How to Modify Chrome To Achieve Improved Security And Privacy

All Chromium browsers use the Google Safe Browsing blacklist to protect users from known dangerous sites. The browsers I have reviewed are Google ChromeComodo Dragon, and SRWare Iron. All have built-in secure sandboxing, which make them especially difficult for outsiders to exploit, and are quickly patched against any known vulnerabilities. However, I have certain problems with Google Chrome.  Although it does have minor privacy concerns, which are discussed on this page and on this one, the major problem I have with it is that it is made by Google. Google is well known for having problems respecting the privacy of others. A good listing of relevant incidents can be found on this page. Because of this I find it very difficult to trust Google Chrome and thus will not recommend that anyone use their products.

Luckily, Comodo Dragon and SRWare Iron do not have these privacy concerns. All of the code has been screened by the developers of these products to make sure that these privacy concerns have been removed. Also, Comodo Dragon comes with the option to enable Comodo Secure DNS, which will automatically stop you from connecting with most malicious sites. I would recommend enabling that, unless you are currently using another secure DNS server and do not want to switch. This will increase the security even higher than what you get by just using the Google Safe Browsing blacklist.

How to Increase Security

If you are using Google Chrome you will want to go to the settings and, at the bottom of the page, select the option to "Show advanced settings". Then select the option to "Check for server certificate revocation". For SRWare Iron you should navigate to the same area and do the same. Then also select the option to "Enable phishing and malware protection". No changes are required for Comodo Dragon.

Use These Extensions
Recommended For Both Beginner and Advanced Users
  • Web of Trust (WOT): With this installed if you happen upon a potentially dangerous site WOT covers the screen with a warning and waits for you to decide whether to stay or leave. If you combine this with your own good sense then you will be protected from many online dangers. Also, if you choose, you can ignore the WOT warning and go to the site anyway. Please note that for sites which are largely concerned with political or religious content the ratings may be less accurate. This is because community driven services such as WOT can become tainted by individual's own biases. However, in terms of malicious sites, phishing sites, scam sites, and similar content, I find this service to be very reliable and I would not go online without it.
  • BitDefender TrafficLight: With this installed if you happen upon a dangerous site, which is blacklisted by BitDefender, it will block the page from loading. These include malicious pages, phishing sites, and fraudulent sites. The only advice I have for this extension is that after installing it you should go to the settings for it and disable the option for "Search Result Analyzer". This is to address a potential privacy concern in which your search results would be sent to BitDefender's servers.
  • Adblock Plus for Google Chrome (Beta): This allows you to subscribe to many different filter lists, which help block unwanted or malicious content. These can be found on this page. You can subscribe to any of the lists on that page, but be aware that subscribing to too many will slow down your browsing experience. I'd advise subscribing to the EasyPrivacy+EasyList combination and Malware Domains. Note that after doing this you can go into your subscriptions and delete the Faboy's List one, as it will now be largely redundant.
Recommended Only For More Advanced Users
  • ScriptSafe: This add-on will block nearly all scripts, and other possibly dangerous content, from executing. This means that even if you stumble onto a dangerous site you cannot be attacked unless you manually add the scripts on that site to your whitelist. Thus you are protected from harmful scripts and many privacy threats. However, many sites use these scripts, and plugins, for legitimate purposes. Thus these sites will not work correctly unless you manually add the scripts on that site to your whitelist. This extension makes this relatively easy to do. Also, under the options you should select ‘Antisocial Mode’. Using ScriptSafe takes some getting used to, but if you are serious about staying safe online then this add-on is a must have.

How to Increase Privacy

All chromium browsers provide users with the option to start the browser in incognito mode. What this means is that if you are running in this mode most privacy traces will be cleared as soon as the browser is closed. This is not nearly enough to adequately protect your privacy, but it is a good start. In addition I would also advise that you change your default search engine to one which is discussed in section 2.

How to change configuration for improved privacy
Recommended For Both Beginner and Advanced Users
Go to Settings and click on the box at the bottom of the page that says "Show advanced settings".
Under the privacy section uncheck the box to "Use a prediction service to help complete searches...". Note that this change is not required for Comodo Dragon or SRWare Iron. Also make sure the option to "Predict network actions to improve page load performance" is unchecked for all browsers. For Google Chrome you will also want to deselect the option to "Use a web service to help resolve navigation errors".
Now open the ‘Content Settings’ and select the box to ‘Block third-party cookies from being set’. This will prevent sites from loading cookies that are not from the site that you are currently on. Thus almost all tracking cookies will be blocked with very minimal negative side effects on your browsing. The only time you may have problems, and need to temporarily disable this, is sometimes when a legitimate site redirects you to another page. That said, in most cases it will work fine.

Recommended Only For More Advanced Users
Under the Privacy section, in the main settings menu, check the box that says 'Do not allow websites to know where you came from (suppress HTTP Referrer header)'. Note that this option is not available in Google Chrome and is not required for SRWare Iron. However, do note that this can cause problems with some websites and may need to be disabled in order for some sites to function properly.
More advanced users may wish to just block cookies globally. Then, when it becomes necessary, they can manually add sites to the whitelist. However, this can be somewhat annoying since many sites will not work properly without cookies enabled. You can configure your browser to do this by going to the privacy content settings and selecting the option to not allow sites to set any data. Then you can allow cookies for individual sites through an icon near the URL bar. If blocking cookies globally is too annoying for your tastes then you can instead use the Vanilla extension, which is discussed below. This will allow you to easily decide which cookies to keep, and which to delete. Although it cannot prevent cookies from being placed on your computer, it does allow you to decide how long unwanted cookies should be kept.
Also, advanced users may want to check the option to delete cookies and other site and plug-in data when the browser is closed. What this will do is that each time you close your browser it will clear all cookies, DOM Storage, and most other data. This means that nearly all information from your previous browsing session will be lost each time. Make sure when you've completed making whatever changes you would like to make to your configuration you select OK to save them.

Use These Extensions
Recommended For Both Beginner and Advanced Users
  • HTTPS Everywhere: This forces many sites, which have the option to encrypt your connection, to actually encrypt it. Therefore your connection with these sites will be much more secure. Although the version for Chromium browsers is technically still in beta I have noticed no problems with it.
  • LastPass: This is a secure password manager with automatic password and form filling. It not only helps protect your passwords, and sensitive data, but also allows you to confidently create strong passwords and change them often. This is very important at times like this where passwords are constantly being stolen from numerous sites.
  • Do Not Track Me: This will help to stop third-parties, ad agencies, and search engines from tracking the webpages you visit. More information is given in this review.
  • Ghostery: When prompted follow the wizard. I recommend that you do not enable GhostRank. Enabling this would allow Ghostery to anomously send information about the pages visited and objects blocked, which would be used for statistical purposes. If you want Ghostery to visually alert you each time it blocks potential privacy problems then leave the option to enable "Alert Bubble" checked. That said, this option is not necessary for our purposes. I would recommend that you select the option to "enable 3pe Library Auto-Update" when given the choice. I would also suggest you select the option to "enable Blocking" and then select the option to block all bugs. This add-on provides protection very similar to that of Do Not Track Plus, but I have seen no problems running both of them alongside each other.
  • Window Name Eraser: This add-on helps prevent sites from identifying you, which is possible even if you have cookies disabled. It is specifically designed to help protect you from evercookies.
Recommended Only For More Advanced Users
  • Vanilla: This is a very good cookie manager for Chromium browsers. However, if you decided to block all cookies globally, as mentioned above, then this extension is not needed. One major downside to this extension is that it can’t block cookies automatically. However, in the options you can select to ‘Auto delete unwanted cookies after 5 minutes”. You can also configure it to clear unwanted cookies on startup. If you decide to use it I would strongly suggest enabling both features. You also have the option to add sites to the whitelist so that those cookies will never be deleted.
Sources techsupportalert.com
How to Modify Chrome To Achieve Improved Security And Privacy
Loading...