There are plenty of guides on the web about securing your computer against threats you can encounter on the internet, while making your browsing habits hassle free and enjoyable. Most of the guides teach you basic stuff about how to install antivirus and other anti-malware suites, check your browser for toolbars and extensions, whether your homepage or search engine was modified.
But in all fairness those are reactive measures, measures that you take posthumously (after an action has occurred).
Let’s say for example you are searching on the internet for a way to accomplish a task like convert a document to another format or replay a video recording.
What do you do, you go to google and type how to accomplish the task and you receive a list of sites that present means on how to accomplish that task. You click on the first link and you see a big shiny button that prompts you to download a piece of software and install it.
Now when you open your browser it looks a little different, the colors on the google search page have changed a little and there’s an ad for a weight loss solution. That’s odd…
On the other side the software you just downloaded resolved your problem, but won’t let you save the results because is just a demo version.
What if you could have just not had the misfortune to bump into that big shiny button?
Enter the good guys over at winhelp2002.mvps.org that have compiled a comprehensive list with sites that deliver adware, spyware, scamming, scams and activity trackers on the internet.
You can just download the list in txt format and append it to your hosts file, by opening Notepad as an Administrator and browsing to the path where the hosts file resides.
On Windows systems it is generally located in C:\Windows\System32\drivers\etc\ and it’s simply named hosts without an extension.
On Linux systems you can do this as root by downloading the hosts.txt file and appending it to /etc/hosts with the following command: cat hosts.txt >> /etc/hosts.
By now, after applying this trick, most of the ads will be gone, but there are also other tips and tricks you could do to make your browsing experience safer and hassle free.
The next thing you should do is to start using a more secure browser that can be customized like Chrome, Firefox or related browsers built from the same sources.
One option is this case is using the browsers from Comodo like the Dragon or the Ice Dragon that are built upon Chromium and respectively Firefox. These browsers have extra security and privacy features such as suppressing the HTTP referrer function and a secure DNS service that blocks websites containing malware from loading.
Now that you are using a Chromium or Firefox-based browser there are also a lot of extensions that could be used to prevent tracking software, annoying ads and malware sites.
Some of these extensions block scripts, some remove ads and trackers while others secure your traffic by forcing the browser to opt always for the secure version of a website if one exists.
The extensions that I use on a daily basis are: ScriptSafe, Ghostery and HTTPS Everywhere.
A nice thing about it is that it implements, besides the obligatory whitelisting, also bulk whitelisting in order to add all your frequent visited sites at once. A really nice thing is the integration it has with several adware and malicious website lists, so that it automatically targets as unwanted those websites and stops them from loading.
As an example, what you have to do in order to view Youtube videos, after installing this extension is to set allow only to www.youtube.com, s.ytimg.com and the whole *.googlevideo.com domain because here the links are different for each video. After this you could enjoy ad free Youtube videos. To whilelist an entire domain you have to click the extension icon, choose options and follow the instructions in the whitelist section.
Ghostery is a very useful privacy extension that disables tracking scripts and cookies from running in your browser. By default when you install it, it asks which categories of trackers do you want to block and you can choose from Advertising, Analytics, Beacons, Privacy and Widgets. You can, of course, allow or disallow them later by tracker or by site, temporarily or forever.
As an example we use Gravatar on our blog to display the user avatars. Gravatar is an image that follows you from site to site appearing beside your name when you do things like comment or post on a blog. Because of this behavior it can be considered a tracker. When you choose to block this tracking software you won’t see any avatars from Gravatar in your browser as it shown in the image above. After you allow it, it will work as expected, by showing all the avatars from every user. This is just an example and the same thing applies to every category it handles.
HTTPS Everywhere is another great extension for the security minded folks, which tries to live up to his name and force every website on the internet to load in secure HTTPS mode. While there’s a long way to go for this goal to be achieved, this extension does have so called rules enabled for thousands of the most popular sites.
Of course this works only when the website you are visiting has implemented a HTTPS version of the website in addition to the HTTP one.
The way it works is by rewriting your web requests from the HTTP version of the website to the HTTPS version. For more information regarding how the rules are set and for what websites please visit the EFF.org website.
I hope this guide will be of real use to people that are concerned with improving the privacy and security of their web browsing and I also welcome other methods of reaching the same or better results.
828 total views, 1 views today