Stop Browser Leaks

Avoiding non HTTPS websites, minimize plugin use

avoid browser fingerprinting, turn off "autofill"

Updated: May 5, 2022
By: RSH Web Editorial Staff
Stopping Browser Leaks
Menu

How does my Browser Leak Information

There’s a lot you can do to browse the web anonymously and avoid being tracked. But no matter what you may have done or set up, the browser can still leak personal information that could then be exploited by attackers for their gains. Here is how your Browser might be compromising your privacy and what you can do about it.

Avoid Websites without the HTTPS protocol

Websites with just HTTP prefix means anything you do there is unencrypted. This will include what you type as well as links you click on. While this may not be a big concern for public sites where you are simply surfing for information. It could be a concern on any site, where you are entering personal information such as login, passwords or any other information you would not want hackers to see. We have even seen some websites include the HTTPS prefix on their Home page, then default to the unencrypted HTTP on their other pages. Would you like to give your password or payment details to that website?

A recent update to Chrome now flags sites as Non-Secure if they are insecure websites.

Always check that page URLs or addresses are prefixed with HTTPS before entering any log-in or payment information.

Download the HTTPS Everywhere extension for Firefox, Chrome and Opera, which automatically encrypts your browser’s communications with major websites if it finds faulty HTTPS links.

PHP Hosting

Minimize plugin use and extensions

The web is full of small apps known as plugins designed to give your browser added features. These include extensions such as Adobe Flash and Java, which allow your browser to play animated content. Unfortunately, these apps can be riddled with vulnerabilities that hackers may have exploited to grab your personal info. Simply having plug-ins and extensions installed can make your browser vulnerable to attacks. Check your browser settings to see what plug-ins and extensions you have downloaded, and disable those you infrequently or never use.

You might consider disabling the big three, Microsoft Silverlight, Adobe Flash and Java. Many sites no longer use these plug-ins to play video. Netflix has dropped Silverlight, and YouTube no longer uses Flash. If you receive too many messages that you need to run these plug-ins, invest in a script-blocker extension such as NoScript for Firefox or ScriptSafe for Chrome. These stop all Flash and Java by default, with options to build a whitelist of trusted sites that need these plug-ins.

Avoid Browser Fingerprinting

Browser fingerprinting is a powerful method that websites use to collect information about your browser type and version, as well as your operating system, active plugins, timezone, language, screen resolution and various other active settings. They state that they want to be able to load the web pages correctly. Plugins like Adobe Flash and Java also happen to relay a lot more information, including the hardware you’ve installed, the plug-ins installed and, most tellingly, the exact lineup of fonts you have on your computer. This list combines to make a “fingerprint” that’s overwhelmingly unique to your browser, making it highly trackable even if you’ve disabled trackers AND turned off cookies.

You can test your Browser at Panopticlick, A browser tester set up by the Electronic Frontier Foundation. The site will tell you how unique your fingerprint is and provide all the details. There is not much you can do about browser fingerprinting. Chameleon (Firefox) and Random User Agent (Chrome) have decent reviews at their respective app stores.

Stop Phishing Attacks on Browser Autofill

Your browser’s autofill function exists to make it easier to fill in forms that ask for the same information, name, address, date of birth. The convenience of saving such information can out weigh the concerns over the security of a Browser. Be warned that Browsers have been tricked into revealing saved personal information without the user realizing it.

This phishing attack has happened with hidden text boxes coded into a malicious site, alongside a couple of visible requests for common information like your name and email address. When you type in the info, the autofill feature ends up adding other information saved to the browser autofill, which could include enough details to enable credit card fraud
Also see What is Phishing.

Avoid typing in any personal information on websites you’re not sure about. NEVER keep credit card information saved in your Browser, and better still, just turn off the autofill feature entirely.

Here is how with the most common browsers.

Firefox
Go to > Options > Privacy & Security > Forms & Passwords. Click in the box to remove the check mark.

Chrome
Go to > Preferences > Show advanced settings > Passwords and forms. Here, you can manage what information is saved to autofill and un check Enable Autofill to fill out web forms in a single click.

Microsoft Edge
Go to > Settings > Advanced Settings > Autofill settings. You can enable or disable the browser from automatically filling out passwords.

Safari
Go to > Preferences > AutoFill. Manage what information is autofilled and delete or edit what’s saved.

Opera
Go to > Settings > Privacy & security > Autofill. Manage what information is autofilled and delete or edit what’s saved.

Chromium
Go to > Customize > Settings > Advanced > click the arrow in the Autofill settings box.

Vivaldi
Go to > Settings > Security > Disable it.

Other Websites of interest

Websites that can show more information about us.

Device Info
Device Info is a web browser security testing, privacy testing, and troubleshooting tool.

http://ipleak.net/
An excellent site to test your browser leaks, also to test your VPN, if your real IP address is shown, then you have a problem with your VPN.

Using a VPN While Traveling.

PRISM Break
Opt out of PRISM, the NSA’s global data surveillance program. Stop the American government from spying on you by encrypting your communications and ending your reliance.

privacytools.io
You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides knowledge and tools to.

Riseup
Riseup is an organization which provides online communication tools for people and groups working.

Panopticlick
Panopticlick is a web page provided by the Electronic Frontier Foundation. It tests the amount of personally-identifying data your web browser gives away to websites and.

DNS leak test
DNSleaktest.com offers a simple test to determine if your DNS requests are being leaked, which may represent a critical privacy threat. The test takes only a few seconds.

What every Browser knows about you
This is a demonstration of all the data your browser knows about you. All this data can be accessed by any website without asking you for any permission.

Privacy Heroes
We're an alliance of privacy-focused online services on a mission to defend Internet users from surveillance, hacking, and censorship.

Webbkoll
This tool helps you check what data-protecting measures a site has taken to help you exercise control over your privacy.

Device Info
Device Info is a web browser security testing, privacy testing, and troubleshooting tool.

Other detection tools from BrowserLeaks.com
WebRTC Leak Test Local/NAT/Public IP Address discovery using JavaScript
Font Fingerprinting Font metric-based fingerprinting using JavaScript and Flash fonts detection
SSL/TLS Client Test Shows brief information about your HTTPS connection
ClientRects Fingerprinting Displays the exact pixel position and size of the rectangle of a drawn HTML elements
CSS Media Queries Pure-CSS Media Queries Test Suite
Social Media Login Detection Cross-origin login detection for most major social networks
Firefox Resources Reader Firefox resource URI fingerprinting, platform and locale detection
Do Not Track Detects DNT support in your web browser.

We welcome your comments, questions, corrections and additional information relating to this article. Please be aware that off-topic comments will be deleted.
Or if you need specific help with your account, feel free to contact us anytime
Thank you

Tweet  Share  Pin  Tumble  Email.

More Articles Of Interest