privacy/firefox/README.md

78 lines
4.1 KiB
Markdown
Raw Normal View History

2022-02-19 09:29:32 +00:00
# README
Make using the web more safe by disabling commonly used techniques and mechanism _without_ sacrificing usability.
Why Firefox? It provides high configurability, is open source and thus better to be reviewed by external security advisories.
2022-02-19 09:29:32 +00:00
Mainly based on [arkenfox](https://github.com/arkenfox/user.js) with some [custom overrides](https://github.com/arkenfox/user.js/wiki/3.1-Overrides).
## Install
To find your profile folder, click on the menu top right, on `Help -> Troubleshooting Information`. You can directly open your **Profile Directory** from there or see it, typically it's something like `$HOME/.mozilla/firefox/...` or in Windows `%APPDATA%\Mozilla\Firefox\Profiles\...`
* Install [arkenfox](https://github.com/arkenfox/user.js/releases) (copy to your Firefox profile)
* Copy `user-overrides.js` also into your Firefox profile folder
* Change any setting if needed, e.g. not clean history?
* Apply the `user-overrides.js` by running `./updater.sh` or the `.bat` file on Windows in the Firefox profile folder
* Remove unnecessary search engines and apply your own or use DuckDuckGo/Startpage
* Install necessary plugins
* uBlock
* Canvas Blocker
* Skip Redirect
* Import provides settings file for uBlock and Canvas Blocker
* Customize toolbar
* add home button
* remove separator spaces
* Disallow saving logins and use a password manager, e.g. KeePassXC
* Login to Firefox sync
## Custom overrides
Look into `user-overrides.js` which custom overrides are enabled and maybe adapt to your needs. In general
they're applied to ease browsing without sacrificing too much security or are just preferences, e.g. _scroll speed_.
## Recommended extensions
Besides Firefox integrated anti-tracking mechanisms, it's still advised to install additional plugins to further enhance this.
2020-06-07 13:57:58 +00:00
* `uBlock Origin` (import provided `.txt` in the extension):
* blocks ads and unwanted trackers
* removes certain url parameters ()
* `Skip Redirect`: skips not needed redirects of pages
* `CanvasBlocker` (import provided config in the extension): disallows canvas fingerprinting which would be able to identify your unique browser, heavily used in some JavaScript (web) APIs
**More**:
* Use a password manager and don't store or synchronize your passwords within internal browser functionality, e.g. `KeePassXC`
**Hint**: All extensions, especially extensions interferring in redirects and cookies like `Skip Redirect` _might_ lead to malfunctioning of some websites, e.g. websites not redirecting correctly or not being able to store cookies. _It's recommended to disable them per page if you notice something's not working as expected_!
2020-08-26 20:49:18 +00:00
You can **hide extension icons** in the overflow menu if you like. Just right click the icon in the top right in the menu bar and "pin to overflow".
### uBlock settings
2020-11-25 22:13:24 +00:00
* Import the `ublock-config-1.txt` in the "My Filter" menu for proper settings.
* Import `https://raw.githubusercontent.com/gwarser/filter-lists/master/lan-block.txt` in "Filter lists" (Custom)
2022-02-19 09:29:32 +00:00
### Canvas Blocker
Import the provided Canvas settings `json` file.
## Recommended search engines
2020-08-26 20:49:18 +00:00
If not possible in another way, you can add them via [Add custom search engine](https://addons.mozilla.org/en-US/firefox/addon/add-custom-search-engine/). Just follow instructions after installing and opening the extension.
```
2020-08-26 20:49:18 +00:00
https://www.qwant.com/?q=%s&r=DE&sr=de&l=en_gb&h=1&s=0&a=1&b=1&vt=0&hc=0&smartNews=0&smartSocial=0&theme=0&i=1&donation=0&qoz=0&shb=0&shl=0
```
```
2020-08-26 20:49:18 +00:00
https://duckduckgo.com/?q=%s&ks=l&kav=1&kn=1&kp=-2&kak=-1&kax=-1&kaq=-1&kao=-1&kau=-1&kaj=m&kam=google-maps&k1=-1&kae=c
```
Be sure to add shortcuts to be used in your navigation bar, e.g. `@ddg` refers to DuckDuckGo search engine and directly issues searches to DuckDuckGo from the navigation bar.
## Additional hints
Besides securing Firefox, you should consider not using the DNS servers of your Internet provider and instead install system-wide [DNS alternatives](https://www.kuketz-blog.de/empfehlungsecke/#dns) or a [local DNS server](https://wiki.archlinux.org/index.php/Unbound) which directly queries root DNS servers. There's really no downside of this.