privacyguides
/
privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

The great browser section cleanup #2081

Open
dngray wants to merge 16 commits from pr-browser_cleanup_1257_1328_1430 into master
pull from: pr-browser_cleanup_1257_1328_1430
merge into: privacyguides:master
Conversation 31 Commits 16 Files Changed 12 +28 -35
1 changed files with 28 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit f58750a4b9 - Show all commits

63
_includes/sections/browser-tweaks.html
View File

@ -12,32 +12,35 @@
<h4>Firefox Desktop:</h4>
<h5 id="fpid" class="anchord"><a href="#fpi"><i class="fas fa-link anchor-icon"></i></a> First Party Isolation</h5>
<dl class="long-string-list">
<dt>privacy.firstparty.isolate = true</dt>
<dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)</dd>
<h5 id="rfpd" class="anchor"><a href="#rfpd"><i class="fas fa-link anchor-icon"></i></a> Resist Fingerprinting</h5>
<dt>privacy.resistFingerprinting = true</dt>
<dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference makes Firefox more resistant to browser fingerprinting.</dd>
<dt>privacy.trackingprotection.fingerprinting.enabled = true</dt>
<dd>[FF67+] Blocks Fingerprinting</dd>
<dt>privacy.trackingprotection.cryptomining.enabled = true</dt>
<dd>[FF67+] Blocks CryptoMining</dd>
<dt>privacy.trackingprotection.enabled = true</dt>
<dd>This is Mozilla's new built-in tracking protection. One of it's benefits is blocking tracking (i.e. Google Analytics) on <a href="https://github.com/gorhill/uMatrix/wiki/Privileged-Pages">privileged pages</a> where add-ons that usually do that are disabled.</dd>
<h5 id="blockOut" class="anchor"><a href="#blockOut"><i class="fas fa-link anchor-icon"></i></a> Block outbound</h5>
<dt>browser.send_pings = false</dt>
<dd>The attribute would be useful for letting websites track visitors' clicks.</dd>
<dt>Disable Firefox prefetching pages it thinks you will visit next:</dt>
<dd>
Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ">here</a> and <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">here</a>.
<ul>
<li>network.dns.disablePrefetch = true</li>
<li>network.dns.disablePrefetchFromHTTPS = true</li>
<li>network.predictor.enabled = false</li>
<li>network.predictor.enable-prefetch = false</li>
<li>network.prefetch-next = false</li>
</dd>
<h5 id="locbar" class="anchor"><a href="#locbar"><i class="fas fa-link anchor-icon"></i></a> Location bar</h5>
<dt>browser.urlbar.speculativeConnect.enabled = false</dt>
<dd>Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. <a href="https://www.ghacks.net/2017/07/24/disable-preloading-firefox-autocomplete-urls/">Source</a></dd>
<dt>dom.event.clipboardevents.enabled = false</dt>
<dd>Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.</dd>
<h5 id="plugins" class="anchor"><a href="#plugins"><i class="fas fa-link anchor-icon"></i></a> Plugins</h5>
<dt>media.eme.enabled = false</dt>
<dd>
<p>Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. <a href="https://support.mozilla.org/kb/enable-drm#w_opt-out-of-cdm-playback-uninstall-cdms-and-stop-all-cdm-downloads">Details</a></p>
@ -46,10 +49,10 @@
<dt>media.gmp-widevinecdm.enabled = false</dt>
<dd>Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. <a href="https://support.mozilla.org/kb/enable-drm#w_disable-the-google-widevine-cdm-without-uninstalling">Details</a></dd>
<h5 id="hwfping" class="anchor"><a href="#hwfping"><i class="fas fa-link anchor-icon"></i></a> Hardware Fingerprinting</h5>
<dt>media.navigator.enabled = false</dt>
<dd>Websites can track the microphone and camera status of your device.</dd>
<h5 id="pstorage" class="anchor"><a href="#pstorage"><i class="fas fa-link anchor-icon"></i></a> Persistent Storage</h5>
<dt>network.cookie.cookieBehavior = 1</dt>
<dd>
Disable cookies. 2 is likely to break some sites. 4 is the default default. 1 is more strict than 4.
@ -60,6 +63,7 @@
</ul>
</dd>
<h5 id="headref" class="anchor"><a href="#headref"><i class="fas fa-link anchor-icon"></i></a> Headers/Referers</h5>
<dt>network.http.referer.XOriginPolicy = 2</dt>
<dd>
Only send <code>Referer</code> header when the full hostnames match. (Note: if you notice significant breakage, you might try <code>1</code> combined with an <code>XOriginTrimmingPolicy</code> tweak below.) <a href="https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/">Source</a>
@ -79,10 +83,11 @@
<li>2 = Only send scheme, host, and port in <code>Referer</code></li>
</ul>
</dd>
<h5 id="mediad" class="anchor"><a href="#mediad"><i class="fas fa-link anchor-icon"></i></a> Media</h5>
<dt>webgl.disabled = true</dt>
<dd>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></dd>
<h5 id="sessions" class="anchor"><a href="#sessions"><i class="fas fa-link anchor-icon"></i></a> Sessions and session restoration</h5>
<dt>browser.sessionstore.privacy_level = 2</dt>
<dd>
This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. <a href="http://kb.mozillazine.org/Browser.sessionstore.privacy_level">Details</a>
@ -92,39 +97,27 @@
<li>2 = Never store extra session data.</li>
</ul>
</dd>
<h5 id="misc" class="anchor"><a href="#misc"><i class="fas fa-link anchor-icon"></i></a> Miscellaneous</h5>
<dt>beacon.enabled = false</dt>
<dd>Disables sending additional analytics to web servers. <a href="https://developer.mozilla.org/en-US/docs/Web/API/Navigator/sendBeacon">Details</a></dd>
<dt>browser.safebrowsing.downloads.remote.enabled = false</dt>
<dd>Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. <a href="https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work#w_what-information-is-sent-to-mozilla-or-its-partners-when-phishing-and-malware-protection-are-enabled">Details</a></dd>
<dt>Disable Firefox prefetching pages it thinks you will visit next:</dt>
<dd>
Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior. Details <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ">here</a> and <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control">here</a>.
<ul>
<li>network.dns.disablePrefetch = true</li>
<li>network.dns.disablePrefetchFromHTTPS = true</li>
<li>network.predictor.enabled = false</li>
<li>network.predictor.enable-prefetch = false</li>
<li>network.prefetch-next = false</li>
</dd>
<dt>network.IDN_show_punycode = true</dt>
<dd>Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. <a href="https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/#more-42636">Source</a></dd>
<h5 id="sb" class="anchor"><a href="#sb"><i class="fas fa-link anchor-icon"></i></a> Safe Browsing</h5>
<dt>browser.safebrowsing.downloads.remote.enabled = false</dt>
<dd>Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons. <a href="https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work#w_what-information-is-sent-to-mozilla-or-its-partners-when-phishing-and-malware-protection-are-enabled">Details</a></dd>
<dt>Looking for TRR, DoH or ESNI?</dt>
<dd>They have moved to <a href="/providers/dns/#dns">our DNS page</a>.</dd>
<h4>Firefox Android (Fenix):</h4>
<h5 id="fpia" class="anchor"><a href="#fpia"><i class="fas fa-link anchor-icon"></i></a> First Party Isolation</h5>
<dt>privacy.firstparty.isolate = true</dt>
<dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)</dd>
<h5 id="rfpa" class="anchor"><a href="#rfpa"><i class="fas fa-link anchor-icon"></i></a> Resist Fingerprinting</h5>
<dt>privacy.resistFingerprinting = true</dt>
<dd>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference makes Firefox more resistant to browser fingerprinting.</dd>
<h5 id="mediaa" class="anchor"><a href="#mediaa"><i class="fas fa-link anchor-icon"></i></a> Media</h5>
<dt>webgl.disabled = true</dt>
<dd>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></dd>