User Tools

Site Tools


firefox_privacy_and_security

If you want to send us your comments, please do so. Thanks
More on comments


Firefox Privacy and security

Add-ons
A great overview can be found at: Privacy.io

General

* Change the privacy and security settings via Edit | Preferences
* Press Shift-CTRL-j to get the Browser Console with page errors and other interesting information
* Goto about:config. Click on I'll be carefull, I promissie! Enter in the searchbar what you want to change

Issues with Firefox itself

  • Firefox autoloads pinned tabs. See the Prefetching section in the Settings table below on how to turn prefetching off
  • Cookies of pinned tabs (some?) do not show up in about:preferences | Privacy & Security | Cookies and Site Data | Manage data … . If you delete all cookies with the Cookie Autodelete extension (Clean | Clean, include all open tabs) they show up in the notification popup as being deleted.
  • When Firefox is started it connects with
    • Akamai
    • Amazon Technologies Inc.
    • Edgecast
    • DigitalOcean
    • Mozilla Corporation.

DigitalOcean and Mozilla Corporation are not always connected to
This connecting behaviour can be turned off in about:config by removing the values of the appropriate http and https values. It will also disable the auto update function. Firefox must then be manually updated. See our Firefox topic

Avoid getting data send to Mozilla for their advertising scheme

Goto about:config and search for and then double click on the line and change the value on the end to

SettingValue
browser.startup.homepageabout:blank
browser.newtab.urlabout:blankNo longer supported in Firefox since version 41
layers.enable-tilesfalse
layers.tiles.adjustfalse
services.sync.prefs.sync.browser.startup.homepagefalse

Settings

All settings are made in about:config unless otherwise noted
Some privacy and security settings can be changed via Edit | Preferences

SettingPreferred valueRemarks
HowTo disable Firefox page preloading See: How stop firefox making automatic connections
browser.aboutHomeSnippets.updateUrlMake emptyDeprecated
browser.tabs.loadInBackgroundfalse
network.dns.disablePrefetchtrue
network.dns.disablePrefetchFromHTTPStrue
network.http.speculative-parallel-limit0
network.prefetch-nextfalse
network.websocket.enabledfalseDeprecated
network.dns.disableIPv6true
Alternative Install (not tested by us) BarTab Lite X
Network
network.trr.mode5This turns DNS over HTTPS off
TLS
security.tls.version.min3This uses at least TLSv1.2 . Beware, this will break site using older TLS verisions
Safe Browsing If you do not want to tell Google about every page you visit, every file you download then turn safe browsing off
browser.safebrowsing.downloads.enabledfalse
browser.safebrowsing.downloads.remote.enabledfalseDeprecated
browser.safebrowsing.enabledfalseDeprecated
browser.safebrowsing.malware.enabledfalse
browser.tabs.loadInBackgroundfalse
services.sync.prefs.sync.browser.safebrowsing.enabledfalse
services.sync.prefs.sync.browser.safebrowsing.malware.enabledfalse
Other browser settings
dom.battery.enabledfalse
dom.event.clipboardevents.enabledfalse
dom.storage.enabledfalseThis may reduce and or break functionality
browser.cache.disk.enablefalse
browser.cache.memory.enablefalse
browser.cache.offline.enablefalse
browser.cache.offline.capacity0
browser.send_pingsfalse
Loading of tabs on startup See Prevent all pinned tabs from loading on start
browser.sessionstore.restore_on_demandtrueDo not load normal tabs on startup
browser.sessionstore.restore_pinned_tabs_on_demandtrueDo not load pinned tabs on startup
Prefetching See Mozilla: Link prefetching FAQ
browser.newtab.preloadfalse
services.sync.prefs.sync.browser.tabs.loadInBackgroundfalse
browser.tabs.loadInBackgroundfalseSee How stop firefox making automatic connections
services.sync.prefs.sync.browser.tabs.loadInBackgroundfalseSee How stop firefox making automatic connections
network.dns.disablePrefetchtrueDNS prefetching
network.http.speculative-parallel-limit0Speculative pre-connections
Blank new tab
browser.newtabpage.enabledfalse
browser.newtabpage.activity-stream.feeds.section.highlightsfalse
browser.newtabpage.activity-stream.feeds.snippetsfalse
browser.newtabpage.activity-stream.feeds.topsitesfalse
browser.newtabpage.activity-stream.prerenderfalse
browser.newtabpage.activity-stream.section.highlights.includeBookmarksfalse
browser.newtabpage.activity-stream.section.highlights.includeDownloadsfalse
browser.newtabpage.activity-stream.section.highlights.includePocketfalse
browser.newtabpage.activity-stream.section.highlights.includeVisitedfalse
browser.newtabpage.activity-stream.showSearchfalse
Avoid getting data send to Mozilla for their advertizing scheme
browser.startup.homepageabout:blank
browser.newtab.urlabout:blank
layers.enable-tilesfalse
layers.tiles.adjustfalse
Geolocation
geo.enabledfalse
geo.wifi.logging.enabledfalse
geo.wifi.urihttp://127.0.0.1
Data collection
datareporting.healthreport.service.enabledfalse
datareporting.healthreport.uploadEnabledfalse
toolkit.telemetry.enabledfalse
browser.newtabpage.activity-stream.feeds.telemetryfalse
browser.newtabpage.activity-stream.telemetryfalse
browser.ping-centre.telemetryfalse
toolkit.telemetry.archive.enabledfalse
toolkit.telemetry.bhrPing.enabledfalse
toolkit.telemetry.enabledfalse
toolkit.telemetry.firstShutdownPing.enabledfalse
toolkit.telemetry.hybridContent.enabledfalse
toolkit.telemetry.newProfilePing.enabledfalse
toolkit.telemetry.reportingpolicy.firstRunfalse
toolkit.telemetry.serveremptyWas https://incoming.telemetry.mozilla.org)
toolkit.telemetry.shutdownPingSender.enabledfalse
toolkit.telemetry.shutdownPingSender.enabledFirstSessionfalse
toolkit.telemetry.unifiedfalse
toolkit.telemetry.updatePing.enabledfalse
beacon.enabledfalse
privacy.firstparty.isolate true
privacy.resistFingerprintingtrueIf true you will need to manually set the windowsize to the size you want. See also the privacyresistfingerprinting section on this page
Other
loop.enabledfalse
browser.pocket.enabledfalse
extensions.pocket.enabledfalse
Media
media.eme.enabledfalse
media.gmp-eme-adobe.enabledfalse
media.peerconnection.enabledfalse
media.peerconnection.identity.timeout1
media.peerconnection.turn.disabletrue
media.peerconnection.use_document_iceserversfalse
media.peerconnection.video.enabledfalse
Devices
camera.control.face_detection.enabledfalse
camera.control.autofocus_moving_callback.enabledfalse
device.sensors.enabledfalse
Encryption Security:Renegotiation
security.tls.unrestricted_rc4_fallbackfalse
security.ssl.require_safe_negotiationtrue
security.ssl.treat_unsafe_negotiation_as_brokentrue
Anoyances
media.autoplay.enabledfalse
Webgl
webgl.enable-webgl2false
media.peerconnection.enabledfalse
webgl.disabledtrue
webgl.disable-extensionstrue
webgl.disable-wgltrue
Obsolete
security.tls.insecure_fallback_hosts.use_static_listfalse

Avoid the Mintcast virus

Add a directory (a file does not work in this case) with the name user.js in every profile directory to avoid getting the Mintcast virus

Prevent Fingerprinting

  • Goto Preferences
  • Click: Privacy & Security
  • Scroll to “Enhanced Tracking Protection”. At this moment it is at the top of the page
  • Select “Custom” and turn on
    • Cookies and select “All third-prarty cookies (may cause websites to break)”
    • Tracking content and select “In all Windows”
    • Cryptominers
    • Fingerprinters

If websites are broken because of these settings you can use an other Firefox profile with less protection if you really need to vistit those websites

privacy.resistFingerprinting

See Firefox protection against fingerprinting for the information
Setting privacy.resistFingerprinting to true might have user interface implications

Prevent HSTS tracking

Add

23 */2 * * * find /home/user/.mozilla/firefox/ -name SiteSecurityServiceState.txt -delete

to crontab
More info see How to prevent hsts tracking in Firefox

Prevent Punycode

Set, in about:config

network.idn_show_punycode

to true to show the real url
See:
Phishing with Unicode Domains
Search for punycode twice and read on

DarkMatter certificates

Website loading and login

From version 84.0.2 (64-bit) loading and or logging in to websites like Aliexpress and others have become troublesome, impossible, with the about:preferences#privacy Custom settings set to Setting the setting to Strict can resolve the issue

Firefox hardening with user.js
Firefox: Hardening Firefox for Privacy
How to stop Firefox from making automatic connections
Prevent Firefox from Sending Downloaded File Information We suggest you start reading at: If you don’t want to mess with Firefox configuration settings and then at Prevent Firefox from Sending Downloaded File Information above the previous part
Firefox about:config: Privacy & Security
Click tracking

Firefox on Android

On Android, with no tabs open, Firefox tries to connect to

  • cloudfront.net

Why this happens is unclear to us. Updates go via the Google Playstore so we do not see a need for this.


Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy

RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2022 Webevaluation.nl and the authors
Changes reserved.

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
firefox_privacy_and_security.txt · Last modified: 27-11-2021 19:16 by wim