If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
I'm trying to figure out and document how to set up Firefox for privacy on
WinXP due to data-mining attempts in web pages that I frequent. It's complex as can be, so to make it simpler, I ask that we each post a SINGLE actionable suggestion in each post (not thousands of suggestions in one post), so that anyone following this in the future can take it one post (suggestion) at a time. Make sense? The advantage will be that each post is actionably simple. The disadvantage will be that there may be a lot of posts in this thread over time. Each post can then spur more information in a subthread, if needed. Make sense? |
Ads |
#2
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
Each post can then spur more information in a subthread, if needed. Make sense? Add the MVP Hosts file to your existing HOSTS file. 1. Read up on the MVP Hosts file he http://winhelp2002.mvps.org/hosts.htm 2. Download the MVP Hosts file: http://winhelp2002.mvps.org/hosts.txt 3. Merge that hosts file into your existing hosts file: c:\windows\system32\drivers\etc\hosts 4. Create a registry key to easily edit the hosts file: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\edithosts.exe Which points to: c:\windows\system32\drivers\etc\hosts.txt Which, when you edit and save, save into: c:\windows\system32\drivers\etc\hosts |
#3
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
I'm trying to figure out and document how to set up Firefox for privacy on WinXP due to data-mining attempts in web pages that I frequent. I guess the first thing is the big stuff, which is to download the GHacks user.js privacy file which is described here. http://www.ghacks.net/2016/07/03/com...refox-user-js/ This page says the latest version is 0.10 dated July 2016 for FF47. http://www.ghacks.net/2015/08/18/a-c...rity-settings/ 1. Download the GHacks user.js zip file & unzip & rename the file to user.js http://www.ghacks.net/download/122906/ 2. Start the latest Firefox 3. Type about:support in the Firefox address bar 4. Click the show folder link under application basics to open the current profile folder on the computer system. 5. Kill Firefox (but keep that folder window open). 6. Look for prefs.js and for user.js 7. Back up prefs.js to "Copy of prefs.js" but keep the prefs.js file intact 8. Copy the Ghacks user.js file into that profile folder (or merge it with a current user.js file) 9. Restart Firefox. 10. You should have better privacy settings now |
#4
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
On Tue, 24 Jan 2017 23:43:23 +0000 (UTC), Ann Dunham
wrote: I'm trying to figure out and document how to set up Firefox for privacy on WinXP due to data-mining attempts in web pages that I frequent. It's complex as can be, so to make it simpler, I ask that we each post a SINGLE actionable suggestion in each post (not thousands of suggestions in one post), so that anyone following this in the future can take it one post (suggestion) at a time. Make sense? The advantage will be that each post is actionably simple. The disadvantage will be that there may be a lot of posts in this thread over time. Each post can then spur more information in a subthread, if needed. Make sense? Firewall + hosts file + about:config + some extensions + good passwords on your routers. I use an older version of Firefox, because Mozilla comes up with new vulnerabilities at every new version. By the time you've fixed them, out comes a new version. Alt.comp freeware was announcing version 51.0 today, which comes with "new features". Yikes. []'s -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
#5
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham wrote:
I'm trying to figure out and document how to set up Firefox for privacy on WinXP due to data-mining attempts in web pages that I frequent. It's complex as can be, so to make it simpler, I ask that we each post a SINGLE actionable suggestion in each post (not thousands of suggestions in one post), so that anyone following this in the future can take it one post (suggestion) at a time. Make sense? The advantage will be that each post is actionably simple. The disadvantage will be that there may be a lot of posts in this thread over time. Each post can then spur more information in a subthread, if needed. Make sense? Use a proxy. |
#6
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann,
I'm trying to figure out and document how to set up Firefox for privacy on WinXP due to data-mining attempts in web pages that I frequent. Simpelest solution ? Install a extension, like RequestPolicy, which blocks all third-party content (but allows you to ajust it to your liking), meaning all the, among others, JavaScript coming from other (datamining) domains. That means you're left with deciding if the website your visiting is trustworthy itself (if it will do the datamining themselves, which generally doesn't seem to be the case). If you don't think they are you could consider specifically blocking JS (and objects like Flash) from that site too. Though that might be rather hard to do, as they often will make sure that their site "won't run" when you block JS altogether. (but sometimes simply swithing FFs 'page style' to None bypasses some of those sites "can't work, won't work" overlay which *hides* the actual content) In that case you have to make a choice: do you want to spend a *lot* of time trying to figure out which scripts you will, and which you won't accept (and have to do that every time the website changes), or do you just choose *not* to visit them again. For the record: I've disabled JS and de-installed Flash and the like. I seldom run into websites that actually *need* JS to function (which doesn't mean that they do not try to make it *look* as if its "absolutily neccessary" though :-) ). I have to say though that I'm not really a "social media" kind of person. YMMV. Regards, Rudy Wieser -- Origional message Ann Dunham schreef in berichtnieuws ... I'm trying to figure out and document how to set up Firefox for privacy on WinXP due to data-mining attempts in web pages that I frequent. It's complex as can be, so to make it simpler, I ask that we each post a SINGLE actionable suggestion in each post (not thousands of suggestions in one post), so that anyone following this in the future can take it one post (suggestion) at a time. Make sense? The advantage will be that each post is actionably simple. The disadvantage will be that there may be a lot of posts in this thread over time. Each post can then spur more information in a subthread, if needed. Make sense? |
#7
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
R.Wieser replied:
For the record: I've disabled JS and de-installed Flash and the like. I seldom run into websites that actually *need* JS to function (which doesn't mean that they do not try to make it *look* as if its "absolutily neccessary" though :-) ). Disabling JS and Flash seems like a great idea, until you do it. It drove me nuts when I had NoScript for example. Too many extraneous decisions to make and too many web sites didn't work and far (far) too much effort in the end. Still ... it's a good idea for others with more patience than I seem to have (I've spent years trying to block JS & Flash and gave up in the end). Luckily Flash is on the way out but JS seems here to stay. Sigh. |
#8
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Paul in Houston TX replied:
Use a proxy. Thanks for that Firefox privacy suggestion for WinXP users. I'm not sure what a "proxy" is, other than I guess it's sort of like a VPN but just for port 80 (aka web browsing) and maybe encrypted web browsing (port 443). Is that right? If that's right, then it's probably a good thing in that it's a lightweight free VPN, so now we have to look at how does one install a proxy? After obligatory Googling for a simple free proxy for WinXP: https://www.google.com/search?q=simp...+winxp+firefox Then modified to eliminate extensions: https://www.google.com/search?q=simp...nsion+-add-ons First hit: https://hide.me/en/proxy Quick scan intuition = it's a scam because it's not free & wants you to sign up, which already destroys your privacy before you even started. Second hit: https://free-proxy-list.net/ Quick scan intuition = Apparently these free proxy servers change all the time, so you manually set up the proxy settings in your browser each time you want to go somewhere. Also apparently there are dangers involved in that this web page says there are three types of free proxies: There are 3 levels of proxies according to their anonymity. Type 1: The web server can't detect whether you are using a proxy. Type 2: The web server can know you are using a proxy, but it can't know your real IP. Type 3: The web server can know you are using a proxy and it can also know your real IP. So, now we have to figure out how to search for only type 1 proxies, which is unknown (to me) at the moment. Moving on to the third hit: http://superuser.com/questions/33512...er-for-windows Quick scan intuition = use any of the following for Windows free proxy a. FreeProxy http://www.softpedia.com/get/Interne...reeProxy.shtml b. CCProxy http://www.youngzsoft.net/ccproxy/ccproxysetup7.2.exe c. AnalogX Proxy http://www.analogx.com/contents/down...y/Freeware.htm d. AdvOr Proxy https://sourceforge.net/projects/adv...AdvOR-0.2.0.8/ e. Polipo Proxy http://www.torproject.org/ Then after modifying the search we also find this suggestion: http://www.majorgeeks.com/mg/sortdate/proxy.html which lists scores of "free proxies" for Windows users. Obviously there were far more hits, but usually the first set gets us started. To make this free proxy suggestion actionable, given that there are scores of choices, would anyone have a suggestion of which of the single hits above we should investigate to fruition for "Type 1" Firefox on WinXP free "proxy" setup? |
#9
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
I guess the first thing is the big stuff, which is to download the GHacks user.js privacy file which is described here. http://www.ghacks.net/2016/07/03/com...refox-user-js/ To help others who follow this hint, the first thing I had to change in the user.js file was that the Firefox Address Bar search was turned off. The logic was that you can accidentally type a url in the address bar which would become a search term instead. I'm not worried about that, and I don't use the search bar (since it's no different than the URL bar in practice) so I had to turn that option off. The first thing I had to do in order to turn that option off was to find it in my editor, so I had to set WinXP to always open "user.js" in my favorite text editor. Then I searched about and found the option he user_pref("keyword.enabled", false); So, to find it again, I put the acronym for work-in-progress in comments and changed the setting: //WIP user_pref("keyword.enabled", false); user_pref("keyword.enabled", true) |
#10
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
To help others who follow this hint, the first thing I had to change in the user.js file was that the Firefox Address Bar search was turned off. The next problem I had with the GHacks user.js was that Google Gmail doesn't like it one bit. Logging into Google Gmail brings me to this page: https://support.google.com/accounts/answer/61416?hl=en It looks like the GHacks user.js turns off cookies, so, searching for that option in the user.js file, I find this: // 0=allow all // 1=allow same host // 2=disallow all // 3=allow 3rd party if it already set a cookie user_pref("network.cookie.cookieBehavior", 2) So I change that to: //WIP user_pref("network.cookie.cookieBehavior", 2) user_pref("network.cookie.cookieBehavior", 1) Then Google Gmail worked! |
#11
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
Still ... it's a good idea for others with more patience than I seem to have (I've spent years trying to block JS & Flash and gave up in the end). As a WinXP example of a "good idea" that is just too hard to implement because every company out there is trying to thwart you, I spent years trying to keep my WinXP Start Menu clean and organized. Yet, every single company out there tries to clutter up the WinXP Start Menu, so my simple (and very effective) solution was to create a start menu next to the official start menu. Now no companies clutter up my start menu. I went through the same process with the "My Documents" and "Program Files" and "Documents and Settings" folders. Since every company out there tries to thwart your efforts to keep them uncluttered, I simply NEVER (ever!) willingly put ANYTHING in the Windows pre-defined folders. You only have three kinds of folders anyway. a. Whatever you call your program files folder hierarchy b. Whatever you call your temporary stuff hierarchy c. Whatever you call your personal data hierarchy That's it. Three folders (well-organized hierarchies, of course) contain everything you'd ever need to add to Windows. Anyway, the point is that every single company out there tries to defeat you in privacy too. Sometimes you come up with simple solutions that work (like disabling JS and flash) but other times you have to come up with your own solution because the companies make your life miserable. Sigh. That's why we need a thread like this which gives actionable advice on how to protect your privacy without going nuts trying. |
#12
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Shadow replied:
I use an older version of Firefox, because Mozilla comes up with new vulnerabilities at every new version. By the time you've fixed them, out comes a new version. Alt.comp freeware was announcing version 51.0 today, which comes with "new features". Your comment is true that each version of FF comes with new zero-day vulnerabilities. The question is always which is the "most reliable" of the older versions of Firefox. I stayed on 36 for a long time, for example, but it's a moving target. Which do folks think is the most reliable older Firefox nowadays? Firewall + hosts file + about:config + some extensions + good passwords on your routers. O my. That's five things! 1. Firewall 2. Hosts file 3. FF about:config 4. FF extensions 5. Router passwords We already have a subthread on the HOSTS file (e.g., MVP hosts file and a registry key to easily edit it). And we have a subthread on the FF about:config (e.g., the GHacks user.js privacy tweaks). There is a subthread within a subthread on FF extensions such as NoScript, so, I'll assume we can remove that from your list for now. So that leaves us with fleshing out: 1. Firewall 5. Router passwords |
#13
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
So that leaves us with fleshing out: 1. Firewall 5. Router passwords Taking Router Passwords first (because I know nothing about firewalls), I would recommend actionable things such as: BASIC ACTIONABLE ROUTER SECURITY SUGGESTIONS: (please suggest better ones!) 1. Change the router admin username & password Note most routers seem to limit the password to 8 characters. They'll take more than 8 characters, but anything after 8 doesn't matter. 2. Change the router MAC address (aka MAC cloning) This doesn't change the MAC address that Google sees from all your neighbor's Android phones spying for Google on you, but it at least changes the MAC address that your Windows software sees. 3. Consider turning off any extraneous SSIDs (e.g., guest SSIDs) for the obvious reason that the more SSIDs you have, the more "doors" you have into your router. 4. Always add _nomap (lower case?) to the end of all your active SSIDs This does not prevent all your neighbor's Android phones from spying on you and reporting your GPS coordinates and router MAC address (the one you can't change) and signal strength to Google, but Google "says" they will delete this data which is reported to them a few times a day by your neighbor's badly configured Android devices. 5. Add Microsoft-required _optout_ (lower case!) to all your active SSIDs in order to eliminate sharing of your router with your neighbor's WiFi (I'm not exactly sure how this works though, since I don't have Windows 10 yet). (I guess you have to change your SSIDs to "whatever_optout_nomap".) 6. The rest of the SSID (and the passphrase) should be as unique as you can make them, without giving away any privacy (e.g., the SSID shouldn't be a phone number or an address or a name). You need both the SSID and passphrase to be unique because of rainbow tables which allow anyone to easily access your network if you use a non-unique combination of SSID and passphrase. https://en.wikipedia.org/wiki/Rainbow_table 7. I'm not sure what default settings to turn off, but almost everyone recommends turning off UPNP so turn that off, at the very least. 8. Of course, use WPA2/PSK (aka pre-shred key) or better and turn off WPS and update the firmware and make a backup of your configuration and, ... but don't bother with hiding your broadcast SSID or disabling the DHCP server or filtering on MAC addresses since anyone with netstumbler can see all that stuff anyway and spoofing a MAC address is trivial on laptops. I'm sure there is other actionable stuff, so please feel free to add it to this subthread on setting up the router for privacy. |
#14
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
Ann Dunham replied:
So that leaves us with fleshing out: 1. Firewall 5. Router passwords I really know almost nothing about firewalls, so I will let others flesh this one out. I will ask a few questions though, since WinXP doesn't come with a firewall (and since routers always come with a firewall). 1. The first question is why we'd need a software firewall if the router has a hardware firewall. 2. The second question will be WHICH free software firewall is the best one for Windows XP. I don't know software firewalls, but I know how to google: https://www.google.com/search?q=best...tware+firewall The problem, as always with noobs doing Google searches, is that it finds too much. http://www.techsupportalert.com/best...protection.htm http://www.techradar.com/news/the-best-free-firewall http://www.pcmag.com/article/313986/...free-firewalls http://www.makeuseof.com/tag/free-fi...dows-compared/ http://www.askvg.com/top-5-best-free...e-for-windows/ https://www.geckoandfly.com/12087/5-...osoft-windows/ etc. Skimming them for the venn diagram overlap, the following free firewalls seem to be repeated the most in the articles. ZoneAlarm http://www.zonealarm.com/xp/ http://download.zonealarm.com/bin/fr...43_119_000.exe Comodo http://download.comodo.com/cis/downl...er_6113_c7.exe My question is which one of those two to invest my efforts in? Seems that ZoneAlarm is more often mentioned as the number one. Is that correct? |
#15
|
|||
|
|||
OMG. It's a LOT of work to set up Firefox for privacy on WinXP!
On Wed, 25 Jan 2017 10:57:05 +0000 (UTC), Ann Dunham
wrote: R.Wieser replied: For the record: I've disabled JS and de-installed Flash and the like. I seldom run into websites that actually *need* JS to function (which doesn't mean that they do not try to make it *look* as if its "absolutily neccessary" though :-) ). Disabling JS and Flash seems like a great idea, until you do it. I UNINSTALLED flash, .NET, Silverlight and java. Flash and Java, even if "disabled" , still phone home. It drove me nuts when I had NoScript for example. I couldn't live without it. You have to arrange the icons so they are in a handy place. Use Firefox's configure menu thingy. If you REALLY need something, "temporally allow site". You have no idea how much malware can be installed on your computer if you don't block javascript. Even Linux is vulnerable. And always use private browsing mode .... []'s Too many extraneous decisions to make and too many web sites didn't work and far (far) too much effort in the end. Still ... it's a good idea for others with more patience than I seem to have (I've spent years trying to block JS & Flash and gave up in the end). Luckily Flash is on the way out but JS seems here to stay. Sigh. -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
Thread Tools | |
Display Modes | |
|
|