Back in our Firefox Hardening guide, we talked about installing the extension Firefox Lightbeam.
Lightbeam is an app that gives you a visual graph of what your browsing looks like from a network perspective. Lightbeam looks at all of the network connections that your browser makes, and turns them into a visual graph that you can look at in detail to see what connections are being made and to what sites and services. This is crucial for us to understand as every unnecessary connection is a potential gateway to being watched by 3rd parties or attacked by rogue services.
It gives us a unique way to test our Firefox guide and see if all of the settings changes and extensions are really making a difference.
Below I have visited a popular technology news website with all of the Firefox settings at default, and all of the extensions disabled.
You can see that with just visiting the sites home page, 114 third party sites are contacted. These include trackers, web libraries, cookies, and all kinds of outside parties trying to gather and sell your data.
These excessive network calls invade your privacy, increase your attack surface, make your web browsing slower, and if you’re on a mobile device, it also reduces your battery life.
This second screenshot is visiting the exact same site with the hardening guide optimizations enabled and the extensions enabled and on their default settings.
The optimizations have reduced the surveillance dramatically. We go from 114 third parties down to two, and both of these connections are to libraries that make the site function.
It is worth noting that the 114 third parties figure is actually low. I allowed about a full minute for the site to load, but it was still pulling in more 3rd party requests when I stopped the test.
After leaving the site open for a few minutes, uBlock Origin, uMatrix, and Privacy Badger had blocked 529 requests from this single page.
If you want strong privacy protection like in this demonstration, we highly recommend following the Firefox Hardening Guide here!
Derek is a cryptographer, security expert and privacy activist. He has twelve years of security experience and six years of experience designing and implementing privacy systems. He founded the Open Source Technology Improvement Fund (OSTIF) which focuses on creating and improving open-source security solutions through auditing, bug bounties, and resource gathering and management.