Found a pretty nice article about staying safe using firefox, thought I would share. All credit goes to Security Hacks.

Tip 1: Use secure connections

Assume that any information you send is not private unless it is encrypted. Whenever possible, you should connect to secure web sites, which are evident by a web address with https. When connected to secure web sites, your browser encrypts any data transmitted between your computer and the server. Anyone who may be listening to the transmission would only see scrambled data.

Tip 2: Clear private data

If you don’t clear your private data, the next person using the same computer (or your company’s IT staff) could get a chance to read some of your emails, get your password or find other private information that you don’t want other to know. Firefox can be set to clear off your browser’s cache of web pages and stored passwords as well as clear the browser history and cookies.
In order to delete private data, go to Tools->Options and click on the Privacy tab. Make sure Always clear my private data when I close Firefox is checked, so you know that your private data has been cleared every time you quit Firefox. You can customize the private data to be erased by clicking the Settings button and checkoff what data you’d like to clear.

Tip 3: Encrypt stored passwords

By default, Firefox browser doesn’t protect your stored passwords and they can be read by any user. If you must save your password on a non-private computer (e.g. your work), make sure you setup a master password to protect your passwords from being seen by any person who has access to your computer.

Tip 4: Block cookies

As you might know, web sites occasionally use cookies to keep track of your surfing behavior. Over time, cookies can reveal your browsing habits, browsing history and other information that you don’t want third-party companies to know. Firefox can accept, and regularly wipe cookies you haven’t explicitly told it to keep.
To delete third-party cookies, go to Tools->Options and click on the Privacy tab. Check Accept cookies from sites, and in the Keep until drop-down box, select I close Firefox. To keep cookies from trusted sites (e.g. Google GMail), click the Exceptions button and in the dialog box enter the address of the web sites whose cookies you wish to keep. If you want to have more control over cookies permissions, you might want to install the CookieSafe extension.
What most people don’t know, is that there are extra techniques to keep track of your. For example, Flash-based web services use Flash cookies to store client information. Furthermore, JavaScript code uses DOM storage to store information about you.
In order to disable Flash cookies, open the Flash Global Storage Settings Panel and slide the slider to the left until “None” appears on the screen. Next, check never ask again and deselect Allow Third-Party Content to Store Data on Your Computer to prohibit all third parties from storing information on your computer.
To disable JavaScript cookies, in Firefox address bar type about:config, and set the key dom.storage.enabled to false.
Note that if you prohibit websites from storing information, the website might or might not function as intended.

Tip 5: Install SafeCache and SafeHistory

Caching of web pages is a performance-enhancing feature that improves browsing experience and reduce network traffic. However, because Firefox caching stores persistent information from one site on your computer without hiding its existence from other sites, it is a target for various privacy attacks.
SafeCache, from Stanford university, is a browser extension that protects your privacy by defending against cache-based tracking techniques. It allows embedded content to be cached, but segments the cache according to the domain of the originating page.
SafeHistory, developed by Stanford university, is a browser extension that protects your privacy by silently defending against visited-link-based tracking techniques. It allows offsite visited links to be marked only if the browser’s history database contains a record of the link being followed from the current site.

Tip 6: Disable referer address

As part of the HTTP protocol, requests to web pages can include a referer header that tells the server which page the user was on that initiated the request. Server and third-party software use this information to track your paths through the site. You can configure Firefox to block the referer by going to about:config, and changing the value of network.http.sendRefererHeader to 0.
If you experience any issues with various web sites, you may want to check RefControl, which lets you control what gets sent as the referer on a per-site basis.

Tip 7: Install TrackMeNot

It’s not a secret that search engine corporations monitor and log search queries in order to build a profile that will reflect your search behaviors, who you are, what you care about etc. TrackMeNot is a browser extension that periodically issues randomized search-queries to popular search engines (e.g. Gooogle, MSN, Yahoo!). It hides user’s actual search trails in a cloud of ghost queries, increasing the difficulty of identifying user profiles.

Tip 8: Clean web history

Firefox keeps a browsing history, which is a record of all web sites that you have visited. To stop Firefox from maintaining a browse history list, go to Tools->Options and in the Privacy tab deselect the following options: Remember visited pages for the last… , Remember What I enter in forms and the search bar and Remember what I’ve download.
What most people don’t know is that even if you tell Firefox not to save your browsing history, it is still possible to access the last 10 closed tabs (History->Recently Closed Tabs). To clear the Recently Closed Tabs list, in Firefox address bar type about:config, and set the key browser.sessionstore.max_tabs_undo to 0.

Tip 9: Use VMware Browser Appliance


The Browser Appliance is a VMware image based on Ubuntu that allows users to securely browse the Internet using Firefox. When you boot the image, it immediately shows you a full environment ready to surf the web safely. The ultra-paranoid Internet users can configure the Browser Appliance to automatically reset itself after each use so personal information is never stored permanently.

Tip 10: Install Stealther

If you don’t want to disable your address bar history, clear your saved passwords and your private data, then Stealther is the right extension for you. Stealther is the perfect extension to use if you need a quick, private browsing session without permanently disabling features like browsing history, data caching etc.

__________________

Some good stuff, some of it is a bit overboard imo. The cookie info is dated, you can only set FireFox 2.0 to block third party cookies through about:config. There is no option to do so in the UI. I dunno if Cookiesafe does it, I've read that setting network.cookie.cookieBehavior to 1 allows some third party cookies through. Good info though Stang, thanks for posting.

__________________

Yeah I agree, some of the cookie info is better handled through the about:config command you mentioned (thanks for telling me about that btw). Disabling the referer header is very valuable though as well as installing the trackmenot plugin...two things a lot of people would never think about including myself.

Just in case anybody wants to see any vulnerabilities, you can use this link TorCheck at Xenobite.eu - HTTP-Mode, it is designed to make sure TOR is configured correctly but also is useful to know about your connection in general.

__________________

Yeah good tip on the referrer settings, I went ahead and changed mine, hopefully it isn't an issue when using legit pay sites like newegg and such. Anyway, it was an interesting read, and the browser check site seems decent, kinda like a shields-up for FireFox. Thanks for posting!

__________________

No problem! I thought I was the only person who used shields-up, that is a very nice site also.

For anybody who does not know, here is the link to shields-up
https://www.grc.com/x/ne.dll?bh0bkyd2

__________________

Some really nice tips there Stang

My comp is pretty secure already, but was probably sending out some infoi without my knowledge - now thanks to these tips I am like the invisible man n(well almost), LOL.. thanks

__________________

Glad I could return the favor paddy, you have helped me immensely in the past!

__________________

cool! - you just proved my parents and everyone else wrong!!.. I am good for something LOL

__________________