Andrew Breese

Musings of a professional geek

New Firefox and Handy Chrome Extensions, bloat & Security.

Even after reading that my old favouraite browser Firefox is making a comeback, I think it will be a while before I try to abandon Chrome; and the reason is the integrations and extensions are great for security and quality of life. I also think it is best to keep the number of extensions limited, because that in-turn might keep memory bloat down and should limit unknown future vulnerabilities.

  • Fair AdBlocker – a browser ad blocking widget, which is mandatory to me; especially as there are websites where I am very happy to see their ads and you can choose what to see.
  • uMatrix – javascript controller, which lets me block/allow scripts specifically by page and domain. Javascript is a nightmare for good security as it is so easy to exploit, and I’m hoping this widget will make that less likely.
  • a few GoogleDoc related plugins, but not all of them, as each adds bloat. I do love GoogleDocs, sure they lack a few features, but they are pretty amazing.
  • a password manager, I’m not goiung to say which (because while everyone should be using one, I don’t think I should give a hacker an easy start), but its one of the big ones and is excellent in terms of features and ease of use UI.
  • HTTPS Everywhere – which tries to force your browser session to always use the https protocol; in plain terms that means your should be a little safer.

Thats it.

Understand too that enabling widgets and extensions also introduces risks too. Who created it, are they seeing your traffic in real time (like many of the spell-checkers)? What information of yours do they store externally? What if they are hacked? Recommend being smart and using as few as possible.

Back on browser choice – Chrome is plenty fast as is, has a linked ID to my home PC and phone so my bookmarks will sync between devices, and does not crash. The ad blocking and password manager are tools I cannot live without. And although I’ve ony be using uMatrix for a very short time it has already impressed.

One key feature I read about recently was having FireFox tell you if the site you are visiting is also listed on HaveIbeenPwned (via Lifehacker) – such a great widget idea, and one that has been written as a plug-in for Chrome and others for a long while.

I really recommend registering for HIBP too; in fact I registered my families accounts for them.

Happy & safe browsing folks.

Advertisements

One response to “New Firefox and Handy Chrome Extensions, bloat & Security.

  1. Typhoonandrew November 28, 2017 at 2:58 pm

    Additionally the InfoSec pages of Stack Exchange have a godo write up on why browser extensions typically should be blocked and not trusted, essentially endorsing a very critical eye for any which are used, and to consider them an attack vector.
    ref: https://security.stackexchange.com/questions/174409/are-there-objective-reasons-to-not-allow-google-chrome-extensions-but-to-allow

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: