diff --git a/_includes/sections/browser-addons.html b/_includes/sections/browser-addons.html
index 0c37fb7c..e0177785 100644
--- a/_includes/sections/browser-addons.html
+++ b/_includes/sections/browser-addons.html
@@ -31,19 +31,6 @@
opera="https://addons.opera.com/en/extensions/details/https-everywhere"
%}
-{% include cardv2.html
- title="Decentraleyes: Block Content Delivery Networks"
- image="/assets/img/svg/3rd-party/decentraleyes.svg"
- description="Decentraleyes emulates Content Delivery Networks locally by intercepting requests, finding the required resource, and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required."
- website="https://decentraleyes.org/"
- privacy-policy="https://decentraleyes.org/privacy-policy/"
- forum="https://forum.privacytools.io/t/discussion-decentraleyes/269"
- gitlab="https://git.synz.io/Synzvato/decentraleyes"
- firefox="https://addons.mozilla.org/firefox/addon/decentraleyes"
- chrome="https://chrome.google.com/webstore/detail/decentraleyes/ldpochfccmkkmhdbclfhpagapcfdljkj"
- opera="https://addons.opera.com/extensions/details/decentraleyes"
-%}
-
{% include cardv2.html
title="ClearURLs"
image="/assets/img/svg/3rd-party/clearurls.svg"
@@ -75,23 +62,22 @@
floccus - Synchronize bookmarks across browsers via Nextcloud, WebDAV or a local file (and thus any file sync solution). For Firefox, Chrome, Edge.
-
Additional Functionality
+
Additional Functionality
These add-ons don't necessarily add to your privacy when browsing the web, but add additional functionality to your browser you may find useful.
{% include cardv2.html
- title="Terms of Service; Didn’t Read: Be Informed"
- image="/assets/img/svg/3rd-party/terms_of_service_didnt_read.svg"
- description='Terms of Service; Didn’t Read is an addon that believes "I have read and agree to the Terms of Service" is the biggest lie on the web, and wants to fix it by grading websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analysis and ratings are published transparently by a community of reviewers.'
- website="https://tosdr.org/"
- privacy-policy="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/privacy/"
- forum="https://forum.privacytools.io/t/discussion-terms-of-service-didn-t-read/270"
- github="https://github.com/tosdr/"
- firefox="https://addons.mozilla.org/firefox/addon/terms-of-service-didnt-read/"
- chrome="https://chrome.google.com/webstore/detail/terms-of-service-didn%E2%80%99t-r/hjdoplcnndgiblooccencgcggcoihigg"
- opera="https://addons.opera.com/extensions/details/terms-of-service-didnt-read"
+title="PrivacySpy"
+ image="/assets/img/svg/3rd-party/privacyspy.svg"
+ description="PrivacySpy uses a consistent rubric to grade major services' privacy practices on a ten-point scale. It's a new open source project that is dedicated to making privacy policies more accessible."
+ website="https://privacyspy.org/"
+ privacy-policy="https://privacyspy.org/terms-and-privacy"
+ forum="https://forum.privacytools.io/t/discussion-privacyspy/4508"
+ github="https://github.com/politiwatch"
+ firefox="https://addons.mozilla.org/firefox/addon/privacyspy"
+ chrome="https://chrome.google.com/webstore/detail/ppembnadnhiknioggbglgiciihgmkmnd"
%}
{% include cardv2.html
@@ -105,9 +91,7 @@
chrome="https://chrome.google.com/webstore/detail/snowflake/mafpmfcccpbjnhfhjnllmmalhifmlcie"
%}
-
Persistent storage management
-
-
Desktop
+
Persistent storage management (Desktop only)
These add-ons are the preferred method for controlling persistent storage data that various websites and web-apps may create on your computer.
@@ -135,34 +119,7 @@
firefox="https://addons.mozilla.org/firefox/addon/multi-account-containers/"
%}
-
Android
-
-
- Unfortunately the Android version of Firefox doesn't support managing tabs as containers. The recommended extensions below are a substitute, however as APIs do not exist for clearing IndexedDB, Service Workers cache, appCache, or cache by host. As a result they are not as good as the above Temporary Container suggestions.
-
-
-{% include cardv2.html
- title="ETag Stoppa"
- image="/assets/img/svg/3rd-party/etag_stoppa.svg"
- description="ETag Stoppa Prevents Firefox from storing entity tags by removing ETag response headers unconditionally and without exceptions."
- website="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
- forum=""
- github="https://github.com/claustromaniac/etag-stoppa"
- firefox="https://addons.mozilla.org/firefox/addon/etag-stoppa/"
-%}
-
-{% include cardv2.html
- title="Cookie AutoDelete: Automatically Delete Cookies"
- image="/assets/img/png/3rd-party/cookie_autodelete.png"
- description="Cookie AutoDelete automatically removes cookies, lingering sessions, and other information that can be used to spy on you when they are no longer used by open browser tabs."
- website="https://addons.mozilla.org/firefox/addon/cookie-autodelete/"
- forum="https://forum.privacytools.io/t/discussion-cookie-autodelete/267"
- github="https://github.com/Cookie-AutoDelete/Cookie-AutoDelete"
- firefox="https://addons.mozilla.org/firefox/addon/cookie-autodelete"
- chrome="https://chrome.google.com/webstore/detail/cookie-autodelete/fhcgjolkccmbidfldomjliifgaodjagh"
-%}
-
-
For Advanced Users
+
For Advanced Users
These addons require quite a lot of interaction from the user, and some of them completely replace the add-ons we've recommended above. Some sites may not work properly without careful configuration.
diff --git a/_includes/sections/browser-tweaks.html b/_includes/sections/browser-advanced-tweaks.html
similarity index 61%
rename from _includes/sections/browser-tweaks.html
rename to _includes/sections/browser-advanced-tweaks.html
index 9b69d737..23808845 100644
--- a/_includes/sections/browser-tweaks.html
+++ b/_includes/sections/browser-advanced-tweaks.html
@@ -1,4 +1,4 @@
-
Firefox: Privacy Related "about:config" Tweaks
+
Firefox: Advanced Privacy Tweaks using "about:config"
This is a collection of privacy-related about:config tweaks. We'll show you how to enhance the privacy of your Firefox browser.
@@ -6,38 +6,43 @@
Enter "about:config" in the firefox address bar and press enter.
-
Press the button "Accept the Risk and Continue" [FF71+] or "I accept the risk".
-
Copy and paste each of the preferences below (for example "webgl.disabled") into the search bar, and set each of them to the stated value (such as "true").
+
Press the button "Accept the Risk and Continue"
+
Copy and paste each of the preferences below (for example "webgl.disabled") into the search bar, and set each of them to the stated value (such as "true").
-
Getting started:
+
Firefox Desktop:
+
First Party Isolation
+
These settings should be safe, however first party isolation may break some third party login systems.
privacy.firstparty.isolate = true
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)
+
Resist Fingerprinting
+
One of the features of resist fingerprinting is to set the reported browser timezone to UTC. If you depend on having your real time zone reported to the websites you visit, this setting may break that.
privacy.resistFingerprinting = true
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
This is Mozilla's new built-in tracking protection. One of it's benefits is blocking tracking (i.e. Google Analytics) on privileged pages where add-ons that usually do that are disabled.
-
+
Block outbound
browser.send_pings = false
The attribute would be useful for letting websites track visitors' clicks.
+
Disable Firefox prefetching pages it thinks you will visit next:
+
+ Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details here and here.
+
+
network.dns.disablePrefetch = true
+
network.dns.disablePrefetchFromHTTPS = true
+
network.predictor.enabled = false
+
network.predictor.enable-prefetch = false
+
network.prefetch-next = false
+
+
+
Location bar
browser.urlbar.speculativeConnect.enabled = false
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. Source
-
-
dom.event.clipboardevents.enabled = false
-
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
-
+
Plugins
media.eme.enabled = false
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. Details
@@ -47,21 +52,22 @@
media.gmp-widevinecdm.enabled = false
Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. Details
+
Hardware Fingerprinting
media.navigator.enabled = false
Websites can track the microphone and camera status of your device.
+
Persistent Storage
network.cookie.cookieBehavior = 1
- Disable cookies
+ Disable cookies. 2 is likely to break some sites. 4 is the default default. 1 is more strict than 4.
-
0 = Accept all cookies by default
1 = Only accept from the originating site (block third-party cookies)
2 = Block all cookies by default
+
4 = Block Cross-site and social media trackers
-
-
+
Headers/Referers
network.http.referer.XOriginPolicy = 2
Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.) Source
@@ -82,9 +88,12 @@
+
Media
+
This may break some websites which use VOIP based features.
This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. Details
@@ -95,35 +104,44 @@
+
Miscellaneous
beacon.enabled = false
Disables sending additional analytics to web servers. Details
Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. Details
-
-
Disable Firefox prefetching pages it thinks you will visit next:
-
- Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details here and here.
-
-
network.dns.disablePrefetch = true
-
network.dns.disablePrefetchFromHTTPS = true
-
network.predictor.enabled = false
-
network.predictor.enable-prefetch = false
-
network.prefetch-next = false
-
-
network.IDN_show_punycode = true
Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. Source
Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. Details
+
+
Firefox Android (Fenix):
+
+
First Party Isolation
+
These settings should be safe, however first party isolation may break some third party login systems.
+
privacy.firstparty.isolate = true
+
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)
+
+
Resist Fingerprinting
+
One of the features of resist fingerprinting is to set the reported browser timezone to UTC. If you depend on having your real time zone reported to the websites you visit, this setting may break that.
+
privacy.resistFingerprinting = true
+
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
+
privacy.resistFingerprinting.letterboxing = true
+
This sets the resolution of your Firefox window to a standard resolution. Only use this if you are using the above privacy.resistFingerprinting
+
+
Media
+
This may break some websites which use VOIP based features.
arkenfox user.js (formerly ghacks-user.js) - An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting.
+
arkenfox user.js An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting. Desktop Firefox Only
-
Related Information
diff --git a/_includes/sections/browser-easy-tweaks.html b/_includes/sections/browser-easy-tweaks.html
new file mode 100644
index 00000000..842bfe5c
--- /dev/null
+++ b/_includes/sections/browser-easy-tweaks.html
@@ -0,0 +1,64 @@
+
ETP can be made more strict by clicking on the main menu (or Edit) and then Preferences. From the side menu select 🔒 Privacy & Security.
+
+
We recommend that All third-party cookies be blocked. The only pages likely to break under this configuration are social logins (i.e. authentication with services using your Google, Facebook account etc). Social logins are terrible for privacy and they link all services you use to a single identity, that is mostly used for advertising purposes, such as targeted advertising.
+
+
When you use a social login you also run the risk of being locked out of services you use, if you lose access to the account. We recommend creating individual accounts with separate passwords. Passwords can be managed with a Password Manager.
+
+For more information about Enhanced Tracking Protection, see Mozilla's for Desktop and Android.
+
+The only suggestion we would make is to switch from standard to custom with the configuration listed below.
+
+
Custom
+
+
+ Cookies: All third-party cookies (may cause websites to break)
+
+
+ Tracking content: In all windows
+
+
+ Cryptominers
+
+
+ Fingerprinters
+
+
+
+
The strict setting will only block known cross-site and/or social media trackers. This may still let through third party cookies that can be used for tracking.
+
+
Firefox sessions and saved data
+
We also suggest clearing history, and persistent data upon close of your browser. If you wish to remain logged in for some websites we suggest setting some exceptions. For desktop users we suggest using the Persistent storage management addons.
+
+
History
+Firefox will Use custom settings for history
+
+
Remember browsing and download history
+
Clear history when Firefox closes
+ Next select Settings… the Settings for Clearing History will load. Make sure there is a checkmark next to each item:
+
+
Browsing & Download History
+
Active Logins
+
Form & Search History
+
Cookies
+
Cache
+
Data
+
Offline Website Data
+
+
diff --git a/assets/css/style.scss b/assets/css/style.scss
index 1693f0af..e2a234b4 100644
--- a/assets/css/style.scss
+++ b/assets/css/style.scss
@@ -28,6 +28,11 @@ a,
}
}
+ul.checkmark {
+ list-style-type: '\2714';
+ display:block;
+}
+
.card-ol {
padding-left: 1.25rem;
}
diff --git a/assets/img/svg/3rd-party/decentraleyes.svg b/assets/img/svg/3rd-party/decentraleyes.svg
deleted file mode 100644
index 59473061..00000000
--- a/assets/img/svg/3rd-party/decentraleyes.svg
+++ /dev/null
@@ -1,2 +0,0 @@
-
-
diff --git a/assets/img/svg/3rd-party/privacyspy.svg b/assets/img/svg/3rd-party/privacyspy.svg
new file mode 100644
index 00000000..612cc9f0
--- /dev/null
+++ b/assets/img/svg/3rd-party/privacyspy.svg
@@ -0,0 +1,2 @@
+
+
diff --git a/assets/img/svg/etp/3rdpartycookies-disabled.svg b/assets/img/svg/etp/3rdpartycookies-disabled.svg
new file mode 100644
index 00000000..e2ad7ed3
--- /dev/null
+++ b/assets/img/svg/etp/3rdpartycookies-disabled.svg
@@ -0,0 +1,7 @@
+
+
diff --git a/assets/img/svg/etp/cryptominers-disabled.svg b/assets/img/svg/etp/cryptominers-disabled.svg
new file mode 100644
index 00000000..4776f79e
--- /dev/null
+++ b/assets/img/svg/etp/cryptominers-disabled.svg
@@ -0,0 +1,7 @@
+
+
diff --git a/assets/img/svg/etp/fingerprinters-disabled.svg b/assets/img/svg/etp/fingerprinters-disabled.svg
new file mode 100644
index 00000000..d6a707fd
--- /dev/null
+++ b/assets/img/svg/etp/fingerprinters-disabled.svg
@@ -0,0 +1,8 @@
+
+
diff --git a/assets/img/svg/etp/tracker-image-disabled.svg b/assets/img/svg/etp/tracker-image-disabled.svg
new file mode 100644
index 00000000..5012939f
--- /dev/null
+++ b/assets/img/svg/etp/tracker-image-disabled.svg
@@ -0,0 +1,11 @@
+
+
diff --git a/pages/browsers.html b/pages/browsers.html
index 17f98cec..efd87a98 100644
--- a/pages/browsers.html
+++ b/pages/browsers.html
@@ -13,4 +13,6 @@ description: "These are our current web browser recommendations and some tweaks
{% include sections/browser-addons.html %}
-{% include sections/browser-tweaks.html %}
+{% include sections/browser-easy-tweaks.html %}
+
+{% include sections/browser-advanced-tweaks.html %}
diff --git a/pages/old.html b/pages/old.html
index 646299fe..91334f16 100644
--- a/pages/old.html
+++ b/pages/old.html
@@ -27,7 +27,9 @@ permalink: /classic/
{% include sections/browser-addons.html %}
-{% include sections/browser-tweaks.html %}
+{% include sections/browser-easy-tweaks.html %}
+
+{% include sections/browser-advanced-tweaks.html %}
{% include sections/email-providers.html %}