Table of Contents
If you want to send us your comments, please do so. Thanks
More on comments
Firefox Privacy and security
Mozilla data collection program
Firefox privacy statement
Add-ons
A great overview can be found at: Privacy.io
The Complete How-To Guide for 2023. See also the comments
Add-ons and restricted sites
It is not clear which data is send to Mozilla. Turn this feature of via about:config > extensions.quarantinedDomains.enabled > false
General
* Change the privacy and security settings via Edit | Preferences
* Press Shift-CTRL-j to get the Browser Console with page errors and other interesting information
* Goto about:config. Click on I'll be carefull, I promissie! Enter in the searchbar what you want to change
Issues with Firefox itself
- Bug report: Disable Firefox phone home functionality1) (about privacy issues). Great read
- Firefox autoloads pinned tabs. See the Prefetching section in the Settings table below on how to turn prefetching off
- Cookies of pinned tabs (some?) do not show up in about:preferences | Privacy & Security | Cookies and Site Data | Manage data … . If you delete all cookies with the Cookie Autodelete extension (Clean | Clean, include all open tabs) they show up in the notification popup as being deleted.
- When Firefox is started it connects with
- Akamai
- Amazon Technologies Inc.
- Edgecast
- DigitalOcean
- Mozilla Corporation.
DigitalOcean and Mozilla Corporation are not always connected to
This connecting behaviour can be turned off in about:config by removing the values of the appropriate http and https values. It will also disable the auto update function. Firefox must then be manually updated. See our Firefox topic
Avoid getting data send to Mozilla for their advertising scheme
Goto about:config and search for and then double click on the line and change the value on the end to
Setting | Value | Remarks |
---|---|---|
browser.startup.homepage | about:blank | about:home is also valid |
browser.newtab.url | about:blank | No longer supported in Firefox since version 41 |
browser.newtabpage.activity-stream.feeds.asrouterfeed | false | |
layers.enable-tiles | false | |
layers.tiles.adjust | false | |
services.sync.prefs.sync.browser.startup.homepage | false |
Privacy settings
How stop Firefox making automatic connections
All settings are made in about:config unless otherwise noted
Some privacy and security settings can be changed via Edit | Preferences
Setting | Preferred value | Remarks | |
---|---|---|---|
HowTo disable Firefox page preloading | See: How stop firefox making automatic connections | ||
app.shield.optoutstudies.enabled counts | False | ||
browser.aboutHomeSnippets.updateUrl | Make empty | Deprecated | |
browser.tabs.loadInBackground | false | ||
firefox.settings.services.mozilla.com | false | Undocumented | |
network.dns.disablePrefetch | true | ||
network.dns.disablePrefetchFromHTTPS | true | ||
network.http.speculative-parallel-limit | 0 | ||
network.prefetch-next | false | ||
network.websocket.enabled | false | Deprecated | |
network.dns.disableIPv6 | true | ||
network.captive-portal-service.enabled2) | false | detectportal.firefox.com | |
push.services.mozilla.com | false | Undocumented | |
Alternative | Install (not tested by us) BarTab Lite X | ||
Network | |||
network.trr.mode | 5 | This turns DNS over HTTPS off | |
TLS | |||
security.tls.version.min | 3 | This uses at least TLSv1.2 . Beware, this will break site using older TLS verisions | |
Safe Browsing | If you do not want to tell Google about every page you visit, every file you download then turn safe browsing off | ||
browser.safebrowsing.downloads.enabled | false | ||
browser.safebrowsing.downloads.remote.enabled | false | Deprecated | |
browser.safebrowsing.enabled | false | Deprecated | |
browser.safebrowsing.malware.enabled | false | ||
browser.tabs.loadInBackground | false | ||
services.sync.prefs.sync.browser.safebrowsing.enabled | false | ||
services.sync.prefs.sync.browser.safebrowsing.malware.enabled | false | ||
Other browser settings | |||
dom.battery.enabled | false | ||
dom.event.clipboardevents.enabled | false | ||
dom.storage.enabled | false | This may reduce and or break functionality | |
browser.cache.disk.enable | false | ||
browser.cache.memory.enable | false | ||
browser.cache.offline.enable | false | ||
browser.cache.offline.capacity | 0 | ||
browser.send_pings | false | ||
Loading of tabs on startup | See Prevent all pinned tabs from loading on start | ||
browser.sessionstore.restore_on_demand | true | Do not load normal tabs on startup | |
browser.sessionstore.restore_pinned_tabs_on_demand | true | Do not load pinned tabs on startup | |
Prefetching | See Mozilla: Link prefetching FAQ | ||
browser.newtab.preload | false | ||
services.sync.prefs.sync.browser.tabs.loadInBackground | false | ||
browser.tabs.loadInBackground | false | See How stop firefox making automatic connections | |
services.sync.prefs.sync.browser.tabs.loadInBackground | false | See How stop firefox making automatic connections | |
network.dns.disablePrefetch | true | DNS prefetching | |
network.http.speculative-parallel-limit | 0 | Speculative pre-connections | |
Blank new tab | |||
browser.newtabpage.enabled | false | ||
browser.newtabpage.activity-stream.feeds.section.highlights | false | ||
browser.newtabpage.activity-stream.feeds.snippets | false | ||
browser.newtabpage.activity-stream.feeds.topsites | false | ||
browser.newtabpage.activity-stream.prerender | false | ||
browser.newtabpage.activity-stream.section.highlights.includeBookmarks | false | ||
browser.newtabpage.activity-stream.section.highlights.includeDownloads | false | ||
browser.newtabpage.activity-stream.section.highlights.includePocket | false | ||
browser.newtabpage.activity-stream.section.highlights.includeVisited | false | ||
browser.newtabpage.activity-stream.showSearch | false | ||
Avoid getting data send to Mozilla for their advertizing scheme | |||
browser.startup.homepage | about:blank | ||
browser.newtab.url | about:blank | ||
layers.enable-tiles | false | ||
layers.tiles.adjust | false | ||
Geolocation | |||
geo.enabled | false | ||
geo.wifi.logging.enabled | false | ||
geo.wifi.uri | http://127.0.0.1 | ||
Data collection | |||
datareporting.healthreport.service.enabled | false | ||
datareporting.healthreport.uploadEnabled | false | ||
toolkit.telemetry.enabled | false | ||
browser.newtabpage.activity-stream.feeds.telemetry | false | ||
browser.newtabpage.activity-stream.telemetry | false | ||
browser.ping-centre.telemetry | false | ||
toolkit.telemetry.archive.enabled | false | ||
toolkit.telemetry.bhrPing.enabled | false | ||
toolkit.telemetry.enabled | false | ||
toolkit.telemetry.firstShutdownPing.enabled | false | ||
toolkit.telemetry.hybridContent.enabled | false | ||
toolkit.telemetry.newProfilePing.enabled | false | ||
toolkit.telemetry.reportingpolicy.firstRun | false | ||
toolkit.telemetry.server | empty | Was https://incoming.telemetry.mozilla.org) | |
toolkit.telemetry.shutdownPingSender.enabled | false | ||
toolkit.telemetry.shutdownPingSender.enabledFirstSession | false | ||
toolkit.telemetry.unified | false | ||
toolkit.telemetry.updatePing.enabled | false | ||
beacon.enabled | false | ||
privacy.firstparty.isolate | true | ||
privacy.resistFingerprinting | true | If true you will need to manually set the windowsize to the size you want. See also the privacyresistfingerprinting section on this page | |
Other | |||
loop.enabled | false | ||
browser.pocket.enabled | false | ||
extensions.pocket.enabled | false | ||
Media | |||
media.eme.enabled | false | ||
media.gmp-eme-adobe.enabled | false | ||
media.peerconnection.enabled | false | ||
media.peerconnection.identity.timeout | 1 | ||
media.peerconnection.turn.disable | true | ||
media.peerconnection.use_document_iceservers | false | ||
media.peerconnection.video.enabled | false | ||
Privacy | |||
privacy.globalprivacycontrol.enabled | true | Test | |
privacy.globalprivacycontrol.functionality.enabled | true | Test | |
Devices | |||
camera.control.face_detection.enabled | false | ||
camera.control.autofocus_moving_callback.enabled | false | ||
device.sensors.enabled | false | ||
Encryption | Security:Renegotiation | ||
security.tls.unrestricted_rc4_fallback | false | ||
security.ssl.require_safe_negotiation | true | ||
security.ssl.treat_unsafe_negotiation_as_broken | true | ||
Anoyances | |||
media.autoplay.enabled | false | ||
Webgl | |||
webgl.enable-webgl2 | false | ||
media.peerconnection.enabled | false | ||
webgl.disabled | true | ||
webgl.disable-extensions | true | ||
webgl.disable-wgl | true | ||
Obsolete | |||
security.tls.insecure_fallback_hosts.use_static_list | false |
Avoid the Mintcast virus
Add a directory (a file does not work in this case) with the name user.js in every profile directory to avoid getting the Mintcast virus
Prevent Fingerprinting
- Goto Preferences
- Click: Privacy & Security
- Scroll to “Enhanced Tracking Protection”. At this moment it is at the top of the page
- Select “Custom” and turn on
- Cookies and select “All third-prarty cookies (may cause websites to break)”
- Tracking content and select “In all Windows”
- Cryptominers
- Fingerprinters
If websites are broken because of these settings you can use an other Firefox profile with less protection if you really need to vistit those websites
privacy.resistFingerprinting
See Firefox protection against fingerprinting for the information
Setting privacy.resistFingerprinting to true might have user interface implications
Prevent HSTS tracking
Add
23 */2 * * * find /home/user/.mozilla/firefox/ -name SiteSecurityServiceState.txt -delete
to crontab
More info see How to prevent hsts tracking in Firefox
Prevent Punycode
Set, in about:config
network.idn_show_punycode
to true to show the real url
See:
Phishing with Unicode Domains
Search for punycode twice and read on
Trust anchors certificates
Firefox now imports TLS trust anchors (web certificate authority certificates) from the operating system's root store. This is enabled by default on Windows, macOS, and Android. It can be turned off in settings (Preferences > Privacy & Security > Certificates). On Firefox 120 this checkbox is labeled, and is enabled by default:
[x] Allow Firefox to automatically trust third-party root certificates you install
DarkMatter certificates
See Omstreden securitybedrijf wil eigen rootcertificaat in Firefox for background information
See how to remove darkmatter certificates from Firefox
Website loading and login
From version 84.0.2 (64-bit) loading and or logging in to websites like Aliexpress and others have become troublesome, impossible, with the about:preferences#privacy Custom settings set to Setting the setting to Strict can resolve the issue
Useful links
Firefox hardening with user.js
Firefox: Hardening Firefox for Privacy
How to stop Firefox from making automatic connections
Prevent Firefox from Sending Downloaded File Information We suggest you start reading at: If you don’t want to mess with Firefox configuration settings and then at Prevent Firefox from Sending Downloaded File Information above the previous part
Firefox about:config: Privacy & Security
Click tracking
Firefox on Android
On Android, with no tabs open, Firefox tries to connect to
- cloudfront.net
Why this happens is unclear to us. Updates go via the Google Playstore so we do not see a need for this.
Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy
RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.