Tuesday, April 27, 2010

Plugging privacy leaks with CsFire

In my last post, I detailed a number of firefox add-ons which serve to keep your web activities as private as possible without going through the hassle of using anonymizers. I mentioned that a major hole in the assembly of tools I outlined there was the lack of 3rd-party cookie blockers. That means that, as you browse to example.com, for example, google can track you there if example.com has links to google embedded in its pages. Ad-block plus doesn't help us there because google isn't identified as an advertiser - only its Adsense servers are. This goes for facebook, nytimes, and any other sites not specifically targeted as advertisers, and for whom we have allowed cookies to operate.

This is the new, real threat to privacy - corporations whose services we would like to use to some extent, but whose prying eyes know no limits: I couldn't get by without google these days, but I certainly don't want them tracking me all over the place.

The only answer I've found so far for this issue is Philippe De Ryck's add-on called CsFire [addons.mozilla.org]. CsFire blocks 3rd-party cookies, and more. It's pretty complex, but it will work out of the box, without modification, for most users (though it allows requests to google and facebook by default - you can change that by implementing "local" policies) . With CsFire, you can: block 3rd-party cookies; block 3rd-party HTTP authentication (with the newest versions of firefox); block 3rd-party content from loading; customize behavior on a origin-destination site pair basis; and more.

If you're concerned about corporate invasions of your privacy like I am, I highly recommend using this add-on - it goes a long way to protecting what is being put at risk by ubiquitous services such as google, and social networks such as facebook. Unless you configure it to completely block 3rd party content (I'm considering doing this for facebook and google), these corporations may still be able to track you to an extent via your IP address, but it will be hard for them if you're behind a NAT with lots of other computers. Even if you're not behind a NAT, this add-on will still complicate their tracking tasks *greatly*, and will go a long way towards protecting your privacy.


Anonymous said...

Scouts Honor, thank you for your words are thoughtful...
Also useful are,those suggestions.

Stay safe.

Anonymous said...

what do you recommend that'll work with chrome--or do these work with chrome, as well?

sorry if that's a daft question, but i had to kick FF to the curb after too much crashing.