Three Firefox Security & Privacy Add-ons that can Co-exist

Ads by Google

While some of us have been lured over to Google Chrome, Mozilla’s Firefox remains the favorite browser here at MUO, and I’m willing to wager that it does so because of near-limitless customization options. We’re also very security-minded as well, so we’ve compiled a brief list of security-conscious Firefox extensions which are compatible with each other. In fact, I can safely say that these are three of the top four extensions under “Security and Privacy” on Mozilla’s Add-Ons site (number four being Xmarks, for reasons uncertain, since it’s a bookmark manager).

1. NoScript

Many browser security issues stem from exploits of JavaScript code. NoScript prevents that code from executing, and then notifies you of what code is blocked. You may then add the page to your white-list with a few clicks. That way, you’re protected when browsing unfamiliar sites, but can still check your Gmail and surf Digg.

2. Ad-Block Plus (ABP)

According to Mozilla, this is the #2 favorite add-on (next to FlashGot), and it is for good reason. Ad-Block Plus improves on its predecessor, allowing you to subscribe to a list of advertising codes to block, just like one might subscribe to antivirus updates. Advertisers can potentially track user behavior across the Web, and it’s no surprise that many users don’t like that. Like NoScript, ABP can be disabled for specific sites and pages. ABP will block 99% of the ads out there. And as a bonus, pages should render much faster.

3. Web of Trust (WOT)

Ads by Google

My new favorite! WOT adds an extra layer of protection to your browser, utilizing users ratings to show you, at a glance, which sites are OK and which ones should be left unclicked. WOT can enhance search results and links on AOL, Ask, Bing, Delicious, Digg, Dogpile, Google, Gmail, Mahalo, Wikipedia, Hotmail, Yahoo, DMOZ and Reddit, among others.

Above is the first screen you’ll see after installing WOT. WOT can be as intrusive as you wish, and also be used to block kids’ access to unsafe sites.

Above is an example of Firefox viewing a site which has been rated poorly by WOT users. You can still go to the site, but I wouldn’t recommend doing so.

NoScript, Ad-Block Plus, and Web of Trust take only moments to install, but will help keep their users safe from many of the Web’s seedier elements. We welcome any suggestions you may have of additions to this list are welcome, in the comments below.

For more posts on security and privacy online, do read:

10+ Best Firefox Security and Privacy Addons
7 Essential Security Downloads You MUST Have Installed
Detect Fake Antivirus software & Spyware Removal programs
Things To Know When Using a WiFi Hotspot Or a Public PC

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Awesome Websites
Awesome Websites
176 Members
Best Anonymity Tools
Best Anonymity Tools
73 Members
Tips for Privacy Obsessed
Tips for Privacy Obsessed
56 Members
Online Security Tips
Online Security Tips
56 Members
Ads by Google
Comments (15)
  • Noicroek

    yes.. interesting thread..

  • shashank

    i think it is very usefull for me in many asspects

  • Mike

    One thing I feel I have the right to complain about with Chrome is the way it hides so many of its options and, really, lacks many as well. I have no idea what is going on with its security because they keep the menus so sparse. I had to give up on Chrome because I did not want to run a separate antivirus program in order to feel protected.

  • Internet Protection

    Firefox Security & Privacy Add-ons is a very imortant value added service .Adblock plus is very neat and efectve. And I alsolike Billeo. It has very good features.

  • Pikadude No. 1

    I hate reading “Use NoScript or you WILL get infected!” I know the Web from a Web developer’s perspective, and let me say two things about active content (the sort of stuff that NoScript blocks):

    1. It may be the most oft-used means of attack, but it’s far from the only one. I’ve seen security flaws that could be exploited by malformed images, and one that could be exploited by really long URLs. So if you want to stay perfectly safe, what you really need are tools to help you never land on a malicious site in the first place.

    2. An expert Web developer is trained to a. use JavaScript to make things more convenient wherever possible, and b. when JavaScript is not available, have Web pages degrade gracefully and reduce functionality instead of complaining that JavaScript is missing. So by indiscriminately blocking active content, you may be missing out on numerous conveniences and you’ll never know they were there. For example, Simple Machines Forum, a freeware app that powers many online forums, offers an inline post editor that lets you rewrite a submitted post without having to move to a separate page. Browse an SMF-powered site with JavaScript off and the button to use such editor never even shows up.

    If you want to use the Web to its fullest, you should find tools that block only the bad guys to work perfectly fine. WOT’s fantastic and Firefox’s built-in attack sites filter saved my bacon once. If you’re concerned about your privacy, throw in ABP with the EasyPrivacy subscription.

    • Stardance

      Frankly, I have no interest in a “flame war” about the Firefox NoScript add-on or any other security software. But Giorgio Maone has added many features to NoScript that are valuable — even if you enable the option to Allow Javascript Globally (yes, you can do that!)– and some people run NoScript just to have those. There are also multiple options pertaining to Javascript, such as temporarily allowing all websites that are accessed from the page to run it; afterward, you can make the permissions permanent. In my humble opinion, if you are unwilling to bother with NoScript, or at least one of the alternative Firefox add-ons that govern Javascript usage, then quite likely you will, sooner or later, learn a hard lesson.

      As to “when Javascript is not available”, GET REAL: when Firefox fetches a website page, I haven’t seen one during the past four or five years that displays any significant content unless and until I access NoScript to allow the website to use Javascript. On the other hand, I cannot recall ever “missing out” on anything by not allowing “Google Analytics”; have you?? Since I couldn’t care less whether “ads” fetched from other sites need Javascript to run, I don’t allow them.

      With Firefox, at least I have a real _choice_ of whether to run NoScript, and I can disable all Javascript with a Firefox option instead. But disable Javascript on the Internet Explorer Advanced configuration tab, and see what happens when I.E. fetches a page from a site like Tech Republic (where the content is embedded within advertising). Microsoft gives you a “choice” that they quite emphatically do _not_ want you to choose!

      If only for that reason, Javascript has become the preferred method for introducing malware by criminals who want to obtain data from a computer, whether to gain control of it as well. (Using Javascript on a web page is the means of intrusion; that is only the start.)

      The challenge with blacklists is that someone, some time, in some way, must access a website and, presumably based on their experience, decide whether to recommend its addition to the blacklist. I don’t consider Web Of Trust to be a blacklist, as such, but if a website has poor ratings, then WOT displays a warning page before Firefox fetches the first page from the website. There are websites where I have not found any identifiable indiscriminate threat to the security of anyone’s computer. But I know that those websites are owned, operated and frequented by people whose activities often are not quite what most of us are likely to regard as ethical or as virtuous. So there is some risk. Some such websites are, in and of themselves, “safe” but the websites of other people with whom they associate are anything but safe, and there may be links to those.

      That doesn’t mean that I won’t revisit them, just that I recognize whom I am dealing with, what to expect, and take extra precautions to protect my computer system. In such a context, WOT or a blacklist is usually irrelevant. Nonetheless, should I give the site “poor” ratings for WOT just so it will display its warning to others?? I would not want my pre-teen child to visit the site, or want a teenager to go there without me to show them how to conduct themselves and to beware of what can go wrong. (“If they bluntly tell you to go away, then go away, do not return!”)

      With regard to outright criminal activity the challenge is twofold. One is that criminals can and do create malicious websites faster than we can discover and blacklist them. Most of their websites typically don’t have the same URL for very long. So, blacklists eventually contain the IP addresses and/or URLs for many websites that no longer exist, whether all of them were used by criminals.

      The second is that criminals have increasingly been planting malware on legitimate website servers, so that the page which your browser receives is not necessarily exactly the one that the website designer and coders created.
      Criminals also alter DNS servers to replace the IP address of a legitimate website with the IP address of their counterfeit of that website, one which is rigged, of course, with malware. And a website like that is unlikely to be on any blacklist, because, after it has harmed some people who realize what has happened, the DNS operator remedies the corruption of their server(s). The criminals then take down their website or register it with another URL.

      A blacklist in such contexts as those is practically useless, whether it might give us an unjustified sense of security. Even running NoScript with Firefox might not be enough to defend its user after the user has allowed Javascript from a specific website to be executed. That is one reason that I also run Sandboxie. I recommend it to anyone who is serious about security, but it requires more knowledge about computers than most people have, as well as some time and effort, to install, configure and use Sandboxie properly. It is not for the typical weekend sysadmin. Enough said??

Load 10 more
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.