Alternative browser configuration
Alternative browser configuration
For an optimal usage of JonDo we recommend also using JonDoFox. This will save you the configuration effort, since JonDoFox already contains all necessary settings to surf anonymously with JonDo on the Web. Further information about JonDoFox may be found here or on the JonDoFox homepage. If you prefer to use JonDonym with another browser it is necessary that you make the basic settings yourself.
Please beware: False or incomplete configuration causes browsers to leave a lot of traces while surfing, even if you use JonDonym. Configuring the browser yourself is quite elaborate and requires a deeper understanding of web technologies.
Browser updates: For surfing the web, use really up-to-date browsers only. Otherwise, websites might attack and damage your computer directly over browser security holes. Therefore, you should regularly update your browser.
Features needed for privacy-friendly browsers
Apart from the IP address, web browsers do leave many other tracks. It is not sufficient to just set JonDonym as a proxy.
- Cookies and Jacascript: domain-specific control (whitelisting) and allow to disable completely
- Referer control: remove it when changing domain, keep when staying within domain (otherwise various pages don't work), allow to disable completely
- DomStorage and SessionStorage: domain-specific control (whitelisting) and allow to disable completely
- Pings an Dritte bei Klick auf einen Link müssen deaktiviert werden.
- Werbe- andTrackingserver should be blockable by a blacklist. Werbeeinblendungen werden häufig auch für das Tracking genutzt.
- Detect and remove HTML-Spys (1x1 pixel transparent pictures, usually GIF)
- Allow to specify alternative and privacy-friendly search engines, if the browser provides a web search field, or may "redirect" typed adresses to web searches
- Allow to modify the user agent string
- Allow to disable Flash, PDF and other plugins
- Tracking-Opt-Out Header should be available X-Do-Not-Track
- Allow to disable the Geolocation-API, if present
- Allow to clear all private data (cache, cookies, history, forms) when terminating the browser
- Der Zugriff auf die Browser-History darf nur im Context der gleichen Domain möglich sein oder das Speichern des Verlaufs der besuchten Websites muss deaktivierbar sein. A research paper of the University of California shows, that cca 1% of top 50'000 Websites do collect informations by History-Sniffing.
- Desirable: offer additional validation of SSL certificates, government agencies can compel a certificate authority to issue false SSL certificates that are then used by intelligence agencies to covertly intercept and hijack individuals’ secure Web-based communications. (research paper). Some CAs will easily provide such certificates, as shown by a test (Google groups).
With proxy settings you configure your browser to not send requests directly over the Internet but through JonDo instead. This anonymizes the data. You will need to enter the following in the proxy settings for HTTP, HTTPS, FTP, and if required GOPHER (obsolete?) proxies of your browser:
- Hostname/IP address: 127.0.0.1
- Port: 4001 (if you had setup a different listen port than 4001 in JonDo then you need to input it here instead of 4001 too)
Warning: Make sure NOT to leave any protocols (HTTPS, FTP) without any proxy.
Warning for Webkit based browsers
Google Chrome, Apple Safari and other WebKit based browser are not recommended for anonymous surfing. Because of an FTP bug the IP address is leaked. This is independent of the used anonymization service. Tor users are affected as well.
Only solution is to block all FTP accesses (addresses beginning with "ftp://"), blocking only port 21 is not good enough. You can do this job with an AdBlock extension for your browser. Please use our anonymity test with IP check to verify your settings.