1. Home
2. Trainers' Curriculum
3. Safer Browsing
4. Identity Protection and Privacy
5. Safe Browsing

Safe Browsing

Credits Indira Cornelio, Alma Uguarte Perez   Last Updated 2017-06

This session provides an introduction to safe web browsing practices, including an overview of plug-ins and other utilities that can be used to create a safer browsing environment.

ADIDS Element

Parent Topic(s)

Duration

This session was developed for, and should be attributed to, the Institute for War & Peace Reporting resource “Cyberwomen: Holistic Digital Security Training Curriculum for Women Human Rights Defenders” under a Creative Commons Attribution-Share Alike 4.0 International CC BY-SA 4.0 License

Materials to Prepare:

• Slides (with key points included below)
• Laptop/Computer and Projector setup
• WiFi connection

Trainer’s Note

Check the space where the session will be held to confirm that there is internet access and an electricity supply. Choose a couple of plugins to demonstrate during the session and then share the complete list so that people can experiment with the plugins on their own.

 

Running the Session:

Part 1 – Choosing a Browser

Step 1 | Begin the session by asking participants which web browsers they use and what other options they have heard of. Present Firefox - explain the benefits of using it, and discuss briefly the difference between it and other common browsers such as Google Chrome or Internet Explorer.

Part 2 – Safer Browsing Practices

Step 2 | There are quite a few safer browsing practices to discuss that can be shared with participants – while you don’t need to cover every single one of them, it is recommended to share enough to give your participants options (also remember to keep your content contextualized by sharing practices most relevant to participant context).

Step 3 | Explain to the group that you will be reviewing some safe browsing practices with them, but not yet focusing on specific tools other than the browsers themselves. Some participants might already be willing to change browsers, but others may not yet be – so before discussing more specific tools like browser plug-ins, it’s important to keep the discussion grounded first in practice.

Here are some example practices you can discuss:

• Being vigilant of phishing and spear phishing attempts;
• Blocking embedded ads and pop-up ads;
• How cookies work – be sure to talk about how convenient they can be, but that they also have downsides;
• Disabling and erasing cookies from the browsers;
• Deleting browsing history;
• Not saving passwords in your browser settings;
• Checking the extensions that you add to your browser;
• Enabling the Do Not Track option in your browser;
• Google search alternatives (such as Duck Duck Go)
• Who implements online tracking and why? (Both https://trackography.org/ and https://www.mozilla.org/es-MX/lightbeam/ are good resources about this);
• Discuss HTTP versus HTTPS;
• What is a VPN (Virtual Private Network) and when should these be used?
• What exactly does Incognito Mode do, and when should it be used?
• Remove sensitive passwords stored in browsers (be careful not to remove stored passwords that you do not remember!).
  
  

Part 3 - Tools and Extensions for Safer Browsing

Step 4 | Explain, now that you’ve addressed some basic practices for safer browsing, that you can also suggest certain tools – specifically browser plug-ins – which can help automate or otherwise facilitate adoption of some of these practices.

Step 5 | Present the following tools, explaining how each of them works, and remember to also share the links to download them with participants. It is essential that participants understand why each of the tools shared is important and useful; if not explained clearly, it can lead to participants making ill-informed decisions about their privacy or anonymity online:

Desktop Browser Tools:

• No Script: https://noscript.net/
• Adblock Plus: https://adblockplus.org/es/
• Privacy Badger: https://www.eff.org/es/privacybadger
• HTTPS Everywhere: https://www.eff.org/https-everywhere
• Click & Clean: https://www.hotcleaner.com/
• Tor browser: https://www.torproject.org/download/download-easy.html.en
• uBlock Origin: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
• Disconnect: https://disconnect.me/
• uMartix: https://addons.mozilla.org/es/firefox/addon/umatrix/
  
  

Mobile Browser Tools:

• HTTPS Everywhere: https://www.eff.org/https-everywhere
• Avast: https://www.avast.com
• Orfox: https://guardianproject.info/apps/orfox/
• Orbot: https://www.torproject.org/docs/android.html.en
• Tor for iPhone: https://mike.tig.as/onionbrowser/
  
  

Part 4 - What Can Be Seen by Your Local Network Administrator?

Step 6 | Explain that there is a lot of information available to those who manage a local network, internet service providers, or anyone else with some access to the network that is being used to connect. Examples of information visible in this case include metadata, packet content (via deep packet inspection), websites visited, patterns of browsing behavior, version of browser used, your operating system, and more!

Other Practices & Features:

Incognito Mode (InPrivate Mode)
This is a feature that frequently causes confusion as it is not well understood - participants might not have a clear understanding of how Incognito mode works as a browser feature, and when it is useful. Explain how Incognito (and similar) modes work, and offer some examples of when they can actually be helpful features to take advantage of.

Safe Wi-Fi Practices
Finally, take some time to discuss, and if possible demonstrate, a few basic safe practices on for WiFi connections - this includes practices such as changing the default password of the modem, and showing participants how to monitor which devices are connected to their WiFi network.

References:

• https://myshadow.org/ckeditor_assets/attachments/189/datadetoxkit_optimized_01.pdf
• https://myshadow.org/train
• https://myshadow.org/how-to-increase-your-privacy-on-firefox
• https://securityinabox.org/en/guide/firefox/linux/