FireFox Archives

Drudge Report Anon Tips Not Anon

I just saw something on the alt.privacy newsgroup that has managed to confirm once again that most people don’t have a clue when it comes to protecting their anonymity.

The writer was talking about how they had tested a “tips” box near the bottom of the page that has the heading: “SEND NEWS TIPS TO DRUDGE [ANONYMITY GUARANTEED]”.

They put TESTING ANONYMITY in the box and hit send while running a packet sniffer sniffer to see what was transmitted.  The result was, of course, quite predictable and included their IP address as the point of origin for the data along with the time and other information such as user-agent strings & standard http headers.

Here’s what they apparently didn’t get.  The only anonymity that something like this can EVER give is their promise not to reveal information from their server logs unless required by a court order, national security letter or big beefy guys with black suits and rubber hoses & brass knuckles.  That level of anonymity will keep you from ending up on a direct mail marketing list but will it protect your identity?  Never.

If you want to protect your identity on ANY website, the thing to do is use an actual privacy tool such as the TOR browser bundle which, if it is used properly, gives you high degree of privacy.  Oh the form will still send all the same information but that information will belong to the TOR node your traffic exited from instead of yours, making you VERY hard to track down.

Technorati Tags: anonymous tips, drudge report, anonymity, anonymous browsing

How To Change The Home Page On Firefox

I was browsing through the search logs this morning and noticed that there were several searches with the query: “how to change home page on firefox” , “change firefox homepage” and a few others related so I thought I’d write up a quickie tutorial showing how to do it.

It’s actually a simple task.  First you need to click on the “Tools” menu and then “Options”.

firefox tools options

Then on the “Main” tab, there’s a dropdown to select what Firefox shows when it first starts up.

Under that there is a text box to enter the url of the page that you want to set as “Home”.  The buttons under the home url box allow you the options of setting the current page as the home page, selecting one from your bookmarks, or restoring the default home page.

firefox options main

Technorati Tags: home page, firefox, firefox tutorial, set home page

Deleting Cookies? Don’t Forget The SuperCookies!

By now I think that probably most people online these days knows about cookies.  That they’re little text files that allows a website to store up to 4k of information on your computer.  They allow websites to recognize you when you come back, remember your login information and preferences settings and so on.

Cookies are also infamous in allowing websites, advertising sites in particular, to set a cookie with a unique identifier and then use that to track your activities across the web.  This is where various cookie management programs and techniques were developed over the years to give web surfers a measure of privacy and control over which cookies they allow to be set and also giving them the ability to delete any and all cookies any time.

Modern browsers like Firefox or Opera even have the ability to delete all cookies either on demand or every time you close the browser.

This practice was starting to hurt the datamining crowd as suddenly more and more people were deleting cookies and they didn’t have nearly as much data to mine.

Then they discovered the flash cookie.  This is a “feature” of Adobe Flash that allows it to set LSOs (Local Shared Objects).  These LSO’s aren’t traditional cookies at all since there handled and created with flash.  This means that when you delete all of your cookies, absolutely nothing is done to the LSO files.  Another thing advertisers love about LSO’s is that they can store up to 100K of information instead of the 4K that traditional cookies can hold.

Finally, some genius worked out a way to use these flash cookies to restore the traditional cookies that you deleted!  Now Adobe does provide a way to control these flash cookies but it’s so obscure, hard to find and even harder to understand that most people don’t bother with it.

You CAN however, delete those LSO’s manually.  To find them, click Start and then Run.  Enter %SystemRoot%\explorer.exe /n,/e,C:\ in the box and click OK

Then navigate to C:\Documents and Settings\{UserName}\Application Data\Macromedia\Flash Player\#SharedObjects

In the #SharedObjects folder will be another folder with a random looking name.  Open that folder.  Inside it you will find a folder for each site that has set flash cookies (LSO’s) on your machine.

I personally prefer to take a hard line approach and delete every folder I find here along with all of their contents.  You may decide that it’s ok for some of these sites to keep flash cookies and not delete them.

But wait, There’s more!

That’s right.  There’s another folder with information about these flash cookies.  You’ll find it here. C:\Documents and Settings\{YourUserName}\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\

Once again in that folder you’ll find a directory bearing the name of every site you visit that uses flash cookies.  First I think this list is very educational because you’ll find that most sites don’t say a word about flash, flash cookies, or Local Shared Objects in their privacy policy at all.

My personal preference here is the same as the previous folder.  I delete everything, no exceptions.

Once these flash cookies are deleted, the next step is to start your browser, cookie manager if you use one, and nuke all of the cookies that you don’t want, secure in the knowledge that THIS time they won’t magically rise from the dead.  This is another place where I take the easy way out and nuke everything.

This is the procedure that I’ve been using for some time now to keep flash cookies under control.  Yes, It seems involved, but honestly, once you do it a few times it’s a less than one minute job, especially if you follow my example and nuke everything.

Up until recently I was not aware of any software tool outside of Adobe that even attempted to manage LSO’s at all.  Today I’ve found a tool called BetterPrivacy 1.29, which is a Firefox plugin that promises to make it easier to have LSO’s automatically deleted.  It can even keep track of which ones you don’t want deleted.

Technorati Tags: delete lso, lso, firefox plugin, restore cookies, privacy, flash cookies, undelete cookies, local shared object, cookies

Is Ubuntu’s New Firefox Watching You?

According to a recent Slashdot article it very well might be.  Ubuntu recently released a new extension to Firefox alpha 3 called “Multisearch”.

The first thing that I don’t like about it is that it installs automatically without any warning about potential privacy problems.  For me that’s a deal-breaker all by itself.

Another thing that gets it a thumbs down is that the article also mentioned that it has “other purposes” of collecting usage data and generating revenue.  Exactly how the “generating revenue” part works wasn’t explained that I saw but the simple fact that it’s part of the reason for the plugin is reason enough IMO to yank the sucker.

This means that the next time I start my Kubuntu (that’s Ubuntu with a KDE desktop for those who don’t know) machine, I’m going to start Firefox and go to “Tools” and “Add ons” and deactivate and / or remove that plugin.

Technorati Tags: plugin, ubuntu, firefox, spyware, search plugin, privacy, multisearch

Microsoft Sneaks Extension Into Firefox

If you have applied the “Microsoft .NET Framework 3.5 Service Pack 1” update, you may be surprised (and justifiably pissed) to find out that this update included a new extension being very quietly added to Firefox without your knowledge.

It’s called the “Microsoft .NET Framework Assistant (ClickOnce) Firefox Extension” and according to Annoyances.org, it gives Firefox a vulnerability that has plagued IE from the start.  An alleged “Feature” that allows websites to install software on your computer without your knowledge or consent.

As if there weren’t enough problems with “drive by downloads”!

To add insult to injury, the boys in Redmond disabled the “uninstall” button on the extension and have apparently tried to make it very difficult to remove without screwing up your system.  Fortunately, the folks at Annoyances.org have put together a very easy to follow set of instructions that guide you step by step through the process of removing the offending plugin.  Click here for instructions to remove that extension.

Technorati Tags: microsoft, firefox plugin, unwanted plugin, drive by download, uninstall plugin, dot net update, evil plugin, annoyance

 Page 1 of 3  1  2  3 »