Sep 04 2008
It's been said that the killer app that made the Net as ubiquitous as it is today is the web browser, with e-mail running a close second. Just about everyone uses a browser in some capacity or another to access news, information, and e-mail, possibly moreso than dedicated applications (such as e-mail readers, RSS readers, or database searching applications). As great as they are, web browsers have their own unique sets of problems and vulnerabilities that have to be taken into account, especially if privacy is of concern to you.
Firefox, in my considered opinion, is an excellent web browser - its memory footprint is small, it's lightweight, it's easy to install, it's available on a number of platforms, and it's also extremely extensible, in the form of Add-ons that add or modify features of the web browser. Also, the Mozilla Project itself has been fairly diligent in fixing reported vulnerabilities in their work; Microsoft hasn't, unfortunately, though they are getting better at it. Microsoft also tends to have a too-little-too-late approach to their browser upgrades. While IE7 now includes tabs and IE8 will have some privacy features, Firefox and Opera had them several years ago, and more's the point they've had time to get them working properly. As you might expect of an open and extensible platform, coders from all over have implemented security and privacy related add-ons, of which I've spent a couple of years testing, destroying, and hammering on out of enlightened self-interest. These are the ones that I recommend to everyone because they're the first things I install in a new copy of Firefox. I highly recommend installing and configuring Adblock Plus for Firefox, for two reasons: Firstly, it'll speed up browsing greatly because Firefox will no longer download most of the ads that appear all over the Web these days. Secondly, if your browser doesn't download any of image or Flash animation advertisements, this will result in fewer entries left on the web servers the ads are served from, which results in leaving a small activity footprint on the Net. Adblock Plus is also nice in that it's pretty much a set-it-and-forget-it extension. After installing the add-on and restarting Firefox, click on the little drop-down arrow on the 'ABP' icon that will appear in the Firefox toolbar and then select 'preferences'. In the new window, click on the Options menu, and select 'Enable Adblock Plus' to turn it on. Then open the Filters menu and select 'Add filter subscription'. Select a filter developed for your country (in my case, the first on the list is US-centric) and click okay. From that point on, Adblock Plus will scan all of the web pages your look at for advertisements that match one of the patterns on the list and silently filter them out for you. Not only will you not have to deal with them but your web browser will download fewer files, resulting in a snappier browsing experience. Adblock Plus' filter lists are updated frequently, and if you let it it'll silently download thosse updates (though this could potentially compromise your privacy, depending on exactly how paranoid you are).
Gmail Manager is a Firefox plugin that does just what it says: it manages your GMail accounts for you. It puts a small icon in the bottom right corner of your browser window and keeps tabs on the number of messages waiting for you (it will monitor multiple GMail accounts and let you switch between them on the fly by right-clicking on the icon). If you set it up to remember your passwords it'll automatically log into all of your GMail accounts when Firefox starts (I suggest not turning on auto-login because this plugin can accidentally leak your credentials under certain circumstances, such as when you're using a hotel's wireless network but you haven't accepted the user agreement on their website yet). Gmail Manager will also let you toggle the use of SSL ("Use secured connections for this account") on a per-account basis. As always, I highly recommend that you check this tickybox for all of your accounts.
Digressing for a moment, it is also possible to configure your Gmail account to use SSL over unencrypted traffic without a plugin or browser extension. From a computer and network you trust, log into your Gmail account, click on the Settings link in the top-right corner, and scroll all the way to the bottom of the General tab; you'll find a configuration option called "Browser connection", where you can pick between "Always use https" and "Don't always use https". Check the "Always use https" radio button and then click the "Save Changes" button.
If you set up a Google Domain, however, the Gmail accounts associated with it do not have the above option at the time of this writing.
Not all websites are enlightened enough to take into account the fact that you might not be using the default web browser for your operating system and require you to use a less favored one that your OS might not support. For the rest of us, there is a plugin called User Agent Switcher, which rewrites the headers of outgoing HTTP requests from Firefox so that you appear to be using something else.. like Microsoft Internet Explorer 7 on Windows Vista. All the dancing around aside, if a particular website requires you to use IE, more often than not this plugin will get you in with nobody the wiser. You can also use this plugin to get around the access restrictions of certain websites by pretending to be something else entirely, like an Apple iPhone or Google's web crawler. This is one of my favorite toys that comes in handy when you least expect it, so you might wish to consider installing it just in case.
A fringe benefit of User Agent Switcher is that you can also configure your browser to be something thoroughly unremarkable in the server logs, such as the aforementioned Internet Explorer on Windows, rather than Firefox on OpenBSD installed on a Sharp Zaurus.
I'll explain Tor in another article, so if you're not familiar with it don't jump too quickly on installing Torbutton. It's considered good practice to not suddenly start using the Next Great Thing until you know at least the basics about what it is and what it does.
The next question you're probably going to ask is, "If you run Linux, why are you recommending that I run them?" The answer is that I make use of them on both Linux and Windows. While I can't think of any particular reason that they won't work on MacOSX I haven't personally tried them yet (anybody have a Macbook that I can abuse for a week or two?), so the only thing I can tell you is give it a try and let me know so I can update this post.