparent IP address every so often, but that’s getting a bit beyond the scope of things here. Feel free to look it up online.