This page is intended to provide basic information about online security and privacy,
as it relates to the browser you use. The tech. media have concocted an ongoing
browser "contest", obsessed with comparing the webpage loading speed of various browsers,
which is largely irrelevant. Seldom do the media provide useful information about
rendering differences, security settings, etc.
With that in mind, this page attempts to provide concise explanations of the major privacy and security
issues, then explain how those issues are dealt with in various browsers.
Note that while there are more browsers available for Windows than those listed here,
all of them are variations on one of 4 browsers: Opera, Mozilla (Firefox, K-Meleon), Apple WebKit (Chrome, Safari)
and Internet Explorer(IE). Any browser not listed here is probably just a "skin" on top of Internet Explorer.
Those browsers might look different or have some special features, but basically they are IE.
Security and Privacy Factors
Javascript
Script refers to executable code in text form. A webpage mainly consists of HTML. HTML tells
the browser how to display the page. Script is used to make the page interactive. Many webpages
use script. Very few need to. Most web designers do not understand script. Most do not understand the
risks associated with using script. Most do not even understand the HTML code that
makes up their webpages. So they often use script without being aware of it. They just wanted to jazz up their webpage design. In some cases their
webpages will not even be viewable unless you enable script.
Script is so common that web designers, and even security experts, usually
don't give it much thought. But
script is implicated in nearly all online security problems. Script is
also implicated in many privacy problems online. The single best thing you can do in terms of privacy
and security online -- by far -- is to disable javascript. But that may not be so easy for many people.
Most websites do not actually require script to function, but some very popular interactive sites -- such as free webmail, Facebook, etc. -- will not
work without script enabled.
One solution to the problem of script might be to use a particular browser only for
specific sites that require script, and use another browser, configured with safe settings, for
all other online activity.
Back to Index
Cookies
Cookies are chiefly a concern in terms of privacy. A "cookie" is just a small
text file saved on your PC by a website that you visit. Usually that file contains something like an
ID number that allows websites to recognize you when you visit. Cookies were invented in the early days of the Internet to allow
for continuity between webpages. For instance, if you fill out a multi-page form online, a cookie might be used
to keep track of your entries as you move between webpages. Cookies can also be used for semi-permanent
data: If a website "remembers" your login name it does that through a cookie.
Today, cookies are generally not needed to provide continuity. They may still be used to store login
data. But for the most part cookies are being misused -- to track people online. If you do not
block cookies then you almost certainly have dozens -- perhaps hundreds -- stored on a virtually permanent basis.
That multitude of cookies is used by various online advertising companies, retailers, etc. to track your activities.
Cookies were specifically designed to function only for the website of origin. That design was meant to protect privacy. But various tricks
are used to get around that limitation. For instance, Google/Doubleclick has ads hosted on most webpages. If you visit a webpage
with a Doubleclick ad you are also visiting Doubleclick.com (in order to retrieve the ad image). The result is that Google/Doubleclick
can save a "3rd-party cookie" on your PC. With Google/Doubleclick ads on most major websites, the Doubleclick cookie no longer
functions as a cookie. It becomes something more akin to a radio tracking collar, following your actions online in real time.
All browsers can block cookies, but they only block the creation of new cookies. If you
want to block cookies altogether you also need to delete all cookies previously stored.
For an in-depth explanation of cookies, cookie abuse, and the lesser-known problem of "super cookies",
see the
Online Privacy Tips page.
Back to Index
IFRAMEs
"IFRAME" is HTML code. A webpage is composed mainly of HTML. HTML uses keywords to specify webpage layout and content to the browser. IFRAME is one of those keywords.
It is short for "inline frame". An IFRAME is basically a rectangular area of a webpage that contains an entirely separate webpage. For instance, a webpage at www.somewhere.com
could use an IFRAME to display the search page at www.google.com in a box. It's as if you had two browser windows
open, at different URLs, but they're actually on the same page.
IFRAMEs are entirely unnecessary in terms of webpage functionality, but the situation is similar to the problem of javascript:
IFRAMES are a security risk and a privacy risk. But that also makes them attractive to corporate snoops and various other unsavory online characters,
while most web designers are unaware of IFRAME problems and probably don't even know whether they use IFRAMEs.
Web designers usually work with visual tools that hide the underlying HTML code, script, etc.
So even though IFRAMEs are unnecessary and unsafe, they are also fairly common.
There are two very different, but important problems with IFRAMEs:
1) IFRAMES are used in a large number of online attacks that use what is known as "cross-site scripting". The design
of allowing webpages within webpages is inherently insecure.
2) IFRAMES are used for snooping: Major online advertising companies like Google/Doubleclick want to track you online
so that they can show you "targetted" ads and thus charge more money for those ads. One way to track you is via cookies. They generally have little trouble tracking
you online because most major websites host ads from these companies. If you block 3rd-party cookies then advertising companies have a more
difficult time tracking you. For example, if you visit youtube.com there may be an ad there from Doubleclick. Doubleclick
cannot put a cookie onto your PC if you block 3rd-party cookies because you are not actually visiting Doubleclick.com.
But advertisers came up with an ingenious way to get around that limitation. They put each ad inside an IFRAME. The
resulting webpage looks exactly the same as it did before, but each ad is also actually a unique webpage. You might
have 10 different webpages loaded in what looks like a single webpage -- with 9 of them containing only a single image-advertisement.
So none of these ads is 3rd-party. Technically
you are visiting all 10 websites directly. The page you chose to visit forced you to visit the other sites by loading them into IFRAMEs. That means that 9
companies you may have never heard of, and didn't mean to visit, can save a cookie on your PC. The end result is
that numerous companies can follow you around online through a "cookie tracking collar", even if you block
3rd-party cookies. (Ironically, Google, Doubleclick and YouTube all happen to be the same company. That's a good example of
the problem with allowing any cookies at all. Even if you block both 3rd-party cookies and IFRAMES at YouTube,
you're still allowing DoubleClick to track you, because DoubleClick is Google is YouTube!)
By blocking IFRAMES you will significantly improve online security, reduce snooping,
and reduce the number of ads you see. The disadvantage is that some webpages may not work properly.
For instance, some webmail sites are constructed with mulitple IFRAMEs. If you use hotmail or gmail you
may find that the website is blank when IFRAMEs are blocked.
As with javascript, it may be easiest
to use one browser for a few specific sites, then use a second safe browser -- with script, cookies and IFRAMEs
disabled -- for all other online activity.
Back to Index
Flash
Flash is Adobe's animation software. It is often used to show cartoons or animated graphics on a webpage,
similar to TV graphics. For example, images might move, change, zoom in, zoom out. Text might appear
and disappear. Flash is just decoration, but it's fashionable decoration. Many web designers like it to provide
the appearance of an active page, like a TV broadcast, regarding a static page as dowdy and outdated.
("Content is just so 90s.") Ironically, there is really nothing active about Flash. The animation
is just a static loop that repeats -- like a complex animated GIF.
But Flash is more than just a tedious cartoon distraction. A Flash cartoon is
actually a separate program. Whenever you
see Flash on a website you are actually looking at a small cartoon movie that your browser has downloaded.
The movie is also executable, like a program. It uses script. Since Flash is basically an executable file,
there have been a number of online attacks that have targetted Flash vulnerabilities.
Flash is also a privacy problem due to Flash "super cookies".
If you disable Flash -- remove the Flash Player plugin -- you will be safer, you will plug an obscure privacy hole
(see
the super cookies topic on the Privacy Tips page)
and you will see a lot less annoying, garish cartoons and animated ads online.
However, if you disable Flash you may also be unable to view videos online
at sites such as YouTube. Flash is not actually necessary to show online video. Websites like YouTube
could just let you download a video file. And Flash alternatives like HTML5 are increasingly being used.
But most sites "stream" video using functionality provided by Flash,
so that you can see the video but are blocked from saving the copy of the file that you download. That way
you have to return to their website, and see more ads, if you want to view the video again. (Streaming makes
the video appear like a TV broadcast, even though it's really a download.
All webpages are composed
of code with text, images, video, sound, etc.
All of those elements are files that you download. Your browser
then puts the files together to create a webpage based on directions in the webpage code. You cannot see an online video without
downloading the video file.)
Back to Index
Risky bloat
Risky bloat refers to Java, PDF readers such as Adobe Acrobat, Microsoft's .Net Silverlight,
plugins, toolbars, etc. All of these things provide slight convenience in some respect. You might
find a specific toolbar useful. You might like the convenience of reading PDF files in the browser
window. You may be required to use Silverlight or Java when you access certain highly interactive sites.
But in general none of these things are necessary, and all carry some security risk. If possible, remove all
connections between your browser and any of these extra, executable plugins.
Back to Index
HOSTs File and Ad Blocking
For a full explanation of HOSTS files, and a sample HOSTS file download with directions for use, see
the topic on the Privacy Tips page.
In brief: Use of a HOSTS file goes back to the early days of the Internet. When you visit a website your browser has to look up
the IP (Internet Protocol) address. It's as though every website had its own telephone number. You can't just go to www.somewhere.com. Your
browser has to look up the IP address of www.somewhere.com and "call that number" in order to contact the website. A HOSTS
file is like a phone book. It can be used to list the IP addresses of websites. All browsers will check for a HOSTS file listing before
going online to get an IP address. So a HOSTS file is a very simple ad and spyware blocker. You can use it to block your browser
from visiting any number of URLs.
A HOSTS file provides an easy way to greatly reduce online tracking while
eliminating the vast majority of ads online. Yet, strangely, most people do not know
about the HOSTS file. It is mentioned here because it is so useful in improving online privacy. But using a HOSTS file is not
a browser-specific issue. It works with any browser.
Back to Index
Browsers
A good browser should have a button on the toolbar that says, "Allow script for this site only."
Likewise for cookies and Flash and IFRAMEs. All of those things are in conflict with online security and privacy.
If they are not disabled by default, and
very easily enabled for a particular website, the browser
cannot both work well and be safe to use. Unfortunately, due to the demands of convenience, online commerce and corporate greed,
there is no browser that is both safe and highly functional at the same time.
Internet Explorer
In a nutshell, Internet Explorer (IE) is a mess. Versions 6, 7 and 8 are all different in terms of how they render
webpages. Each version has become more dysfunctional than the last, with silly security warnings and restrictions.
And all of the important security and privacy factors listed above are difficult to manage in IE. Over the years, IE settings have gone from
complex, to convoluted, to arcane, to downright outlandish.
Javascript : There are several script-related settings in IE. Each of those settings
appears in 5 different "zones", and the 5 zones appear in 4 different locations in the Registry. So there are
actually 20 different Registry settings for each setting in Internet Explorer's Security settings! The settings are
unusable. Period.
Cookies: Cookie settings are on the IE privacy tab. Like the script settings, they are a good
example of a common Microsoft trick. Settings are made so complex, convoluted and abstruse that
few people ever use them. In the case of cookies, the actual settings are hidden behind an intimidating
"Advanced" button.
IFRAMEs: There is no IE setting to disable IFRAMES.
IE is designed especially for corporate use.
The settings are extremely complex and confusing by design. That allows corporate IT people to control the Internet
settings of employees, and it allows Microsoft, in effect, to control the Internet settings of everyone else.
Basically, IE is not safe for use online and cannot be made safe through any reasonable efforts.
For a thorough discussion of problems
with IE, see
The Wacky World of Windows Internet Security.
Back to Index
Opera
Opera is a well-regarded product, but has never been widely used. The authors are
sticklers for web standards, so some webpages may not render so smoothly in Opera as they do in
Firefox or IE.
The settings in Opera can be confusing. They are spread out in a non-intuitive layout, and after first use
many of the settings seem to strangely disappear. But if you can get used to Opera's settings you'll find that
they are more complete and arguably better organized than those of other browsers. Opera has settings for script, of course.
It also has a setting to disable IFRAMEs, an option to block referrer headers, etc. Opera has perhaps the best "feature set" of
any browser, in terms of useful settings related to security and privacy. But expect some work if you want to understand and
control all of the various options.
Back to Index
Chrome and Safari
Chrome and Safari are both based on Apple's WebKit browser core.
Chrome is made by Google, a company with a shocking disregard for privacy. Chrome reflects
the Google attitude, with very few settings options to choose from.
Chrome is so bad it does not even have a setting to disable javascript!
It is a completely unacceptable product.
Safari is at least twice as bloated as any other browser. It is not widely used, even though
Apple tried to trick Windows users into installing it.
And Safari, of course, is made by Apple, a company that has repeatedly demonstrated contempt for their customers -- like a car company that sells you
a car and then rigs that car so that you also have to buy their overpriced gas. So why even consider using an Apple product?
Back to Index
Firefox and K-Meleon
Of the browsers already mentioned, IE, Chrome and Safari are seriously flawed. That leaves
only Opera, Firefox and K-Meleon as good browser candidates. Firefox and K-Meleon are the same browser underneath. Firefox is more polished and also
more bloated. K-Meleon lacks some of the conveniences that Firefox has, but is simpler, quicker, and
designed with the end-user in mind.
Firefox
As of this writing, IE usage has fallen below 60% and
Firefox is the only other browser with widespread usage. Firefox started out as a lean, honest alternative to IE.
It was a non-profit venture. Firefox, therefore,
should be the best browser; the people's browser.
But over time Firefox has become more bloated and less honest. Mozilla, the organization that makes Firefox, now get
most of their funding from Google. Google wants to show lots of ads to lots of people online. Not surprisingly, Firefox
has gradually changed to satisfy the wants of Google, and the Firefox settings reflect that. In Firefox 1 there was a setting to block 3rd-party images (ads). In Firefox 2 that
setting was removed, only available through the confusing and semi-secret "about:config" settings. And the value of the setting was deliberately
changed to cause confusion. Things have gone downhill from there. In Firefox 3, cookie settings are hidden behind a
"Custom Settings" button under "History". There is no setting, even in about:config, to change the browser refferer. One has to know enough to
add that setting.
The folks at Mozilla have taken a lesson from Microsoft: Don't remove options entirely. Just make them impossible
to figure out. That way the option is effectively removed without confrontation, and many people will just blame themselves for being "stupid when it comes to computers".
Javascript: Settings in Firefox are straightforward, located in
Tools ->
Options ->
Content . (While there you can also disable Java, which is rarely used by anyone online.)
Cookies: Settings, as mentioned, are hidden behind a "Custom" button
in
Tools ->
Options ->
Privacy .
IFRAMEs: There is no setting for
IFRAMEs in Firefox, but they can be disabled. Go to the folder
C:\Documents and Settings\[user name]\Application Data\Mozilla\Firefox\Profiles\xxxxxx.default\chrome\. (In Windows Vista/7 that
would be C:\Users\[username]\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxx.default\chrome\.)
"xxxxxx" here can be any combination of random characters. In the chrome folder find, or create, a file named
userContent.css.
Open that file in Notepad and add a line like so:
IFRAME {display: none !important;}
Save the file. (This file is essentially a master style sheet that overrides webpage styles. It can be used to apply any sort
of custom style settings to any page element, for all visited webpages.)
Plugins:
To disable Flash or other plugins, go to
Tools ->
Options ->
Main ->
Manage Add-ons. If you want to remove plugins look in C:\Program Files\Mozilla Firefox\plugins
or in the program folder for the company. (Ex. Program Files\Adobe\...).
Beware the Phishing Filter:
If you are concerned about privacy you will probably want to disable the ridiculous
phishing filter in Firefox. In addition to being essentially spyware, the phishing filter depends on information that is likely to be
outdated. The way the filter works is to check the website URLs you visit against a blacklist
of known scam websites. The list is hosted by Google/Doubleclick. At full functionality the filter
reports to Google/Doubleclick
every site you visit, in real time. Google/Doubleclick is also using (3rd-party) tracking cookies in these communications.
With the phishing filter enabled you will be inviting Google/Doubleclick to watch you (
and presumably customize
the ads you see ...
and presumably sell your "consumer profile" to other advertising companies... ) as you
travel around the Internet. Meanwhile, phishing websites can easily relocate
once their URL has been added to the blacklist. If you want to avoid being caught by an online scam,
a bit of caution and common sense are
far more useful, and far less intrusive, than the Firefox (and IE) phishing filters.
The Firefox phishing filter settings are under
Tools ->
Options ->
Security . Uncheck the two boxes marked
"Tell me if the site I'm visiting....".
For more thorough blocking, search about:config for "safebrowsing" and remove all URL strings found.
Back to Index
K-Meleon
K-Meleon settings are under
Edit ->
Preferences .
The settings are reasonably clear. Under
Privacy and Security you will find cookie settings. On the
Paranoia tab are settings
to disable referrer headers and the idiotic link-prefetching function.
Javascript has its own heading.
Under
Page Display ->
Content Filters
you will find an option to block Flash if you don't want to remove it entirely.
On the
Page Display ->
Images tab there is an option to block 3rd-party images. This is the same setting that was
removed from Firefox when Google started paying the bills.
IFRAMEs: IFRAME blocking works the same way it does in Firefox. Just substitute "K-Meleon" for "Firefox" in the path to
userContent.css.
K-Meleon is cleaner, simpler and faster than Firefox, but it does have some rough edges. Notable examples:
1) The source code editor is very primitive. It's really just a viewer, not an editor. 2) Firefox has an option
View ->
Style ->
No Style that allows all style settings in a webpage to be turned off. That option can be very useful with poorly designed
websites. For instance, for a long time Microsoft webpages had no vertical scrollbar if scripting was disabled. There was no way to see the whole page! Viewing the page with
no style fixes that kind of problem.
Back to Index
Specialzed Options Specific to Firefox and K-Meleon
Firefox and K-Meleon have a number of features that do not show in the standard settings window but which are adjustable.
Most of these features are not available in Internet Explorer at all, even though several of them (such as the ability to control
the referrer header) should be
available in any properly made browser.
Unfortunately, the documentation for these settings is limited, while the format
and system for the naming of settings is excessively "geeky". The system for adjusting these settings dates back to
the early days of Netscape and it seems that no one has thought to modernize it since then.
The easiest way to change these settings is to type
about:config into the address
bar and then hit ENTER. The resulting list is offputting. It's a very long list of settings with confusing names and no indication of what the possible values are, but many of the settings are at least documented at mozilla.org.
For the settings below, right-click the value and click Modify. If the value is not present it can be added with right-click -> New.
Some useful settings
Block 3rd-party images
K-Meleon: Edit ->
Preferences ->
Page Display ->
Images tab
Firefox: This option is no longer in the settings menu of
Firefox but can still be set in about:config. Image behavior options: 0-accept all images. 2-no images. 1-no 3rd-party images.
Setting: network.image.imageBehavior Value: 1
Setting: permissions.default.image Value: 3
Image animation
This will prevent animated GIFs from repeating:
Setting: image.animation_mode Value: "once"
Prevent blinking text
Setting: browser.blink_allowed Value: false
Turn off "What's related?"
Setting: browser.related.enabled Value: false
Setting: browser.related.autoload Value: 2
Block sending referrer header
This blocks sending of the referrer header, which tells a website
where you are coming from if you click a link. That information is used by websites
to find out what other sites are linking to them. That's not especially problematic,
but if you would prefer to maintain your privacy you can turn the function off.
K-Meleon: Edit ->
Preferences ->
Privacy and Security ->
Paranoia tab
Firefox: This setting must be added in about:config.
The setting has also changed over time. To be thorough, set all of the following:
Setting: network.sendRefererHeader Value: false
Setting: network.http.sendRefererHeader" Value: 0
Setting: network.http.sendSecureXSiteReferrer Value: false
Control UserAgent
The UserAgent string is a string of text that the browser sends to websites
in order to identify the operating system and browser. That is normally harmless,
but in some cases a webpage may render better if you pretend to be
using a different browser. If you have script enabled your userAgent should be displayed below in red:
K-Meleon: To change the userAgent string go to
Edit ->
Preferences ->
Privacy and Security ->
Paranoia tab
Firefox: This setting must be added in about:config.
Setting: general.useragent.override Value: "xxx"
where "xxx" is the UserAgent string in quotes. The following samples
can be used to mask your system as a different operating system and/or browser.
Replace xxx with one of the lines below. :
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3
Mozilla/5.0 (compatible; Windows 98; rv:1.7.12) Gecko/20050915 Firefox/1.0.7
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Mozilla/4.76 (Macintosh; I; PPC)
Mozilla/4.61 [en] (X11; I; Linux 2.2.13-33cmc1 i686)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Stop Prefetching
Prefetching is an idea of questionable value that is nevertheless part of
the HTML specification. The idea with prefetching is to allow a website to take advantage
of the time when your browser is not busy. For example, if your browser has finished loading
Page 1 of an article, a special prefetch link on that page could force the download
of, say, a large image that
might be needed later if you decide to go on to Page 2
of the article.
The problem with prefetching is that it's rarely likely to be useful,
it takes control away from the visitor, and it can allow unrequested and undesired
files to be stored in your browser cache. For instance, there is nothing to prevent
a webpage prefetching ads, undesired webpages, and possible cookies that go with them.
Unfortunately, while the prefetching setting is available in K-Meleon, it is one of several relevant settings
that the Firefox "Mozilla team" seems to think are too complex for the browsing public to understand.
From the Mozilla.org explanation of why prefetching is not included in the Options window:
"...our theory is that if link prefetching
needs to be disabled then there must be something wrong with the implementation.
We would rather improve the implementation if it does not work correctly,
than simply expect users to locate some obscure preference in the preferences UI."
That sort of arrogance is why Firefox, despite all of its good features,
is badly lacking in options for people to easily control settings. To stop pre-fetching:
K-Meleon: Edit ->
Preferences ->
Privacy and Security ->
Paranoia tab
Firefox: This setting must be added in about:config.
Setting: network.prefetch-next Value: false
Back to Index
Settings Specific to K-Meleon
K-Meleon Bookmarks
The Bookmark plugin that installs with K-Meleon by default enables
the use of Netscape/Firefox-style bookmarks. With that plugin enabled
(
Edit ->
Preferences ->
Plugins )
just copy your Firefox bookmark file (bookmarks.html) from the Firefox Profile folder, into the K-Meleon Profile folder. (The Firefox profile
folder is Documents\Settings\[username]\Application Data\Mozilla\Firefox\Profiles\[username].xxx
K-Meleon Appearance
K-Meleon is not quite so polished as Firefox in terms of toolbars, etc. The default icon,
notably goofy, seems to be a smiling dinosaur cartoon. But K-Meleon is adaptable. In
Edit ->
Preferences ->
Display ,
choose a skin. "Phoenity" is the up-to-date skin. Once a skin is selected, go to the program folder and find the
corresponding subfolder in Skins. In other words: \Program files\K-Meleon\Skins\[skin name]\.
Toobar background image:
Place a BMP file in the Skins subfolder. Then open K-Meleon, type
about:config into the address bar
and press Enter. Set the value of
kmeleon.display.backgroundImage to the full path of the BMP file.
Set the value of
kmeleon.display.backgroundImageEnabled to True.
Program icon:
Perhaps the worst thing about K-Meleon is the garish, kiddie-style program icon, which is
a bright green cartoon dinosaur. To change it: In the Skins subfolder, replace
main.ico with an icon of your choice. It should be
a 256-color icon with both a 16-pixel and 32-pixel size contained in it.
Toolbar buttons:
Toolbar buttons can be removed by editing the file
toolbars.cfg in the
Skins subfolder. It is fairly self-explanatory. Just use a hash mark to comment out any buttons
that you do not want to be visible.
Note that the graphic options above only apply to the current skin.
K-Meleon - Fixing Multiple Window Problem
One odd default setting in K-Meleon is that it opens bookmarks in
new windows. That behavior is unconventional and may not be desired. To make
bookmarks open in the same window, open K-Meleon, type
about:config into the address bar
and press Enter. Find the setting
kmeleon.plugins.bookmarks.openurl. If the value
is
ID_OPEN_LINK_IN_NEW_WINDOW then change that to
ID_OPEN_LINK.
K-Meleon - Stop PDF Files Loading
Adobe has been downright obnoxious in their tireless effort to make
PDF files a web standard. By installing browser plugins without asking, Adobe has fooled
many people into thinking that PDFs are like webpages - in hopes of selling more
copies of Adobe Acrobat. The problem with Adobe's behavior is that in most cases
it makes more sense to save PDF files to disk rather than to load them in the browser. A PDF is
good for flexible printing and very little else. PDF files are not especially convenient for reading
text onscreen. Also, PDFs have been the subject of numerous security problems. Yet it can sometimes be difficult to just save a PDF to disk because
Adobe's plugin jumps in and takes over.
In Firefox, plugins can be disabled/removed in
Options ->
Main ->
Manage Add-ons . Also, look in Program Files\Mozilla Firefox\plugins if
you want to remove the plugin files altogether. (See next paragraph for more specific info. about the Acrobat plugin.)
K-Meleon has no options to control plugins, and the user-pref settings may be
ignored. To stop K-Meleon from loading PDFs in the browser, find the Adobe Acrobat Reader plugin folder. The path should
be something like C:\Program Files\Adobe\Acrobat x.0\Reader\Browser. Or find the path by doing a search for the file
nppdf32.dll. (That file is the Netscape PDF plugin.) Once the path is found, rename the file or rename
the parent folder, to something like "noBrowser", so that K-Meleon cannot find it. Or just delete the DLL file
if you know you don't want Acrobat Reader opening PDF files in your browser. Also check to make sure another
copy of that file is not in the Program files\K-Meleon\Plugins folder. That should stop Acrobat,
but K-Meleon is especially badly behaved when it comes to plugins. Not only are plugin settings hidden - if
the Acrobat plugin is not found K-Meleon may even try to hunt down the Acrobat Reader program on your
system and force that to open PDF files! If you have that trouble, it may help to also add this line
in about:config:
Setting: browser.helperApps.neverAsk.openFile Value: "application/pdf"
Back to Index
