Shared publicly  - 
 
Disconnect for Chrome, Firefox, and Safari already protects your privacy and data from prying eyes, but now it keeps your Wi-Fi browsing secure from session hijacking and widgetjacking attacks too! Here's how, and why you'll want to download it right now:
509
213
Tod Anderson's profile photoisaac mendez's profile photoCurtis Dobyns's profile photoJuho Mansikkamäki's profile photo
70 comments
 
thanks i'll do it as i get home
 
Great tool. Thanks for the heads up
 
Opera next please. Chrome is my secondary browser. Opera main.
 
Yes, Opera is also my primary browser.
 
Not to be a grammar Dalek, but is this line supposed to read like this?
"a site you visited happened to use an insecure connection to conact Google, Facebook, or some other service thanks to an embedded widget or social plugin."

Or was it supposed to be "contact"?
 
I'm going with "contact."  Some days it's just to difficult to hit spell check.
 
Doing this when I get home thanks for heads up
 
Getting attacked when I open Chrome browser and go to websites...Avast pop up detection :-(
 
That's awesome. Worthy extension to Chrome :)
 
This is a very handy one,thnks for sharing
 
Would be useful if it worked on android, but it doesn't do anything in chrome, and says it's incompatible with Firefox 17
 
lol... if anyone really thinks this extension will "protect them from hackers", they should probably never use public wifi again.

Get a VPN and never worry about any of this crap....and not PPTP.
 
With a name like Lifehacker, I'm not sure I want to trust this program. (Sarcasem) 
 
I surf on g+ & YouTube... as well as some fishing related websites... eyes can pry all they like on me.... 
 
+Nathan Weaver I second you. And if a hacker wants to hack he or she will do all in their power if they really want to get in your computer. 
 
Lifehacker, norton, mcAfee, win7, win8, google chrome, haha, i'm tired of all this.  I just keep away from all of these and i never have any problems with protection or system.
 
Lifehacker has all the wrong solutions to problems most people don't even have. But hey, anything to get those advertising dollars rolling in.
 
Thanks I'll be adding it to both Firefox and chrome. 
 
Of course if somebody wants to break in they can, there is no foolproof system, and defence in depth along with a healthy cynicism and a bit of experience will help. But this is really the same story as the two men, the lion and the running shoes. You don't need to outrun the lion, just the other guy. If you close down avenues of attack and remove the low hanging fruit you're likely to be passed over for easier prey. If the bullet has your name on it however...
 
I've just clicked on the link at the bottom that says download 'disconnect' next to download 'disconnect blog', after reading the post. I did this via my Samsung S3, anyway the AV I have on the phone told me this site could be dangerous and is acting like sites that are recognised as malware and spam, and could be harmful to your computer.
Now my AV has browser protection (url advisor) but rarely comes up with suggested sites to block but it definitely recommends blocking this one. What does that tell all you people that have just downloaded this app/add-on? 
 
It's strange.  They talk about your security, but when you land on their page, it wants to run scripting before you can see anything.

Fail?? 0_o
 
I already use Ghostery on my browsers to block all ads, cookies and widgets and everything else.
If I want to really remain hidden and safe, I use Tor for that.
 
+David Robertson, it isn't about "hiding from the man". It is about minimizing our online footprints so we don't have to suffer targeted ads, attacks, etc. This is a tool meant to better protect yourself and your computer.
You want to hide from "big brother" then "drop off the grid". 
 
+John Doh foolproof system = rolling release linux distro (for latest kernel) + a properly set up L2TP/IPSEC vpn /w ~20 char password & PSK or a Cert (due to double packet-encapsulation and non-aggressive 6-stage server/client identity verification to prevent MitM) OR SSH tunnel /w 2048/4096 bit RSA key and proper DNS forwarding + adequate understanding of linux firewalls and proper system security.

Many will argue that OpenVPN is an equally viable solution, but from my testing, OpenVPN leaks a boatload of data.

The main key here is encrypting ALL your traffic, with ARP (address resolution protocol) packets being the most important, verifying the identity of both client and server, and using a system little or no known exploits.

If one expects any true semblance of security in an online world... the only solution is to learn how to do it yourself. Extensions like this, and most other "consumer-grade" security tools/products are nothing more than fluff to make people feel better, but don't actually accomplish very much.
 
i hate to admit but i don't get this whole stuff,can someone update me with some ultra scientific news
 
Gary's trouble started when he went to Reuters...
 
I really don't give a fuçking shit if someone sees my browsing history
 
if you dont look at weirdo porn all the the time and/or pirate software,movies, music, etc, then what do you have to worry about? personal info notwithstanding of course
 
+Jon Cundiff if you use a bank account or credit card I'm sure you wouldn't want that information stolen.
 
+Nathan Weaver I would guess, that judging by the comments thus far, that only you and I understand what you just wrote. That kind of knowledge is not something the average layman will ever attain.

Further I would also say that even that level of security will not stop somebody who's determined and resourceful enough. Look at Stuxnet/flame, there are some serious people out there. The thing that most don't understand I guess is that the internet never forgets, and as data science gets better and better, they will be able to type you down to a very specific Psych profile just by your public posts alone.

Eternal vigilance is one thing, but what I cleave to is being just one person online, (no alts) and not saying or doing anything I wouldn't want my mother or anyone else to know about, online.

As for disconnect, I've been using it since it was just a project of one Googler, it's very good, I have it installed in all my browsers, installed it in my mum's browser too.

If you don't trust it, or your AV says it's unsafe, then look away now, I trust it, (along with a suite of other things) to keep my footprints light, and out of the clutches of the advertisers. Governments can simply ask the courts for your data, as the recent Google transparency reports shows them doing in increasing number.

YMMV
 
Nice extension but from what i have read on there site they are lick https everywhere with is good but until they do more than the major sites i cant throw my https everywhere out.
 
Wtf is that about
 
yes im sure, this little addon doesn't do shit. Just use a VPN. I use Peerblock.
 
Peerblock doesn't do what disconnect does, nor can a VPN protect you from sites you willingly visit. Unless I miss the underlying logic of that statement.

Also, there is ipblock for Linux, should anyone be interested, though again, that doesn't do what disconnect does either.
 
yes but what disconnect does is totally useless, the only security your protecting is your browsing history
 
As far as I understand it, (not having looked at the code, etc.)  What disconnect does, is it stops you from being tracked by people like google, facebook, etc. As you traverse the web. So in that sense, yes, you're right. What it does is stops third parties spying on your browsing habits. 

Which is more than peerblock does, unless you enable http blocking, in which case it simply stops you surfing to IP's it has blocked. I got a white page on any site that had advertising, (most of the web) when I tried it. That seems kind of pointless to me, unless you're really that into asceticism.

Hence my point that peerblock doesn't do what disconnect does. It's not a security tool, it's a privacy tool. So I'm guessing that use, like beauty, is in the eye of the beholder.
 
Ghostery is a brilliant add-on for browsers, stops most if not all, background data collection/analytics and advertising...
 
Aye, indeed it is, I have that, HTTPS everywhere, disconnect, two adblockers and a slew of other extensions and scripts installed. 
 
yes but who really cares if someone can track your browsing habits, its not like they can look at what websites you've been to and hack your computer. Peerblock allows you to download "things ;) " without your ISP sending you "messages" So just because some creeper can look at me on the web doesn't really matter to me. I mean unless your  like looking up how to make bombs this is kind of a pointless extension. Its like putting your key in a $50,000 safe while all your money is in a $10 safe. 
 
You don't understand this at all do you. All those "like" buttons around the web, they beacons, much like the original Beacon feature on Facebook. http://en.wikipedia.org/wiki/Facebook_Beacon This is what disconnect blocks, this is why it's called disconnect. If you go to web site with a "like" button, even if you're not logged in, even if you don't have a Facebook account, They can see what web sites you've been too, they read your web browsers cookies. So instead of being connected to Facebook, you are disconnected. http://en.wikipedia.org/wiki/Facebook_Like_button

The data Facebook keeps on you, is not under your control and is sold to advertisers, this is how Facebook makes money: http://www.mixcloud.com/businessweek/how-facebook-sells-you/

Peerblock, blocks IP addresses. Because when you run bit torrent, you're essentially running an open webserver, anyone can connect to it and see what you're downloading, this is how it's designed to work. There are companies, like bigchampagne: http://en.wikipedia.org/wiki/BigChampagne which trawl the web looking for people who download stuff. They send this data to the company that employs them, who send it to your ISP. Peerblock blocks the IP of companies like bigchampagne, so that if they try to connect, like an other peer, they are blocked. If you blocked your ISP, you wouldn't be able to surf, so your ISP can still connect to you and see what you're downloading.

Still you know all about this stuff, and it doesn't matter to you, it's pointless, so no worries eh?
 
so what are they going to do with my browsers cookies? eat them?? who cares its not people keep their life story in their browsing history.
 
Do you understand what a browser cookie is, what it contains, and what it is used for? Do you know how many you have on your computer/phone right now?  While you check that out you may also want to google for the following:
AOL Search logs
Mat Honan hacked

The wider picture can only be gleaned from a fascinating article in the NYT, several years ago, which talks about behavioural research involving credit scoring, (as relates to credit card risk in this instance) taken from a persons credit card purchase history. Apparently, the worst credit risk in the USA is a person who uses his card to pay for a bar tab, and has purchased a lucky 8 ball gear change leaver ornament for his car.

Now imagine that they can aggregate the same information from your search history, or browser history, which you're giving to facebook, (and google) as you go about your daily trawl of the web.

http://charlesduhigg.com/new-york-times-magazine/

That's not the original article, but it's a good start. I'll see if I can dig up the other, it really was fascinating.
 
Found it: http://www.nytimes.com/2009/05/17/magazine/17credit-t.html?_r=1&pagewanted=all&pagewanted=print&pagewanted=all

Keep in mind while reading this that this is about using data about what you buy to determine your credit worthiness. It's behavioural research, and it relies primarily on data. Imagine how more they could pinpoint your credit worthiness if they had access to your search history, or the data aggregated from facebook & google, etc. If like most people, you are not protecting your privacy you are giving this data away for free.

Already the presumption in the US is, that if you don't have a Facebook account, (I don't)  you have something to hide.

In 5 to 10 years this will be mainstream, the way you live your life online will determine whether or not you get a mortgage or how much of a credit limit you get and what interest rate you pay. Jack Dorsey, (the geeky kid behind Twitter) has a new start-up called Square, which looks to change fundamentally the usage pattern of credit cards and massive increase their use for ordinary items, this is backed by a social network, since it allows you to take credit cards too, so they will be able to map this to your friends, and others you do business for. Aggregated together with other sources of data, or even just on it's own, it will bring big data to behavioural research. Square is going live in Starbucks this year.

http://www.technologyreview.com/featuredstory/428150/what-facebook-knows/

http://www.economist.com/node/13176775?story_id=13176775

Still, you know better, right?
 
this little addon isnt going to stop hackers. And why are you so protective over companies looking at your data. Facebook isn't going to harm you.
 
Defensive? Moi? I'm just trying to win an argument on the internet, a fairly pointless sport at the best of times, like say, [insert popular sport here] but a man has to have hobbies :-)

(Yes, I know you edited it to protective, but I'd already written it yesterday while waiting, after getting the email) 

You could say I'm picking on Facebook unfairly, but I'm simply following the money.

Knowledge is power, possession of it, (from a corporate perspective) means profit. At least in a world of "big data"

Google is as very large and profitable advertising company, it makes 96-98% of all its income that way. This is all done by automated computer auction, which on its own displays an amazing amount of chutzpah IMO. Not to mention faith in their Chief economist Hal Varian, a noted expert on auction theory. Google chose to IPO via auction and did it themselves, in investment terms they "left a lot of money on the table" meaning they could have achieved a much higher initial stock price had they gone the traditional route via investment bank advisory, etc.

Facebook, chose the investment banking route when it went public. Facebook stock opened at the highest price it has ever had, ($42) and then dropped 50% over the next few weeks to around $20 now. As a private company it didn't have to have a plan, or make much money, (it didn't) As a public company it no longer has that luxury. It needs to turn a profit, it's shareholders will expect/demand that much. There you get into the subjective realm of value, what, when you get right down to it, does Facebook have to sell?

The answer, besides the obvious talent of Mark Zuckerberg and his minions and executives, is that Facebook can sell metadata from the text, pictures, and crucially, the connections that almost 1bn people have given to them in exchange for the free use of the Facebook platform. The key word here is the word "monetise" how does Facebook plan to monetise the data of its users?

Now admittedly, this is more of a subjective discussion than may appear warranted on the back of a simple plugin, and it does largely come down to a divide between those that use Facebook, and generally lack a deep understanding of computers, and those that do have a good understanding of technology and use Google. But this is where the notion of privacy, and profit motive collide. Privacy in the original sense of actually having something to hide, or things we wish only certain people to know. (Like the fact that you're pregnant) as per a link a couple of replies back, or you have a medical condition, (HIV) or any number of other personal details or quirks, (sexual or religious persuasion, political views, etc.) Some of which you may be happy talking about, some not. Then there is the matter of profit. If somebody is going to profit from this information, why shouldn't it be you? Ceteris paribus obviously, "all other things being equal"

Do not misunderstand me, I'm talking about Facebook as they have something to sell, they need to show a profit, while Google already has something to sell; eyeballs, other people's attention. They already profit from that. What Google needs to do is get people reading, including here on Google plus, on mobile, and eventually everywhere, (Google Glass) but the nature of the threat, and thus the harm, is somewhat quantifiable in Google's case, and I don't trust them either. With Facebook, the nature and quantity of the profit is as yet unknown, hence the harm is less quantifiable.

Disconnect doesn't just target Facebook, I'd does Google, twitter, yahoo! & linked-in too. In an earlier release they allowed you to block the Google cookie, this blocked access to gmail. This meant I had to use an insecure browser, (IE) to read my email. This annoyed a lot of people, hence the bit in the video about "not breaking the web" privacy in this environment is always a trade-off.

Nor do I think that anything I say will change anyone's mind, at best all any argument does is allow you to hone your own opinion, into a more cogent form. "If you want to understand anything, try explaining it to somebody else", perhaps especially somebody hostile to your opinion. They will ask questions, you will have to find answers.

As to the Wiley "hacker" nothing you can do will protect you against them, certainly not a privacy plugin. Something best expressed in the song, "Shape of my heart" by Sting. Which from memory goes like this.

"He deals the cards as a meditation,
And those he plays never suspect,
He doesn't play for the money he wins,
He doesn't play for respect.
He deals the card to find the answer,
The sacred geometry of chance,
The hidden law of the probable outcome,
The numbers lead a dance."

The stereotypical security professional who stands watch over the digital battlements, works eight hours, interrupted frequently, and then goes home. The stereotypical Wiley hacker sits in his mom's basement and tries to break in for 12-18 hours a time or more with few interruptions. The best anyone can do is spot the intrusion, kick the hacker out and patch the hole. 

It's a numbers game, that and there are always security flaws that will yield to careful study. If you have the time you may want to check out the idea of correctness in computer programming, it's impossible to write a program longer than three lines, that is provably "bug free"

As I said at the start the only defence is defence in depth and to remove the low hanging fruit. This approach works just as well with digital miscreants as with people who would invade your privacy for profit. The first step to that is understanding the terrain. Disconnect as a plugin provides one layer of defence  It is not foolproof nothing is, but as a fire and forget solution it works well.

You could also try the collusion tool, available from the same place, if you want a true glimpse into how tracked you are online. Gives you new sites to add to your adblock custom filter list, if nothing else.
Add a comment...