Part of the Web Dev Tools Reading List

A very important but frequently misunderstood aspect of the web is that using it is a negotiation between privacy, security and convenience. By default, the web provides as many advantages to advertisers and industry as it does to consumers. But with a little bit of effort, you can move the balance in your favor, while improving the security of your browser.

Hardening your browser while retaining its utility takes just four steps:

Step One: Strengthen Privacy

Add the Disconnect extension to your browser (Chrome, Firefox) to block requests from analytics, social media and advertising, which also has the benefit of accellerating the download speed of pages by a significant margin.

If you’ve already followed my basic browser setup advice for Firefox and Chrome, you should have AdBlock Plus installed.  In that case, head to EasyList and click the link to add an EasyPrivacy subscription, further blocking the ability of advertisers to track you.

Step Two: Block and expire cookies

Next, you’ll want to block third-party cookies, and set any others to expire when you quit the browser:

Chrome

Screenshot of Chrome cookie settings

First, find the settings menu, in the top right corner of your browser, and choose Settings.

Scroll to the bottom of the window that appears and click on Show advanced settings…, then choose Keep local data only until you quit your browser and Block third-party cookies and site data.

Firefox

From the menu in the top right corner of the browser, choose Preferences and click on the Privacy icon. Make the following changes to the panel that appears:

Screenshot of Firefox privacy settingsFor Tracking choose “Tell sites I do not want to be tracked”

Under History choose “Use custom settings for history”

Change Accept third-party cookies to “Never”. Set Keep Until to “I close Firefox”.

If using Firefox in a shared environment, i.e. under a single signon, you’ll probably want to turn on the “Always use private browsing mode” option, which does not allow history, passwords, or cached content to be saved for anyone using the browser.

Step Three: Block Referers

If you’re using Chrome, install Referer Control, which stops information being broadcast from the browser to sites you visit. On the options screen that appears, choose “Block”. For Firefox, download the equivalent plugin, with no customization necessary.

Step Four: Automatically Encrypt Your Web Communication

HTTPS Everywhere logo

Some websites, such as banks, insist on that your browser must communicate with the site using an encrypted https:// protocol. Others, such as some Google services and this site, make it available as an option. You should ensure that your browser always uses https, whenever it is available. To do so, install the HTTPS Everywhere extension (Chrome, Firefox), which will detect and switch to the encrypted protocol on any site that offers it. To improve your browser’s resistance to security attacks, choose “Yes” if asked to share your certificates to the SSL Observatory: using the service is the equivalent to your browser getting a flu shot every winter.

A hardened browser acts as a shield, bouncing off privacy intrusions. However, it won’t stop you from using unreliable services, or following bad links. Doing that requires a few more tools, which I will introduce in the next article.

Enjoy this piece? I invite you to follow me at twitter.com/dudleystorey to learn more.