Privacy Settings for Firefox–History

By default, Firefox remembers your browsing history to make it easier to return to a visited site.

Select Options and then Privacy in the left hand navigation panel. Under History, open the drop-down menu labeled “Firefox will:”and tell the browser to never remember your history or use custom settings.

Selecting “Always use private browsing mode,” is for hardcore privacy, but you need to understand the implications of private browsing mode. See the Mozilla’s support pages for more information on this.

Here are the History settings that I suggest.

Uncheck the box for remembering your browsing and download history, un-check remembering search and form history, and leave the box checked for “Accept cookies from sites.” Then under “Accept third-party cookies” set it as Never, but change “Keep until:” I close Firefox. Finally check the box that says “Clear history when Firefox closes.”

This combination of settings allows Firefox to behave normally, but erases most of your activity upon closing the browser. These settings provide some measure of privacy without sacrificing functionality.

Privacy Settings for Firefox–Tracking

Firefox is the best browser for protecting your data. However, Firefox does require several setting adjustments to avoid intrusive tactics like ad tracking.

Select Options and then Privacy in the left hand navigation panel.

By default, Firefox does not enable the do-not-track feature. Turn it on by selecting “Request that sites not track you.” Also select “Use Tracking Protection in Private Windows”, which enables tracking protection that blocks ads and other online trackers when you’re in private browsing mode. However, few sites honor this request.

To enforce your do-not-track intentions, you need to use an add-on such as Ghostery, Disconnect, or the Electronic Frontier Foundation’s Privacy Badger. We have found that some sites do not to allow access to content with add-ons like these enabled.

Little Snitch

Just to be different, I started using a Mac to do some IIR. One of my quick fixes for security was  Little Snitch, a firewall for OSX. It monitors outgoing network traffic and alerts you if a program you’re running is trying to contact a strange server. This could be a shell or a program that snaps photos using your webcam or one that takes screenshots and sends them to an outside server.

When the Security Guard’s Job Stops

AttackThe fifth annual Horizon Scan Report published by the Business Continuity Institute, in association with BSI illustrates that physical security and related issues are growing concerns amongst business leaders. This renewed interest appears in studies and surveys throughout the industrialized world.

My own recent experience in Canada includes many executives asking questions about what they can do to prevent and manage active shooters, gang violence in their facilities, and terrorist attacks. Of course, they demand secrecy to surround their queries and the answers they receive. If I were to summarise the questions, they would display a surprising lack of knowledge about violence and Canadian law. I know the answers surprise the enquirer due to his reaction upon learning how helpless he is in the face of such low-probability but high-consequence threats. What follows should help to explain the most fundamental causes of, and reasons for, our inability to deal with these threats.

The recent awards for bravery related to the October 2014 attack on parliament hill should highlight our society’s irrational approach to managing armed attacks in public and private work places.

The outcome of this attack informs us that we cannot stop attackers at the front door due to our irrational aversion to armed security guards. That is apparent from the utterly inept response to the attack on parliament hill.

Most Canadian security operations stop short of actually managing an armed attack. Once something violent or dangerous starts, the normal response entails calling on somebody else to do the heavy lifting. In this organisational culture, when an attack starts, the security guard’s job stops. However, calling the police is not an emergency response procedure; it is an act of desperation and an admission of incompetence.

With this entrenched mindset, it does not matter how many resources have been devoted to the security operation, when an armed attack begins, security guards, employees, or guests will suffer serious injury or death.

Sign-in procedures, searches, and metal detectors have limited utility when violent intruders come calling. Intruders like this will not calmly line-up and politely follow orders.

The notion that technology and security theatre can supplant incompetence is common in the chancelleries that extoll the virtues of their most recent purchasing decision, but those worthies never face armed terrorists, gangsters, or homicidal lunatics themselves. On the other hand, unarmed guards exposed to armed intruders have a limited number of responses: run, hide, attempt moving people away from the attacker, die in place, or confront the attacker. As illustrated by the attack on parliament hill, unarmed guards are utterly ineffective in the last response option.

Most Canadians do not understand that self-defence is not so much a right as it is a defence in law used to enrich lawyers through endless prosecution and litigation. As a result, the government has embraced the union-shop mentality that sees the preservation of life and self-defence as something only government bureaucrats may do under the supposed ‘social contract’ and nobody has the money, power, and the perseverance needed to change this mindset. Demonstrating this needless and restrictive attitude is the fact that security guards may not get a pistol permit to defend life and limb; they may only get one to protect money. This promotes the perverse belief that the private sector is more interested in money than lives. Even worse, it demonstrates that our government does not believe that any class of private citizen should actually have the right to defend themselves.

Explaining to a public official or company manager that this aversion to armed security guards is irrational does not change his viewpoint but rather creates an enemy. Decades of propaganda and indoctrination against firearms ownership and the right to self-defence has produced an ignorance and unreasoning terror of weapons, which also manifests itself in the firm belief that only government bureaucrats have some magical ability to use weapons. Explaining,  if that were the case, then management of the parliament hill attack would have been quite different does not make any friends either.

In the 2014 Ottawa attack, the police did not sit on their hands outside as they did at the École Polytechnique shooting in 1989. Instead, they advanced to contact rather than waiting outside for specialized response units. This is termed Immediate Action Rapid Deployment (IARD), which is a fancy acronym for common sense.

The IARD protocol is to swiftly locate and close in on the attacker(s) to neutralize the menace at the earliest opportunity, thereby preventing further mayhem. However, this protocol has one critical flaw—the time between recognising the problem and having someone come by to resolve it. This delay causes further casualties. Would it not be more effective to stop or disrupt the attackers plan at the door? Should the attackers make it past the front door, would it not be more effective if on-site security personnel immediately employed the IRAD protocol rather than wait for police to arrive?

The federal government is slowly addressing these issues on parliament hill but do not expect any provisions for the private sector to address the very same threats.

De-Constructing Myths

Myths, rumors, urban legends, disinformation, and propaganda get amplified by the all-pervasive Internet and its trolls. Sometimes, this deluge of twaddle causes people who should know better to waste time, energy, and resources needlessly. Sometimes, it inspires a popular TV show like the MythBusters.

Urban legends and the related types of false information can cause problems in even the most well managed security operation. All it takes is one senior executive or official to believe something nonsensical and lend his authority to it. This may lead to money wasted on useless equipment and programs.

Fake Bomb-Detector

My first-hand experience with this problem includes a fake bomb detecting device that I later encountered as a detector of hidden ivory. This ludicrous device started as a fraudulant detector of lost golf balls. This scam lasted for years and made millions from sales across several continents.

I was suspicious of its use at a security checkpoint and managed to examine a unit and then do some research. Apparently, nobody else thought to do the same, even though lives were at stake.

Human Trafficking

An enduring myth exists that legions of prostitutes from all over the world descend on major events. This pernicious myth usually focuses on sporting events and it usually tries to link any masculine pursuit with human trafficking.

A version of this surfaced in 1998 when Jim Brown, the parliamentary assistant to Ontario Solicitor-General, Bob Runciman and one of Ontario`s Crime Commissioners, was forced to resign after he said Toronto’s Santa Claus parade gave fathers a chance to slip away and visit prostitutes. Senior police officers jeered at this idiocy.

More recently, this was supposed to occur at the World Cup, Vancouver Winter Olympics and at the US Football Super Bowl in February 2016.

The current trend is to equate the commercial sex trade with human trafficking. There are differences between women trafficked into prostitution, local sex workers, and those who migrate to other countries for work. However, irrational activists argue that large groups of men at sporting events result in increased demand for commercial sex that only trafficked women can meet.

On closer examination, every study I read revealed a large discrepancy between claims made before large sporting events and the actual number of resulting trafficking cases. I found no evidence that large sporting events cause an increase in trafficking for prostitution. Reputable anti-trafficking organisations, sex workers rights organisations, and  many neutral researchers and observers also refute this claim.

Yet despite the lack of evidence, this urban legend persists. It persists due to the large number of militant reformers, politicians, and journalists who profit from it. This urban legend provides inexpensive fundraising and publicity for agendas that include misandry, prostitution abolition, halting immigration, and exaggerating foreign threats.

This sensationalism breeds a waste of limited resources. For example, the airports at San Francisco, Oakland, and San Jose and underwent training to spot victims of trafficking in advance of the Super Bowl. Would you like to guess how many trafficked women they found?

Twitter Yearly Search

Have you ever needed to get all the Tweets from a subject during a specified time like everything in 2014?

When doing this type of search, first find the user’s first Tweet. You may do this by going to the Discover your first Tweet page and enter the users name and you will get the first Tweet and its date.

To search a full year’s Tweets isn’t difficult. Just go to the Twitter search box and enter the following:

from:user name w/0 @ since:2014-01-01 until:2014-12-31

The date format must be yyyy-mm-dd. Of course, you may enter any data range. You may also use the Twitter Advanced Search.

CPIC only reports indictable and hybrid offences

Canadian Police Information Centre

In Canada, a criminal record is a documented guilty conviction with registration of the offenders name in CPIC (Canadian Police Information Centre).

CPIC Content

“Canada’s repository of criminal records relates to individuals that have been charged with indictable and/or hybrid offences. Since the Identification of Criminals Act only allows the taking of fingerprints in relation to indictable or hybrid offences, and the RCMP National Repository of Criminal Records is fingerprint-based, the National Repository only contains information relating to these two categories of offences. Summary conviction offences are only included in the National Repository if submitted as part of an occurrence involving an indictable or hybrid offence.” [source:  (20 Jan 16)]

Hybrid Offences

Hybrid Offences or Dual-Procedure Offences may proceed as either summary conviction offences or indictable offences. The Crown chooses the mode of prosecution but usually prosecutes the less serious of these as summary conviction offences. The crown may proceed on the hybrid offences as more serious indictable offences when the  circumstances make the crime more serious.


In Google, Verbatim is not a command. If Google misbehaves by including strange terms that have nothing to do with your search statement, or if the search results entirely ignore some of your seach terms, then apply Verbatim to the search results by selecting ‘Search tools’, then ‘All results’  and  finally ‘Verbatim’.  Doing this will force Google to search on all of your terms without dropping any or looking for variations and synonyms.

Phone Numbers on the Web

The Phone Archive  says it searches USA based phone numbers usages and context snippets on webpages and documents found on the Web. This is operated by the same folks that run The Email Archive that I found less that useful earlier this week. This site is much more useful.

While they advertise this as searching US based phone numbers I found it useful for finding references to any phone number in the NA numbering plan. I found numbers in Canadian, Panama, and Caribbean islands.

I haven’t compared results to the large search engines, but this is a useful resource.

Google-Free Wednesday–Alternatives to Google Services

Perhaps it is time to remind folks that there are alternatives to Google services that are more respectful to your privacy:

  • for searches
  • Duck Duck Go which does not record your search history
  • Disconnect Search is a specialized VPN that lets you search privately using Google, Bing, and Yahoo search engines. No logging of searches, IP addresses, or any other personal info.
  • for email (see The Great Google Escape)
  • for e-mail (a bit more expensive that
  • Omnicloud from Germany’s Fraunhofer Institute, which allows you to encrypt all data locally before uploading it to the cloud.

Many Vloggers are now scrambling for alternatives because they find themselves at risk of having their YouTube account terminated on a whim. You could be next in this distrubing trend.

Finding E-mail Addresses

Finding email addresses and connecting them to a specific person has become a fundemental research task. However, to make connections between a specific person and other things of interest, you first must have an email address.

A new source for this data has appeared and it is called The Email Archive.  It advertises that it searches email address usages and context snippets on webpages/documents. However, when I search my name I get nothing. When I search an email address that is all over our sites, I get nothing. I noticed that this seems to only focus on USA related data.

Web Proxies & User Agents

A web proxy provides an easy way to change your IP address while surfing the Internet. They don’t require software or modification to your networking settings.  You just enter a website address and the sites you visit through the proxy see an IP address belonging to the proxy rather than your IP address.

I am very cautious about using web proxies as you never know who actually operates it and what data they might collect as you use it. You also don’t know  to whom they might give that data. On the other hand, I have found one that has a useful feature.

nroxy offers all the usual web proxy features plus something interesting–it offers the ability to change the user agent.  For example, some web sites cannot be viewed properly using Firefox. Sometimes it is an old site that requires MS Internet Explorer (IE) or it may be a site designed for mobile devices. This proxy offers user agents typical of 5 mobile devices and a long list of browsers.

To get the information I need I am finding it necessary to switch user agents more often. Usually, I use the User Agent Switcher extension that adds a menu and a toolbar button to switch the user agent of a browser. It allows you to chose from three versions of IE or an iPhone. Selecting the iPhone user agent often reveals additional  functionality on the site. The extension is available for Firefox and will run on any platform that this browser supports including Windows, OS X and Linux.

Now I have another option when I need to change the user agent and I get the additional proxy features as well.