Five must-have security/privacy extensions for Firefox
While installing Firefox is one of the most important steps one can take toward a safe online experience, the browser is (alas) not completely safe out of the box.
Do you consider yourself to be a privacy aware Internet user? Are you concerned about your security online?
You've installed antivirus and spyware software, which you also keep updated. You regularly update your operating system for any security patches. You have a firewall on your home computer and have locked down your home wireless network with a WPA2 password. Most importantly, you've ditched Internet Explorer and jumped on the Firefox bandwagon.
Your job is done, right? Think again.
While installing Firefox (and not using IE) is one of the most important steps users can take towards a safe online experience, Firefox is (alas) not totally safe out of the box. Luckily, Firefox provides a very flexible framework for open-source programmers and commercial vendors to create their own software add-ons for the browser. A number of these software extensions fix critical design flaws in Firefox--or simply improve transparency so that users have a better idea of where they are and which sites they're interacting with. I've selected a few of the best ones, which I highlight below.
Using a number of sneaky attacks, it is possible for phishers and other Web-based bad guys to figure out which Web sites you regularly visit. While the fact that you frequently visit ESPN may not be a problem, such attack techniques can tell the phisher exactly which online bank you use, allowing her to tailor deception-based phishing emails so that they're far more likely to dupe you. These and other attacks were described by Sid Stamm and Markus Jakobsson, colleagues of mine at Indiana University in their paper "Invasive Browser Sniffing and Countermeasures" (PDF). A live interactive demo of their attack can be seen by visiting their Browser Recon page, which will tell you exactly which online banks you've logged into in the past. Scary stuff.
Luckily, a few security researchers at Stanford University designed two Firefox extensions, SafeCache and SafeHistory, to stop these and similar attacks. They also published a research paper, "Protecting Browser State from Web Privacy Attacks," which explains all of the issues related to these kinds of privacy threats.
The SafeCache browser extension protects your privacy by silently defending against cache-based tracking techniques. It allows embedded content to be cached, but segments the cache according to the domain of the originating page. The SafeHistory browser extension protects your privacy by silently defending against visited-link-based tracking techniques. It allows offsite visited links to be marked only if the browser's history database contains a record of the link being followed from the current site.
Both extensions are easy to install, require no configuration, and have no negative side effects. It is pretty shameful that more than a year after the Stanford researchers released their extensions, the Firefox team has still not merged the code from these projects into the mainline Firefox browser.
Phishers are a sneaky bunch. One of the most popular techniques for getting users to visit malicious Web sites is URL obfuscation. Essentially, the bad guy uses misleading Web addresses to make the user think they're visiting a different site than they really are. A fairly simple example of this can be seen with the following two urls:
http://208.67.217.230/nwshp?www.bankofamerica.com and http://www.microsoft.com@208.67.217.230
These URLs are extremely misleading, and both actually point to Google. Savvy users might notice the fact that the URLs actually refer to an IP address, but most users won't. Honestly, how many average Internet users know what a "@" in a URL does? (Hint: everything before the @ is sent to the Web server as a username, and is thus not part of the real Web address).
Given the ease with which Web sites can control the browser, and either stop you from seeing the Web site that a link points to, or change the link address displayed in the status bar to something false, it's gotten to the point where users really can't be expected to know which Web site they're going to until they've actually arrived there. However, with the sneaky URL obfuscation techniques such as those discussed above, many users still won't know which Web site they are really at, even by looking at the location bar in their browser.
This is where the Locationbar² comes in handy. This must-have extension both decodes obfuscated URLs, turning them into human-readable addresses, and highlights the most important part of a URL, the actual domain name, so that users can more easily see which Web server they're currently accessing.
This extension is easy to install, requires no configuration, and after using it for a few days, it's tough to imagine a Web browser without its features. Even better, the core features of Locationbar² are supposed to be in the next major release of the browser, Firefox 3.0.
NoScript is easily one of the most powerful and effective methods of keeping yourself safe online. However, it does have the unfortunate side effect of temporarily breaking most Web sites that you visit. Once you understand how it works, this is simple enough to fix, but it does mean that the extension will never be installed by default--as it would confuse the heck out of your grandmother.
Javascript is a Web-programming language that is used heavily on the Web, especially for so called Web 2.0 sites. Javascript is responsible for most annoying/flashy Web effects (pop-up windows, buttons that change when you roll over them, screen in/out fades), as well as the vast majority of browser security issues (including drive by downloads and cross site scripting attacks). Thus, while the programming language is used to create Gmail's awesome interface, it is also used to infect millions of computers. Javascript is very powerful, and thus in an ideal world, the ability to run Javascript is a privilege that shouldn't be provided to untrusted Web sites.
NoScript solves this problem by establishing a whitelist. That is, Web sites are not permitted to use Javascript until the user permits them to. The sites can either be given one-time permission (for that current browsing session), or lifetime permission. Essentially, what this means is that after a few days of using the extension, most of your regularly visited websites that simply will not function without Javascript will have been whitelisted, and thus will never need to be added again. One of the fringe benefits (at least to privacy/security geeks) is that you get to find out just how many Web sites out there embed Javascript code from other domains--typically advertising and tracking code. NoScript gives users the fine-grained controls to enable enough Javascript to allow the spiffy graphical interface of the site to work, yet to block the sneaky user-tracking code hidden deep in the site's html.
NoScript is not for the totally clueless user, although it is also not required that someone be a power user to understand it. A moderate amount of computing skill is required, as well as a willingness to add sites to the whitelist, which will requires about a second or two for each regularly visited site during the first few days after an install.
I simply can't live without Google. I'd like to, given the scarily massive amount of information it has on our searches and Internet behavior as well as the blatantly misleading statements its privacy czar issues to justify the company's lax privacy policies. The search engine returns top-quality results, it has a fantastic blog reader, and the Gmail interface and spam filter are second to none. Whatever can a paranoid privacy geek do?
The answer is to install the CustomizeGoogle Firefox extension. This extension is a godsend for privacy geeks--and to be honest, I just don't feel comfortable using the Internet without it.
Issue 1: Gmail and Google calendar normally go over http (and not https), which means that when using a public wireless network, anyone else within reception range can sniff the network and see the contents of your e-mail as you view them. This is seriously creepy stuff, and it's pretty disgraceful that Google doesn't simply turn https on by default for all users. Users who manually type in https://www.gmail.com will get a secure page in which all data is encrypted before it is sent over the network. However, remembering to type this in is a pain. CustomizeGoogle fixes this problem by automatically redirecting all gmail/google calendar sessions to go over the secure https protocol.
Issue 2: Google's text/banner ads. They're annoying, I don't like them, and they distract me. While the extensions AdblockPlus + Filterset.G do a fantastic job of blocking most Web banner ads, they do not touch Google's ads. CustomizeGoogle makes them all vanish, providing an even cleaner and less-cluttered browsing experience.
Issue 3: Tracking. Google uses sneaky cookies to track their users--for two years after their final visit to Google. Would you rather that Google not know which sites you search for, or which links you click on from the search pages? Would you prefer that the data not be sitting on Google's servers waiting for a FBI National Security Letter? You'll be happy to know that CustomizeGoogle stops Firefox from passing on these cookies and keeps Google from knowing which links you click on.
These are just some of the features of this extension. I really can't say enough positive things about it. It's easy to install, requires about 30 seconds to configure, and then it never needs to be tinkered with ever again.