RoboMan's Do's and Don't's for browsing safety

[Prorootect]

Very good topic, thank you RoboMan!

To consider these add-ons / extensions:

On Chromium forks: Slimjet, SRWare Iron, Cent Browser, ..
(look on Chrome Web Store)
ContentBlockHelper version 10.2.0
Script Blocker for Chrome 4.0
ScriptBlock 1.4
(these three from above, they work well together)
ScriptSafe 1.0.9.1
Browser JSGuard 1.0.0.17 (Content/Heuristic based JS & HTML malware protection ...) - to be able to download on Chrome Web Store, click on the link on developer website End Point Security: Browser JSGuard
UltraSurf VPN 1.5.3
Adaware AdBlock 1.7.0.97
Chrome Adware Removal 1.3.10 (in Options/General - tick two boxes Block JavaScript alerts .. very good feature!)
User-Agent Switcher 0.1.9 by chYer
Remove Google Redirect in Google Results 0.0.1 (disables the JS function that adds redirect to Google Search Results)
Pure URL 1.0.4 (Removes garbage like "utm_source" from URLs)
Link Me Not 0.1.1.0
You have too on Chrome Web Store Fair AdBlocker 1.404, ZenMate Web Firewall, JavaScript Popup Blocker, HTML Content Blocker, Quick JavaScript Switcher ..
...

On Firefox (and some on FF forks like PaleMoon, New Moon) , ..
QuickJS
GNU LibreJS
Browser JSGuard
Disable WebRTC
Link Alert
No Coin
Pure URL
Random Agent Spoofer
Adaware AdBlock
No Script and RequestPolicy are too brained for me ... I use QuickJS very simple, sufficient and efficient!

To bold the font, I use Font Contrast Fix (on Chromium forks: Darken Text) - very good these two!
In Firefox about:addons Tools - untick Update Add-ons Automatically option, if not - some of your extensions are soon deleted cause webextension move of Firefox ...
You must know all these extensions, so sorry to remind you of them!

 

[LukeLovesSecurity]

I've started using Brave and it takes care of everything. I keep Firefox for when Brave can't load a site properly, even with shields disabled, probably because it is still in beta. I also like to use AdGuard over uBlock. I would only use uBlock if you need a light configuration, as I've noticed AdGuard is better at blocking things... That's just my experience.

I also advise you don't use Cyberghost or ExpressVPN. ExpressVPN only allows one device to connect, and Cyberghost is one of the worst VPN's as far as privacy. I would edit it and recommend NordVPN, IPVanish, and Private Internet Access. They are much more secure and trustworthy.

Last thing I want to mention is to use the Avira add-on over Bitdefender. Bitdefender is decent, but Avira has almost 100% detection ratio, an unbeatable detection rate.

Besides that, this is a great guide. Keep em coming!

 

[RoboMan]

I've started using Brave and it takes care of everything. I keep Firefox for when Brave can't load a site properly, even with shields disabled, probably because it is still in beta. I also like to use AdGuard over uBlock. I would only use uBlock if you need a light configuration, as I've noticed AdGuard is better at blocking things... That's just my experience.

I also advise you don't use Cyberghost or ExpressVPN. ExpressVPN only allows one device to connect, and Cyberghost is one of the worst VPN's as far as privacy. I would edit it and recommend NordVPN, IPVanish, and Private Internet Access. They are much more secure and trustworthy.

Last thing I want to mention is to use the Avira add-on over Bitdefender. Bitdefender is decent, but Avira has almost 100% detection ratio, an unbeatable detection rate.

Besides that, this is a great guide. Keep em coming!

Thanks! Sadly, 24 hours after creating the topic, it cannot be edited any further But we can keep adding things to the thread in the comments

I'm using ExpressVPN, and it allows unlimited devices and 3 devices connected simultaneously. I've heard great stuff about it, despite the limit on the active connections, and no logs policy

 

[Prorootect]

I found, that the "GNU LibreJS" Firefox add-on leak your location on the Google results page (Google notation at the bottom of the page: "Unknown - use precise location" is missing if this add-on is enable) - so I did removed it...

.. maybe cause "Complain" button appearance ...

..maybe cause this addon disable JavaScript, so Google is not able to post its "Unknown - use precise location" notification - yes this is the cause rather ha hmm so no problem with this add-on, sorry for this post! well

 

[Daljeet]

Encrypt your data before uploading to cloud services
Don't upload sensitive data
Offline backup is more secure than online
Disable auto-upload to cloud
Take 2-3 backup copy of important data

 

[Prorootect]

GitHub - carsonjones/KittyReplace: A Chrome Extension to replace Animated GIFs .. from GitHub developer's page: "Simply hit the icon and all animated GIFs will be replaced with adorable kittens."
.. so to replace - hit the icon.
Test gifs page: varzesh3.com: ورزش سه‌ :: صفحه اصلی To delete these kitten on the page, refresh the gifs test page, and in ContentBlockHelper forbid placekitten.com, then hit the icon. No more kittens, no more gifs, no more gifs emplacements, parfait.
Another test page with gifs: buffer.com: The Best GIFs for Social Media
-then hit the icon.

 

[Prorootect]

It works , it works very good - it block javascripts - this new (to me) chrome extension!

It blocks the nag login twitter screens! - by block some two js: on abs.twimg.com especially! (- but you're able to make this same in ScriptSafe or another script blocker..)

- EDIT: [Eg in one of my script blockers (ContentBlockHelper) I blocked in abs.twimg.com - all "k" javascripts, and above all this one: hxxps://abs.twimg.com/k/en/init.en/d99.......js - so no more nag twitter login screens, but no animations too, sadly ..
Does anyone have similar problems with twitter, please?]

This one new chrome extension: Content-aware Ad Blocker: Content-aware Ad Blocker

Description:
"Experimental new ad blocker using machine learning to identify unwanted ads on pages and remove them. Use at your own risk!
Improved ad blocker using cutting-edge machine learning techniques to identify advertising and user tracking on websites and prevent the unwanted content from loading.

Still in early testing - use at your own risk!" ...

-so I risked - and I'm very happy with! It's safe, of course.

Home page: samuelhkahn.github.io: Content-Aware Ad Blocking

______________________________________________________

..and another gift from chrome web store:

Block Malicious File Downloads: Block Malicious File Downloads

- very good!

 

[Andy Ful]

Let's talk a little about privacy and security online. There's a huge debate lately about wether privacy is a thing or takes place no more.

In ending 2017, more and more companies stick to the hype of sharing logs and internet history to federal agencies as the law can't be avoided.
More and more cyberattacks are taking place through the browser and through e-mail.

So, is there something we can do to minimize the risk and our data sharing? We can go through the basics:

Top

DO's

1. Have installed an antivirus with web module. I'd risk it and say all of antivirus contain one. This module is in charge of injecting the browser to give you a better internet experience, blocking phising sites, malicious downloads and beyond. Strictly a must on this era.

2. Equip your browser with safety extensions. Make it hard for cybercriminals to track you or infect you. Great extensions to add to your browser may be:

• HTTPS Everywhere, to ensure safety connections
• uBlock Origin, to block all (malicious and not) ads
• NoScript, to cut off all scripts that intend to run on the sites you visit
• PopUpBlocker (strict) to avoid redirections and popups to malicious hosts
• BitDefender TrafficLight, if you have no antivirus with web module

3. Block all internet tracking. All sites track you and it's a fact. They get your IP, preferences, whatever you do on the site. They get a full doc file on you to sell to advertising companies so they offer a better ad experience. This is a huge attack to your privacy. Avoid it by configuring your browser on a lockdown mode and/or installing an extension like Disconnect to block all tracking.

4. Use a VPN on every network that is not your own, or if you suspect yours may be compromised or even used by third parties. VPN will not only hide you on the web, but encrypt all the information sent through it, making it kind-of-impossible to be cracked and intercepted by cybercriminals. Not using a VPN could end up on your login informations being leaked and sensible information on hands of strange people. Good VPN options are:

• AirVPN (best for me, most secure)
• CyberGhost
• ExpressVPN

Before installing VPN, be sure you search for reviews on the one you chose so you don't get surprises as logs sharing with federal agencies or sold to advertising companies. Use VPN on all your systems, even phones.

5. Always keep your browser up to date. This way you make sure all potential issues and vulnerabilities are quickly fixed and solved. If possible, set to auto-update. As well, keep your Windows/OS updates fresh. This could significantly help make your browsing safer.

6. Create long, strong password for your accounts, and repeat no password on two accounts. Use password generators to create safe passwords hard to crack, and use a different one on each account. Use a password manager to help your memory and avoid problems when logging in. Do not use dictionary words on your passwords.

7. Be equipped with a decent firewall to avoid connections to be created outbound or inbound your system.

8. Use two factor authentication on all supported accounts. Avoid getting hacked by your own fault or databases leaks.

9. Disable hardware while not in use, especially camera and microphone. (you can cover your camera with tape)

10. Use on-screen keyboard when signing into your accounts when you're not in your regular PC. If possible, avoid logging in when not in your devices.


DON'Ts

1. Do not download any not-verified/not-trusted files from the internet. Be sure all files are digitally signed and reviewed by internet users.

2. Stay away from sites like Softonic or similar which will try to add PUP through installers. A good option to avoid this is installing UnChecky on your system, which will automatically disable all extra software trying to be installed through other installers.

3. AVOID internet piracy on all cost. Piracy does not only harm developers but are a potential threat to your safety. Cracked software are ilegal, MODIFIED copies of legit software. This means, despite the software may be succesfully cracked and ready to use, extra lines of code could have been added to the executable and be running in your system on the background.

4. Don't be a happy clicker! As an internet user, you should already know:

• Myriam doesn't really want to meet you and indeed she does not live 3 KM from your house
• You aren't the visitor 1,000,000 who will be rewarded an iPhone XI (that one hasn't even come out)
• You don't have to download an invoice from a stranger just because she sends it to you

5. Never give permissions to any app on social networking sites unless strictly necessary and 100% trusted signed apps.

6. Don't use your real daily e-mail to sign in or log in into sites. Use temporal or secondary ones to avoid unwanted spam.

7. Do not give your e-mail on any site that asks, and do not log in wih Facebook or Google on untrusted sites.
Not all the software in the world can protect from the worst malware ever: YOU. Rule #1 on internet: trust nobody.

Do not trust giveaways from non-trusted sites. Do not trust banners saying you won something. Do not trust suspicious emails with attachments. Do not click links given to you even if they seem legit (could be a fake hyperlink).

If you know what you're doing then most risks will be minimized.

Stay informed, stay protected and if you doubt, then don't do it.

PS: feel free to add anything in the comments to help new people and i will add it to the thread.

They are all very true and potentially helpful rules. But, each addon is also a kind of vulnerability. Also, the problems are: human nature and probability.
The human nature --> the usability always wins over security.
The probability --> with something like uBlock + good signature AV + web browser with sandbox + 1/4 of brain, the probability of infection when browsing is very small. If one likes visiting dangerous websites the better method is using a virtual machine with blocked microphone and camera.
So, I have the mixed feelings, epecially about DO's rules.
The DON'T rules deserve attention as healthy habits, like using zebra crossings in town.
Of course, anybody who can use all DO's and DON'Ts is much safer than doing the opposite.

 

[RoboMan]

RoboMan's DO for avoiding e-mail spam:

1. Click on the Gear icon at Gmail and select “Settings” from the drop-down menu.
2. In the "General" tab, scroll down to “External content.”
3. Click the radio button next to “Ask before displaying external content.”

This is a way scammers and hackers have to know if your e-mail account is active for spamming. If the client automatically downloads the image attached you'll keep being targeted