Your operating system is a pretty important part of your computer. Without it, your computer will simply fail to operate and be rendered useless. It’s not just your operating system that is important to your computer. It is often not appreciated just how important your web browser is too. As more and more computer tasks are completed online, using cloud services and other software that operates from within the web browser, it’s important to get the right balance between security and usability. Perhaps you already take your security serious and it is one of the reasons you are using Linux on your computer. When it comes to choice of web browser, there is a myriad of options available. Some are good, some are bad. But if you’re serious about security, then I can recommend no other web browser other than Firefox, from Mozilla. Web browsers are usually shipped in a pretty naked state. Sure, they work and security is considered, but we should always take maximum advantage of the ability to be able to install add-ons, because they have the ability to not just improve the security of Firefox, but make it one of the most secure web browsers available and also provide the user much more usability.
If you enter the search term “essential add-ons for firefox” into your favorite search engine then you will probably be presented with a million or so results which pretty much read similar. The problem with most mainstream technology websites is that they are usually copy/paste jobs from the authors, who instead of presenting their readers with real-world comments based on real-world usage, they will instead copy the text from the add-ons official web page and paste it into their article. For OSRadar, don’t be fooled by this article’s title. I intend to be doing things a little different to the mainstream and present you with the list of add-ons I use and will explain why I use each one by offering a brief explanation on the specific add-on and a few short personal comments of my own experience. That way, you’re getting the real experience from a real geek, rather than a copy/paste job which we loathe here at OSRadar.
Let’s start.
———-
Here is a screenshot of my own Firefox web browser Toolbar which shows most of the add-ons I use. If you’re familiar with Firefox add-ons then you might recognize some of the icons. Actually, some add-ons do not even have Toolbar icons present, so to complement the screenshot I am posting a complete list (in alphabetical order) which lists all of the add-ons I use.
List:
- Adblock Plus
- Auto Tab Discard
- Avast Online Security
- Chameleon
- Change Geolocation
- Cookie AutoDelete
- Don’t touch my tabs!
- DuckDuckGo Privacy Essentials
- Ecosia
- Enhancer for YouTube
- Facebook Container
- FoxFilter
- FoxyProxy Basic
- Ghostery
- Greasemonkey w/ Anti-Adblock Killer script
- History Cleaner
- HTTPS Everywhere
- I don’t care about cookies
- Image Block X
- Javascript Switcher
- Lilo
- Negotiator
- NoScript
- Privacy Badger
- Privacy Possum
- Private Bookmarks
- Qwant Lite
- SoundCloud MP3 Downloader
- uMatrix
- WebRTC Control
I am not going to make any proposal that you go ahead and install all of the same add-ons as I run. Which ones you choose to install and which ones you choose to ignore is entirely up to you. But I offer the best advice I can provide based on my personal experience with each one.
———-
Adblock Plus
When you think about ad blocking add-ons, the first that comes to mind is usually either Adblock Plus or uBlock Origin. The latter is a great alternative, however I find that Adblock Plus lives in harmony better with other add-ons installed and that is why I use it. But to be fair, they are both good and both effective. Adblock Plus will block all forms of web advertising and banners, cleaning up sites and presenting you with a much cleaner and lighter experience. The process does use a limited amount of CPU resources but it is necessary to the process of ad removal.
Auto Tab Discard
I still prefer to use Firefox explicitly as a window-based web browser and don’t rely on tabs too much. Auto Tab Discard is used as a safety net and I have set pretty strict rules in its preferences, which will prompt Auto Tab Discard to kill off inactive tabs after just 3 minutes and having exceeded any more than 1 tab per window. Like I said, Auto Tab Discard is there as a safety net and it rarely gets called to action, however I take comfort in knowing it’s ready to eliminate any possibility of excess tabs being left open.
Avast Online Security
Avast Online Security analyzes sites you visit and offers a security reputation indication. If you’re surfing any questionable sites or are unsure of the security of a particular site, Avast will advise you if there is any significant security risk present. The reputation indicator works most of the time, however it still fails to provide a reputation on some sites. In the event that you encounter a site Avast fails to provide a reputation, you can actually make your own assessment and tell Avast whether you trust the website or not by giving it a “Thumbs Up” or “Thumbs Down”. But most of the time, it’s pretty reliable and well worth consideration.
Chameleon
Chameleon is a neat little browser user-agent spoofer. I use Firefox Nightly with Chameleon to spoof my browser version as the latest stable build of Firefox. When using Nightly builds some sites occasionally freak out due to using an officially unrecognized build of Firefox. Spoofing the browser user-agent with Chameleon resolves this problem and offers an extra layer of security in the process by concealing your actual browser user-agent.
Change Geolocation
As useful as the HTML5 geolocation identification feature can be, it can also be a major security flaw. As I don’t actually rely on geolocation for any sites I visit, so I use Change Geolocation to spoof my real location. Obviously the real location of an internet connection can still be determined by IP detection. Change Geolocation does not try to conceal the IP or its location. It is not what it is designed to do and for that type of security feature you would be best to invest in a VPN service. Change Geolocation is limited to spoofing the HTML5 geolocation feature inside the web browser. Spoofing your geolocation with Change Geolocation is an essential, I reckon.
Cookie AutoDelete
Cookie AutoDelete is actually one of the first add-ons I install on a new Firefox installation. It’s pretty self-explanatory, really. It automatically deletes unused cookies of sites that have been closed in Firefox. Left-over cookies loitering around the system can be a major security flaw and they’re best deleted once their purpose has been exhausted. When needed, they’re simply re-created. It has an auto-clean mode and also a white-list feature to add sites that you prefer to keep cookies active. Sites added to the white-list will not be deleted automatically, unless you do it manually.
Don’t touch my tabs!
This is a rather odd named add-on but very useful. It actually patches a security weakness that is so rarely considered. When you click on a hyperlink and it opens a new window or tab, it can also prompt changes to the previous window or tab you were pushed from. Don’t touch my tabs! stops this and doesn’t allow the previous page to be changed. A nice security addition to the overall collection.
DuckDuckGo Privacy Essentials
DuckDuckGo Privacy Essentials offers secure web search in addition to site security grading and a tracker blocker. I primarily use it for its site security grading feature and find it very useful for determining which websites will offer you better security. It grades sites traditionally using A, B, C, D etc. It also increases the security of websites too by blocking tracker elements which also increases the security grade overall. Many websites are upgraded before they are rendered inside your browser. Sadly, Facebook, Google and Microsoft websites rank the worst for security. DuckDuckGo Privacy Essentials is a nice complement to Avast Online Security.
Ecosia
While Ecosia doesn’t offer any added browser security, it is an essential add-on for the Ecosia search engine. Unless you use Ecosia then you can ignore this add-on.
Enhancer for YouTube
If you use YouTube, then you must have Enhancer for YouTube installed too. It removes ads and other annoyances from YouTube videos that get forced on you by Google. Plus it adds a feast of other features which once you become accustomed to their presence you will be left wondering why YouTube doesn’t come with the features by default.
Facebook Container
We all know how aggressive Facebook can be with its trackers and advertising elements. It’s quite ridiculous actually. That’s why Facebook Container was developed. It will effectively sandbox your Facebook session and its trackers, and protect your system. If you use Facebook, then Facebook Container is just another essential.
FoxFilter
I can be quite critical sometimes about filtering mechanisms of internet connections. Especially when they’re implemented to restrict and censor a network. I also like to clarify that if a filter is implemented to provide security and not censorship, then that’s ok. That is precisely what FoxFilter does. It filters your web browser traffic from inside Firefox and will halt access when necessary by presenting a prompt screen which requires the user to manually approve the access request if they are sure they want to proceed. When implemented correctly FoxFilter can protect your family from unwelcome websites and stop pesky web elements. While it is possible to block websites with FoxFilter, I primarily use it as a safety mechanism of security caution rather than a blocking tool.
FoxyProxy Basic
My uncompromising advice is if you use a proxy server and Firefox, then you must install FoxyProxy. It is certainly possible to use the built-in browser proxy settings to connect to your proxy server, but it’s also a pain in the rear-end if you regularly switch between different proxy servers or want to enable/disable the proxy and revert to direct internet access and bypass the proxy. FoxyProxy does a much better job than the built-in settings and also makes it extremely simple to turn it on and off with the click of a button. I run a Ubuntu server running Squid proxy, so using FoxyProxy to connect to the Squid server is so simple and effective.
Ghostery
Adblock Plus is the go-to for ad blocking for most users. Ghostery could be considered the go-to for tracker blocking. Ghostery is a market veteran and gets a lot of respect by its loyal users. It is one of the best tracker blockers available and will detect almost any annoying tracker you throw at it, with a bonus ad blocking function to boot. While I prefer to use Adblock Plus for purpose-built ad blocking, Ghostery does not interrupt with the functions of Adblock Plus and the two can happily coincide together without any problems. In fact, it’s a good thing to have both installed because if anything is missed by Adblock Plus, then it will most likely be captured by Ghostery’s filter.
Greasemonkey w/ Anti-Adblock Killer
It should be pretty obvious by now I’m an absolute hater of ads. While their benefits to independent media sites can be debated, I maintain my personal vendetta against all forms of internet advertising and continue my all-out declaration of war. In my arsenal of weapons I have Greasemonkey, which is a user-script add-on which allows users to run purpose-built scripts to add additional browser functionality. Although Greasemonkey is capable of so much more, I limit its usage to running the Anti-Adblock Killer script. The script will attempt to block those annoying notifications that pop-up on some sites advising the user they are running an ad blocker and it’s not appreciated. While the script works successfully generally, it sometimes does fail to stop the notifications. Still, I find it a nice addition to other installed ad blocking add-ons, even with its limited success which is still a benefit for almost nil performance overhead.
History Cleaner
It’s not only security you should take serious. You should also take your privacy serious too. History Cleaner is another self-explanatory add-on. Set the number of days you want to keep your browser history and History Cleaner handles the rest. Simple and functional. I set my own to a 3 day threshold. After 3 days, items in the history are removed automatically. It’s a great add-on which is basically set-and-forget.
HTTPS Everywhere
HTTPS Everywhere is developed by the awesome people at Electronics Frontier Foundation, or EFF. It’s probably one of the first add-ons you will install, if not the first. The ultimate goal of HTTPS Everywhere is to encrypt your site connections by forcing HTTP connections to use their HTTPS encrypted protocol instead. While not strict in function by default, it will pass on HTTP requests to HTTPS where possible to ensure security is maintained. You can force all HTTP requests to HTTPS and have HTTPS Everywhere drop any non-encrypted connection, but I’d advise against this as there are still some legitimate websites that do not implement HTTPS. Disabling access by dropping HTTP requests will most likely just break your web experience. Smart HTTPS is also a good alternative to HTTPS Everywhere, with the same basic functionality. But for now, I stick to HTTPS Everywhere.
I don’t care about cookies
Do you ever get sick of sites presenting you with notifications advising you that they want to install cookies? Well, the notification has good intent and in some zones like the EU it is enforced by law. As good as the intent may be, it can also be very annoying when it constantly happens when you frequently bunny hop from site to site. The I don’t care about cookies add-on stops those notifications. Period.
Image Block X
Image Block X is, well, an image blocker. When enabled, it will stop images from loading on a site and render text and bare design elements only. I use it for specific development purposes and only very occasionally. Therefore, I leave it disabled by default until it is needed. Otherwise, it will simply make your web experience intolerable, and in some cases specific functionality on sites will simply become inaccessible. I still find it an essential addition to my add-on collection though, even if it is disabled by default.
Javascript Switcher
Much of the internet is built around elements that rely on Javascript, or JS. Javascript Switcher allows you to disable those JS elements. As with Image Blocker X, I use Javascript Switcher for specific development purposes and leave JS enabled most of the time. Otherwise, the internet with JS disabled can lead you to the point you’ll want to smash your fist through your monitor. It is often not understood how much of the internet relies on JS until one disables it, to find barely anything functions as needed. Install Javascript Switcher, but leave JS enabled by default.
Lilo
While Lilo doesn’t offer any added browser security, it is an essential add-on for the Lilo search engine. Unless you use Lilo then you can ignore this add-on.
Negotiator
Negotiator is the most recent add-on for Firefox I have discovered. I actually stumbled across it by mistake. When reading its description I got curious. I have been so impressed with it, it has actually found a permanent home inside my browser. When you load a site, Negotiator will list all the connections made and allow you to change the status of each connection, by allowing the user to pass or block the specific connection. Negotiator kind of acts like a per-connection firewall within your browser. Extremely useful, but also very specific in its purpose.
NoScript
You will either love NoScript or you will hate it. If you persevere with it, you can learn to love it. But I do recommend only the advanced users stick with it. NoScript displays all script elements loaded on the current web page. It allows you to temporarily or permanently allow/block a specific script. Most of the time, I leave it disabled globally unless I know I am about to visit a site which has specific script elements that I do not wish to load. If you leave it enabled all the time, you will quickly find out NoScript has the power to break your internet. It’s powerful, but must be used sensibly. Unless you’re confident in your abilities, you can leave this one alone.
Privacy Badger
Privacy Badger is another useful add-on developed by the folks at EFF, that also develop HTTPS Everywhere. Privacy Badger can complement Adblock Plus and Ghostery. Although it is capable of acting as the sole tracker blocker, I use it to capture any trackers that manage to escape the wrath of my other add-ons. Privacy Badger also provides the ability to allow cookies for each tracker it detects or disallow cookies while still allowing the tracker process to run. It sounds complex, but with Privacy Badger it is made so simple by the clever user-interface. You can also use it to just block the trackers completely if you prefer. It is quite powerful, but I don’t find it quite as effective as other add-ons to be dedicated to the role on its own. I’ve always found it works best paired with Ghostery.
Privacy Possum
Privacy Possum is another complementary add-on to other tracker blocking add-ons. Privacy Possum aims to “monkey wrench” tracking data by falsifying the data which trackers attempt to gather. With the combination of other tracker blocking add-ons I run, no data should be tracked anyway. Still, if data does manage to escape then it can be dealt with by Privacy Possum as a last resort mechanism. It is another set-and-forget add-on that once installed requires almost nil interaction by the user.
Private Bookmarks
Surprisingly, Bookmarks are often not prioritized or accommodated by other security add-ons. You can encrypt almost every other element of Firefox, yet Bookmarks get left wide open for easy access by anyone. Upon a recent web search of just why this is the case, I was led to the Private Bookmarks add-on which does exactly what the title suggests, it keeps your Bookmarks private by encryption. To access your Bookmarks, you are required to decrypt them with a user-set password. Seems pretty logical, right? It leaves me to wonder why there is not more add-ons for Firefox that provide this feature which seems like something that should be standard practice.
Qwant Lite
While Qwant Lite doesn’t offer any added browser security, it is an essential add-on for the Qwant Lite search engine. Unless you use Qwant Lite then you can ignore this add-on.
SoundCloud MP3 Downloader
Another self-explanatory add-on, for SoundCloud. If you are a SoundCloud user, then you will probably want to install SoundCloud MP3 Downloader. It simply adds a Download button to SoundCloud audio clips, allowing the user to download the track in-full and save to a MP3 file. Neat and oh so simple.
uMatrix
If you want ultimate control of the connections Firefox makes to a site, then uMatrix is the tool you will want. It is extremely advanced and very powerful. It provides the user a connection “matrix” (or table) of all elements of the page and connections made. You can allow/block access of an element based on their connection which can essentially limit the connections made for specific elements of the page. It’s complex, but once you learn how to harness its power it quickly earns respect. Personally, I leave it disabled most of the time unless I specifically want to block access of specific elements of a page, or a specific connection to a specific server or domain. Even when disabled it is still actually very useful as it remains in what I have dubbed “monitor mode”. Even examining the matrix in monitor-mode you get a good understanding of what connections the page is making and where specific elements are being pulled from. Again, this is definitely an add-on for the advanced users only.
WebRTC Control
Why WebRTC is still enabled by default is beyond me. It does nothing more than leave wide open a big security weakness. Patch it with WebRTC Control. Thankfully, once installed you won’t have to do anything with this add-on. It literally takes care of itself.
———-
Where do I get the add-ons?
All of the add-ons listed above can be found on the official Firefox Add-ons site here.
The Anti-Adblock Killer script for Greasemonkey can be found here.
What about function duplication?
When you have two add-ons that perform the same set of functions, I dub this “function duplication”. In my many years of experience with Firefox web browser and testing out just about every add-on known to mankind, the included add-ons recommended in this article are the actual add-ons I run in my own Firefox web browser and the ones that I personally believe are the most useful, for improved security and usability. Function duplication, by example, is when add-on A and B may both do function 1 and 2. However, it’s reasonable to conclude that while A might do 2 better, B might do 1 better. It’s a simple formula, but one that sometimes fails. Not all add-ons work in harmony and some actually do conflict and the result will be a crippled web browser rendered useless. It’s about finding the right combination of add-ons that can work in harmony. You need to tailor your selection of add-ons to your usage preferences and configure them to suit your own daily internet habits. We’re all individual and we all have different habits and preferences. There is no one universal rule for everyone.
Conclusion
Maximum security while retaining a reasonable amount of usability is the ultimate goal. The network I have Firefox connected to benefits from a Pi-hole server. Pi-hole is a product of genius and once connected to a network and computers point DNS requests to the Pi-hole server, it will effectively block all ads across the entire network on the connected systems. It almost eliminates the need for ad blocking add-ons to be installed. However, although Pi-hole removes the ads it does leave the placeholder intact. This is where add-ons can assist. They will remove the placeholders left behind. Working together in tandem, Pi-hole and Adblocker Plus eliminate almost any chance of ads making their way into your view.
There are some catches that you need to be aware of. The more add-ons you install to Firefox the more resource intensive it will become. Some add-ons use more CPU and some use more memory. So be careful how many you add and make sure your system can handle the amount of add-ons you decide to install. Stick within the limits of what your system and its hardware can handle.
Also, all the extra add-ons do have a slight negative effect on your internet connection speed and page rendering return rate. The slight reduction in speed is negligible and you will have to decide whether the added security and usability benefits outweigh the extra network or system overhead. I operate an extremely complex network which is designed for maximum security. It involves a complicated series of network switches and sub-routers designed to implement QoS and net balancing functions, all wrapped inside a network with several layers of firewall protection. For me, most of my network overhead is a result of the long route network traffic navigates, passing through Pi-hole and Squid proxy servers along the way. Therefore, my internet speed carries probably more overhead than most, but is certainly acceptable for the added security benefits. If you’re on a fast network connection, then this might not pose any problem for you. But if you are on a slower speed, what add-ons you install might have to be a carefully considered decision.
