Recently I became very interested in hardening my web security policy and the courses helped a lot. Here’s my setup, please feel free to comment if it’s too much or not.
LastPass - storing my passwords using encryption
Quick Java plugin - I have F, J, SL, RTC and GL disabled
uBlock Origin - Medium mode
HTTPS Everywhere plugin
McAfee WebAdvisor - for safe search results (similar to WOT) and checking for malicious downloads.
The StartPage search engine instead of Google.
Also, I am running Firefox sandboxed using Sandboxie.
Finally, I am running McAfee LiveSave locally on my PC.
That looks pretty solid; Light years ahead of most people. What about email. Phishing attacks and the like. I cover this in Volume 4 so not covered yet. But have you put any thought around email security/privacy?
No, I have no email security policy in place. I am currently using gmail for my main account and yahoo for my secondary one, both with 2-step authentication. Nothing more.
The 2 factor is good. You might want some more end point protection bits and bobs but thats all. Like a roll back solution.
I used to use more Firefox plugins to minimize fingerprinting but recently decided that the fewest possible plugins from trusted sources is best, for privacy and security. At least - as trusted as you can be.
You have some things in your setup that I have not heard of before and will check out (Sandboxie, for one) - although I believe that the most recent Firefox versions are going to sandbox on their own, so to speak.
- Privacy Settings - plug in does some default group settings in Firefox based on desired security / privacy levels
- https Everywhere
- NoScript - indispensable plug in from my perspective
- Privacy Badger - with the option to turn off WebRTC enabled
- A common and popular password manager plugin
- I use two email services, both of which offer encryption. Posteo allows me to manage all of my own keys; the other is ProtonMail. I can use Thunderbird (and EnigMail plugin) or the FirefoxMailvelope plugin with Posteo.
- I block Google and Facebook at every turn and I minimize use of their products. Facebook for sure, Google is hard to avoid given my use of Android. Moved away from Gmail due to privacy concerns some years ago.
- I isolate my real email address with a domain name registry.
- DuckDuckGo search
- Norton on any windows machine or Android phone but I mostly use Linux desktops / laptops
- Turn off mobile GPS whenever not needed
- VPNs: Mullvad; IVPN; Disconnect
- Usually use OpenNIC DNS servers on my routers - although they can disappear from time to time
- DD-WRT or OpenWRT router software where possible (newer high performance and recently released routers aren’t usually supported right away, though)
- Isolate network traffic that won’t operate as desired when routed through VPN to a separate network router and segments (Amazon Fire TV, Netflix, various TV’s and home entertainment devices with network connections)
Firefox does operate a type of sandbox yes. But it sometimes fails due to vulnerabilities which is why you add another layer.
A good list here.