Firefox Security Addons

1. Web of Trust (WOT) - You pretty much can't read a Firefox security article without learning about the Web of Trust (WOT) add-on -- and there's good reason. WOT rates every site on the Internet for its security risk: green equals safe, amber equals worrisome and red means avoid like the plague. Simple, easy, and a must-have security measure. If you prefer a brand name,McAfee's SiteAdvisor Firefox add-on offers similar functionality.

2. AdBlock Plus - The AdBlock Plus Firefox add-on says what it does, does what. AdBlock prevents most advertisements from loading -- especially Flash ads and those layered takeover ads that slow your page loads down -- including all the tracking cookies most ads slip into your system. Even if you aren't paranoid about data-snooping, AdBlock will noticeably speed up your surfing.

3. LastPass - The LastPass Firefox add-on is the granddaddy of password managers. Create one master logon for LastPass itself and it will log you in to every other online service you've got an account with. Moreover, LastPass stops storing your passwords locally in the browser -- where they can be hacked -- and encrypts them into an online account you (and you alone) can access from anywhere. It also has some nice password generation and form auto-completion features, which makes account signups even safer and simpler.

4. BetterPrivacy - The BetterPrivacy Firefox add-on is designed to scrape away the most persistent tracking cookies that websites (and, especially, advertisers) use to profile your online activity. In particular, BetterPrivacy blows away Local Shared Objects (LSOs), the pernicious cookies left behind by Flash applications, videos and websites that most other extensions simply can't erase.

5. NoScript - JavaScript makes a lot of interesting functionality possible on the Web -- including nefarious clickjacking attacks. The NoScript Firefox add-on permits only JavaScript from trusted domains to run in your browser, preventing any unsavory functions from occurring behind the scenes.

6. BugMeNot - It seems every site on Earth wants you to create an account to view their content these days -- mostly so they can track your surfing (even offsite) and sell your data to advertisers (as in spammers). The easiest way to avoid this constraint is the BugMeNot add-on, which provides anonymous credentials for most major sites, allowing you to login without creating or using a "real" account.

7. SpamAvert.com - Where BugMeNot stops, the SpamAvert Firefox add-on picks up. SpamAvert creates quick, disposable e-mail addresses you can use to enroll at sites you don't intend to visit again. The fake e-mail accounts allow you to complete registration, but they also take the hit for follow-up spam, keeping your real accounts clear of the clutter.

8. Beef TACO - The Beef Targeted Advertising Cookie Opt-out (TACO) blocks almost every type of tracking object from settling into your browser. If it's designed to report your web activity to dataminers or advertisers -- including the big dogs like Google, Facebook and Yahoo -- the Beef TACO swats it away. Combine this with BetterPrivacy and you'll be an ad-free phantom in no time.

9. Torbutton - For those that don't know, Tor is a proxy surfing service that prevents even your ISP (or employer) from knowing exactly what web sites you're visiting. The Torbutton Firefox add-on makes using the Tor service dead simple, which is a good thing given how easy it is to turn proxy-configuration a tangle of confusing options. If you want absolutely nobody to know where you've been online, the Torbutton is the place to start.

10. hideBad - Sometimes the biggest security or privacy threat is the one that's right over your shoulder -- literally. The hideBad Firefox add-on offers a browsing panic button that instantly closes every open tab in your browser (while saving the data so you can restore the session later) and replaces them with your homepage. It stops snooping eavesdroppers (and dangerously curious bosses) from knowing which web pages you were just surfing, which may be the most important security measure of them all.

Google Chrome Security Extensions

1. Web of Trust (WOT) - If you have just one Chrome security extension, Web of Trust should be it. The WOT extension throws up traffic signal warnings for every link on the web: green for safe, amber for suspicious, and red for avoid at all costs. The ratings are powered by user feedback, so feel free to throw your own kudos or condemnation up as you surf.

2. SiteAdvisor - Like Web of Trust, McAfee's SiteAdvisor Chrome extension warns you whether the link you're about to follow -- or the page you're on -- is safe to surf. SiteAdvisor's alerts, however, are powered by McAfee's security research, rather than the crowdsourced feedback of Web of Trust. Green checkmarks mean safe; red Xs mean risky.

3. LastPass - The LastPass Chrome extension is a robust password manager that replaces all your separate web logins with a single master password. Remember that one, and LastPass will log you into the rest. Signing up for a new service? LastPass will generate a strong password for you. Got a new web form to fill out? LastPass will complete it for you, even if it's AJAX-based. And all the password data is locally encrypted, so even if the LastPass service is hacked, your passwords are safe. Stop using the Post-It notes taped to your monitor and let LastPass safely recall your passwords.

4. Secbrowsing - The Secbrowsing Chrome extension provides a single but vital function: It makes sure all your browser plug-ins are up to date. Running an old Flash plug-in with a known vulnerability? Secbrowsing will let you know. Missing the latest Java security update? Secbrowsing has your back.

5. Click & Clean - The Click & Clean Chrome extension is the nuclear option for erasing your browsing history. Besides removing all the URLs from your browser logs, Click & Clean also deletes every cookie, web temporary file, local web artifact, LSO and download history item from your browser -- whether they could do harm or not. In short, it makes it look like you've never browsed the Internet before.

6. View Thru - When you click on a shortened URL from a service like bit.ly or tinyURL, you have no idea what kind of site (or security threat) you'll arrive at. The View Thru Chrome extension creates mouseover blurbs that expose the destination URL behind those shortened links. Never click blind again.

7. KB SSL Enforcer - If certain sites or services offer a Secure Sockets Layer login or access option, the KB SSL Enforcer will automatically select that https:// URL. The days of using unnecessarily unencrypted web addresses are over.

8. PasswordFail - For the extra paranoid among us, the PasswordFail Chrome extension warns you off any website that stores or sends your login password as clear text. Basically, if one of these sites is hacked, your undisguised password is sitting openly in a database, ready to be tried on all your other online accounts. PasswordFail lets you know if your password is an easier hacking target by calling out websites that don't encrypt their stored or e-mailed passwords.

9. Credit Card Nanny - This Chrome extension is just like PasswordFail except Credit Card Nanny highlights websites that store or send your credit card number (and other data) as clear text. The fact is, many web transaction forms simply e-mail your credit card number to the site administrator for manual processing, making the card number, your card expiration date, pin number, or any other transaction data easily intercepted. Credit Card Nanny helps you avoid the online stores that engage in this risky business.

10. TrustGuard - Sort of a Better Business Bureau for the web, the TrustPilot Chrome extension uses customer feedback to rate online stores for their security and business practices: Red for avoid, orange for use caution, and green for safe. If you come across an e-commerce site that looks sketchy, odds are TrustPilot can confirm or deny whether it's safe to make a purchase. And for established sites that have current security concerns -- like when when they're under a hack attack -- TrustPilot will let you know when its safe to shop there again.

11. Secure Profile - It's all fine and good not to share your passwords or browsing data with unknown online parties, but what about the people who use your PC? The Secure Profile Chrome extension encrypts and password-protects your Chrome profile data -- including all those stored passwords and form auto-completes -- so that anyone who gains access to your machine can't also gain access to your online accounts.

12. AdBlock - As much a privacy concern as a security issue, online ads range from intrusive to risk-inducing. The AdBlock Chrome extension blocks most of them, especially those than use Flash, prior to downloading. Thus you'll browse safer and faster.

13. BugMeNot Lite - Almost every web site seems to want you to create an account -- and to track your access history across the Internet -- even if you only plan on visiting once. With the BugMeNot Lite Chrome extension, simply click CTRL+i and those onerous login forms will be auto-completed with anonymous information. You get access, but the site gets no data. Sounds fair to me.

14. FlashBlock - If AdBlock doesn't go far enough, the FlashBlock Chrome extension will prevent any Flash content from loading on a web page. Instead, a placeholder icon is displayed, so you can unlock those select Flash elements you want to see -- like videos -- without suffering through the slowdown and potential security risks a full Flash onslaught can present.

15. Google Alarm - Perhaps more amusing the useful, the Google Alarm Chrome extension sounds a shrill siren alert anytime you load a page where Google is collecting browsing data, which is to say any page running Google Analytics or Google AdSense. Running this extension for just a few hours will illustrate just how often Google has their eye on you (and how glad you are this extension has a silent mode). You may not run Google Alarm long, but you'll learn a great deal while it's operating.