“If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”
–Eric Schmidt, Google CEO
“If you want to stay anonymous online, you have to break links at every step”
–Ashkan Soltaini, privacy consultant
I’m breaking up with Google, one service at a time. Last week it was Google’s search engine, which I swapped for DuckDuckGo. This week, it’s Google’s Chrome Browser.
As I said a week ago, recent revelations of the commodification of our personal information, the revolving door our personal information swings through between tech companies and the world governments and the increasingly effective hacking of our financial transactions and personal information, has made me rethink my decision to trade privacy for convenience.
Step one was to wean myself off of Google.com.
Step two will be to sever another link in the chain between me and Google’s databases: the Chrome Browser.
To be fair, Chrome can be configured and used in a very private and secure way. You can surf “incognito,” leaving no history of what pages you have traversed. You can also use the browser so that it deletes your cookies when you end a session.
And as always, some of the best encryption freely available comes built into the Chrome browser.
So, you could easily argue that dropping Chrome is actually less secure.
But, I think you could equally argue that handing over your private data to any company is taking a big leap of faith. Especially, when that data can add up to a very personal and detailed profile of you. For example, the consolidation of Google Plus, Gmail and YouTube accounts meant that user data across these sites could now be consolidated into a single database of web activity that included a matrix of personal email, web searches, social connections, video views and even the text of attachments. Worse, Google claims ownership to this data once you “share” it with them.
So just because Chrome can be directed (by advanced users) to minimize the data shared with Google, you have to wonder. A breach of this very robust personal data is entirely possible. Indeed, the Chinese apparently already did this. And, as privacy expert Ashkan Soltaini (quoted above) notes, why help snoopers, hackers and commercial interests gather intelligence on you by (unnecessarily) relying on its browser?
¡Adiós el Chromo!
One of the best things about Chrome, in fact, was its speed…and some built-in development tools that I felt were way superior to their closest Firefox Add-ons, like Firebug. So, I started using Chrome…until a week ago.
First and foremost, Firefox comes to us from Mozilla, an open-source organization that has proven itself deeply concerned with protecting privacy and security on the web.
Firefox Privacy Settings
I’ve experimented with the privacy settings in Firefox, and I consider my current setup a work in progress. My focus here is to give some guidelines for how one might configure Firefox to maximize their privacy while not making everything a test of their faith.
- Remove Google, Bing and Yahoo! from the search engines installed in Firefox
- Add a private search engine as the default. As of this writing, I use DuckDuckGo right now, but I’m experimenting with others.
- Optional: I added the Omnibar add-on for a more Chrome-like experience, which as far as I can tell does not report back what you enter it to the developer’s database. If you’re concerned about this, just don’t add the Omnibar.
- Obviously be sure to select the “Tell sites I do not want to be tracked” setting.
- History and Cookies: I go back and forth between not capturing history, keeping all history and deleting history upon closing Firefox. Currently, I have everything deleted when I end the session.
- Set the browser to Never Accept Third Party Cookies
- I use a master password…and you’d be crazy not to. To understand why, just open your preferences and, under Security, click the Saved Passwords button. Then click Show Passwords. There they are…hopefully you’re not sharing your screen when you do this!
Sync and Advanced
- I don’t sync, but I’ve been tempted to. I need to research this more before committing, but on the face of it, it feels less secure to do so.
- Network, you can set up a SOCKS Proxy, but I use Private Internet Access VPN, when I’m using public wi-fi, so I haven’t explored this.
- Make sure you have Auto-updates installed to be confident Firefox has the latest security patches, etc.
Meanwhile, I’m continuing to explore other secure ways of living online. Coming soon: Thumb drive applications, Gmail alternatives and a secure way to get Google search without using Google!