Secure Transactions

[jd1008]

On 08/30/2014 08:33 PM, Tim wrote:
> On Sat, 2014-08-30 at 18:39 -0600, jd1008 wrote:
>> 3. HttpToHttps
> Be prepared for various things to fail, you cannot force HTTPS with
> sites that are HTTP-only.
Actually, the sites that do not support https, simply default to http.
So, such sites are still browsable even with this plugin.
>> 6. Redirect Cleaner - this will prevent a website you want to visit to
>> redirect your browser to some other website you had no intention on
>> browsing. You will be  given the manual opportunity to override the
>> prevention.
> On some browsers, there is, or at least was, an option not to
> automatically follow redirections (you'd get a warning, and there'd be a
> link to follow if you actually wanted to follow the redirection).  For
> various services, you're going to have to follow them, because that's
> the way they made the site.  Sometimes, thanks to making them obvious,
> you'll find out just why some sites just never work, because you'll see
> the endless redirections around in a circle to a starting point that
> doesn't work.
Tell me which of the Firefox settings options will prevent redirection?
I have not come across it. Sure would like to know that.
It does have the options to block all popups. But many websites have
learned how to get around that firefox feature, as I still get some
popups from a few web sites.
>> 7. No Google Tracking
>> 8. No Yahoo Tracking
>> 10. TrackMeNot.
> I question the ability to prevent that, and dislike the doubling up and
> adding on of *numerous* add-ons to a browser (it makes the thing even
> more buggy).  While you can try dumping cookies, etc, as you go along.
> They know that numerous connections are coming from your IP, some in
> response to other of their own pages, so they can track you.
>
> e.g. You've only got to see the suggestions for what you might like to
> see if you browse YouTube on one computer on your network, then do more
> unrelated browsing on another computer on your LAN, and see similar, or
> completely the same, suggestions.
>
I have always looked at what cookies are stored, and I only
see the primary cookies of just a few sites I am currently browsing.
No other cookies are there.
You could argue that a cookie actually embeds many other cookies from
other websites, that are hosted by the site you are browsing.
You can see those when looking at all the cookies in firefox.
Just click on a cookie and it will expand to it's components.
"Dislike" does not amount to something substantial :)
It is only a preference.

>> Also, in Firefox Settings, be sure to NEVER allow 3rd party cookies.
> This is one thing that often doesn't do what you think.
Prove it! I would really like to see a concrete proof of it,
in order for me to see that there are 3rd party cookies
being stored by my browser.
I know it is a tedious thing. So far I have not seen such
issues.  Only problems I have really encountered is that
noscript (configured to automatically reject all java scripts,
unless I allow them manually). The problems I encounter
are with many websites that have objects on their pages
that are interactive - such as a search bar, or selection of
an option in a .... say sorting option of a list of items.
Such sites have javasripts that are hosted from other sites.
I have personally seen analytics of many such java scripts
that install malware without one's knowledge or consent.

>   e.g. For most
> of us, if we were browsing google.com, any attempt to handle
> doubleclick.com cookies would be considered third-party (by us), and
> we'd expect them to be rejected.  But if a google page incorporates
> content from doubleclick (such as an advert graphic), that incorporated
> content can set a doubleclick cookie, and it isn't third party to
> itself, so the cookie gets allowed.
Please offer some concrete real world examples. I would love to (and 
need to) see that.
>
> It's well worth going through your browser settings, and setting them
> sensibly, rather than hoping some third-party add-on will sort things
> out for you.
Of course. But you do not define 'sensibly' in an objective way.
Please show real world benefits of what you consider sensible
settings.