2008-12-20

Firefox plugins for security and geeky fun

I don't run too many Firefox plugins, but I really love the ones I do use.  Here's a run-down. The title of each section will link directly to the plugin on the mozilla site.

NoScript 

Even if you don't use Firefox plugins at all, I recommend giving NoScript a try. From the NoScript website:

When you install NoScript, JavaScript, Java, Flash Silverlight and possibly other executable contents are blocked by default. You will be able to allow JavaScript/Java/... execution (scripts from now on) selectively, on the sites you trust. You can allow a site to run scripts temporarily, if you're just surfing randomly, or permanently, when you visit it often and you really trust it. This means that NoScript learns from your own browser habits and tends to disappear in the background after a while, but it promptly comes back to save your day if you stumble upon a malicious web page.
NoScript is updated frequently as malware blocking methods are improved. It was one of the first products to offer protection against clickjacking



FoxyProxy  allows you to set up multiple proxy configurations. This comes in handy when SSH Tunneling to your own proxy or just using public proxies for web filter evasion or privacy reasons.  FoxyProxy is a little unwieldy at first glance, but it's quite flexible; more so than other proxy management plugins. If that's a little over the top for you, a more minimalist plugin is SwitchProxy Tool
Security Reality Check by ax0n: Switching between multiple public proxies every 30 seconds might seem like a good idea for making yourself harder to track, but it also dramatically increases the number of places your traffic goes. You leave more footprints in more places, which could actually make it easier to track something back to you, even if it's harder to figure out everything you did.

Leet Key lets you transform text with a number of popular encoding algorithms, for example, when @lithium posts stuff like this.  Grr. 


Select the text, right-click, then hit the text transformer tool within Leet Key. In this case, it was not only Base64, but rot13 as well. The bad news is that you have to be able to guess what it's encoded with in order to use Leet Key. After having played with many different encoders, I can usually tell what it is that I'm looking at. 


Leet Key also lets you easily encode editable forms, so you can type something into a web mail client or forum posting form, then encode it on the fly before sending it.


User Agent Switcher is for testing how certain sites react to different user-agent strings, but I originally installed it so that I could trick Starbucks' WiFi into thinking I was using an iPhone (and thus, get free WiFi). I've found it useful for other things, though: Particularly when testing heavy JavaScript pages.

Ubiquity

Ubiquity is a command line interface to Mozilla Firefox. This allows you to create small, re-usable custom functions and subscribe to third party functions. If, like me, you find yourself willing and ready to script-automate the repetitive things in life, You'll probably love Ubiquity. 


I'm paranoid by nature, and NoScript is the only plugin I leave enabled all the time. The rest of these I will only enable when I will need them. I'm leery about using a lot of Greasemonkey scripts, and don't really like loading my browser with dozens of add-ons. Do you have some must-have favorites that I'm really missing out on? 

blog comments powered by Disqus