A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

OMG. It's a LOT of work to set up Firefox for privacy on WinXP!



 
 
Thread Tools Display Modes
  #1  
Old January 25th 17, 12:43 AM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

I'm trying to figure out and document how to set up Firefox for privacy on
WinXP due to data-mining attempts in web pages that I frequent.

It's complex as can be, so to make it simpler, I ask that we each post a
SINGLE actionable suggestion in each post (not thousands of suggestions in
one post), so that anyone following this in the future can take it one post
(suggestion) at a time.

Make sense?

The advantage will be that each post is actionably simple.
The disadvantage will be that there may be a lot of posts in this thread
over time.

Each post can then spur more information in a subthread, if needed.

Make sense?
Ads
  #2  
Old January 25th 17, 01:17 AM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

Each post can then spur more information in a subthread, if needed.

Make sense?


Add the MVP Hosts file to your existing HOSTS file.

1. Read up on the MVP Hosts file he
http://winhelp2002.mvps.org/hosts.htm

2. Download the MVP Hosts file:
http://winhelp2002.mvps.org/hosts.txt

3. Merge that hosts file into your existing hosts file:
c:\windows\system32\drivers\etc\hosts

4. Create a registry key to easily edit the hosts file:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\edithosts.exe
Which points to: c:\windows\system32\drivers\etc\hosts.txt
Which, when you edit and save, save into:
c:\windows\system32\drivers\etc\hosts
  #3  
Old January 25th 17, 01:17 AM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

I'm trying to figure out and document how to set up Firefox for privacy on
WinXP due to data-mining attempts in web pages that I frequent.


I guess the first thing is the big stuff, which is to download the GHacks
user.js privacy file which is described here.
http://www.ghacks.net/2016/07/03/com...refox-user-js/

This page says the latest version is 0.10 dated July 2016 for FF47.
http://www.ghacks.net/2015/08/18/a-c...rity-settings/

1. Download the GHacks user.js zip file & unzip & rename the file to
user.js
http://www.ghacks.net/download/122906/
2. Start the latest Firefox
3. Type about:support in the Firefox address bar
4. Click the show folder link under application basics to open the current
profile folder on the computer system.
5. Kill Firefox (but keep that folder window open).
6. Look for prefs.js and for user.js
7. Back up prefs.js to "Copy of prefs.js" but keep the prefs.js file intact
8. Copy the Ghacks user.js file into that profile folder
(or merge it with a current user.js file)
9. Restart Firefox.
10. You should have better privacy settings now
  #4  
Old January 25th 17, 01:56 AM posted to microsoft.public.windowsxp.general
Shadow
external usenet poster
 
Posts: 1,638
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

On Tue, 24 Jan 2017 23:43:23 +0000 (UTC), Ann Dunham
wrote:

I'm trying to figure out and document how to set up Firefox for privacy on
WinXP due to data-mining attempts in web pages that I frequent.

It's complex as can be, so to make it simpler, I ask that we each post a
SINGLE actionable suggestion in each post (not thousands of suggestions in
one post), so that anyone following this in the future can take it one post
(suggestion) at a time.

Make sense?

The advantage will be that each post is actionably simple.
The disadvantage will be that there may be a lot of posts in this thread
over time.

Each post can then spur more information in a subthread, if needed.

Make sense?


Firewall + hosts file + about:config + some extensions + good
passwords on your routers.

I use an older version of Firefox, because Mozilla comes up
with new vulnerabilities at every new version. By the time you've
fixed them, out comes a new version.

Alt.comp freeware was announcing version 51.0 today, which
comes with "new features".
Yikes.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  #5  
Old January 25th 17, 03:05 AM posted to microsoft.public.windowsxp.general
Paul in Houston TX[_2_]
external usenet poster
 
Posts: 999
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham wrote:
I'm trying to figure out and document how to set up Firefox for privacy on
WinXP due to data-mining attempts in web pages that I frequent.

It's complex as can be, so to make it simpler, I ask that we each post a
SINGLE actionable suggestion in each post (not thousands of suggestions in
one post), so that anyone following this in the future can take it one post
(suggestion) at a time.

Make sense?

The advantage will be that each post is actionably simple.
The disadvantage will be that there may be a lot of posts in this thread
over time.

Each post can then spur more information in a subthread, if needed.

Make sense?


Use a proxy.

  #6  
Old January 25th 17, 09:30 AM posted to microsoft.public.windowsxp.general
R.Wieser
external usenet poster
 
Posts: 1,302
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann,

I'm trying to figure out and document how to set up Firefox for
privacy on WinXP due to data-mining attempts in web pages
that I frequent.


Simpelest solution ? Install a extension, like RequestPolicy, which blocks
all third-party content (but allows you to ajust it to your liking), meaning
all the, among others, JavaScript coming from other (datamining) domains.
That means you're left with deciding if the website your visiting is
trustworthy itself (if it will do the datamining themselves, which generally
doesn't seem to be the case).

If you don't think they are you could consider specifically blocking JS (and
objects like Flash) from that site too. Though that might be rather hard
to do, as they often will make sure that their site "won't run" when you
block JS altogether. (but sometimes simply swithing FFs 'page style' to None
bypasses some of those sites "can't work, won't work" overlay which *hides*
the actual content)

In that case you have to make a choice: do you want to spend a *lot* of time
trying to figure out which scripts you will, and which you won't accept (and
have to do that every time the website changes), or do you just choose *not*
to visit them again.

For the record: I've disabled JS and de-installed Flash and the like. I
seldom run into websites that actually *need* JS to function (which doesn't
mean that they do not try to make it *look* as if its "absolutily
neccessary" though :-) ).

I have to say though that I'm not really a "social media" kind of person.
YMMV.

Regards,
Rudy Wieser


-- Origional message
Ann Dunham schreef in berichtnieuws
...
I'm trying to figure out and document how to set up Firefox for privacy on
WinXP due to data-mining attempts in web pages that I frequent.

It's complex as can be, so to make it simpler, I ask that we each post a
SINGLE actionable suggestion in each post (not thousands of suggestions in
one post), so that anyone following this in the future can take it one

post
(suggestion) at a time.

Make sense?

The advantage will be that each post is actionably simple.
The disadvantage will be that there may be a lot of posts in this thread
over time.

Each post can then spur more information in a subthread, if needed.

Make sense?



  #7  
Old January 25th 17, 11:57 AM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

R.Wieser replied:

For the record: I've disabled JS and de-installed Flash and the like. I
seldom run into websites that actually *need* JS to function (which doesn't
mean that they do not try to make it *look* as if its "absolutily
neccessary" though :-) ).


Disabling JS and Flash seems like a great idea, until you do it.
It drove me nuts when I had NoScript for example.
Too many extraneous decisions to make and too many web sites didn't work
and far (far) too much effort in the end.

Still ... it's a good idea for others with more patience than I seem to
have (I've spent years trying to block JS & Flash and gave up in the end).

Luckily Flash is on the way out but JS seems here to stay. Sigh.
  #8  
Old January 25th 17, 11:57 AM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Paul in Houston TX replied:

Use a proxy.


Thanks for that Firefox privacy suggestion for WinXP users.
I'm not sure what a "proxy" is, other than I guess it's sort of like a VPN
but just for port 80 (aka web browsing) and maybe encrypted web browsing
(port 443).

Is that right?

If that's right, then it's probably a good thing in that it's a lightweight
free VPN, so now we have to look at how does one install a proxy?

After obligatory Googling for a simple free proxy for WinXP:
https://www.google.com/search?q=simp...+winxp+firefox
Then modified to eliminate extensions:
https://www.google.com/search?q=simp...nsion+-add-ons

First hit:
https://hide.me/en/proxy
Quick scan intuition = it's a scam because it's not free & wants you to
sign up, which already destroys your privacy before you even started.

Second hit:
https://free-proxy-list.net/
Quick scan intuition = Apparently these free proxy servers change all the
time, so you manually set up the proxy settings in your browser each time
you want to go somewhere. Also apparently there are dangers involved in
that this web page says there are three types of free proxies:
There are 3 levels of proxies according to their anonymity.
Type 1: The web server can't detect whether you are using a proxy.
Type 2: The web server can know you are using a proxy, but it can't know
your real IP.
Type 3: The web server can know you are using a proxy and it can also know
your real IP.

So, now we have to figure out how to search for only type 1 proxies, which
is unknown (to me) at the moment.

Moving on to the third hit:
http://superuser.com/questions/33512...er-for-windows
Quick scan intuition = use any of the following for Windows free proxy
a. FreeProxy
http://www.softpedia.com/get/Interne...reeProxy.shtml
b. CCProxy
http://www.youngzsoft.net/ccproxy/ccproxysetup7.2.exe
c. AnalogX Proxy
http://www.analogx.com/contents/down...y/Freeware.htm
d. AdvOr Proxy
https://sourceforge.net/projects/adv...AdvOR-0.2.0.8/
e. Polipo Proxy
http://www.torproject.org/

Then after modifying the search we also find this suggestion:
http://www.majorgeeks.com/mg/sortdate/proxy.html
which lists scores of "free proxies" for Windows users.

Obviously there were far more hits, but usually the first set gets us
started.

To make this free proxy suggestion actionable, given that there are scores
of choices, would anyone have a suggestion of which of the single hits
above we should investigate to fruition for "Type 1" Firefox on WinXP free
"proxy" setup?
  #9  
Old January 25th 17, 12:03 PM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

I guess the first thing is the big stuff, which is to download the GHacks
user.js privacy file which is described here.
http://www.ghacks.net/2016/07/03/com...refox-user-js/


To help others who follow this hint, the first thing I had to change in the
user.js file was that the Firefox Address Bar search was turned off.

The logic was that you can accidentally type a url in the address bar which
would become a search term instead. I'm not worried about that, and I don't
use the search bar (since it's no different than the URL bar in practice)
so I had to turn that option off.

The first thing I had to do in order to turn that option off was to find it
in my editor, so I had to set WinXP to always open "user.js" in my favorite
text editor.

Then I searched about and found the option he
user_pref("keyword.enabled", false);

So, to find it again, I put the acronym for work-in-progress in comments
and changed the setting:
//WIP user_pref("keyword.enabled", false);
user_pref("keyword.enabled", true)
  #10  
Old January 25th 17, 12:11 PM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

To help others who follow this hint, the first thing I had to change in the
user.js file was that the Firefox Address Bar search was turned off.


The next problem I had with the GHacks user.js was that Google Gmail
doesn't like it one bit.

Logging into Google Gmail brings me to this page:
https://support.google.com/accounts/answer/61416?hl=en

It looks like the GHacks user.js turns off cookies, so, searching for that
option in the user.js file, I find this:
// 0=allow all
// 1=allow same host
// 2=disallow all
// 3=allow 3rd party if it already set a cookie
user_pref("network.cookie.cookieBehavior", 2)

So I change that to:
//WIP user_pref("network.cookie.cookieBehavior", 2)
user_pref("network.cookie.cookieBehavior", 1)

Then Google Gmail worked!
  #11  
Old January 25th 17, 12:31 PM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

Still ... it's a good idea for others with more patience than I seem to
have (I've spent years trying to block JS & Flash and gave up in the end).


As a WinXP example of a "good idea" that is just too hard to implement
because every company out there is trying to thwart you, I spent years
trying to keep my WinXP Start Menu clean and organized.

Yet, every single company out there tries to clutter up the WinXP Start
Menu, so my simple (and very effective) solution was to create a start menu
next to the official start menu.

Now no companies clutter up my start menu.

I went through the same process with the "My Documents" and "Program Files"
and "Documents and Settings" folders. Since every company out there tries
to thwart your efforts to keep them uncluttered, I simply NEVER (ever!)
willingly put ANYTHING in the Windows pre-defined folders.

You only have three kinds of folders anyway.
a. Whatever you call your program files folder hierarchy
b. Whatever you call your temporary stuff hierarchy
c. Whatever you call your personal data hierarchy

That's it.
Three folders (well-organized hierarchies, of course) contain everything
you'd ever need to add to Windows.

Anyway, the point is that every single company out there tries to defeat
you in privacy too. Sometimes you come up with simple solutions that work
(like disabling JS and flash) but other times you have to come up with your
own solution because the companies make your life miserable.

Sigh.
That's why we need a thread like this which gives actionable advice on how
to protect your privacy without going nuts trying.
  #12  
Old January 25th 17, 12:43 PM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Shadow replied:

I use an older version of Firefox, because Mozilla comes up
with new vulnerabilities at every new version. By the time you've
fixed them, out comes a new version.

Alt.comp freeware was announcing version 51.0 today, which
comes with "new features".


Your comment is true that each version of FF comes with new zero-day
vulnerabilities. The question is always which is the "most reliable" of the
older versions of Firefox. I stayed on 36 for a long time, for example, but
it's a moving target.

Which do folks think is the most reliable older Firefox nowadays?

Firewall + hosts file + about:config + some extensions + good
passwords on your routers.


O my. That's five things!
1. Firewall
2. Hosts file
3. FF about:config
4. FF extensions
5. Router passwords

We already have a subthread on the HOSTS file (e.g., MVP hosts file and a
registry key to easily edit it).

And we have a subthread on the FF about:config (e.g., the GHacks user.js
privacy tweaks).

There is a subthread within a subthread on FF extensions such as NoScript,
so, I'll assume we can remove that from your list for now.

So that leaves us with fleshing out:
1. Firewall
5. Router passwords
  #13  
Old January 25th 17, 12:59 PM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

So that leaves us with fleshing out:
1. Firewall
5. Router passwords


Taking Router Passwords first (because I know nothing about firewalls), I
would recommend actionable things such as:

BASIC ACTIONABLE ROUTER SECURITY SUGGESTIONS: (please suggest better ones!)

1. Change the router admin username & password
Note most routers seem to limit the password to 8 characters.
They'll take more than 8 characters, but anything after 8 doesn't matter.

2. Change the router MAC address (aka MAC cloning)
This doesn't change the MAC address that Google sees from all your
neighbor's Android phones spying for Google on you, but it at least changes
the MAC address that your Windows software sees.

3. Consider turning off any extraneous SSIDs (e.g., guest SSIDs) for the
obvious reason that the more SSIDs you have, the more "doors" you have into
your router.

4. Always add _nomap (lower case?) to the end of all your active SSIDs
This does not prevent all your neighbor's Android phones from spying on you
and reporting your GPS coordinates and router MAC address (the one you
can't change) and signal strength to Google, but Google "says" they will
delete this data which is reported to them a few times a day by your
neighbor's badly configured Android devices.

5. Add Microsoft-required _optout_ (lower case!) to all your active SSIDs
in order to eliminate sharing of your router with your neighbor's WiFi (I'm
not exactly sure how this works though, since I don't have Windows 10 yet).
(I guess you have to change your SSIDs to "whatever_optout_nomap".)

6. The rest of the SSID (and the passphrase) should be as unique as you can
make them, without giving away any privacy (e.g., the SSID shouldn't be a
phone number or an address or a name). You need both the SSID and
passphrase to be unique because of rainbow tables which allow anyone to
easily access your network if you use a non-unique combination of SSID and
passphrase.
https://en.wikipedia.org/wiki/Rainbow_table

7. I'm not sure what default settings to turn off, but almost everyone
recommends turning off UPNP so turn that off, at the very least.

8. Of course, use WPA2/PSK (aka pre-shred key) or better and turn off WPS
and update the firmware and make a backup of your configuration and, ...
but don't bother with hiding your broadcast SSID or disabling the DHCP
server or filtering on MAC addresses since anyone with netstumbler can see
all that stuff anyway and spoofing a MAC address is trivial on laptops.

I'm sure there is other actionable stuff, so please feel free to add it to
this subthread on setting up the router for privacy.
  #14  
Old January 25th 17, 01:44 PM posted to microsoft.public.windowsxp.general
Ann Dunham
external usenet poster
 
Posts: 66
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

Ann Dunham replied:

So that leaves us with fleshing out:
1. Firewall
5. Router passwords


I really know almost nothing about firewalls, so I will let others flesh
this one out.

I will ask a few questions though, since WinXP doesn't come with a firewall
(and since routers always come with a firewall).

1. The first question is why we'd need a software firewall if the router
has a hardware firewall.

2. The second question will be WHICH free software firewall is the best one
for Windows XP.

I don't know software firewalls, but I know how to google:
https://www.google.com/search?q=best...tware+firewall

The problem, as always with noobs doing Google searches, is that it finds
too much.
http://www.techsupportalert.com/best...protection.htm
http://www.techradar.com/news/the-best-free-firewall
http://www.pcmag.com/article/313986/...free-firewalls
http://www.makeuseof.com/tag/free-fi...dows-compared/
http://www.askvg.com/top-5-best-free...e-for-windows/
https://www.geckoandfly.com/12087/5-...osoft-windows/
etc.

Skimming them for the venn diagram overlap, the following free firewalls
seem to be repeated the most in the articles.

ZoneAlarm
http://www.zonealarm.com/xp/
http://download.zonealarm.com/bin/fr...43_119_000.exe

Comodo
http://download.comodo.com/cis/downl...er_6113_c7.exe

My question is which one of those two to invest my efforts in?
Seems that ZoneAlarm is more often mentioned as the number one.
Is that correct?
  #15  
Old January 25th 17, 02:27 PM posted to microsoft.public.windowsxp.general
Shadow
external usenet poster
 
Posts: 1,638
Default OMG. It's a LOT of work to set up Firefox for privacy on WinXP!

On Wed, 25 Jan 2017 10:57:05 +0000 (UTC), Ann Dunham
wrote:

R.Wieser replied:

For the record: I've disabled JS and de-installed Flash and the like. I
seldom run into websites that actually *need* JS to function (which doesn't
mean that they do not try to make it *look* as if its "absolutily
neccessary" though :-) ).


Disabling JS and Flash seems like a great idea, until you do it.


I UNINSTALLED flash, .NET, Silverlight and java. Flash and
Java, even if "disabled" , still phone home.
It drove me nuts when I had NoScript for example.


I couldn't live without it. You have to arrange the icons so
they are in a handy place. Use Firefox's configure menu thingy.
If you REALLY need something, "temporally allow site".
You have no idea how much malware can be installed on your
computer if you don't block javascript. Even Linux is vulnerable.
And always use private browsing mode ....
[]'s

Too many extraneous decisions to make and too many web sites didn't work
and far (far) too much effort in the end.

Still ... it's a good idea for others with more patience than I seem to
have (I've spent years trying to block JS & Flash and gave up in the end).

Luckily Flash is on the way out but JS seems here to stay. Sigh.

--
Don't be evil - Google 2004
We have a new policy - Google 2012
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 11:12 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.