1. TunnelBear VPN
You’ve probably heard a lot about virtual private networks (VPN). In case you’re unfamiliar with them, picture a tunnel between your device and the website you’re visiting. This tunnel is a form of encryption, meaning any personal information sent between the two is scrambled. Without it, you might be victim of intrusion, including man-in-the-middle attacks (MITM).Chrome is already one of the safest browsers available, but it’s somewhat inferior to Opera because the latter boasts its own in-built VPN. TunnelBear bolts on this extra level of privacy.Search for “VPNs” in the Chrome store and you’ll see vast amounts of them. It’s very easy to fall in love with Tunnelbear though. Over 20 million users across multiple platforms agree. Its creators appear to have good morals on their side, so don’t log any data and publish security audits carried out independently by third parties.
2. No Script Suite Lite
JavaScript is a programming language that forms the foundations for much of the internet in its current form. It’s an important part in our browsing experiences, and also forms the backbone of apps and online infrastructure. You can see why would-be programmers continue to learn it, and why many consider it the language of the future.But sometimes, it’s a bad thing.
Why? It can hide malicious activity, including snooping and ransomware. You could simply disable JavaScript, but functionality will decrease. Facebook won’t look right (if it shows up at all); comments sections won’t load (although that can be a positive); most seriously, YouTube and Netflix won’t work.
Nightmare.
It really is a catch-22. Much of the web won’t function properly without it; but by enabling it, you leave yourself open to all sorts of issues, most notably malware.
No Script Suite Lite is a solution to this problem.
It limits the sites that run JavaScript solely to the ones you trust. Just add them into your whitelist and you can carry on surfing. If you’re worried you’re not experiencing a site to its fullest but you’re not certain enough to add it to your trusted list, you can also toggle the extension on and off in the toolbar.
No Script Suite Lite is best when running in conjunction with Webutation, Netcraft Extension, or a similar security add-on.
Download: No Script Suite Lite
3. Unshorten.link
Shortened links were all the rage a little while ago. Now, you don’t see them so often. But they’re deceptive: you’ll still find them on social media, and affiliate schemes (Amazon, for instance).
Pages use them either as a quick way to redirect readers without including a lengthy URL or to hide the endpoint of a link. It’s the latter you should be worried about. You could end up on a suspicious website, downloading malicious software.
Unshorten.link does exactly what it says on the tin. Whenever you click on a condensed URL, you’ll be sent to a “filter page” that shows you the full address. This might mean nothing to you, which is why you can choose to see a full screenshot of the destination.
Most importantly, it checks the link and warns you if it detects malware. You can choose not to see the filter page if Unshorten.link deems it safe too.
It might not be used all that frequently, but you may be surprised. And when it is used, you’ll be thankful for it.
Pages use them either as a quick way to redirect readers without including a lengthy URL or to hide the endpoint of a link. It’s the latter you should be worried about. You could end up on a suspicious website, downloading malicious software.
Unshorten.link does exactly what it says on the tin. Whenever you click on a condensed URL, you’ll be sent to a “filter page” that shows you the full address. This might mean nothing to you, which is why you can choose to see a full screenshot of the destination.
Most importantly, it checks the link and warns you if it detects malware. You can choose not to see the filter page if Unshorten.link deems it safe too.
It might not be used all that frequently, but you may be surprised. And when it is used, you’ll be thankful for it.
Download: Unshorten.link
4. LastPass
Or maybe you’d prefer to use the most popular password managers available.
You might recall the name, even if you’re not au fait with the software. That’s because it’s hit the headlines a couple of times in the past few years, causing some to abandon ship. But right now, nearly 7 million users still trust it.
There were fears over CPU exploits, Meltdown and Spectre, which affect LastPass; further back, Google Project Zero found a vulnerability in the password manager.Realistically, all software has vulnerabilities. What matters is how swiftly the companies react to them; typically, if an update is offered, you should install it. LastPass has rolled with the punches, so we don’t see any reason you should avoid it.
It basically does the same stuff Blur does, except offers an extra layer of customization in its vault.
Yes, there are concerns. As the most popular manager, it attracts a lot of hackers. Its security, though, is top-notch.
Brute force attacks are rendered virtually pointless, as LastPass doesn’t store your password. Instead, it verifies your identity using a one-way salted hash, then allows access to your vault using your decryption key (always stored on your device). Further encryption methods are used to when data is in transit.
This is a very strong system. Due to its swollen userbase, you’ll hear about any potential (and comparatively rare) problems sharpish and then be notified by LastPass about what to do. In most cases, it’ll involve updating and changing your master password.
You might recall the name, even if you’re not au fait with the software. That’s because it’s hit the headlines a couple of times in the past few years, causing some to abandon ship. But right now, nearly 7 million users still trust it.
There were fears over CPU exploits, Meltdown and Spectre, which affect LastPass; further back, Google Project Zero found a vulnerability in the password manager.Realistically, all software has vulnerabilities. What matters is how swiftly the companies react to them; typically, if an update is offered, you should install it. LastPass has rolled with the punches, so we don’t see any reason you should avoid it.
It basically does the same stuff Blur does, except offers an extra layer of customization in its vault.
Yes, there are concerns. As the most popular manager, it attracts a lot of hackers. Its security, though, is top-notch.
Brute force attacks are rendered virtually pointless, as LastPass doesn’t store your password. Instead, it verifies your identity using a one-way salted hash, then allows access to your vault using your decryption key (always stored on your device). Further encryption methods are used to when data is in transit.
This is a very strong system. Due to its swollen userbase, you’ll hear about any potential (and comparatively rare) problems sharpish and then be notified by LastPass about what to do. In most cases, it’ll involve updating and changing your master password.
Download: LastPass
5. Click&Clean
This is simply one of the best Chrome security add-ons of all time. Yes, really. That’s because it’s quick, easy, and thorough, making your browsing sessions secure and private.
Click&Clean lets you delete all your private data with a single click. This can either be done en masse, or by selecting individual items. You can even choose the timescale that you wish to delete. You just select the icon in the toolbar and its menu will pop open: this has a Windows 10-like design so is eye-catching and colourful. All it takes to close your browser and delete browsing history is one click. In an emergency, this is essential.our options are extensive, meaning you can get rid of your download history, cache, saved passwords and form data via cookies, and lots more. That’s just from the Main tab; by switching, you can access information stored by other add-ons!
There are two added options that make Click&Clean extra special: password generation, which creates alphanumerical digits for any specified lengths; and clearing data from Incognito Mode.You read that right: in-private browsing isn’t completely anonymous. Of course, ISPs can still track you, and there’s nothing you can do about that. But Click&Clean at least allows you to clear temporary files left on your PC by the sites you visit in order to recover data should a fault occur.
Click&Clean lets you delete all your private data with a single click. This can either be done en masse, or by selecting individual items. You can even choose the timescale that you wish to delete. You just select the icon in the toolbar and its menu will pop open: this has a Windows 10-like design so is eye-catching and colourful. All it takes to close your browser and delete browsing history is one click. In an emergency, this is essential.our options are extensive, meaning you can get rid of your download history, cache, saved passwords and form data via cookies, and lots more. That’s just from the Main tab; by switching, you can access information stored by other add-ons!
There are two added options that make Click&Clean extra special: password generation, which creates alphanumerical digits for any specified lengths; and clearing data from Incognito Mode.You read that right: in-private browsing isn’t completely anonymous. Of course, ISPs can still track you, and there’s nothing you can do about that. But Click&Clean at least allows you to clear temporary files left on your PC by the sites you visit in order to recover data should a fault occur.
Download: Click&Clean
6. Panic Button
The easier you can browse securely, the better. That’s why one-click extensions are so popular.
Panic Button takes this principle and applies it to your tabs. Just press a keyboard shortcut (thankfully customizable) and your tabs disappear. They then reset to a “safe page”, i.e. whatever page you want displayed in emergencies.
Fortunately, you’ve not lost those tabs! They’re stored in a list, which you can protect from prying eyes behind a password.
Obviously, this is designed for anyone viewing private stuff on their PC, be it for Christmas shopping or something more scandalous. It has a security purpose too.
Panic Button’s list of tabs will include additional ads that have popped up in the background. Instead of restoring the full list, you can solely reopen the ones you actually mean to.
Panic Button takes this principle and applies it to your tabs. Just press a keyboard shortcut (thankfully customizable) and your tabs disappear. They then reset to a “safe page”, i.e. whatever page you want displayed in emergencies.
Fortunately, you’ve not lost those tabs! They’re stored in a list, which you can protect from prying eyes behind a password.
Obviously, this is designed for anyone viewing private stuff on their PC, be it for Christmas shopping or something more scandalous. It has a security purpose too.
Panic Button’s list of tabs will include additional ads that have popped up in the background. Instead of restoring the full list, you can solely reopen the ones you actually mean to.
Download: Panic Button
7. Webutation
For a while, Web of Trust (WOT) was the go-to add-on for reputability scores. Icons appear to show you which sites are secure. However, in late 2017, users realized the consequences of the extension’s privacy policy, and began uninstalling. WOT promised to tighten things up, but until then, Webutation will see you right.n the top right-hand corner, a shield will appear, rating the page out of 100. This shield is also color-coded, so you can easily avoid sites rated in red; be wary of those in yellow; and happily continue as intended when you see green. Anything that’s especially dangerous will flag up a special message that will let you proceed regardless or safely return to your search.
You can also block access to adult websites, and any deemed “bad” by the system.Webutation’s ratings factor in a number of sources in its algorithm, but as an open community, it relies on its userbase. Click on the icon and you can find out more about the site on webutation.net, which also allows you to leave your own rating.
Obviously, you might not know whether a site really is a malware risk. That’s why Webutation checks for SSL certificates, and scours other tools, including Google Safe Browsing, Norton Antivirus, and phishing blacklists. It also takes social reputation into consideration—if the site has an extensive, properly cited Wikipedia page, that’s taken into account.
What makes this the natural successor to WOT? The fact that its algorithm also bases its ratings on the WOT Ratings Community! You get all the best stuff from that other popular extension, plus additional safety checks.
Download: Webutation
You can also block access to adult websites, and any deemed “bad” by the system.Webutation’s ratings factor in a number of sources in its algorithm, but as an open community, it relies on its userbase. Click on the icon and you can find out more about the site on webutation.net, which also allows you to leave your own rating.
Obviously, you might not know whether a site really is a malware risk. That’s why Webutation checks for SSL certificates, and scours other tools, including Google Safe Browsing, Norton Antivirus, and phishing blacklists. It also takes social reputation into consideration—if the site has an extensive, properly cited Wikipedia page, that’s taken into account.
What makes this the natural successor to WOT? The fact that its algorithm also bases its ratings on the WOT Ratings Community! You get all the best stuff from that other popular extension, plus additional safety checks.
Download: Webutation
8. Credit Card Nanny
This sounds like a cash-loan company, but actually, it’s a perfect companion to HTTPS Everywhere.
SSL/TSL certificates give us peace of mind, yet we shouldn’t trust them completely. Encryption is utterly pointless if your password is then communicated to administrators as Clean Text.
There are various means of storing private information, but Clean Text literally means that your password is readable. There’s no subsequent encryption; no hashing; and no cryptographic nonce involved. If your password is “password123” (and we really hope it isn’t), it’s stored on servers as “password123”. The site’s system could get hacked and your details could be read as easily as a book.
That’s worrying, but it’s even more concerning if it does the same with payment information!
It’s not done maliciously. Mostly, it’s through ignorance.
Credit Card Nanny detects forms that send your private data in Clear Text form. If you visit a suspect site, a warning will come up and advise you to contact the owners to tell them they need better security measures. Of course, you can bypass the message and continue if you don’t think the information is important enough to warrant a solid level of privacy. At least you’re aware it’s a concern.
SSL/TSL certificates give us peace of mind, yet we shouldn’t trust them completely. Encryption is utterly pointless if your password is then communicated to administrators as Clean Text.
There are various means of storing private information, but Clean Text literally means that your password is readable. There’s no subsequent encryption; no hashing; and no cryptographic nonce involved. If your password is “password123” (and we really hope it isn’t), it’s stored on servers as “password123”. The site’s system could get hacked and your details could be read as easily as a book.
That’s worrying, but it’s even more concerning if it does the same with payment information!
It’s not done maliciously. Mostly, it’s through ignorance.
Credit Card Nanny detects forms that send your private data in Clear Text form. If you visit a suspect site, a warning will come up and advise you to contact the owners to tell them they need better security measures. Of course, you can bypass the message and continue if you don’t think the information is important enough to warrant a solid level of privacy. At least you’re aware it’s a concern.
10. HTTPS Everywhere
We talk about this a lot, but that’s because it’s excellent at what it does. Most people use encryption, although in limited capacities: your iMessages, for instance, are encrypted, as are SMS messages you send via WhatsApp. It means information sent from one party to another is scrambled; anyone who intercepts can see randomized data, rendered unreadable. This is essential for e-commerce.Everyone needs encryption, particularly when visiting sites that require personal information. Don’t trust a page that asks for passwords but isn’t encrypted. But how can you tell? Just check out the address bar: if the beginning reads “HTTPS”, that’s a sign of encryption. Indeed, the extra “S” means “Secure”. It all depends on the site using an SSL/ TSL certificate to ensure authenticity.
HTTPS Everywhere automatically switches thousands of sites from their “HTTP” copies to their securer “HTTPS” versions.
It doesn’t work on everything, however. For smaller sites without SSL certificates, you’ll see a privacy error—in which case you’ll need to disable the extension for that site only. You risk your security by doing so, but just because a page doesn’t have an encrypted alternative doesn’t necessarily mean it’s dodgy.
Nonetheless, the positives of HTTPS Everywhere far outweigh the negatives: it means that e-commerce sites, or any system that needs personal information, is afforded an extra layer of protection.
Download: HTTPS Everywhere
0 comments: