Your core add-ons are necessary to help prevent advertisement tracking and malicious scripts from exploiting your web browser.
Adblock-Plus. Adblock-Plus allows you to block advertisements. This add-on stops them from even loading. This sort of feature is not available in other web browsers such as Google's Chrome.
BetterPrivacy. This add-on will allow you to stop all flash cookies from being set in your computer. Little do people know how pervasive flash cookie tracking is. All those YouTube videos you have watched, all those porn videos you've seen haven't seen around the web, those flash games, etc are all tracked with flash cookies. So here are some tips for setting up BetterPrivacy:
Here is a screenshot to show you how I have set up BetterPrivacy on my computer:
Cookie Monster. Cookie Monster further improves Firefox's cookie-blocking abilities. This add-on, when you configure it to block 3rd party cookies, will block all sorts of advertizing and tracking cookies used to analyze your web usage. Configuring this add-on is relatively easy. Simply select the option of blocking all cookies and then select deleting cookies when you change access to deny. A tip: put the Cookie Monster icon next to your home icon in your browser so you can easily interact with it. A screen shot of my Firefox browser will give you an idea later down the web page.
HTTPS Everywhere. HTTPS everywhere is an add-on brought to you from the folks at the EFF. This is super simple. Simply install it and when you navigate the web, your browser will use a secure connection (HTTPS) instead of the standard HTTP if available. HTTPS is important because it can help prevent eavesdropping. Read more about HTTPS on Wikipedia.
NoScript. NoScript is the add-on for masochists. This is not for the faint of heart because it makes using the web harder. But, NoScript is probably the single most important add-on you can install if you're concerned about privacy and security.
Using NoScript can be quite a challenge for newcomers so I'll try to give some tips. First, make sure the NoScript icon is located somewhere near your address bar so you can quickly use it (the same suggestion for Cookie Monster). Right-click on your home button on Firefox and click Customize. A drop-down menu should appear so all you need to do is click and drag the NoScript icon next to your address bar. Feel free to get rid of the Search Bar, too.
Your next step is to delete the default whitelist in NoScript. NoScript, by default, comes with several scripts enabled such as Google, YouTube, Yahoo, among other things so it's up to you whether you keep them or delete them. I, delete all of the default scripts just so I can start fresh and manually add them myself. Right-click on the NoScript icon and click Options to find the Whitelist tab.
As you can see, I have consciously and manually enabled DuckDuckGo's web page to execute javascript. Like CookieMonster, I prefer this opt-in behavior when I browse the web. That way if I ever venture to a page that I'm not sure about, JavaScript and cookies stay blocked. You can trust Google and YouTube... I do. But I don't enable Google's analytics and tracking scripts. If you have questions about NoScript you can find my e-mail address at the bottom of the page.
These additional add-ons will further improve your web-browsing security.
RequestPolicy. This addon gives you control over cross-site requests.
RefControl. RefControl is a pretty lightweight add-on; this gives you control over the HTTP referer. To sum it up, when you click a link in a web browser the request usually includes what page you were last on.
Down the rabbit hole we go. There are a few about:config tweaks that you need to perform to tidy up your security. Simply click on your address bar and type in about:config. Don't worry we'll be careful =).
You will see a long list of things. Don't worry you will not have to scroll through everything. Just use the search box to type in the following items. The ---> arrow will show you what to change. Think of it as "change it to." So, you will first search for geo.enabled and then change it to "false."
That wasn't painful. Right? Now that you have configured Firefox it's time to start fresh. Erase any cookies left in your browser by going to your Firefox Preferences and clicking on the Privacy tab. Click "Show Cookies..." and delete 'em. Now when you surf the web it's up to you to opt-in. Most sites do not need to set cookies and they definitely do not need to set tracking cookies. Your privacy is valuable--look how much Google is worth. They have built a multi-billion dollar empire based on your web surfing, your search history, everything. If you don't protect your privacy no one will. The reason I block most of this stuff is because I do not feel like donating my private internet life to major corporations who can, in turn, sell that data for money. I understand that this allows companies like Google to offer "free" services but at what cost? Make the conscious decision to opt-in. Make the conscious decision to use their services and understand what they do with your e-mail accounts and search queries. If you find that to be a fair trade then there's nothing more to say. At least I have given you some information to stay safe on the web.
Please e-mail me at jjcz75b@lavabit.com if you have some suggestions to improve this page, if you have complaints, or if you think I'm crazy (I'll consider it a compliment). I'd love to hear from you. Last updated on 07 July 2013.