s83/privacy-guides
1
0
Fork 0
mirror of https://github.com/sunknudsen/privacy-guides.git synced 2025-02-22 16:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added Firefox guide

Browse Source
This commit is contained in:
Sun Knudsen 2022-11-18 07:16:19 -05:00
parent 1fb56d8807
commit 2dc6052edf
No known key found for this signature in database
GPG Key ID: 02C43AD072D57783
4 changed files with 143 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
how-to-configure-firefox-for-privacy-and-security/README.md Normal file
View File

@ -0,0 +1,55 @@
<!--
Title: How to configure Firefox for privacy and security
Description: Learn how to configure Firefox for privacy and security.
Author: Sun Knudsen <https://github.com/sunknudsen>
Contributors: Sun Knudsen <https://github.com/sunknudsen>
Reviewers:
Publication date: 2022-11-04T11:00:13.850Z
Listed: true
-->
# How to configure Firefox for privacy and security
## Caveats
- When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command
## Guide
### Step 1: install [Firefox](https://www.mozilla.org/en-US/firefox/new/)
Go to [https://www.mozilla.org/en-US/firefox/new/](https://www.mozilla.org/en-US/firefox/new/), download and install Firefox.
### Step 2: add [user.js](./user.js) to profile
> Heads-up: see [arkenfox/user.js](https://github.com/arkenfox/user.js/) to explore more settings.
#### Start Firefox, paste “about:profiles” in address bar and press enter.
#### Find default profile root directory and copy to clipboard.
#### Download user.js to default profile root directory.
> Heads-up: replace `/Users/sunknudsen/Library/Application Support/Firefox/Profiles/rzrw17yo.default-release` with default profile root directory copied to clipboard.
```console
$ cd "/Users/sunknudsen/Library/Application Support/Firefox/Profiles/rzrw17yo.default-release"
$ curl --fail --remote-name https://sunknudsen.com/static/media/privacy-guides/how-to-configure-firefox-for-privacy-and-security/user.js
```
### Step 3: restart Firefox
### Step 4: install [Firefox Multi-Account Containers](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/) and [Privacy Badger](https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/) extensions
#### Go to [https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/) and click “Add to Firefox”.
#### Go to [https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/](https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/) and click “Add to Firefox”.
> Heads-up: when asked to allow extension to run in private windows, check box and click “Okay”.
### Step 5: set default search engine to DuckDuckGo
### Step 6: configure containers (see episode)
👍

88
how-to-configure-firefox-for-privacy-and-security/user.js Executable file
View File

@ -0,0 +1,88 @@
// Firefox hardening using preferences (automated)
user_pref("app.normandy.first_run", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("app.update.auto", false);
user_pref("browser.contentblocking.category", "custom");
user_pref("browser.download.useDownloadDir", false);
user_pref("browser.formfill.enable", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
user_pref("browser.newtabpage.activity-stream.feeds.topsites", false);
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.urlbar.placeholderName", "DuckDuckGo");
user_pref("datareporting.healthreport.uploadEnabled", false);
user_pref("doh-rollout.disable-heuristics", true);
user_pref("dom.forms.autocomplete.formautofill", true);
user_pref("dom.security.https_only_mode_ever_enabled", true);
user_pref("dom.security.https_only_mode", true);
user_pref("extensions.formautofill.addresses.enabled", false);
user_pref("extensions.formautofill.creditCards.enabled", false);
user_pref("extensions.pocket.enabled", false);
user_pref("identity.fxaccounts.enabled", false);
user_pref("layout.spellcheckDefault", 1); // Used to disable spellchecker… set to `0` for increased privacy
user_pref("network.cookie.cookieBehavior", 1);
user_pref("network.cookie.lifetimePolicy", 2);
user_pref("network.proxy.socks_remote_dns", true);
user_pref("network.trr.mode", 5);
user_pref("places.history.enabled", false);
user_pref("privacy.donottrackheader.enabled", true);
user_pref("privacy.history.custom", true);
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.socialtracking.enabled", true);
user_pref("signon.management.page.breach-alerts.enabled", false);
user_pref("signon.rememberSignons", false);
// Firefox hardening using about:config (arkenfox/user.js recommendations, automated)
user_pref("accessibility.force_disabled", 1);
user_pref("app.normandy.api_url", "");
user_pref("app.normandy.enabled", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("beacon.enabled", false);
user_pref("browser.pagethumbnails.capturing_disabled", true);
user_pref("browser.ping-centre.telemetry", false);
user_pref("browser.places.speculativeConnect.enabled", false);
user_pref("browser.sessionstore.privacy_level", 2);
user_pref("browser.ssl_override_behavior", 1);
user_pref("browser.tabs.crashReporting.sendReport", false);
user_pref("browser.uitour.enabled", false);
user_pref("browser.uitour.url", "");
user_pref("browser.urlbar.speculativeConnect.enabled", false);
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false);
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false);
user_pref("browser.urlbar.trimURLs", false);
user_pref("browser.xul.error_pages.expert_bad_cert", true);
user_pref("captivedetect.canonicalURL", "");
user_pref("datareporting.policy.dataSubmissionEnabled", false);
user_pref("dom.security.https_only_mode_send_http_background_request", false);
user_pref("extensions.getAddons.showPane", false);
user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
user_pref("geo.provider.use_corelocation", false);
user_pref("network.auth.subresource-http-auth-allow", 1);
user_pref("network.captive-portal-service.enabled", false);
user_pref("network.connectivity-service.enabled", false);
user_pref("network.dns.disableIPv6", true);
user_pref("network.dns.disablePrefetch", true);
user_pref("network.http.speculative-parallel-limit", 0);
user_pref("network.predictor.enabled", false);
user_pref("network.prefetch-next", false);
user_pref("pdfjs.enableScripting", false);
user_pref("privacy.userContext.enabled", true);
user_pref("privacy.userContext.ui.enabled", true);
user_pref("security.cert_pinning.enforcement_level", 2);
user_pref("security.mixed_content.block_display_content", true);
user_pref("security.OCSP.require", true);
user_pref("security.pki.crlite_mode", 2);
user_pref("security.pki.sha1_enforcement_level", 1);
user_pref("security.remote_settings.crlite_filters.enabled", true);
user_pref("security.ssl.require_safe_negotiation", true);
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
user_pref("security.tls.enable_0rtt_data", false);
user_pref("toolkit.coverage.endpoint.base", "");
user_pref("toolkit.coverage.opt-out", true);
user_pref("toolkit.telemetry.coverage.opt-out", true);
// Firefox fingerprinting hardening using about:config (automated)
user_pref("privacy.resistFingerprinting", false); // Used to mitigate browser fingerprint but breaks dark mode and screenshots (among other features)… set to `true` for increased privacy
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
user_pref("privacy.resistFingerprinting.letterboxing", true);
user_pref("webgl.disabled", true);

47
how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences/README.md
View File

@ -1,47 +0,0 @@
<!--
Title: How to mitigate fingerprinting and IP leaks using Firefox advanced preferences
Description: Learn how to mitigate fingerprinting and IP leaks using Firefox advanced preferences.
Author: Sun Knudsen <https://github.com/sunknudsen>
Contributors: Sun Knudsen <https://github.com/sunknudsen>, AmadeuszL <https://github.com/AmadeuszL>
Reviewers:
Publication date: 2020-05-15T00:00:00.000Z
Listed: true
-->
# How to mitigate fingerprinting and IP leaks using Firefox advanced preferences
[![How to mitigate fingerprinting and IP leaks using Firefox advanced preferences](how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences.jpeg)](https://www.youtube.com/watch?v=uYoJ7U0OMCY "How to mitigate fingerprinting and IP leaks using Firefox advanced preferences")
## Guide
### Step 1: make sure you are running the latest version of Firefox
### Step 2: make sure you configured Firefox for privacy using https://www.youtube.com/watch?v=NH4DdXC0RFw
### Step 3: in `Privacy & Security`, disable `Deceptive Content and Dangerous Software Protection`
### Step 4: open `about:config` and set the following
> Heads-up: if `true` value does not exist, select “Boolean” and click “+”.
```
beacon.enabled = false
dom.battery.enabled = false
dom.event.clipboardevents.enabled = false
dom.webaudio.enabled => false
geo.enabled = false
media.eme.enabled = false
media.navigator.enabled = false
media.peerconnection.enabled = false
network.captive-portal-service.enabled = false
network.dns.disablePrefetch = true
network.http.sendRefererHeader = 0
network.prefetch-next = false
privacy.firstparty.isolate = true
privacy.resistFingerprinting = true
privacy.resistFingerprinting.letterboxing = true
privacy.trackingprotection.enabled = true
webgl.disabled = true
```
👍

BIN
how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences/how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences.jpeg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 91 KiB