{firefox} browser privacy configuration
let’s be honest – websites and internet browsers know more about you and your family then god him/her/he/she/they/them/it/nil/null/peanut-self will ever know.
even worst….if you want to take steps to be less identifiable, websites will just deny you access to their service or make you jump through hoops until you break and say fu*k it. there will always been a balancing act between how private you want to be and how easy you want your browsing experience to be.
before stumbling upon the book Extreme Privacy i had never thought about configuring a internet browser. this opened up a whole new world for me! so here are the Firefox configuration i’m rocking.
/config
launch firefox and hit the hamburger buttom on the top right – then click ‘settings’ this takes you to:
stay on the ‘General’ tab and scroll down to ‘Browsing’ and untick the following:
Recommend extensions as you browse
Recommend features as you browse
go to the ‘Home’ tab and change both ‘Homepage and new windows’ and ‘New tabs’ to ‘Blank Page’
now fly on over or just click to the ‘Search’ tab. Change the ‘Default Search Engine’ to DuckDuckGo. Then under ‘Search Suggestions’ untick:
Provide search suggestions
hit the ‘Privacy & Security’ tab and click ‘Strict’ under ‘Enhanced Tracking Protection’.
select ‘Always’ on the “Do Not Track” signal.
select ‘Delete cookies and site data when Firefox is closed’
under ‘Logins and Passwords’ untick the following:
Ask to save logins and passwords for websites
Autofill logins and passwords
Show alerts about passwords for breached websites
Use a Primary Password
under ‘History’ select ‘Use custom settings for history’ and untick all boxes. do the same for ‘Address Bar’.
scroll down to ‘Permissions’ click on settings > tick ‘Block new requests asking to acccess your location’ do this for all options.
location
camera
microphone
notifications
autoplay (select block ‘Audio and Video’)
virtual reality
tick ‘Block pop-up windows’ and ‘Warn you when websites try to install add-ons’.
untick every box in both ‘Firefox Data Collection and Use’ and ‘Security’. Lastly under ‘HTTPS-Only Mode’ select ‘Enable HTTPS-Only Mode in all windows’.
//advance config
here we go! time for the big boy show!
again i never knew you could dive so deep into a browser config. oddly i find it very satisfying getting in and changing all these settings. firefox will give you a warning when you do this…but if you only make the following changes you should be all sweet.
in your address bar type in:
hit ‘Accept the Risk and Continue’.
copy and paste each of the following into the ‘Search preference name’ bar then change the vaule to what i have listed in brackets e.g (false) or (true). the button on the far right will change the setting.
geo.enabled (false)
browser.safebrowsing.malware.enabled (false)
dom.battery.enabled (false)
extensions.pocket.enabled (false)
browser.newtabpage.activity-stream.section.highlights.includePocket (false)
browser.newtabpage.activity-stream.feeds.telemetry (false)
browser.ping-centre.telemetry (false)
toolkit.telemetry.server (delete the URL listed)
toolkit.telemetry.unified (false)
media.autoplay.default (make the value ‘5’)
dom.webnotifications.enabled (false)
privacy.resistFingerprinting (true)
webgl.disabled (true)
network.http.sendRefererHeader (make value ‘0’)
identity.fxaccounts.enabled (false)
the below settings may mess up some audio and video usage…it has been fine for me but something to note.
media.peerconnection.enabled (false)
media.peerconnection.turn.disable (true)
media.peerconnection.use_document_iceservers (false)
media.peerconnection.video.enabled (false)
media.navigator.enabled (false)
///extensions
i try not to dive deep into the browser extensions rabbit hole. i tend to treat them like mobile phone apps by keeping a small amount on at one time. i can easily add and remove them depending on the task of the day.
here are my primary extensions:
Firefox Multi-Account Containers
uBlock Origin
Privacy Badger
NoScript
NoScript can be a pain on some websites, especially when signing up for accounts etc. it takes a bit of config and playing around to get use to but it opens your eyes to the amount of scripts being ran on each website you visit.
annnnd thats about it.
if you have any additional settings you recommend or you find any of the naming and/or menus have changed, please let me know and i will update as fast as i can (within a year).
cheers.
references: IntelTechniques