No-Script (Security as you surf the Internet)

This happens to be my best Add-on, guess its the reason why i would never leave firefox for now. Most infected site are script hijacker either through java, xss or plugins. This is where No-Script( a highly regarded security add-on) comes in, by keeping you safe if better managed and updated regularly. 

According to the creator (Giorgio Maone), it was first created in 2005 within three hours to disable JavaScript, Flash, Java, and other active content i.e plug-ins.

Among the web-based attacks NoScript prevents — even with scripting enabled — are:

• XSS: “Injection Checker” prevents malicious web pages from injecting their scripts inside other sites.
• Clickjacking: The ClearClick feature is the only effective client-side protection against this attack so far.
• CSRF: The ABE module intercepts by default any cross-zone HTTP payload.
• MITM: NoScript can make sure HTTPS is used if it is available, preventing this type of attack.

 NoScript helps by showing the script sources a web page attempts to load, letting you control them individually — even trusted websites may link third-party scripts which may not deserve the same level of trust. Also, if you don’t know who a certain script belongs to or if you can’t figure out the script’s role, middle click or shift click the NoScript menu entry to obtain information about it.But if you are contemplating uninstalling NoScript, it is better to use the Allow scripts globally command. 

Maone has released NoScript for Firefox Mobile in 2011, offering Android users a safer browsing experience. 

No-Script can be downloaded either b searching from the add-on search on Firefox or click noscript.

E-Mail Phishing

Google warned on that hackers were launching targeted phishing attacks against hundreds of Gmail account users. Google says "the goal of this effort seems to have been to monitor the contents of targeted users emails", with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings. Gmail enables you to forward your emails automatically, as well as grant others access to your account, this may be the most useful aspect of  using Gmail but Google also took this opportunity to remind users about the value of enabling 2-step verification.

Here are a few simple tips that can help you avoid becoming the next victim of these attack methods:

• Keep your software up-to-date. Legitimate, high-traffic Web sites get hacked all the time and seeded with exploit kits. Take advantage of programs like Secunia’s Personal Software Inspector or Filehippo’s Update Checker to stay abreast of the latest security updates.
• Be extremely judicious about clicking links in emails. Try to avoid responding to invites by clicking links in emails. I notice that Twitter has now started sending emails when someone re-tweets your posts: Avoid clicking on those as well. It’s safest to manage these accounts by visiting the sites manually, preferably using a bookmark as opposed to typing these site names into a browser address bar.
• Pay close attention to what’s in the address bar: Checking this area can prevent many email-based attacks. Staying vigilant here can also block far more stealthy attacks, such as tabnabbing( Where a URL is opened to a new tab, which later reloads changing the URL address and yet displaying the true content of the page) .
• Consider using an email client, such as Mozilla’s Thunderbird, to handle your messages. It’s a good idea to have emails displayed in plain text instead of allowing HTML code to be displayed in emails by default.

Antivirus for Mobile users

Do you really need antivirus on your mobile? My answer is always no and will always be no. But this is true, only if you follow this guidelines;

"If you did not go looking for it, don’t install it!”  If you intend to install it, make sure you have researched about its authenticity. Security software should never be viewed as a substitute for common sense and simple precaution. Anti-malware software is and always has been reactive, meaning it usually only detects a threat after some subset of customers have already been successfully compromised by it. 

“If you installed it, update it.” Yes, keeping the operating system current with the latest patches is important, but maintaining a secure computer also requires care and feeding for the applications that run on top of the operating system. Bad guys are constantly attacking flaws in widely-installed software products, such as Java, Adobe PDF Reader, Flash and QuickTime.

“If you no longer need it, remove it.” Clutter is the nemesis of a speedy computer. Unfortunately, many computer makers ship machines with gobs of bloatware that most customers never use even once. On top of the direct-from-manufacturer junk software, the average user tends to install dozens of programs and add-ons over the course of months and years. In the aggregate, these items can take their toll on the performance of your computer. Many programs add themselves to the list of items that start up whenever the computer is rebooted, which can make restarting the computer a bit like watching paint dry.