When I watch one of my friends of family members use their computer I usually see them using the default browser like Safari or Internet Explorer/Edge on their computers. When I ask if they’ve customized or secured their browser I get blank looks. This is also true on their phones with most people just using Safari on their iPhones or the built in Chromium on their Android device. That’s not necessarily a problem but running a browser with its default settings in place means you aren’t being protected from the many malicious and accidental issues on the net. This becomes an even more important thing as we start to use our own devices for work. Checking email is one thing, but using our phones to pay bills, pay employees, order supplies and the other million things we use the net for means we need to do more to make those devices secure.
So in an effort to help out my friends, family and also the wider SMB environment I put together this list of the extensions that I personally use to make me more secure AND to guard my privacy while online. I use a lot more extensions than these in my day to day browsing but we will concentrate on privacy and security extensions today.
Security & Privacy Extensions for Chrome & Firefox
Here’s my curated list of security and privacy browser extensions listed in preference of use.
LastPass: Start with Lastpass or a similar extension from Dashlane or 1Password. This extension will let you store your passwords and accounts and give you access to them in your browser. If you were to install only one extension, make it a password manager and make sure you enable multi-factor authentication (MFA)!
Technical Skill: Easy
Technical Skill: Medium
Anti-virus: You should have an anti-virus or endpoint protection solution in place, which should also include a browser extension that protects your browsing experience in real time. Some examples are Avast, Symantec, Trend Micro, Kaspersky, Norton, McAfee, ESET, Sophos, AVG, F-Secure, Avira and Webroot. I use BitDefender on my Mac and Windows machines and it comes with an extension called TrafficLight. Regardless of what solution you’ve bought, make sure the browser extension is installed and enabled. This can provide a lot of protection especially for less technical employees who don’t necessarily understand how to verify URLs and websites are legit.
Technical Skill: Easy
Technical Skill: Easy
Ghostery: I’ve been using this extension for YEARS. This extension tells you what trackers are running on a website.
Technical Skill: Easy
Ublock Origin: This extension is super powerful. I mean, like wow! It blocks adware, bad domains, tracking software, javascript, plugins and certain types of bad content for you. This one is a no brainer. Install it and you’ll be safer out the box. Do NOT use AdBlock or AdBlock plus, both have been taken over by potentially dubious actors and are now displaying ads.
Technical Skill: Easy
Link: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en
Privacy Badger: This extension learns the behaviour of tracking software across the totality of your web experience and blocks based on that aggregate behaviour. Privacy Badger seems to play nice with other blocking software like Ublock Origin.
Technical Skill: Medium
Link: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp
No Coin:This browser extension looks for crypto-jacking websites and blocks them. End of story.
Technical Skill: Easy
Facebook Container : This extension blocks Facebooks ability to track your browsing habits. Only works on Firefox.
Technical Skill: Easy
Link: https://addons.mozilla.org/en-US/firefox/addon/facebook-container/
Block Site: There’s a certain amount of overlap with this extension and Ublock but I still prefer this one if you want to simply block a website for a limited period of time, or for ever.
Technical Skill: Medium
Hoxx VPN:: This one might cause a stir but I have found this to be useful in certain circumstances. The trick is to understand, and explore, its potential use as it’s not true VPN, but instead more akin to a browser specific encrypted web proxy. This is an extension you install in your browser and you connect to a “VPN Server” in one of 16 countries and your web session with that browser session. Works great for testing web apps from different locations, or more generally when I need my http requests to come from within the US or UK or wherever, I flick this on. Also works as a general privacy overlay, but if you need a real VPN, please build one yourself with WireGuard, OpenVPN or SecureStack. Or install a true VPN client from this list.
Technical Skill: Medium
Link: https://hoxx.com/
Technical Skill: High
Link: https://noscript.net/
uMatrix:(Firefox only) This extension acts like a application aware firewall. You can block any part of a http/https request including sender, request type, header contents, etc. This extension requires some technical understanding so if you are not technical and you install this, all thats gonna happen is that it will block javascript and other components running on the websites you visit, which is of limited value unless you are going to some really dodgy sites. I’ve just started using this extension so I don’t know how much it will supplant Ublock Origin and some of the other extensions I’ve listed above. Because this extension requires technical skillz it will be of limited value to some people who would probably be better served by a bundle of extensions including Ublock, Privacy Badger, etc. Regardless, this extension is on the list because in the right hands it is pretty powerful.
Technical Skill: High
Link: https://addons.mozilla.org/en-US/firefox/addon/umatrix/
