s83/user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2025-05-02 06:53:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update user.js

Browse source
This commit is contained in:
Thorin-Oakenpants 2020-06-27 11:22:36 +00:00 committed by GitHub
parent cc40725cd3
commit 76c843a9cd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
user.js
View file

@ -636,8 +636,10 @@ user_pref("browser.shell.shortcutFavicons", false);
/*** [SECTION 1200]: HTTPS (SSL/TLS / OCSP / CERTS / HPKP / CIPHERS) /*** [SECTION 1200]: HTTPS (SSL/TLS / OCSP / CERTS / HPKP / CIPHERS)
Your cipher and other settings can be used in server side fingerprinting Your cipher and other settings can be used in server side fingerprinting
*** DO NOT MEDDLE WITH YOUR CIPHER FINGERPRINT ***
[TEST] https://www.ssllabs.com/ssltest/viewMyClient.html [TEST] https://www.ssllabs.com/ssltest/viewMyClient.html
[TEST] https://browserleaks.com/ssl [TEST] https://browserleaks.com/ssl
[TEST] https://ja3er.com/
[1] https://www.securityartwork.es/2017/02/02/tls-client-fingerprinting-with-bro/ [1] https://www.securityartwork.es/2017/02/02/tls-client-fingerprinting-with-bro/
***/ ***/
user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!"); user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
@ -744,18 +746,23 @@ user_pref("security.mixed_content.block_object_subrequest", true);
* [2] https://en.wikipedia.org/wiki/Meet-in-the-middle_attack * [2] https://en.wikipedia.org/wiki/Meet-in-the-middle_attack
* [3] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/ * [3] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/
// user_pref("security.ssl3.rsa_des_ede3_sha", false); // user_pref("security.ssl3.rsa_des_ede3_sha", false);
/* 1262: disable 128 bits ***/ /* 1262: disable weak ciphers
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); * ALL: use SHA1 and CBC which should be considered broken [1] [2]
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false); 128: https://en.wikipedia.org/wiki/Key_size
/* 1263: disable DHE (Diffie-Hellman Key Exchange) * NOPFS: https://en.wikipedia.org/wiki/Forward_secrecy
* [1] https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH ***/ * DHE: Diffie-Hellman key exchange w/o Elliptic-curves
// user_pref("security.ssl3.dhe_rsa_aes_128_sha", false); * [STATS] Firefox telemetry (June 2020)
// user_pref("security.ssl3.dhe_rsa_aes_256_sha", false); * [WARNING] Don't meddle with your cipher fingerprint
/* 1264: disable the remaining non-modern cipher suites as of FF52 ***/ * [1]: https://en.wikipedia.org/wiki/SHA-1#Attacks
// user_pref("security.ssl3.rsa_aes_128_sha", false); * [2]: https://en.wikipedia.org/wiki/POODLE#POODLE_attack_against_TLS ***/
// user_pref("security.ssl3.rsa_aes_256_sha", false); // user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false); // 3: 0.33%
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // 4: 0.01%
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false); // user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false); // 5: 0.91%
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // 6: 0.00%
// user_pref("security.ssl3.dhe_rsa_aes_128_sha", false); // 21: 0.17% DHE [DEFAULT: false FF78+]
// user_pref("security.ssl3.dhe_rsa_aes_256_sha", false); // 23: 0.30% DHE [DEFAULT: false FF78+]
// user_pref("security.ssl3.rsa_aes_128_sha", false); // 61: 1.16% NOPFS
// user_pref("security.ssl3.rsa_aes_256_sha", false); // 63: 0.83% NOPFS
/** UI (User Interface) ***/ /** UI (User Interface) ***/
/* 1270: display warning on the padlock for "broken security" (if 1201 is false) /* 1270: display warning on the padlock for "broken security" (if 1201 is false)