The Browser Privacy Plugins You Need

Sunday, November 3rd, 2019

There are so many privacy-enhancing extensions out there, it’s hard to keep track of which do what and where they overlap in functionality. Since an excess of extensions and plugins slows down your browser, I’ve decided to keep an updated list of what I recommend and use as well as the defaults that need to be changed. The following recommendations are as of October, 2019. I’m focusing on a relatively straightforward experience that doesn’t interfere with day-to-day surfing, break a lot of websites, or require extreme technical knowledge. (That is, no NoScript or GreaseMonkey.)

This article is primarily focused on desktop browsers. I might have more to say about mobile platforms in a future post.

tldr; Use Firefox 70 or later with these three extensions:


Privacy Tip #3: Block Referer Headers in Firefox

Saturday, October 21st, 2006

When you follow a link from one page or site to another, the browser usually sends a Referer [sic] header to the server to tell sites where you came from:

GET /test.phtml HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8) Gecko/20051130 Firefox/1.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive

In general this is a good thing. However, unscrupulous sites can and do abuse this information to violate visitors’ privacy and track them across the Web. In combination with cookies, it’s especially dangerous. In Firefox, you can disable the sending of the Referer header completely, and in general I recommend you do so. Here are the steps:

Privacy Tip #2: Mailinator

Thursday, October 19th, 2006

Companies are really fond of collecting information from you they don’t really need before letting you read their website, check out demos, and download free-as-in-beer software. Occasionally they ask for this for free-as-in-speech software. One technique they use to make sure you give them your information is to e-mail you your username or password or license key. That way, even if the user is named “Barney Rubble” they’ve got a pretty good idea of your real e-mail address.

Certainly you good set up a free account on HotMail or GMail, and use that to register. However that takes time and effort. If you use the account more than once, they can cross-correlate your registrations on different sites. There is, however, a better solution: Mailinator.

Privacy Tip #1: Subscribing to mailing lists without registering

Sunday, March 19th, 2006

Many mailing lists are hosted on Yahoo Groups or Google Groups. When you subscribe to such a list, these companies attempt to collect lots of personal information from you and make you agree to some ridiculous and onerous terms. For example, Yahoo hides its terms in a five line text field, but if you scroll down this includes almost 5,000 words of legalese including such gems as

You agree to indemnify and hold Yahoo! and its subsidiaries, affiliates, officers, agents, employees, partners and licensors harmless from any claim or demand, including reasonable attorneys’ fees, made by any third party due to or arising out of Content you submit, post, transmit or otherwise make available through the Service, your use of the Service, your connection to the Service, your violation of the TOS, or your violation of any rights of another.

In plain English, Yahoo wants to bill you for their own attorney fees. Overall, though Yahoo’s terms are better than most. Still they’re not something a legally sane person wants to agree to. Fortunately, you don’t have to.