8. Test Your Privacy / Security
It isn’t enough to install / implement the various recommendations and then forget about it. It’s also important to test and verify that the privacy and security tools you implemented are delivering the desired protections. I’ve provided some info and links below to help you conduct an extensive test of your browser privacy and security posture.
BrowserLeaks.com – This site is all about Web Browser Fingerprinting. Here you will find the gallery of web browser security testing tools that tell you precisely what personal identity data may be leaked thru your browser without any permissions when you surf the Internet. This toolset will never be completely exhaustive, but this site is an invaluable asset to can help you determine that your privacy and security precautions are really working. You should also use this tool any time you make configuration changes to your browser or computer systems. Currently, BrowserLeaks provides the ability to run and report on your browser leak exposure status of the following data:
IP Address - Main tool that illustrates server-side abilities to expose the user identity. It contains a basic features, such as Showing Your IP Address and HTTP Request Headers. As well as Proxy Detection in all possible XFF headers. GeoIP Data Acquisition about the general IP Address and all of a Proxy IP's (Country, State, City, ISP/ASN, Local Time, Latitude/Longitude), and put all IP places to the Map. In addition, here is a special features — Passive TCP/IP stack OS Fingerprinting, DNS and WebRTC Leak Tests.
Java Script status - A lot of user data can be obtained using common JavaScript functionality. DOM Window Object disclose much of sensitive information about the web 
browser: User-Agent, Architecture, OS Language, System Time, Screen Resolution. There is a listing of the NPAPI Plug-ins and Windows Explorer Components. Also there is already implemented: detection and obtaining data through a brand new HTML5 API's, such as the Battery Status API and Navigation Timing API.
Flash Player - Describes the Flash Player Runtime properties that can be provided through the use of AS3 System Capabilities: Flash Version, Plugin Type, Operating System, Manufacturer, System Language, Web Browser Architecture, Screen Resolution, and many other properties that describe the hardware and multimedia capabilities of the system.
Silverlight - Getting system information using Silverlight Plug-In, installed in your web browser. Shows your system environment details such as: OS Version, Processor Count, System Uptime, Time Zone, Installed Fonts, System and User Culture, Region and Language OS settings, as well as part of evercookie to test Silverlight Isolated Storag Cookies.
Java Applet - What kind of permissions usual unsigned Java Applet has? It can be the extended Java Machine description, OS Detection: Name, Version, Arch, User Locale, and some file system related information. CPU Cores count, amount of Dedicated Memory, JVM instance Uptime, Network Interfaces Enumeration.
WebGL - Web Graphics Library Browser Report checks WebGL support in your browser, produce WebGL Fingerprinting, shows other WebGL and GPU capabilities more or less related web browser identity. Also this page contains the How-To enable or disable WebGL in a modern web browsers.
WebRTC - Web Real Time Communications is used to facilitate real-time data stream between your browser and a web server. A user’s IP address is required to help establish this path and your browser. The fundamental vulnerability with WebRTC is that your true IP address can be exposed via STUN API requests with Firefox, Chrome, Opera and Brave, Safari, and Chromium-based browsers, even when you are using a good VPN. Nefarious websites could potentially use this information to fingerprint individuals who do not want to be tracked.
Canvas Fingerprinting - Browser Fingerprinting without any of user agent identifiers, only through HTML5 Canvas element. The method is based on the fact that the same canvas-code can produce different pixels on a different web browsers, depending on the system on which it was executed.
Font Fingerprinting – This tracking method is based upon the composite unique characteristics of all fonts you have installed and how your browser renders these fonts. This technique measures the dimensions of the filled with text HTML elements, it is possible to build an identifier that can be used to track the same browser over time. A unique font fingerprint is one of the easiest ways to track a user and is difficult to effectively defend.
Content Filters - The set of demos that try to determine Content Filters usage, is the type of applications that operate between the browser and the web page, and are designed to manipulate the connection and content of a visited web pages. Among them are Tor Browser, Privoxy, Adblock Detectors.
Geolocation API - Tool for testing HTML5 Geolocation API. Checking the browser's permissions to geolocation. Based on the latitude longitude and accuracy received from the browser, shows the possible radius of your location on the interactive map.
Browser Features Detection - Web Browser's Features Detection via Modernizr — library that detects HTML5 features. It once again shows how powerfully modern JavaScript affects to web browser's identity. This tool is also used by web developers (as "Modernizr Helper") for quickly testing web browsers’ compatibility with HTML5 features.
DNS Leak Testing – Even if you use a privacy service like a VPN, it's still possible to give away clues to your identity via your DNS traffic. Thankfully, it's easy to detect if your configuration is leaking your DNS information. Simply head over to DNSLeakTest.com, and run the extended test. If the results show the third-party DNS service you're using (like TorGuard), you're set. If your ISP's DNS info shows up, you have a DNS leak. Follow the steps listed on the "How to fix a DNS leak" page, and then test yourself again to make sure everything is working as intended.
Avast Safer.com - This site provides the ability to run a subset tests that checks for the most common set of browser leaks and provides the results in one consolidated online report. This report is a bit easier to understand.
Who’s Tracking You – Use the decentraleyes.org/test testing utility to find out if you are properly protected against online tracking by 3rd-party content delivery networks (CDNs). (Note: does not work with Apple iOS)
Lightbeam – Lightbeam is a browser extension that uses interactive visualizations to show you the interconnecting relationships between the multiple tracking sites and the sites you visit. (Note: Does not work with Apple iOS)
Panopticlick - This site, provided by EFF, tests how well protected you are against non-consensual Web tracking. This tool analyzes and reports on the following five browser vulnerabilities:
1. Does your browser block tracking ads?
2. Does your browser block invisible trackers?
3. Does your blocker stop trackers that are included in the so-called “acceptable ads” whitelist?
4. Does your browser protect from fingerprinting?
5. Does your browser unblock 3rd parties that promise to honor Do Not Track?
9. Additional References and Resources
Follow this link to my web page containing links to other great resources and reference sites that I use to keep current with the developments in online privacy and security.