Browser security graphic

Software reviews: Browser security and privacy

Your browser is your first line of defence against the dark arts of malware, phishing and privacy invasion, so make sure it is as well trained and equipped as possible.


HTTPS Everywhere

Donations invited on Firefox, Chrome and Opera

This clever browser extension ensures that where a website is known to support HTTPS encryption, this is fully enabled for your visit. Even where sites default to unencrypted HTTP, or have HTTP links on HTTPS pages, it can fix this by rewriting these links to use the encrypted versions.

It contains a long list of known web domains, and can also be set to check the encryption certificates that your browser gets from sites against the EFF's SSL Observatory. This should help detect browser attacks and insecure connections.

If you use public Wi-Fi hotspots but do not use a VPN, you definitely ought to install HTTPS Everywhere. It is a good idea too on nominally-private hotspots, thanks to the possibility of man-in-the-middle attacks. The one caveat is that it does sometimes get confused by public Wi-Fi log-in pages, but this is dealt with by logging on to the hotspot before you open any other pages.




Free on Firefox and Chrome

Most of the websites you visit will also make requests and connections to third-party servers and websites. This is usually a good thing - for example, visiting the E&T website will also link you to content delivery networks (CDNs) which improve page-loading speeds by caching video and other rich media around the Internet, to analytics tools that help the IET's webmasters better understand visitor behaviour, and to a social sharing service that enables you to recommend E&T pages to your friends on Facebook and Twitter.

Other uses of third-party sites include links to related sites and of course advertising, whether that is by embedding scripts such as Google Adsense or adding banner adverts into the page, and potentially for tracking you around the Web. Most browsers now provide a way to see all those third-party connections. For example, in Firefox, press F12, select the Network tab and reload the page to see all the connections made to load the current page - but only the current page.

What Lightbeam - formerly known as Collusion, and still called Collusion on Chrome - does is to aggregate those links and provide a graphical visualisation of them which you can then pan around. Visited sites are shown as circles and third-party ones as triangles, making it easier to'see which sites are related to each other and which ones use the same third-party services, for instance.

Lightbeam also provides statistics on the various total connection counts, and two alternative visualisation schemes - a simple list, and a clock-type display that shows your connections by hour of the day. It only stores your data locally, but you can opt to share it with the developers, as they are creating a crowdsourced directory of how third-party sites connect to other sites and how tracking works on the Web.


Donations invited on Firefox, Chrome, IE and Safari; $1.99 on Apple iOS

As well as letting you see what requests a website has sent you, this useful extension from the developers of Collusion for Chrome adds the ability to block them too - indeed, by default it blocks thousands of third-party tracking companies. A browser toolbar icon shows how many third-parties it is blocking on the current page; you can then pull down a menu to see what they are, sorted into advertising, analytics, social and content companies.

You can also block or unblock an individual company or an entire category. Key content companies such as YouTube and'Flickr are not blocked by default, even though they may well track you. You can choose to block them, but then the webpage may not work correctly. Blocking all those other third-parties has two useful effects - pages load up to 27 per cent faster, according to Disconnect's developers, and less data is transferred.

Disconnect also has an option to enforce HTTPS encryption on a specific list of websites, and an iPhone/iPad version called Disconnect Kids. The latter can block 20 commonly encountered mobile trackers, and includes educational elements designed to help novices learn about Internet privacy.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them