I explained in the article Working With Several Firefox Profiles how I'm using several Firefox profiles for certain tasks like normal surfing, testing and visiting secure websites. I'm using one profile to visit my bank's website and any other secure site related to finance and personal information. That approach makes sure that I cannot land on a site that is using a browser exploit to grab the data from those sites. It's basically whitelist surfing.
I only visit those x sites and none other using that profile. Several users have asked me in the original article to list the security add-ons that I'm using in that plugin and I finally found the time to list them here. Please don't be disappointed when you see the low number of plugins that I'm using, each additional plugin increases the risk of a security vulnerability and I like to minimize that possibility as much as possible.
The main add-on that I'm using for the whitelist approach is NoScript which allows me to define exactly which websites are allowed to execute scripts. Since I'm only visiting the same x websites I make sure that they have the permissions they need to work properly. Every other website is blacklisted so to speak.
NoScript takes care of scripts on webpages but ignores cookies. I'm using the same whitelist approach to manage the cookies. CS Lite is the add-on that I'm using for that purpose. Cookies are only enabled on the sites in my whitelist and disabled for every other website.
Those two are sufficient to get rid of most of the dangers that lurk on the Internet. I visit those websites manually all the time which gets rid of most phishing attempts or altered bookmarks. Passwords are never saved for obvious reasons.
I have been using several additional add-ons in the past to increase the security even further. Those are View Dependencies and Show IP but decided to reduce the number of add-ons to decrease the chance that one of them poses a security risk. I can still manually check a website if I suspect it to be a forgery. (Using Opera)
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.