Category Archives: firefox

keeping state kicks ass

It does! What am I talking about? Anything that allows you to cut off a session you’re having, and restore it for later on, just like that. I’m talking that thing all laptops have, “hibernation mode”. The sweet part is that you don’t really have to own a laptop to enjoy the merits of hibernation. You can activate it on any XP system, with the same amount of spare drive space on the C drive as you have RAM in your machine.

I use it all the time really on my desktop PC’s. It speeds up the booting, or it gives me that impression, and I just leave apps open with stuff I’m working on. I do this at home, but mainly at work, where it’s really handy to get right back where you left off. Your cursor will even be blinking at the same spot you left it. Awesome.

Another way to keep state like this is when it’s built right into your software. Firefox does that nicely for example, by restoring all your open tabs from your last surfing session when you restart your browser. Not only is this super-handy when Firefox flakes out and dies on you (rarely, but still, it might happen), but it’s also handy when you stumble across this übercool site when you are late already for some social stuff and need to head out the door pronto. No need to save bookmarks or anything. Just exit, and go.

Keeping state. It rocks.

Photo by lecasio, cc-licensed

the right way to block evil website cookies

I posted about this back in 2004 (whooosh, where did the time go right?), but IMHO the best way to block out any evil cookies from ad agencies, tracking sites, or whoever is putting cookies on your machine, is to use a whitelist.

With a whitelist you only allow a handful of sites to put a cookie in your browser. With a blacklist you block all the evil websites that put cookies on your machine. Problem is the last one might be handier, but it’s simply impossible to know all the websites out there that suck. So by only putting the good ones in, and making sure Firefox cleans up all cookies after you close the browser, you end up with a cookie jar with only the best ones in them. Just the way we like it.

So how do you do this in Firefox 3? It’s quite easy really, and it goes like this:

  1. Open the Options window from the Tools menu.
  2. Open the Privacy tab.
  3. Check the “Accept cookies from sites” and “Accept third-party cookies” in the Cookies panel.
  4. Set the “Keep until” dropdown option to “Until I close firefox”. That way, all cookies will be erased when you close the last browser window.
  5. Click the Exceptions button. Enter the domain names of sites you trust putting cookies on your machine. Only those will be allowed from now on.

You’ll see that your whitelist will be quite limited. If you have a different and complex password for every site, using something like KeePass Password Safe makes login in to your favourite sites a lot easier, and even removed the need of adding not so frequently used sites in the whitelist at all.

This doesn’t protect you from a virus or trojan infection, but it does make it harder to track your online trail for any company that ever displayed a banner on a webpage you have been viewing.

Surf safely!

secure online banking with firefox

When it comes to doing your banking business online I don’t like taking chances. If your Myspace account gets hacked, or someone posts dirty messages on your Twitter feed that can be annoying, but if someone manages to hack into your online banking account you enter a world of pain.

Banking companies spend tons of cash securing their web sites of course, but it only takes a small mistake somewhere along the line to allow bad people to access your hard earned money. So to make sure that the black hats don’t get any favours I’ve created a super-tight Firefox profile that I only use for online banking.

So how does this “Banking Fox” work?
Well, first you create a new profile called Banking for example by starting Firefox with the -ProfileManager command line parameter.
Next you create a new Firefox shortcut somewhere with the command line parameters -p Banking (or whatever you called your profile). You might also want to add the -no-remote parameter to that. That one makes it possible to run the banking-firefox next to your trusty old surfy-firefox.
To sum it all up, you’ll probably end up with something like this:

"C:\Program Files\Mozilla Firefox\firefox.exe" -p Banking -no-remote

Using that brand new shortcut you should be getting the default Firefox layout again, with the Mozilla welcome page. If you’re seeing any customisations you’ve made in your default session, like bookmarks, you’re doing it wrong! Well, you probably didn’t close your previous session (like because you where reading this magnificent post). So to use the new one, you need to close all Firefox instances first. After fully reading this post of course…

Now that we have a profile to use, it’s time to dive into the settings, and make it as secure as possible. Here’s the ones I’ve changed:

On the privacy tab:

  • Keep history for 0 days: no sniffing my browser history kthx!
  • Don’t remember stuff I enter in form.
  • Don’t remember my downloads.
  • I don’t accept cookies from any sites, except my online banking sites.
  • Always clear private data when I close Firefox (and don’t ask either).
    That’s all private data, so be sure to check all those check boxes in the settings window.

On the security tab:

  • Do not remember passwords for sites.
    That’s one I turn off for all sessions btw. It just doesn’t feel like a smart idea.

So if in any way you’re browsing a website that managed to force feed you with some nasty sort of trojan which your anti-virus software doesn’t yet know about, there’s little chance it will manage to figure out your online banking info from your Firefox profile data.
Which is nice.

Photo by Earl G, cc-licensed