Personal web security setup review

Recently I became very interested in hardening my web security policy and the courses helped a lot. Here’s my setup, please feel free to comment if it’s too much or not.

  • I am connecting to the Internet using a VPN paid service.

  • I am using Firefox (latest version) with the following addons:

  1. LastPass - storing my passwords using encryption

  2. Quick Java plugin - I have F, J, SL, RTC and GL disabled

  3. uBlock Origin - Medium mode

  4. HTTPS Everywhere plugin

  5. McAfee WebAdvisor - for safe search results (similar to WOT) and checking for malicious downloads.

  6. The StartPage search engine instead of Google.

Also, I am running Firefox sandboxed using Sandboxie.

Finally, I am running McAfee LiveSave locally on my PC.

Any comments?

1 Like

That looks pretty solid; Light years ahead of most people. What about email. Phishing attacks and the like. I cover this in Volume 4 so not covered yet. But have you put any thought around email security/privacy?

1 Like

No, I have no email security policy in place. I am currently using gmail for my main account and yahoo for my secondary one, both with 2-step authentication. Nothing more.

The 2 factor is good. You might want some more end point protection bits and bobs but thats all. Like a roll back solution.

I used to use more Firefox plugins to minimize fingerprinting but recently decided that the fewest possible plugins from trusted sources is best, for privacy and security. At least - as trusted as you can be.

You have some things in your setup that I have not heard of before and will check out (Sandboxie, for one) - although I believe that the most recent Firefox versions are going to sandbox on their own, so to speak.

Firefox:

  • Privacy Settings - plug in does some default group settings in Firefox based on desired security / privacy levels
  • https Everywhere
  • NoScript - indispensable plug in from my perspective
  • Privacy Badger - with the option to turn off WebRTC enabled
  • A common and popular password manager plugin

Email:

  • I use two email services, both of which offer encryption. Posteo allows me to manage all of my own keys; the other is ProtonMail. I can use Thunderbird (and EnigMail plugin) or the FirefoxMailvelope plugin with Posteo.

Other:

  • I block Google and Facebook at every turn and I minimize use of their products. Facebook for sure, Google is hard to avoid given my use of Android. Moved away from Gmail due to privacy concerns some years ago.
  • I isolate my real email address with a domain name registry.
  • DuckDuckGo search
  • Norton on any windows machine or Android phone but I mostly use Linux desktops / laptops
  • Turn off mobile GPS whenever not needed
  • VPNs: Mullvad; IVPN; Disconnect
  • Usually use OpenNIC DNS servers on my routers - although they can disappear from time to time
  • DD-WRT or OpenWRT router software where possible (newer high performance and recently released routers aren’t usually supported right away, though)
  • Isolate network traffic that won’t operate as desired when routed through VPN to a separate network router and segments (Amazon Fire TV, Netflix, various TV’s and home entertainment devices with network connections)
1 Like

Firefox does operate a type of sandbox yes. But it sometimes fails due to vulnerabilities which is why you add another layer.

A good list here.

1 Like