77 lines
3.4 KiB
Markdown
77 lines
3.4 KiB
Markdown
|
# Firefox
|
||
|
|
||
|
Make using the web more safe by disabling commonly used techniques and mechanism _without_ sacrificing usability.
|
||
|
|
||
|
Why Firefox? It provides high configurability, is open source and thus better to be reviewed by external security advisories.
|
||
|
|
||
|
Based on [https://www.privacy-handbuch.de/handbuch_21.htm](https://www.privacy-handbuch.de/handbuch_21.htm).
|
||
|
|
||
|
## Recommended extensions
|
||
|
|
||
|
```
|
||
|
Cookie AutoDelete
|
||
|
HTTPS Everywhere
|
||
|
Neat url
|
||
|
Skip Redirect
|
||
|
uBlock Origin
|
||
|
|
||
|
(Invidious Redirect to use liberated YouTube if needed)
|
||
|
(a Passwordmanager if needed)
|
||
|
```
|
||
|
|
||
|
1. First Party Isolation _might_ lead to malfunctioning of some websites. Disable it per page.
|
||
|
2. Fix white bar on YouTube when using uBlock Origin (_if applicable_). Add the following as a line in My Filters of the extension:
|
||
|
|
||
|
`youtube.com##.no-scroll #page-manager:style(margin-top: 0px !important)`
|
||
|
|
||
|
## Recommended search engines
|
||
|
|
||
|
```
|
||
|
https://www.startpage.com/do/mypage.pl?prfh=enable_stay_controlEEE0N1NsuggestionsEEE1N1Ngeo_mapEEE1N1Nwikipedia_iaEEE1N1Nother_iaEEE1N1Ndisable_open_in_new_windowEEE1N1Ndisable_video_family_filterEEE1N1Nenable_post_methodEEE1N1Nenable_proxy_safety_suggestEEE0N1Ndisable_family_filterEEE1N1Nconnect_to_serverEEEeuN1NsslEEE1N1Nlanguage_uiEEEenglishN1NlanguageEEEdeutschN1Nwt_unitEEEcelsiusN1Nnum_of_resultsEEE20N1Nlang_homepageEEEs/default/en/&op=un11
|
||
|
```
|
||
|
|
||
|
```
|
||
|
https://www.qwant.com/?r=DE&sr=de&l=en_gb&h=1&s=0&a=1&b=1&vt=0&hc=0&smartNews=0&smartSocial=0&theme=0&i=1&donation=0&qoz=0&shb=0&shl=0
|
||
|
```
|
||
|
|
||
|
```
|
||
|
www.kuketz-suche.de
|
||
|
```
|
||
|
|
||
|
## Recommended settings
|
||
|
|
||
|
How to do it?
|
||
|
|
||
|
* Use the provided `user.js` file and copy it into your Firefox profile folder while application is _not_ running.
|
||
|
|
||
|
To find your profile folder, click on the menu top right, on `Help -> Troubleshooting Information`. You can directly open your **Profile Directory** from there or see it, typically it's something like `$HOME/.mozilla/firefox/...` or in Windows `%APPDATA%\Mozilla\Firefox\Profiles\...`
|
||
|
|
||
|
* Adjust values by browsing `about:config` in the address bar. `""` means empty, just delete the characters and press ENTER.
|
||
|
* Create your own profile and copy it into the application data folder while application is _not_ running. See [https://ffprofile.com](https://ffprofile.com).
|
||
|
|
||
|
Some settings _might_ break website behavior although this is not very likely. Be aware of that!
|
||
|
|
||
|
Use an external password manager like KeepassXC, at least AutoFill is advised to be disabled). See [https://www.privacy-handbuch.de/handbuch_21j2.htm#08_07_18](https://www.privacy-handbuch.de/handbuch_21j2.htm#08_07_18).
|
||
|
|
||
|
### Common User Preferences
|
||
|
Optional, but commonly used to ease browsing. Not security-related.
|
||
|
|
||
|
```
|
||
|
general.smoothScroll = false
|
||
|
general.smoothScroll.pages = false
|
||
|
mousewheel.min_line_scroll_amount = 40
|
||
|
browser.newtabpage.activity-stream.feeds.topsites = true
|
||
|
```
|
||
|
|
||
|
Optional and **potentially dangerous in terms of website behavior**, for _GNU/Linux only_.
|
||
|
|
||
|
```
|
||
|
image.mem.max_decoded_image_kb = 512000
|
||
|
media.getusermedia.aec_enabled = false
|
||
|
media.getusermedia.agc_enabled = false
|
||
|
media.getusermedia.noise_enabled = false
|
||
|
```
|
||
|
|
||
|
## Additional hints
|
||
|
|
||
|
Besides securing Firefox, you should consider not using the DNS servers of your Internet provider and instead install system-wide [DNS alternatives](https://www.kuketz-blog.de/empfehlungsecke/#dns) or a [local DNS server](https://wiki.archlinux.org/index.php/Unbound) which directly queries root DNS servers. There's really no downside of this.
|