Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday October 23 2020, @01:48AM   Printer-friendly
from the not-trying-to-start-a-browser-war dept.

There are various stories about Firefox not respecting user privacy. Some suggest certain settings to reduce the information Firefox sends out (such as this one from Mozilla). Over time, I have collected a lot of them into a user.js file. For those who do not know, a user.js file may be dropped into a Firefox profile directory as a convenient way to force certain settings every time Firefox starts up. This can reset changes made by the user during a previous session, but is also a convenient way to initialize desired settings in a fresh profile.

In an IRC discussion, Martyb suggested I share the settings I have collected. Below is a sample user.js that I sometimes use as a template for disabling many potential privacy and/or security holes in Firefox. Some, like HTML pings, are probably features that most privacy-minded individuals do not want (and may not have even known about). Others, like disabling cookies and/or javascript, can break how sites work (sometimes, amusingly, they only break the advertisements). Others, like disabling tracker protection, are double-edged in that disabling them exposes you to being tracked by known trackers, while enabling them might cause Firefox to phone home to get updated lists of known trackers. The comments in the user.js point out some, but definitely not all, of the potential pitfalls. The settings are definitely not set the way everybody should use them, but having them listed out at least provides a convenient starting point. I highly recommend against dropping them directly into your main Firefox profile, as they may undo changes you have made for yourself. Instead, either try them in a fresh profile and copy over things that work for you, or research the settings and only copy over the ones you want that will not break your browser.

Please share any information you may have on various settings in this file, or on any you feel are missing from this file. Also, if you have similar information for some other browsers, consider commenting on those, or perhaps submitting a story about settings for that browser.

/* Note:  All of these may be set in about:config.  Many may also be set
* via about:preferences.  Placing them in a user.js allows for them to be
* set automaticaly when Firefox starts up (overriding any changes made to
* them during the previous session), and also gives a convenient way to
* set many settings in a new profile.
*
* Several of these break sites (often in ways that are not immediately
* obvious); others break features.  They are being included here just to
* show what options are there.  A small amount of effort has been made to
* comment on the ones that are likely to break things.
*
* Obviously, most of these are not carefully explained.  Please search
* online to find out what they do. */

/* Start in offline mode, if desired: */
//user_pref("browser.offline", false);

/* Disable automatic updates. */
user_pref("app.update.auto", false);
user_pref("browser.search.update", false);
user_pref("extensions.update.autoUpdateDefault", false);
user_pref("extensions.update.enabled", false);

/* Disable settings that might try to deal with a typo, sending out
* information that was not intended to be sent. */
user_pref("browser.fixup.alternate.enabled", false);
user_pref("browser.search.suggest.enabled", false);
user_pref("keyword.enabled", false);

/* Disable certain storages that could leak information to somebody else
* using the browser. */
user_pref("browser.formfill.enable", false);
user_pref("browser.history_expire_days.mirror", 1);
user_pref("browser.history_expire_days_min", 1);
user_pref("browser.urlbar.autocomplete.enabled", false);
user_pref("browser.urlbar.suggest.bookmark", false);
user_pref("browser.urlbar.suggest.history", false);
user_pref("browser.urlbar.suggest.openpage", false);
user_pref("browser.urlbar.suggest.topsites", false);
user_pref("places.history.enabled", false);
/* Note:  Some sites that require javascript to be enabled and use local
* storage may choke with these two settings: */
user_pref("dom.storage.enabled", false);
user_pref("dom.indexedDB.enabled", false);

/* Disable certain features that leak information. */
user_pref("browser.safebrowsing.enabled", false);
user_pref("browser.safebrowsing.blockedURIs.enabled", false);
user_pref("browser.safebrowsing.downloads.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.passwords.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.safebrowsing.remoteLookups", false);
/* Disable various pings and automatic checks. */
user_pref("browser.aboutHomeSnippets.updateUrl", "");
user_pref("extensions.blocklist.enabled", false);
user_pref("extensions.getAddons.cache.enabled", false);
user_pref("network.captive-portal-service.enabled", false);
/* Disable the ping attribute in HTML links:
* <a href="https://target.com/" ping="https://ping.com">Ping</a>
* will send a ping to the ping URL when clicked if this is enabled. */
user_pref("browser.send_pings", false);
/* Disable searching the network for finding devices Firefox could send
* video to (like Roku or Chromecast devices). */
user_pref("browser.casting.enabled", false);

/* General security. */
/* This definitely breaks sites, but for the paranoid, nothing enhances
* security and privacy like not letting sites choose what code runs. */
user_pref("javascript.enabled", false);
/* This is probably not an issue if javascript is disabled.  If enabled and
* used, it allows for probing local IP addresses.  Specifically, if
* enabled, the STUN protocol can use an ICE connection to figure out IP
* addresses of your computer.  Note that this is required for WebRTC
* (audio/video conferencing). */
user_pref("media.peerconnection.enabled", false);
user_pref("security.enable_java", false);
user_pref("security.warn_entering_secure", true);
user_pref("security.warn_entering_weak", true);
user_pref("security.warn_leaving_secure", true);
user_pref("security.warn_submit_insecure", true);
user_pref("security.warn_viewing_mixed", true);
/* If you do not plan to use this web notification service, you should
* probably keep is disabled. */
user_pref("dom.webnotifications.enabled", false);
user_pref("dom.webnotifications.serviceworker.enabled", false);

/* Set some private settings. */
/* Do not try to load links just because the cursor passed over them. */
user_pref("network.http.speculative-parallel-limit", 0);
user_pref("network.dns.disablePrefetch", true);
user_pref("network.prefetch-next", false);
/* Do not try to geolocate. */
user_pref("browser.search.geoip.url", "");
/* Disable DNS over HTTPS.  See other network.trr.* settings for more
* details.  Enable by setting to 2, or by going to about:preferences and
* changing the check box in about:config. */
user_pref("network.trr.mode", 5);
/* Show punycode in URLs using that (rather than showing Unicode).  This is
* an attempt to protect against sites that use names that look official,
* like www.google.com except with an ``o'' replaced with some Unicode
* character that looks a lot like an ``o'', or something. */
user_pref("network.IDN_show_punycode", true);
/* Accessibility features might be a privacy issue. */
user_pref("accessibility.force_disabled", 1);
/* Disable studies and personalized extension recommendations. */
user_pref("app.normandy.enabled", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("browser.discovery.enabled", false);
/* Disable Normandy service, which, if enabled, allows Mozilla to push
* configuration changes and add-ons to your browser.  While an obvious
* potential security issue, note that this feature does help to prevent
* other security issues with uses not updating software, including
* apparently helping with some problem where a bug was preventing updating
* add-ons. */
user_pref("app.normandy.enabled", false);

/* If you want to use your own extensions, they will need to be signed,
* unless you disable this (set it to false). */
user_pref("xpinstall.signatures.required", true);

/* Always ask where to download files. */
user_pref("browser.download.useDownloadDir", false);

/* Open new tabs with blank pages. */
user_pref("browser.newtabpage.enabled", false);
user_pref("browser.newtabpage.enhanced", false);
/* Default home page is a blank page. */
user_pref("browser.startup.page", 0);
user_pref("browser.startup.homepage", "about:blank");
/* Cycle through tabs in a more predictable order. */
user_pref("browser.ctrlTab.recentlyUsedOrder", false);
/* Disable showing things in new tabs if not using a blank page. */
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
user_pref("browser.newtabpage.activity-stream.feeds.topsites", false);
user_pref("browser.newtabpage.activity-stream.showSearch", false);
user_pref("browser.newtabpage.activity-stream.showSponsored", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);

/* Use autoscroll. */
user_pref("general.autoScroll", true);

/* Disable cookies by default. */
user_pref("network.cookie.cookieBehavior", 2);
user_pref("network.cookie.lifetimePolicy", 2);
/* Disable other potential trackers.
* NOTE:  If these are enabled, Firefox may connect to servers to update
* lists of known cryptominers and/or trackers.  On the other hand,
* disabling them may result in Firefox loading resources from known
* trackers. */
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.cryptomining.enabled", true);
user_pref("privacy.trackingprotection.fingerprinting.enabled", true);
user_pref("privacy.trackingprotection.socialtracking.enabled", true);

/* Clear stored data on browser shutdown. */
user_pref("privacy.sanitize.didShutdownSanitize", true);
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
user_pref("privacy.clearOnShutdown.offlineApps", true);
user_pref("privacy.clearOnShutdown.siteSettings", true);

/* Do not remember credentials. */
user_pref("signon.rememberSignons", false);
user_pref("extensions.formautofill.addresses.enabled", false);
user_pref("pref.privacy.disable_button.view_passwords_exceptions", false);

/* If desired, always use a SOCKS5 proxy. */
user_pref("network.proxy.type", 1);
user_pref("network.proxy.socks", "127.0.0.1");
user_pref("network.proxy.socks_port", "12345");
/* If using a proxy, proxy DNS as well. */
user_pref("network.proxy.socks_remote_dns", true);


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by Anonymous Coward on Friday October 23 2020, @03:02AM (4 children)

    by Anonymous Coward on Friday October 23 2020, @03:02AM (#1067780)

    Looking at the settings for the tor browser is helpful to get privacy/anti-info-leak setting ideas, but a few of their settings require a patched firefox.

    Unfortunately, the tor project doesn't point HEAD to latest. So, easiest to just go to this link, and in the upper right, select the branch numbered the latest revision for your version of firefox:

    https://gitweb.torproject.org/tor-browser.git/tree/browser/app/profile/000-tor-browser.js?h=tor-browser-52.3.0esr-7.5-2 [torproject.org]

    ghacks is another good source of ideas:

    https://raw.githubusercontent.com/ghacksuserjs/ghacks-user.js/master/user.js [githubusercontent.com]

    I have a build system that builds several firefox profiles from source config "chunks" with settings for extensions like umatrix also being managed this way, so e.g., my banking profile allows my bank to run js, but my general profile has no reason for this, and doesn't. When extension data was stored in about:config it was easier, the build system could add to allow lists directly. Now, extension data is in separate dbs, so I have writable profiles that are used for nothing but to update config for these extensions, then the extension db files are saved into the build system for the appropriate normal use profile(s) (I run firefox in jails with tmpfs as the only thing it can read/write to). There are also machine specific settings like zoom level that get set by the build depending upon the machine it is run from.

    The system works pretty well, but firefox is constantly adding more garbage that intrudes on your privacy (not just blatant spying by "telemetry", but also anti features like java script access to clipboard data, etc. But, firefox is still better than any of the fully corporate alternatives.

    If your user.js file grows to more than a few lines, it gets hard to track down issues. This trivial script inserts debug lines into your config, and is *really* handy. Just go to about:config with the temp augmented user.js in place, and search for debug.line.number. The value assigned to debug.line.number will be one line before the config line that caused the error. Good to check after any changes since failures are usually silent. They just cause subsequent config from being applied.

    mv user.js user.js.orig && awk '{print $0 "\nuser_pref(\"debug.line.number\", " NR*2 ");"}' user.js.orig > user.js

    my user.js files are all approaching 1000 lines. The above has saved me hours of frustration! Sadly, I didn't think to do it until after already accruing several hours of arrrrgggggg!!!!!!

    Until firefox was updated to 78.3 LTS by Debian a few weeks ago, I would have said you can make firefox look any way you like with userchrome.css, I have always had a very compact layout with a different tab color scheme per browser profile, no hamburger menu crap, etc.. This latest update has broken things. I looked to using their newish theming stuff that they want you using now, and created a theme instead, but firefox won't let you install your own theme now without having mozilla sign it. All very frustrating. I kinda hope Debian finds some reason to fork firefox again, and the maintainers get rid of some of this mozilla corp knows best, you know you can't be trusted with your own computer B.S. Still better than the alternatives, though.

    Starting Score:    0  points
    Moderation   +3  
       Insightful=1, Informative=1, Underrated=1, Total=3
    Extra 'Informative' Modifier   0  

    Total Score:   3  
  • (Score: 3, Informative) by Anonymous Coward on Friday October 23 2020, @05:18AM (1 child)

    by Anonymous Coward on Friday October 23 2020, @05:18AM (#1067799)
    Thanks AC for good info. I mostly use Tor Browser 10.0.2 [torproject.org] and otherwise Firefox ESR 78.4.0 [mozilla.org] with a customised user.js file that is a combination of

    I do not recommend mobile browsers because the combination of the platform and the browsers cannot be customised enough for good security and privacy IMHO.

    Using Firefox-ESR (Extended Support Release) means you do not usually have to revisit user.js every 4-5 weeks like you would using regular Firefox version. I manage IT for a company, and apply my suggestions to the users, but they have their choices and most use a user.js hardened Firefox instead of Tor Browser, with at least these extensions

    • NoScript
    • HTTPS Everywhere
    • uBlock Origin [mozilla.org] with extra custom filters
    • Decentraleyes (if useful based on the user's browsing pattern)
    • Dark Reader [mozilla.org] (for people who prefer dark mode)

    Also, I trim the trusted CA certificates to a minimal set using phllyukko's guidance [github.com]. This does not work for Tor Browser, so I switch it to use the system trusted CA certificates based on guidance here [askubuntu.com] and must modify /etc/ca-certificates.conf and run update-ca-certificates to make the changes take effect. These commands will modify Tor Browser or Firefox to use the system trust store in an Ubuntu system (run it from the Browser folder)

    mv -f libnssckbi.so libnssckbi.so.ORIG
    ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so libnssckbi.so

    Before doing a Tor Browser upgrade, switch it back - otherwise the upgrade takes a long time and will overwrite your changes anyway. After the upgrade, run the script again to use the system trust store.

    For the browser versions I use and the link AC mentioned, I found https://gitweb.torproject.org/tor-browser.git/tree/browser/app/profile/000-tor-browser.js?h=tor-browser-78.4.0esr-10.0-2 [torproject.org] to work best. I like AC's idea of several firefox profiles, but for my users that might get complicated. Instead we switch Tor Browser Security Level (torbutton), and re-import trusted sites (like Wikipedia, etc.) into NoScript after switching to a different security level because it overwrites changes. You can follow instructions at this article [ghacks.net] to use Tor Browser without Tor, for example to do online banking.

    • (Score: 0) by Anonymous Coward on Friday October 23 2020, @05:56AM

      by Anonymous Coward on Friday October 23 2020, @05:56AM (#1067803)

      Thanks, your list a great baseline to work with in conjunction with applying own research and personal preferences!

      One minor point of criticism:

      Using both NoScript and uBlock Origin is now redundant. uBlock recently added an "advanced" mode (checkbox in settings enables it) that borrows from uMatrix in concept and interface and lets you block page elements based on their origin relative to the visited site. In addition to the obligatory block lists, custom rules and cosmetic filters.

      In fact, I stoppped using uMatrix in favour of "advanced" uBlock. Reputation as the best *anything*blocker well deserved.

  • (Score: 1, Interesting) by Anonymous Coward on Friday October 23 2020, @10:15AM (1 child)

    by Anonymous Coward on Friday October 23 2020, @10:15AM (#1067831)

    Firefox is not better than other browsers. Brave respects the user from the get-go, Ungoogled Chromium establishes zero unwanted connections, PaleMoon is great. Just the fact that FireFox needs to be extensively modified to respect some semblence of privacy says it all.

    • (Score: 1, Informative) by Anonymous Coward on Friday October 23 2020, @02:14PM

      by Anonymous Coward on Friday October 23 2020, @02:14PM (#1067873)

      The problem is that on non-firefox based browsers, you can't turn off all the info leaking "features". And, every browser you mention is full of them. So, by being able to turn off javascript features used to fingerprint users. Turn off javascript being able to spy on your clipboard. Turn off webrtc and other garbage that leaks your real IP when you are behind a VPN. You are *much* better off with firefox than any other non-firefox based browser.

      As for pale moon (a firefox based browser), it is less secure due to vulnerabilities due to running an ancient unpatched/slow to patch firefox by virtue of the tiny group of devs (you are probably better off with seamonkey, if you want XUL extensions)-- I can't find the link but there was a good writeup on pale moon where the author showed that pale moon was vulnerable to exploits known and already fixed in mainline firefox for _years_.