From 58a881832be0151284b5919948ff4cfa8829c55f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20Sch=C3=A4ferdiek?= Date: Sat, 11 Sep 2021 14:31:12 +0200 Subject: [PATCH] Update to Firefox 92, remove some extensions and replace with native capabilities --- firefox/CanvasBlocker-settings.json | 73 ++++++++++++++++++++++++++ firefox/README.md | 11 ++-- firefox/ublock-config-1.txt | 81 +++++++++++++---------------- firefox/user.js | 31 ++++------- 4 files changed, 125 insertions(+), 71 deletions(-) create mode 100755 firefox/CanvasBlocker-settings.json diff --git a/firefox/CanvasBlocker-settings.json b/firefox/CanvasBlocker-settings.json new file mode 100755 index 0000000..a04f3f9 --- /dev/null +++ b/firefox/CanvasBlocker-settings.json @@ -0,0 +1,73 @@ +{ + "logLevel": 1, + "urlSettings": [], + "hiddenSettings": {}, + "expandStatus": { + "protectNavigator": true, + "section_notifications": false + }, + "displayHiddenSettings": false, + "whiteList": "", + "sessionWhiteList": "", + "blackList": "", + "blockMode": "fake", + "protectedCanvasPart": "input", + "minFakeSize": 10, + "maxFakeSize": 0, + "rng": "persistent", + "protectedAPIFeatures": {}, + "useCanvasCache": true, + "ignoreFrequentColors": 3, + "minColors": 3, + "fakeAlphaChannel": false, + "webGLVendor": "", + "webGLRenderer": "", + "webGLUnmaskedVendor": "", + "webGLUnmaskedRenderer": "", + "persistentRndStorage": "", + "persistentIncognitoRndStorage": "", + "storePersistentRnd": false, + "persistentRndClearIntervalValue": 0, + "persistentRndClearIntervalUnit": "days", + "lastPersistentRndClearing": 1609058822726, + "sharePersistentRndBetweenDomains": false, + "askOnlyOnce": "individual", + "askDenyMode": "block", + "showCanvasWhileAsking": true, + "showNotifications": false, + "highlightPageAction": "none", + "highlightBrowserAction": "color", + "displayBadge": false, + "storeNotificationData": false, + "storeImageForInspection": false, + "ignoreList": "", + "ignoredAPIs": {}, + "showCallingFile": false, + "showCompleteCallingStack": false, + "enableStackList": false, + "stackList": "", + "protectAudio": true, + "audioFakeRate": "100", + "audioNoiseLevel": "minimal", + "useAudioCache": true, + "audioUseFixedIndices": true, + "audioFixedIndices": "14", + "historyLengthThreshold": 2, + "protectWindow": false, + "allowWindowNameInFrames": false, + "protectDOMRect": true, + "domRectIntegerFactor": 4, + "protectTextMetrics": true, + "blockDataURLs": true, + "protectNavigator": false, + "navigatorDetails": {}, + "protectScreen": true, + "screenSize": "", + "fakeMinimalScreenSize": true, + "displayAdvancedSettings": false, + "displayDescriptions": true, + "theme": "auto", + "dontShowOptionsOnUpdate": false, + "isStillDefault": false, + "storageVersion": 1 +} \ No newline at end of file diff --git a/firefox/README.md b/firefox/README.md index d87af61..71bf4fe 100755 --- a/firefox/README.md +++ b/firefox/README.md @@ -10,18 +10,17 @@ Based on [https://www.privacy-handbuch.de/handbuch_21.htm](https://www.privacy-h Besides Firefox integrated anti-tracking mechanisms, it's still advised to install additional plugins to further enhance this. -* `Https Everywhere`: redirects to SSL version of a website automatically if it's available, [currently preferred over Firefox's built-in mode because of feature richness](https://www.eff.org/https-everywhere/faq#https-only-mode) -* `uBlock Origin`: blocks ads and unwanted trackers -* `ClearURLs` or `Neat url`: removes common parameters from pages (e.g. to identify you with something like `?os=windows&browser=chrome&version=86`) +* `uBlock Origin` (import provided `.txt` in the extension): + * blocks ads and unwanted trackers + * removes certain url parameters () * `Skip Redirect`: skips not needed redirects of pages -* `CanvasBlocker`: disallows canvas fingerprinting which would be able to identify your unique browser, heavily used in some JavaScript (web) APIs -* (optional and might lead to disfunction): `Cookie AutoDelete`: automatically deletes cookies during a session +* `CanvasBlocker` (import provided config in the extension): disallows canvas fingerprinting which would be able to identify your unique browser, heavily used in some JavaScript (web) APIs **More**: * Use a password manager and don't store or synchronize your passwords within internal browser functionality, e.g. `KeePassXC` * Use `Invidious` instances for a liberated YouTube experience (a proxy to YouTube) -**Hint**: All extensions, especially extensions interferring in redirects and cookies like `Skip Redirect` or `Cookie Autodelete` _might_ lead to malfunctioning of some websites, e.g. websites not redirecting correctly or not being able to store cookies. _It's recommended to disable them per page if you notice something's not working as expected_! +**Hint**: All extensions, especially extensions interferring in redirects and cookies like `Skip Redirect` _might_ lead to malfunctioning of some websites, e.g. websites not redirecting correctly or not being able to store cookies. _It's recommended to disable them per page if you notice something's not working as expected_! You can **hide extension icons** in the overflow menu if you like. Just right click the icon in the top right in the menu bar and "pin to overflow". diff --git a/firefox/ublock-config-1.txt b/firefox/ublock-config-1.txt index f7978ea..449b520 100755 --- a/firefox/ublock-config-1.txt +++ b/firefox/ublock-config-1.txt @@ -1,63 +1,54 @@ { - "timeStamp": 1523827842850, - "version": "1.15.24", + "timeStamp": 1631363114897, + "version": "1.37.2", "userSettings": { "advancedUserEnabled": true, "alwaysDetachLogger": false, - "autoUpdate": true, - "cloudStorageEnabled": false, - "collapseBlocked": true, - "colorBlindFriendly": false, - "contextMenuEnabled": true, "dynamicFilteringEnabled": true, - "externalLists": "", - "firewallPaneMinimized": true, - "hyperlinkAuditingDisabled": true, - "ignoreGenericCosmeticFilters": false, - "largeMediaSize": 50, - "parseAllABPHideFilters": true, - "prefetchingDisabled": true, - "requestLogMaxEntries": 1000, + "importedLists": [], "showIconBadge": false, "tooltipsDisabled": true, "webrtcIPAddressHidden": true }, "selectedFilterLists": [ - "DEU-0", - "fanboy-social", - "fanboy-thirdparty_social", - "malware-1", - "disconnect-malvertising", - "fanboy-enhanced", - "easyprivacy", - "adguard-spyware", - "easylist", - "adguard-mobile", - "adguard-generic", - "awrl-0", - "ublock-unbreak", - "ublock-abuse", - "ublock-privacy", - "ublock-badware", - "ublock-annoyances", + "user-filters", "ublock-filters", - "user-filters" + "ublock-badware", + "ublock-privacy", + "ublock-abuse", + "ublock-unbreak", + "adguard-generic", + "adguard-mobile", + "easylist", + "adguard-spyware", + "adguard-spyware-url", + "block-lan", + "easyprivacy", + "urlhaus-1", + "fanboy-thirdparty_social", + "fanboy-social", + "ublock-annoyances", + "DEU-0" ], "hiddenSettings": { - "assetFetchTimeout": 30, - "autoUpdateAssetFetchPeriod": 120, "autoUpdatePeriod": 7, - "ignoreRedirectFilters": false, - "ignoreScriptInjectFilters": false, - "streamScriptInjectFilters": false, - "manualUpdateAssetFetchPeriod": 2000, - "popupFontSize": "unset", - "suspendTabsUntilReady": false, - "userResourcesLocation": "unset" + "manualUpdateAssetFetchPeriod": 2000 }, - "netWhitelist": "about-scheme\nchrome-extension-scheme\nchrome-scheme\nfritz.box\nmail.protonmail.com\nmoz-extension-scheme\noffice.mailbox.org\nopera-scheme\nposteo.de\nspeedport.ip\nvivaldi-scheme", + "whitelist": [ + "about-scheme", + "chrome-extension-scheme", + "chrome-scheme", + "fritz.box", + "mail.protonmail.com", + "moz-extension-scheme", + "office.mailbox.org", + "opera-scheme", + "posteo.de", + "speedport.ip", + "vivaldi-scheme" + ], "dynamicFilteringString": "behind-the-scene * * noop\nbehind-the-scene * inline-script noop\nbehind-the-scene * 1p-script noop\nbehind-the-scene * 3p-script noop\nbehind-the-scene * 3p-frame noop\nbehind-the-scene * image noop\nbehind-the-scene * 3p noop", "urlFilteringString": "", - "hostnameSwitchesString": "no-csp-reports: * true\nno-large-media: behind-the-scene false\nno-csp-reports: noscript-csp.invalid false\n* * 3p-frame block", + "hostnameSwitchesString": "no-csp-reports: * true\nno-large-media: behind-the-scene false\nno-csp-reports: noscript-csp.invalid false", "userFilters": "||127.*^$important,third-party\n||10.*^$important,third-party\n||192.168.*^$important,third-party\n||172.16.*^$important,third-party\n||172.17.*^$important,third-party\n||172.18.*^$important,third-party\n||172.19.*^$important,third-party\n||172.20.*^$important,third-party\n||172.21.*^$important,third-party\n||172.22.*^$important,third-party\n||172.23.*^$important,third-party\n||172.24.*^$important,third-party\n||172.25.*^$important,third-party\n||172.26.*^$important,third-party\n||172.27.*^$important,third-party\n||172.28.*^$important,third-party\n||172.29.*^$important,third-party\n||172.30.*^$important,third-party\n||172.31.*^$important,third-party\n||localhost^$important,third-party\n||speedport.ip^$important,third-party\n||fritz.box^$important,third-party\n||fritz.nas^$important,third-party\n||*.fritz.box^$important,third-party\n||giga.cube^$important,third-party\n||easy.box^$important,third-party\n||connect.box^$important,third-party\n||*.local/^$important,third-party\n||fonts.googleapis.com$important,third-party\n" -} +} \ No newline at end of file diff --git a/firefox/user.js b/firefox/user.js index d8d9f16..c646456 100755 --- a/firefox/user.js +++ b/firefox/user.js @@ -1,6 +1,6 @@ // Mozilla User Preferences // -// 2021/02/22 +// 2021/09/11 // // Based on Privacy-Handbuch, merged/adjusted strong user.js // Download: https://www.privacy-handbuch.de/handbuch_21u.htm @@ -15,13 +15,13 @@ user_pref("browser.cache.disk.enable", false); user_pref("browser.cache.disk_cache_ssl", false); user_pref("browser.cache.offline.enable", false); user_pref("browser.chrome.site_icons", false); +// ignore any website fonts //user_pref("browser.display.use_document_fonts", 0); -// Disable to disallow playback of DRM content +// true to disallow playback of DRM content user_pref("browser.eme.ui.enabled", false); user_pref("browser.fixup.alternate.enabled", false); user_pref("browser.formfill.enable", false); user_pref("browser.link.open_newwindow.restriction", 0); -user_pref("browser.library.activity-stream.enabled", false); user_pref("browser.messaging-system.whatsNewPanel.enabled", false); user_pref("browser.newtabpage.enabled", false); user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); @@ -55,7 +55,6 @@ user_pref("browser.safebrowsing.provider.google4.updateURL", ""); user_pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); user_pref("browser.safebrowsing.provider.mozilla.updateURL", ""); user_pref("browser.search.update", false); -user_pref("browser.search.geoSpecificDefaults", false); user_pref("browser.search.suggest.enabled", false); // set to -1 for unlimited ctrl+shift+t user_pref("browser.sessionstore.max_tabs_undo", 5); @@ -74,18 +73,18 @@ user_pref("browser.urlbar.suggest.searches", false); user_pref("browser.urlbar.suggest.topsites", false); user_pref("datareporting.healthreport.uploadEnabled", false); user_pref("datareporting.policy.dataSubmissionEnabled", false); -//user_pref("dom.block_download_insecure", true); -//user_pref("dom.enable_performance", false); -//user_pref("dom.enable_performance_navigation_timing", false); -//user_pref("dom.enable_resource_timing", false); -//user_pref("dom.event.clipboardevents.enabled", false); +user_pref("dom.block_download_insecure", true); +user_pref("dom.enable_performance", false); +user_pref("dom.enable_performance_navigation_timing", false); +user_pref("dom.enable_resource_timing", false); +user_pref("dom.event.clipboardevents.enabled", false); user_pref("dom.push.connection.enabled", false); user_pref("dom.push.enabled", false); user_pref("dom.push.serverURL", ""); -// use HTTPs Everywhere and disable built-in -user_pref("dom.security.https_only_mode", false); +user_pref("dom.security.https_only_mode", true); user_pref("dom.security.https_only_mode_send_http_background_request", false); user_pref("dom.vibrator.max_vibrate_ms", 0); +user_pref("dom.security.https_first", true); user_pref("extensions.blocklist.enabled", false); user_pref("extensions.formautofill.addresses.enabled", false); user_pref("extensions.formautofill.creditCards.enabled", false); @@ -95,7 +94,6 @@ user_pref("extensions.htmlaboutaddons.recommendations.enabled", false); user_pref("extensions.ui.lastCategory", "addons://list/extension"); user_pref("extensions.pocket.enabled", false); user_pref("extensions.screenshots.disabled", true); -user_pref("extensions.screenshots.upload-disabled", true); user_pref("extensions.systemAddon.update.enabled", false); user_pref("extensions.webextensions.restrictedDomains", ""); //user_pref("font.blacklist.underline_offset", ""); @@ -109,7 +107,6 @@ user_pref("extensions.webextensions.restrictedDomains", ""); //user_pref("layout.css.font-loading-api.enabled", false); user_pref("media.autoplay.default", 5); user_pref("media.autoplay.blocking_policy", 2); -user_pref("media.cache_size", 0); user_pref("media.eme.enabled", false); //user_pref("media.gmp-gmpopenh264.enabled", false); //user_pref("media.gmp-gmpopenh264.autoupdate", false); @@ -135,9 +132,6 @@ user_pref("network.http.referer.XOriginPolicy", 2); user_pref("network.http.speculative-parallel-limit", 0); user_pref("network.IDN_show_punycode", true); user_pref("network.manage-offline-status", false); -user_pref("network.security.esni.enabled", true); -user_pref("privacy.purge_trackers.enabled", true); -user_pref("privacy.partition.network_state", true); // allow local storage, so websites won't break user_pref("offline-apps.allow_by_default", true); //user_pref("offline-apps.quota.warn", 0); @@ -145,7 +139,6 @@ user_pref("pdfjs.disabled", true); user_pref("pdfjs.enableScripting", false); user_pref("permissions.default.desktop-notification", 2); user_pref("permissions.isolateBy.userContext", true); -// keep history user_pref("places.history.enabled", true); user_pref("plugin.default.state", 0); user_pref("plugins.update.url", ""); @@ -156,8 +149,6 @@ user_pref("privacy.clearOnShutdown.downloads", true); // keep history user_pref("privacy.clearOnShutdown.history", false); user_pref("privacy.clearOnShutdown.offlineApps", true); -user_pref("privacy.clearOnShutdown.sessions", true); -user_pref("privacy.clearOnShutdown.formdata", true); // allow to set exceptions user_pref("privacy.clearOnShutdown.siteSettings", false); user_pref("privacy.cpd.offlineApps", true); @@ -200,7 +191,7 @@ user_pref("toolkit.telemetry.updatePing.enabled", false); user_pref("toolkit.telemetry.unified", false); user_pref("ui.use_standins_for_native_colors", true); user_pref("ui.systemUsesDarkTheme", 0); -user_pref("webgl.disabled", false); +user_pref("webgl.disabled", true); user_pref("webgl.disable-fail-if-major-performance-caveat", true); user_pref("webgl.enable-webgl2", false); user_pref("webgl.min_capability_mode", true);