privacy/firefox/README.md

# README

Make using the web more safe by disabling commonly used techniques and mechanism _without_ sacrificing usability.

Why Firefox? It provides high configurability, is open source and thus better to be reviewed by external security advisories.

Mainly based on [arkenfox](https://github.com/arkenfox/user.js) with some [custom overrides](https://github.com/arkenfox/user.js/wiki/3.1-Overrides).

- [README](#readme)
  - [Install](#install)
  - [Custom overrides](#custom-overrides)
  - [Recommended extensions](#recommended-extensions)
    - [Must have](#must-have)
      - [uBlock settings](#ublock-settings)
      - [Canvas Blocker](#canvas-blocker)
      - [LibRedirect](#libredirect)
      - [LocalCDN](#localcdn)
    - [Advanced, but highly recommended extensions / software to use](#advanced-but-highly-recommended-extensions--software-to-use)
  - [Recommended search engines](#recommended-search-engines)
  - [Additional hints](#additional-hints)

## Install

To find your profile folder, click on the menu top right, on `Help -> Troubleshooting Information`. You can directly open your **Profile Directory** from there or see it, typically it's something like `$HOME/.mozilla/firefox/...` or in Windows `%APPDATA%\Mozilla\Firefox\Profiles\...`

* Install [arkenfox](https://github.com/arkenfox/user.js/releases) (copy to your Firefox profile)
* Copy `user-overrides.js` also into your Firefox profile folder
  * Change any setting if needed, e.g. not clean history?
* Apply the `user-overrides.js` by running `./updater.sh` or the `.bat` file on Windows in the Firefox profile folder
* Remove unnecessary search engines and apply your own or use DuckDuckGo/Startpage
* Install recommended extensions/plugins
* Import provides settings file for uBlock and Canvas Blocker
* Customize toolbar
  * add home button 
  * remove separator spaces
* Disallow saving logins and use a password manager, e.g. KeePassXC
* Login to Firefox sync

## Custom overrides

Look into `user-overrides.js` which custom overrides are enabled and maybe adapt to your needs. In general
they're applied to ease browsing without sacrificing too much security or are just preferences, e.g. _scroll speed_.

## Recommended extensions

Besides Firefox integrated anti-tracking mechanisms, it's still advised to install additional plugins to further enhance this.

In addition, some of those extensions will also greatly improve your user experience: fewer ads, faster page loads. Remember, you can also switch them off (disable), you don't need to uninstall.

**Highly recommended to have all of them allowed in Incognito Mode as well (Maybe except for LocalCDN if desired)!**

### Must have

* `uBlock Origin`: blocks ads and unwanted trackers, also removes certain url parameters (https://addons.mozilla.org/de/firefox/addon/ublock-origin/)
* `CanvasBlocker`: disallows canvas fingerprinting which would be able to identify your unique browser, heavily used in some JavaScript (web) APIs (https://addons.mozilla.org/de/firefox/addon/canvasblocker/)
* `Skip Redirect`: skips not needed redirects of pages (https://addons.mozilla.org/de/firefox/addon/skip-redirect/)
* `ClearURLs`: removes tracking parameters from URLs, e.g., from Google analytics (https://addons.mozilla.org/de/firefox/addon/clearurls/)
* `LibRedirect`: automatically redirects to privacy-friendly frontends of certain applications, e.g., nitter for all Twitter links or piped for all Youtube links (believe me, you'll love the snappiness!) (https://addons.mozilla.org/de/firefox/addon/libredirect/)
* `LocalCDN`: some files like fonts are loaded from Google by some pages when they decide to do so, you can avoid it with this extension as it will have them properly embedded already, so you save the troubles of contacting Google servers (or other Content Deliver Networks) (https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/)

**Hint**: Extensions impacting redirects or cookies _might_ lead to malfunctioning of some websites. If you encounter this, it's **recommended to disable them _per page_** and **NOT** globally! First could shot can be setting an exception for a page inside uBlock.!

You can **hide extension icons** in the overflow menu if you like. Just right click the icon in the top right in the menu bar and "pin to overflow".

#### uBlock settings

* Import the `ublock-config-1.txt` in the "My Filter" menu for proper settings from the [extension_settings/](./extension_settings/) folder within the extension.
* Import `https://raw.githubusercontent.com/gwarser/filter-lists/master/lan-block.txt` in "Filter lists" (Custom)

#### Canvas Blocker

Import the provided Canvas settings `CanvasBlocker-settings.json` file from the [extension_settings/](./extension_settings/) folder within the extension.

#### LibRedirect

Import the provided libredirect settings `libredirect-settings.json` file from the [extension_settings/](./extension_settings/) folder within the extension.

#### LocalCDN

Import the provided localcdn settings `localcdn_backup.txt` file from the [extension_settings/](./extension_settings/) folder within the extension.

### Advanced, but highly recommended extensions / software to use

Use a password manager and don't store or synchronize your passwords within internal browser functionality, e.g., `KeePassXC` or `Bitwarden` with a custom provider

## Recommended search engines

If not possible in another way, you can add them via [Add custom search engine](https://addons.mozilla.org/en-US/firefox/addon/add-custom-search-engine/). Just follow instructions after installing and opening the extension.

```shell
# Tied to "Germany" for search results, maybe you like to change this
# Then generate a different URL
https://duckduckgo.com/?q=%s&ks=l&kav=1&kn=1&kp=-2&kak=-1&kax=-1&kaq=-1&kao=-1&kau=-1&kaj=m&kam=google-maps&k1=-1&kae=c
```

```shell
# Tied to "Germany" for search results, maybe you like to change this
# Then generate a different URL
https://www.qwant.com/?q=%s&r=DE&sr=de&l=en_gb&h=1&s=0&a=1&b=1&vt=0&hc=0&smartNews=0&smartSocial=0&theme=0&i=1&donation=0&qoz=0&shb=0&shl=0
```

```shell
# Tied to "Germany" for search results, maybe you like to change this
# Then generate a different URL
https://duckduckgo.com/?q=%s&ks=l&kav=1&kn=1&kp=-2&kak=-1&kax=-1&kaq=-1&kao=-1&kau=-1&kaj=m&kam=google-maps&k1=-1&kae=c
```

Be sure to add shortcuts to be used in your navigation bar, e.g. `@ddg` refers to DuckDuckGo search engine and directly issues searches to DuckDuckGo from the navigation bar and does not use the default search engine, but your default!

## Additional hints

Besides securing Firefox, you should consider not using the DNS servers of your Internet provider and instead install system-wide [DNS alternatives](https://www.kuketz-blog.de/empfehlungsecke/#dns) or a [local DNS server](https://wiki.archlinux.org/index.php/Unbound) which directly queries root DNS servers. There's really no downside of this.
Switch to arkenfox for Firefox privacy 2022-02-19 09:29:32 +00:00			`# README`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00
			`Make using the web more safe by disabling commonly used techniques and mechanism _without_ sacrificing usability.`

			`Why Firefox? It provides high configurability, is open source and thus better to be reviewed by external security advisories.`

Switch to arkenfox for Firefox privacy 2022-02-19 09:29:32 +00:00			`Mainly based on [arkenfox](https://github.com/arkenfox/user.js) with some [custom overrides](https://github.com/arkenfox/user.js/wiki/3.1-Overrides).`

Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`- [README](#readme)`
			`- [Install](#install)`
			`- [Custom overrides](#custom-overrides)`
			`- [Recommended extensions](#recommended-extensions)`
			`- [Must have](#must-have)`
			`- [uBlock settings](#ublock-settings)`
			`- [Canvas Blocker](#canvas-blocker)`
			`- [LibRedirect](#libredirect)`
			`- [LocalCDN](#localcdn)`
			`- [Advanced, but highly recommended extensions / software to use](#advanced-but-highly-recommended-extensions--software-to-use)`
			`- [Recommended search engines](#recommended-search-engines)`
			`- [Additional hints](#additional-hints)`

Switch to arkenfox for Firefox privacy 2022-02-19 09:29:32 +00:00			`## Install`

			To find your profile folder, click on the menu top right, on `Help -> Troubleshooting Information`. You can directly open your Profile Directory from there or see it, typically it's something like `$HOME/.mozilla/firefox/...` or in Windows `%APPDATA%\Mozilla\Firefox\Profiles\...`

			`* Install [arkenfox](https://github.com/arkenfox/user.js/releases) (copy to your Firefox profile)`
			* Copy `user-overrides.js` also into your Firefox profile folder
			`* Change any setting if needed, e.g. not clean history?`
			* Apply the `user-overrides.js` by running `./updater.sh` or the `.bat` file on Windows in the Firefox profile folder
			`* Remove unnecessary search engines and apply your own or use DuckDuckGo/Startpage`
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`* Install recommended extensions/plugins`
Switch to arkenfox for Firefox privacy 2022-02-19 09:29:32 +00:00			`* Import provides settings file for uBlock and Canvas Blocker`
			`* Customize toolbar`
			`* add home button`
			`* remove separator spaces`
			`* Disallow saving logins and use a password manager, e.g. KeePassXC`
			`* Login to Firefox sync`

			`## Custom overrides`

			Look into `user-overrides.js` which custom overrides are enabled and maybe adapt to your needs. In general
			`they're applied to ease browsing without sacrificing too much security or are just preferences, e.g. _scroll speed_.`

Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00			`## Recommended extensions`

Use HTTPS mode by default, clean up plugins 2020-11-21 11:37:22 +00:00			`Besides Firefox integrated anti-tracking mechanisms, it's still advised to install additional plugins to further enhance this.`
Add ublock cfg 2020-06-07 13:57:58 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`In addition, some of those extensions will also greatly improve your user experience: fewer ads, faster page loads. Remember, you can also switch them off (disable), you don't need to uninstall.`

			`Highly recommended to have all of them allowed in Incognito Mode as well (Maybe except for LocalCDN if desired)!`

			`### Must have`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			* `uBlock Origin`: blocks ads and unwanted trackers, also removes certain url parameters (https://addons.mozilla.org/de/firefox/addon/ublock-origin/)
			* `CanvasBlocker`: disallows canvas fingerprinting which would be able to identify your unique browser, heavily used in some JavaScript (web) APIs (https://addons.mozilla.org/de/firefox/addon/canvasblocker/)
			* `Skip Redirect`: skips not needed redirects of pages (https://addons.mozilla.org/de/firefox/addon/skip-redirect/)
			* `ClearURLs`: removes tracking parameters from URLs, e.g., from Google analytics (https://addons.mozilla.org/de/firefox/addon/clearurls/)
			* `LibRedirect`: automatically redirects to privacy-friendly frontends of certain applications, e.g., nitter for all Twitter links or piped for all Youtube links (believe me, you'll love the snappiness!) (https://addons.mozilla.org/de/firefox/addon/libredirect/)
			* `LocalCDN`: some files like fonts are loaded from Google by some pages when they decide to do so, you can avoid it with this extension as it will have them properly embedded already, so you save the troubles of contacting Google servers (or other Content Deliver Networks) (https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/)
Add greasemonkey, enable DRM by default 2020-10-22 16:10:15 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`Hint: Extensions impacting redirects or cookies _might_ lead to malfunctioning of some websites. If you encounter this, it's recommended to disable them _per page_ and NOT globally! First could shot can be setting an exception for a page inside uBlock.!`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00
Add custom search 2020-08-26 20:49:18 +00:00			`You can hide extension icons in the overflow menu if you like. Just right click the icon in the top right in the menu bar and "pin to overflow".`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`#### uBlock settings`
Add greasemonkey, enable DRM by default 2020-10-22 16:10:15 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			* Import the `ublock-config-1.txt` in the "My Filter" menu for proper settings from the [extension_settings/](./extension_settings/) folder within the extension.
Use local LAN list for uBlock 2020-11-25 22:13:24 +00:00			* Import `https://raw.githubusercontent.com/gwarser/filter-lists/master/lan-block.txt` in "Filter lists" (Custom)
Add greasemonkey, enable DRM by default 2020-10-22 16:10:15 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`#### Canvas Blocker`

			Import the provided Canvas settings `CanvasBlocker-settings.json` file from the [extension_settings/](./extension_settings/) folder within the extension.

			`#### LibRedirect`

			Import the provided libredirect settings `libredirect-settings.json` file from the [extension_settings/](./extension_settings/) folder within the extension.
Switch to arkenfox for Firefox privacy 2022-02-19 09:29:32 +00:00
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			`#### LocalCDN`

			Import the provided localcdn settings `localcdn_backup.txt` file from the [extension_settings/](./extension_settings/) folder within the extension.

			`### Advanced, but highly recommended extensions / software to use`

			Use a password manager and don't store or synchronize your passwords within internal browser functionality, e.g., `KeePassXC` or `Bitwarden` with a custom provider
Switch to arkenfox for Firefox privacy 2022-02-19 09:29:32 +00:00
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00			`## Recommended search engines`

Add custom search 2020-08-26 20:49:18 +00:00			`If not possible in another way, you can add them via [Add custom search engine](https://addons.mozilla.org/en-US/firefox/addon/add-custom-search-engine/). Just follow instructions after installing and opening the extension.`

Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			```shell
			`# Tied to "Germany" for search results, maybe you like to change this`
			`# Then generate a different URL`
			`https://duckduckgo.com/?q=%s&ks=l&kav=1&kn=1&kp=-2&kak=-1&kax=-1&kaq=-1&kao=-1&kau=-1&kaj=m&kam=google-maps&k1=-1&kae=c`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00			```
Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00
			```shell
			`# Tied to "Germany" for search results, maybe you like to change this`
			`# Then generate a different URL`
Add custom search 2020-08-26 20:49:18 +00:00			`https://www.qwant.com/?q=%s&r=DE&sr=de&l=en_gb&h=1&s=0&a=1&b=1&vt=0&hc=0&smartNews=0&smartSocial=0&theme=0&i=1&donation=0&qoz=0&shb=0&shl=0`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00			```

Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			```shell
			`# Tied to "Germany" for search results, maybe you like to change this`
			`# Then generate a different URL`
Add custom search 2020-08-26 20:49:18 +00:00			`https://duckduckgo.com/?q=%s&ks=l&kav=1&kn=1&kp=-2&kak=-1&kax=-1&kaq=-1&kao=-1&kau=-1&kaj=m&kam=google-maps&k1=-1&kae=c`
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00			```

Add LocalCDN, LibRedirect and adapt some README files to reflect latest state 2023-04-18 22:46:39 +00:00			Be sure to add shortcuts to be used in your navigation bar, e.g. `@ddg` refers to DuckDuckGo search engine and directly issues searches to DuckDuckGo from the navigation bar and does not use the default search engine, but your default!
Use HTTPS mode by default, clean up plugins 2020-11-21 11:37:22 +00:00
Unify all app privacy related settings under one repository - initial commit 2019-12-03 12:26:59 +00:00			`## Additional hints`

Add httpz as alternative to ssl redirect 2020-01-09 07:00:26 +00:00			`Besides securing Firefox, you should consider not using the DNS servers of your Internet provider and instead install system-wide [DNS alternatives](https://www.kuketz-blog.de/empfehlungsecke/#dns) or a [local DNS server](https://wiki.archlinux.org/index.php/Unbound) which directly queries root DNS servers. There's really no downside of this.`