Secure Your Browser from Leak Information

Hi guest ....
this post we will give you a little ways to make us more secure browser. Safe from leakage of information about us, is also what we do when browsing the internet.
Because what we do could leave a trail that can be used by crackers. From the internet, the cracker can track us, and get information about us.
At the time of this tip, we'll discuss the use firefox. Because the browser is more widely used by people.


Running in:
  • Get Firefox Portable. It's available for a variety of OS's and works well.
  • Go through the preferences and disable anything that logs or leaks information. This includes, but is not limited to:
    • In "Content," disable java. Disable javascript if you don't have NoScript.
    • In "Privacy," remember nothing. Remember no history. Always clear everything before closing. You may want to disable cookies, but this is not essential if they are not written to disk and cleared on every browser shutdown.
    • In "Security," warn before installing addons. Remove all exceptions. Remember no passwords.
    • In "Advanced" - Network, set the cache size to 0.
    • In "Advanced" - Update, disable auto updating/checking for updates.
  • Install the Torbutton extension - the one that overhauls browser security, not just change proxy settings. The latest version at this time is 1.4.6
  • OPTIONAL - Install the firefox extension NoScript, allows fine-grade control of javascript, fix javascript links with js disabled, etc. Remove stuff in default whitelist. (I think this is unnecessary and may conflict with Torbutton - Moar)
    • Enable every check mark.
    • Make sure no cookies are written to disk.
    • Clear cookies on any browser shutdown.
    • Clear cookies on Tor toggle ("").
    • Whenever there's an option to choose between Tor and non-Tor, choose Tor.
    • Block tor disk cache, but you'll want to allow memory cache to prevent redownloading of images.
    • Make sure the proxy settings point to privoxy.
    • Disable hotkey/quick toggle if you use the browser for just tor.
  • Set network.http.sendRefererHeader to 0 in about:config. Also set false for network.http.sendSecureXSiteReferrer.
  • In the proxy settings make sure the proxy exceptions list is empty. It can be used as a way for sites to access localhost.
  • One annoying thing about Firefox is the way it handles external applications. You want to disable them all because sites may call telnet for example, which can leak your IP address among other things. Look in about:config for network.protocol-handler.external. You'll want to set the default and all the subsettings to false. Then look for network.protocol-handler.warn-external. You want to set the default and all the subsettings to true. Is there an extension that does this? (Torbutton!)
  • Popups are another annoyance, in "Content" tell it to block pop-up windows with no exceptions.
  • Recently someone has found that Firefox checks for extensions without the user's consent; a temporary solution is to set extensions.blocklist.enabled to false.
  • There are probably other information leaks that could come about if you accidentally click a button, one person has recommended to search through about:config for URLs and blank them out. The types of links I've seen are http, https, and rdp. Don't remove anything with chrome:// or resource:// though. (Some of these are used to phone home when you open the addons window.)
  • Make sure the plugin directory is empty. Do this again every time you update Flash or Shockwave.
  • Set the home page to about:blank
It is a good idea to have a separate Tor browser to make things easier to manage. This becomes so much simpler when you have separate portable browsers each with their own specific purpose - non portable browsers tend to stick data in god knows where while portable ones keep it all in their folder. You should also make sure you use something equivalent to Firefox's "Clear Private Data" feature and make sure evidence doesn't pile up - encrypt what you plan to keep, shred anything you don't. Take measures to prevent your computer from being remotely compromised; heck, encrypt your entire OS if you can, and don't talk about Tor club. :P
Because of the huge amount of lag associated with Tor, pipelining, i.e. sending http requests in batches, makes a lot of sense. Go to about:config and make the following changes:
  • network.http.keep-alive.timeout:600
  • network.http.max-persistent-connections-per-proxy:16
  • network.http.pipelining:true
  • network.http.pipelining.maxrequests:8
  • network.http.proxy.keep-alive:true
  • network.http.proxy.pipelining:true
You should also disable prefetching. This is when the browser tries to predict what the user will click next. It is a waste of Tor bandwidth, and should be disabled by setting:
  • network.prefetch-next:false
There is a test for browser information leaks on TorCheck. Note that it does not test for Flash, go to a non-javascript flash site like MeatSpin and if it loads it means (naturally) flash isn't blocked. Another good test is Last Measure - If it does anything besides show a background image you have work to do (it starts downloading a file but this is harmless - browsers load images all the time for example).
  
ok that's it
surf the internet safely
Diposkan oleh
Label:

No comments:

Post a Comment

Feedback from readers of my posts show so I expected.
Comments written just typed the words were polite, suggestions for improvement are posting to constructive criticism.
A comment which has nothing to do with the post, leaving the active link or spam.
In order to create a discussion for the creation of useful knowledge sharing