The chief developer of the popular alternative Android firmware CyanogenMod thought that requiring devices to report unique smartphone and tablet data would be an unqualified blessing. They reckoned without their users.
Chrome: When you need to send a private email to someone, you don't want it to sit around and be easily readable by anyone. SafeGmail is a Chrome extension that adds PGP-like encryption to you emails, and requires a simple answer to a question to unlock. More »
An option to enable Do Not Track headers landed in today’s Chromium release which web users can make use of to notify servers, websites and scripts that they do not want to be tracked on the Internet. The main aim of Do Not Track is to provide Internet users with an option to opt-out of targeted advertising on the Internet.
The idea here is to provide users with an option in the browser to enable the Do Not Track header there. This has caused some controversy recently when Microsoft announced that it would enable DNT by default for all users of the Internet Explorer 10 browser as it goes against the idea of making DNT a user’s choice (in contrast to a browser developer’s choice for the user).
The browser will send the Do Not Track header with connection requests when the feature is enabled by the user. From there, it depends largely on the advertising companies as there is no legal requirement to accept the request. If it is honored by the advertiser, user tracking is disabled. This does not mean that ads won’t be displayed to the user. The advertisement displayed may however not be as personal as it would have been if the Do Not Track header would not have been included in the header.
Google Chrome is the only major browser that did not support Do Not Track until now. Firefox, Opera and Internet Explorer 10 all support the feature. The feature is available under Privacy in the Chrome settings. The easiest way to get there is to enter chrome://chrome/settings/ in the address bar, scroll down, click on show advanced settings to reveal additional browser preferences including the Privacy section here.
To activate simply check the “Send a ‘Do Not Track’ request with your browsing traffic box. Chrome from that moment on will include the DNT header with all requests that it makes. Expect the setting to go through all versions of Chrome in the coming weeks and months.
There are numerous reasons to make sure that your web browser does not leak information to the Internet or the browser maker if that is not required for functionality that you use. Preferences that handle features such as third party cookies or prefeteching are usually not found in a single location where they can be easily managed.
When it comes to privacy in Google Chrome, preferences can be found on the browser’s settings page and on the experimental chrome://flags page.
The Google Chrome extension Privacy Manager tries to resolve these issues by providing one-click access to these privacy settings. It adds an icon to the browser’s address bar on install that displays all privacy management options that it makes available in the browser.
All privacy related settings can be turned on or off with a single click of the mouse button:
- Third party cookies
- Auto fill – Automatically fill out forms
- Instant mode – Chrome will search for and display search suggestions in the address bar while you type
- Safe browsing mode
- Search suggestions
- Spelling service
- Translation service
- Hyperlink auditing – Chrome can send auditing pings when enabled
- Referrers – Can break websites if disabled
- Network Predictions – Pre-revolsing DNS queries and prefetching websites
- Alternate error pages
You can move the mouse cursor over the information icon to display information about one of the privacy settings; helpful if you do not know how the feature is related to your privacy on the Internet. All settings are privacy related, with some enabled, others disabled. If you do not mind the implications, you get fast access to some experimental features here that you can enabled in the browser. It is important to note that some settings, referrers for instance, may break websites when disabled.
Privacy Manager’s second big feature is the option to clean data on start of the browser. This works similar to the browser’s own clear browsing data feature, but with additional data locations to select. This includes among other Web SQL and File systems.
Chrome: If you tweak Chrome's privacy settings pretty often (like cookies, autofill, history, and others), Privacy Manager puts every single on of those settings in a simple dropdown, with on/off toggles for each one. More »
From your normal users to your power users, just about everyone knows what a cookie is. These days web surfers have become more aware about how sites use and store these small files within your web browser and especially with the amount of privacy talks you read about over the web one ought to understand their rights as a web surfer. We have all types of cookies, session cookies, performance cookies, tracking cookies and so on and so forth.
Chrome/Firefox: When friends on Facebook share a link with the social reader apps popular with web sites like the Guardian or Yahoo, it means you need to install the Social Reader app and share that you just read an article if you want to read it. Unsocialize is a Firefox and Chrome extension that adds a right-click menu to read those articles without sharing or installing anything.More »
I may be old-fashioned in this regard but I prefer websites and companies to know as little about me as possible, unless the information are used for a service that I make active use of. I do not mind Amazon knowing that I’m an adult male, as this is blocking recommendations and offers aimed at a female audience on the site.
The method used tests if certain extensions are installed in the browser, which is different from listing all installed extensions. Here are the technical details on how this can done:
Every addon has a manifest.json file. In http[s]:// page you can try to load a script cross-scheme from chrome-extension:// URL, in this case – the manifest file. You just need the addon unique id to put into URL. If the extension is installed, manifest will load and onload event will fire. If not – onerror event is there for you.
You may still remember the CSS History Leak issue were a list of popular web addresses was used on websites to find out if a visitor did visit those sites in the past. The principle is the same, only the execution is different.
A proof-of-concept page has been created that Chrome users can visit for a demonstration. Chrome users without extensions installed, or other browser users, are not affected by this at all.
This has two implications. First a privacy one, as websites can use the information for a variety of purposes. They can for instance test if an adblocker is installed, or social networking, shopping or pregnancy extensions. Security is the other one. Malicious websites could check if add-ons with known vulnerabilities are installed that are no longer maintained by the author.
According to information posted in the comment section, add-ons installed from a custom-packed extension file or that are loaded unpacked are not recognized by the script.
Stop me if you've heard this one: Once upon a time, you visited a web site that you're not exactly proud of. Let's say the content of said web site rhymes with "corn". And oops! You forgot to go incongnito beforehand. You've frantically deleted the site from your history once you realized your mistake, but from this point forward, every time you type in "po", Chrome helpfully autocompletes the entire URL. THANKS CHROME! More »
Introduced years ago, Do Not Track allows users to opt out of tracking by advertising, social and other web sites that enjoy such data.
However, it’s not coming anytime soon, according to the report, Google Chrome is likely to introduce Do Not Track feature by the end of this year, which is 8-10 months away.
Susan Wojcicki, Google’s senior vice president said, “This agreement will not solve all the privacy issues users face on the Web today. However, it represents a meaningful step forward in privacy controls for users. We look forward to making this happen.”
HTTPS Everywhere Keeps Your Personal Information Safe on Over 1,400 Sites, Available for Firefox and Chrome
Chrome/Firefox: HTTPS Everywhere is a simple extension that, with just a one-click installation, can seriously increase your security on over 1,400 web sites by encrypting your connection. More »
It's no secret that there's big money to be made in violating your privacy. Companies will pay big bucks to learn more about you, and service providers on the web are eager to get their hands on as much information about you as possible. More »
Chrome: fPrivacy is a new Chrome add-on that gives you granular control over the permissions that Facebook apps request when you add them to or authorize them to access your account. For example, if you add a Facebook app and you're not too comfortable with the app's ability to post to your wall, or access your data at any time, you can deny those specific permissions while granting the other ones required for the app to function. More »
Have you ever wondered what advertising sites track your web browsing? Sheepish is an extension for Chrome that shows you exactly which companies are keeping an eye on you for every site you visit and blocks them from doing so.More »
A new Google-funded study of browser security by security research firm Accuvant Labs crowned Chrome the champion of security features, and ranked Firefox below Internet Explorer in terms of protection available from web-borne threats. Predictably, Microsoft and Mozilla have different opinions on what makes a browser secure, and why Accuvant's findings are off base. All of this got us thinking about which browser is the most secure, and whether the security features listed in studies like this even matter to the rest of us. More »
Chrome: Even though every browser has a private mode, it's not always easy to remember to enable it before visiting private sites. Ghost Incognito makes it so you don't have to by automatically opening sites of your choosing in incognito mode.More »
Chrome/Firefox: FB Secure is a Chrome extension that gives you precise control over the permissions that a Facebook application or game gets when you connect it with your Facebook account. For example, if you're connecting an app but don't want it to post to your wall, you can deny those permissions while accepting the rest. More »
Parents fret all the time about protecting their kids on Facebook, but many of the products and services I’ve seen that aim to help are intrusive, and inject the parents into the child’s normal, healthy online social life in a way that’s awkward for both.