Safer and more secure browsing

The web more often than not feels like a nice place where we can discover tons of information and have a fun time. However, it doesn’t take long to look in the wrong direction and see how evil certain parts can be. Today I’ll teach you some things that you can do to protect yourself when browsing the internet. As it often is with privacy and security, you’re going to be sacrificing certain things such as some features but this is for the greater good.

Some people might respond by saying that there is no reason to put time into privacy and hiding yourself online as there’s nothing that needs hiding. If this applies to you then think about this quote by Edward Snowden, an ex-NSA intelligence agent: “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say”. He was a whistleblower that revealed the NSA getting massive corporations such as Facebook to co-operate in providing them with massive amounts of personal information that would then be weaponized when needed against anyone, anywhere.

Starting with the most obvious and impotant part for accessing the web, your browser. This is what you mostly use to browse the internet however even this can have flaws. We’ve all heard of Google Chrome, it’s a very nice and easily recognized browser that’s nearly found everywhere. The big problem is that Google performs a lot of tracking which in return collects quite a bit of info about you.

The browser I personally use is Firefox which is open source and somewhat popular. This makes it trustworthy as anyone can read the code that makes it up and check for themselves if their privacy is breached in any way. You can download Firefox on mobile devices (Android and iPhone) and computers (Windows, Linux, MacOS).

Now that you’re on a more transparent browser, you’re also going to want to change your search engine. Search engines work best when they’re constantly fed data. This data is then used to see what’s trending and what people like to look for which obviously means you are succeptible to being tracked this way.

I personally use the DuckDuckGo search engine as they do not track their users’ search terms and since the engine brings me results that I want to see. There are some drawbacks that I think about occassionaly such as the accuracy of my searches and the data it shows me however this is a better alternative compared to having Google see everything you look up and then use that to try to sell you products.

You can set your search engine on Firefox by clicking the hamburger icon at the far right of the URL and going to the options where you’ll find the Default Search Engine drop down menu.

Next, let’s install some extensions to make your browsing experience more pleasant and secure. We’re only going to be installing 3 extensions and in the future you should be careful when downloading any more as malicious parties often use extensions to perform their crimes meaning the more you have installed, the larger the chance you can come into contact with something sketchy.

The first extension is qBlock Origin. It is a free extension (as are the others in this list) and it is used to block ads that you come across when browsing. Not only does this mean you can avoid having to look at them but you’ll also benefit from faster website load times and will avoid malicious ads that may try to get you to download malware (+ the total blocked ads counter is very satisfying to look at).

Next is Privacy Badger. This extension works by looking out for tracking cookies that are loaded by your browser from other sites. Advertisers try to use these to see where you travel around the web even when you’re not explicitly using their services. Privacy Badger then blocks the ones that are unneccessary for the website to function properly.

Lastly, the HTTPS Everywhere extension. Most websites that you visit nowadays utilise end-to-end encryption which protects your website traffic from being sniffed or manipulated however this wasn’t always a standard meaning you may come across sites that use the http protocol for connections. Malicious servers also tend to use http for their connections as https needs to be given a special SSL certificate from certificate authorities (which is something criminals would have a hard time acquiring. This extension tries to upgrade http connections to https versions and if you activate the Encrypt All Sites Elligible option, it will stop you from loading into the site altogether.

This optional extension is available if you’re willing to really protect your privacy, security and if you’re fine with pages breaking regularly. The NoScript extension disables JavaScript on the websites you visit which results in broken sites as this language is used pretty much everywhere online. The safety here comes from the fact that JavaScript can be exploited by attackers to deliver payloads whenever it is loaded and enable XSS attacks which can steal login cookie sessions and so on. The extension allows you to stay in control over what is loaded.

For an extra layer of security regarding trackers, you can enable the Enhanced Tracking Protection in Firefox. There are 2 main options with these being the Standard and Strict. Standard will load websites as normal whilst blocking out a few trackers. Strict option goes deeper as it will look for any sort of trackers and completely block them which can break sites such as when it finds a tracker from an embedded post from YouTube.

Below this, you can also find a toggle to send websites a Do Not Track signal when requesting for sites. This will more than often be ignored in the modern age of tracking however some sites will show the decency and stop sending trackers.

If you’re very paranoid about having your logins stolen then you may want to decide to delete cookies and site data each time you close your browser. This will make sure only the currently used cookies are stored on the device however it can make the browsing experience more annoying as you’ll be logging into your accounts multiple times, the choice is up to you (I personally don’t go this far).

Nearly all browsers allow you to save your login credentials after you have entered them into websites. This can make your life easier but same applies to malicious actors. This information is often stored unencrypted which makes stealing logins easier for attackers. I would strongly suggest to disable the Ask to save logins option as you should ideally be using a seperate password manager.

Searching for websites like medium.com results in the browser contacting a domain name server to find its corresponding IP address. This is sent over http which can very easily be intercepted and manipulated to guide your browser to a malicious server. DNS over https or DoH for short sends these requests over an encrypted channel which prevents this from happening and also results in more privacy. This setting can be found right at the bottom of the General tab in the Network Settings.

Attackers are always looking to exploit anything they can with certain vulnerabilities even allowing them to force downloads of files onto your system (or in some cases even simply triggering JavaScript to start a download). One way around this is to tell Firefox to always ask where to save files as this opens up the file explorer and this then puts you in control over whether you download something or not.

A simple yet often overlooked method of checking whether you’re heading to a secure website is to look at the URL. Attackers may use shortened or similar links to lure you into their website and enter your information. If you’re about to click on a redirect such as in emails, take a quick second to check if the site you’re about to load up seems legitimate. If you see a link like lets say amazon.co.uk make sure to look closely as there might be slight missing details like amaz.0n.co.uk.

Lastly, lets talk about private windows. If your’re concerned about privacy then don’t trust them whatsoever. The only upside to using them is when you don’t want your searches to appear in your browsing history and to enter sites without any logins/cookies (which are also deleted after closing a private window, also pretty nice). Using them offers no privacy as all the logs still reach your ISP (internet service provider).

Instead if you want your searches to be private, I’d suggest using a VPN or Tor which both have their ups and downs (for example VPNs having better bandwidths while Tor is better for anonimity). The choice is up to you however be careful when using VPNs as many free options will compromise your privacy. If it’s free then you’re most likely the product, meaning they collect information on you and would probably willingly give up that information to authorities and others alike.

I personally use Proton VPN (https://protonvpn.com/) which offers a free plan however I believe they are a trusted company as they focus on privacy and their datacenters are located in a country which has more secure privacy laws. They’re also known for hosting the ProtonMail email service which I have been using after switching away from the privacy instrusive Gmail.

That’s all I have to say for this article. I hope these tips help you stay safer online :)

Hi I’m Daniel, a hacker/game dev. Here you’ll find interesting tech information and anything alike :) https://linktr.ee/Daniooo