Catch up on this three-part post by reading Part 1, in which I discuss the best alternative to Google search and the two main alternatives for browsers. I also touch on the current state of digital privacy, security and surveillance.


So what’s an add-on? These are small, predominantly third-party, pieces of software that can be added on to your existing, base browser setup.

You’ll soon discover how various they are, but here we’ll only be scratching the surface of the thousands of options available for any one browser.

And the best thing is, they’re damn easy to find and install. If you’re using Firefox (and hope you are), open in a new tab and have a browse. Once you’ve found an add-on, make sure you read its features and permissions first, then simply install. Within seconds you should notice a little icon added to the top corner of your browser. You can then click on the icon to adjust settings and learn more about its features.

Of course, in this post I’ll be focusing on privacy and security add-ons, which essentially add value to your browsing experience in – I would argue – the most important ways.


Let’s start with something familiar. We’ve already seen how DDG is “the search engine that doesn’t track you.” But it also provides browser users with a free tool to block trackers across every website. No extra points for guessing who steals the show.

Google has its fingers in the back-end of just about every website, going by many variations on its name, depending on the type of tracking involved (e.g. “gstatic”, “googleanalytics”).

Of course, Facebook always likes to make an appearance, so you’ll typically find that once this add-on has been running for a week or so, it will be able to provide you with stats like these: Google blocked on around 50% of all websites visited, and Facebook on around 25%.

This does depend on the types of sites you visit. The DDG add-on provides almost effortless usability along with useful categorisations for reference, such as labelling these two monopolies of Silicon Valley “major trackers”.

HTTPS Everywhere

Without the HTTPS protocol, online banking, email and many of the other very personal services we rely on every day, simply wouldn’t be possible.

Let’s use an example. Say you want to log into your email. You’re at the homepage, but you won’t be able to access anything without your username and password. So you enter them. Now, for users not using a VPN (which we’ll discuss in Part 3), the only thing protecting that sensitive information is HTTPS. This is a layer of encryption which covers all information other than the domain from any potential man-in-the-middle (MITM) attack – or any other tracker or bad actor.

What HTTPS Everywhere does is force all visited websites to use this HTTPS protocol. Note, however, that if a website simply doesn’t have the capacity to use HTTPS (which is rare, especially among major websites), then there’s nothing this add-on can do about it.

HTTPS Everywhere was developed by the Electronic Frontier Foundation (EFF), the leading non-profit organisation defending digital privacy, free speech and innovation.


Unfortunately, in today’s world it’s not enough that we want to visit a website, look at its content and potentially spend money on its products; now the website wants to know everything about us. Where have we come from? What browser are we using? What screen resolution does our device have? What add-ons are we using? These are all questions any given website could be asking when you stop by. The problem is that not only do these websites want to obtain this information – they can obtain it.

To visit a website, you need a browser. So for every user, there’s a browser. How are these told apart? Well, every browser has a unique fingerprint. So for every customisation you make to your browser settings, for every add-on you add to your collection, this fingerprint will be altered accordingly. This means that even if you’ve masked your IP address, blocked trackers and covered all other angles, your browser’s configuration – the things that make it unique – can still be obtained in the form of a fingerprint.

And that means that when you visit that website again, it could spot you in the crowd. Luckily, another tool comes to our defence. CanvasBlocker can detect when websites try to obtain your fingerprint, and either block the attempt, or simply hand over a fake version. It’s worth noting that Tor incorporates this tool by default.

Cookies are the bane of many, but unfortunately they’re simply not going away. Our only defence against them is to block them either partly (third-party), or entirely (which is known to ‘break’ some websites, or cause them to not work as expected). For almost every website there are cookies, so it’s good to have a tool which can swiftly and reliably remove them at regular intervals in the background while we’re working. This is exactly what Cookie AutoDelete does. With additional options for grey- and whitelisting certain websites, Cookie AutoDelete can easily be set up to either manually or automatically remove all cookies as soon as a tab is closed – or when the browser itself is closed. When this happens, a notification will inform you of the number of cookies that have been deleted – which can be anything from 1 to 50 or more in a single session!


Ad blockers have been around for almost as long as there have been ads to block, and that’s a long time. Ads, in the form of popups, banners and videos, seem to serve no purpose other than to annoy us, intrude on us and distract us from what we came online to do. AdBlock will not only block popups, it will also remove any ads from the main content of the page you’re on. You can even see the frames and areas of the ads that failed to steal your attention, leaving nothing but clean space.


One of the more trying add-ons, NoScript can come across as a somewhat extreme measure, but it’s actually simpler to use than you might think. Another tool favoured by Tor, NoScript keeps a very watchful eye on any scripts that are loaded in a page but don’t seem to serve desired or expected functions. These include JavaScript and other scripts that could be used for tracking. Enabling NoScript by default, you may notice certain websites will break. But don’t worry. You can simply click on the NoScript icon and set which parts of the page you’d like to either trust, temporarily trust or distrust. You can even whitelist entire pages, which the add-on will remember whenever you return to that site. This helps with pages and sites you trust and visit often.

In Part 3 I’ll be discussing two of the best email solutions, and my VPN of choice.