![]() reasons why - third party cookies are NOT are not real ... they are partitioned to the first party (with dFPI) - at the very least nonsecure is redundant - no one in this day and age is going to want the config of keeping all secure but not insecure, it doesn't make any sense: especially since 85% (from memory) of traffic from telemetry is secure, and 70+% of the top 1M sites are secure ( https://scotthelme.co.uk/top-1-million-analysis-november-2021/ shows almost 72% of the sites in the Top 1 Million now actively **_redirecting_** traffic to use HTTPS) - in other words, the reasons for keeping secure cookies (like banks, logins) but ditching the rest in the old days are over as being secure is not a distinction, but the norm - we previously blocked all third party cookies, so this was never really used - we then moved to lifetime pref = 2 (which makes everything session only), so again, this isn't really adding anything - we sanitize on close (always have) - we will be moving off lifetime pref (because deprecation), but we still sanitize on close - when we move off lifetime pref, I think these prefs could cause issues with dFPI / sanitizing (wouldn't surprise me: they are old and outdated as a concept), and I think we're better off making them inactive We could also remove them. If that's not enough to convince you, then I have no more words |
||
---|---|---|
.github/ISSUE_TEMPLATE | ||
scratchpad-scripts | ||
wikipiki | ||
.gitattributes | ||
.travis.yml | ||
_config.yml | ||
LICENSE.txt | ||
prefsCleaner.bat | ||
prefsCleaner.sh | ||
README.md | ||
updater.bat | ||
updater.sh | ||
user.js |
🟪 user.js
A user.js
is a configuration file that can control Firefox settings - for a more technical breakdown and explanation, you can read more in the wiki
🟩 the arkenfox user.js
The arkenfox user.js
is a template which aims to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage (but it will happen).
Everyone, experts included, should at least read the wiki, as it contains important information regarding a few user.js
settings.
Note that we do not recommend connecting over Tor on Firefox. Use the Tor Browser if your threat model calls for it, or for accessing hidden services.
Also be aware that the arkenfox user.js
is made specifically for desktop Firefox. Using it as-is in other Gecko-based browsers can be counterproductive, especially in the Tor Browser.
🟧 sitemap
🟥 acknowledgments
Literally thousands of sources, references and suggestions. Many thanks, and much appreciated.