diff --git a/how-to-configure-firefox-for-privacy-and-security/README.md b/how-to-configure-firefox-for-privacy-and-security/README.md index 412eb5f..93c4e16 100644 --- a/how-to-configure-firefox-for-privacy-and-security/README.md +++ b/how-to-configure-firefox-for-privacy-and-security/README.md @@ -16,7 +16,7 @@ Listed: true - When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command -## Guide +## Setup guide ### Step 1: install [Firefox](https://www.mozilla.org/en-US/firefox/new/) @@ -24,6 +24,8 @@ Go to [https://www.mozilla.org/en-US/firefox/new/](https://www.mozilla.org/en-US ### Step 2: add [user.js](./user.js) to profile +> Heads-up: enables [Mullvad DNS over HTTPS](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/). + > Heads-up: see [arkenfox/user.js](https://github.com/arkenfox/user.js/) to explore more settings. #### Start Firefox, paste “about:profiles” in address bar and press enter. @@ -54,4 +56,32 @@ $ curl --fail --remote-name https://sunknudsen.com/static/media/privacy-guides/h ### Step 6: configure containers (see episode) +### Step 7: check for DNS and WebRTC leaks + +Go to [https://mullvad.net/en/check](https://mullvad.net/en/check). + +![Connection check](connection-check.png) + +👍 + +--- + +## Usage guide + +### Temporarily disable cookie and site data deletion (useful when Firefox is restarted to install update or one wishes to reboot computer while persisting Firefox sessions) + +> Heads-up: “Delete cookies and site data when Firefox is closed” will be enabled again next time Firefox starts. + +Start Firefox, paste “about:preferences#privacy” in address bar and press enter. + +Disable “Delete cookies and site data when Firefox is closed”. + +👍 + +--- + +## Want things back the way they were before following this guide? No problem! + +### Delete `user.js` and set Firefox settings as they were before following guide. + 👍 diff --git a/how-to-configure-firefox-for-privacy-and-security/connection-check.png b/how-to-configure-firefox-for-privacy-and-security/connection-check.png new file mode 100644 index 0000000..3652ac0 Binary files /dev/null and b/how-to-configure-firefox-for-privacy-and-security/connection-check.png differ diff --git a/how-to-configure-firefox-for-privacy-and-security/user.js b/how-to-configure-firefox-for-privacy-and-security/user.js index 7854c1e..00d52a7 100755 --- a/how-to-configure-firefox-for-privacy-and-security/user.js +++ b/how-to-configure-firefox-for-privacy-and-security/user.js @@ -21,14 +21,17 @@ user_pref("extensions.formautofill.creditCards.enabled", false); user_pref("extensions.pocket.enabled", false); user_pref("identity.fxaccounts.enabled", false); user_pref("layout.spellcheckDefault", 1); // Used to disable spellchecker… set to `0` for increased privacy +user_pref("media.peerconnection.enabled", false); // Used to disable WebRTC (mitigating WebRTC leaks)… set to `true` to enable WebRTC user_pref("network.cookie.cookieBehavior", 1); -user_pref("network.cookie.lifetimePolicy", 2); +user_pref("network.cookie.lifetimePolicy", 2); // Used to delete cookies when Firefox is closed… set to `0` to enable default cookie persistence user_pref("network.proxy.socks_remote_dns", true); -user_pref("network.trr.mode", 5); +user_pref("network.trr.custom_uri", "https://doh.mullvad.net/dns-query"); +user_pref("network.trr.mode", 3); // Used to enable Mullvad DNS over HTTPS… set to `5` to disable Mullvad DNS over HTTPS +user_pref("network.trr.uri", "https://doh.mullvad.net/dns-query"); user_pref("places.history.enabled", false); user_pref("privacy.donottrackheader.enabled", true); user_pref("privacy.history.custom", true); -user_pref("privacy.sanitize.sanitizeOnShutdown", true); +user_pref("privacy.sanitize.sanitizeOnShutdown", true); // Used to delete cookies and site data when Firefox is closed… set to `false` to enable cookie and site data persistence user_pref("privacy.trackingprotection.enabled", true); user_pref("privacy.trackingprotection.socialtracking.enabled", true); user_pref("signon.management.page.breach-alerts.enabled", false);