More Web Browsing Privacy
Users’ privacy is being attacked vigorously by online services and entities with malicious intent. More and more of browser functionality which people thought was harmless is turning into a privacy threat for the users. Unwelcome technologies like Flash introduce more problems. Browsers don’t address these for various reasons such as loosing existing functionality, compatibility and difficulty in arriving at solutions. Over time, I have been doing some changes to the way I browse the Internet that makes me less prone to these problems even at the cost of losing some functionality, a price I am willing to pay gladly.
I knew about the CSS history attack which can be used by a website to determine which sites I have visited earlier. I just came to know that there are successful attacks using this vulnerability that can be used to reveal my identity on the web. So, in Firefox I disabled colouring the visited links with a different colour although this feature is a bit useful when doing web searches. For this, I set the an advanced preference called ‘layout.css.visited_links_enabled’ to ‘false’ in Firefox’s advanced preferences page. This page can be see by typing ‘about:config‘ in the address bar.
Then, in that advanced preferences page, I also disabled sending of the referrer header by setting the preference network.http.sendRefererHeader to ‘0′. Referrer header tells websites where you have come from. This is sometimes useful when sites highlight the Google search keywords on the page I am visiting. However, it has great potential of abuse.
I installed a Firefox add-on called Redirect Cleaner. This add-on prevents sites like Google from knowing which link you have clicked in the results page. Google tracks your visits to other sites by crafting a special website address which will take you to Google first and then to the actual website. When you visit first page, Google records what site you are going to visit. Removing the two step process and directly visiting the intended page also means that loading will be slightly faster.
Talking about Google, it has been quite some time I stopped using Google for search and started using a meta search engine called Ixquick which respects users’ privacy. Although at times I find the quality of search results to be a bit lower than that of Google’s, I am quite content with the results. I’ve installed Ixquick into Firefox searchbox with the Mycroft page. Also, I am using secure connection via SSL, even for search.
Flash is bad for the future of the Internet as it is not a openly developed standard and its fate is controlled by a single corporation. Flash websites are also very annoying and suffer many problems. More annoying and danger to privacy are the Flash ads on regular websites. I hardly ever require Flash. So, I installed the Flash Block add-on which makes sure Flash content is not loaded by default on a page. In a very rare situation where I want to use see a site or video in Flash, I simply click on the Flash Block’s icon and to start running Flash. This process make me highly immune to Flash cookies which are used by advertisers to track me.
I also use a fairly non-informative user-agent string by installing the User Agent Switcher Firefox add-on. I also sometimes use a user-agent string belonging to some search bot so that sites serve me data which they would not otherwise serve unless I registered an account with them.
Finally, I am considering using the NoScript Firefox add-on to prevent javascript and cookies wherever not needed.
