| .. | ||
| greasemonkey.zip | ||
| README.md | ||
| ublock-config-1.txt | ||
| user.js | ||
Firefox
Make using the web more safe by disabling commonly used techniques and mechanism without sacrificing usability.
Why Firefox? It provides high configurability, is open source and thus better to be reviewed by external security advisories.
Based on https://www.privacy-handbuch.de/handbuch_21.htm.
Recommended extensions
uBlock Origin (ads)
HTTPZ or HTTPS Everywhere (automatically redirect to the Secure version of a website)
Neat url // removes common parameters from pages (e.g. to identify you with something like ?os=windows&....)
Skip Redirect // skips not needed redirects of pages
CanvasBlocker // for some JavaScript (web) API
Cookie AutoDelete // automatically delete cookies
(an extension for a passwordmanager like KeePassXC if needed)
(Use Invidious instances for a liberated YouTube experience)
(Greasemonkey to get rid of some annoying popups, see below)
All extensions, especially extensions interferring in redirects like Skip Redirect might lead to malfunctioning of some websites. Disable it per page.
You can hide extension icons in the overflow menu if you like. Just right click the icon in the top right in the menu bar and "pin to overflow".
uBlock settings
For the uBlock plugin import the ublock-config-1.txt in the "My Filter" menu for proper settings.
Remove Google and YouTube popups
Recently, Google added popups on YT and search so you need to login. In the Greasemonkey extension, import the greasemonkey.zip in this git repository and they should be gone.
Recommended search engines
If not possible in another way, you can add them via Add custom search engine. Just follow instructions after installing and opening the extension.
https://www.qwant.com/?q=%s&r=DE&sr=de&l=en_gb&h=1&s=0&a=1&b=1&vt=0&hc=0&smartNews=0&smartSocial=0&theme=0&i=1&donation=0&qoz=0&shb=0&shl=0
https://duckduckgo.com/?q=%s&ks=l&kav=1&kn=1&kp=-2&kak=-1&kax=-1&kaq=-1&kao=-1&kau=-1&kaj=m&kam=google-maps&k1=-1&kae=c
Recommended settings
How to do it?
-
Use the provided
user.jsfile and copy it into your Firefox profile folder while application is not running.To find your profile folder, click on the menu top right, on
Help -> Troubleshooting Information. You can directly open your Profile Directory from there or see it, typically it's something like$HOME/.mozilla/firefox/...or in Windows%APPDATA%\Mozilla\Firefox\Profiles\... -
Adjust values by browsing
about:configin the address bar.""means empty, just delete the characters and press ENTER. -
Create your own profile and copy it into the application data folder while application is not running. See https://ffprofile.com.
Some settings might break website behavior although this is not very likely. Be aware of that!
Use an external password manager like KeepassXC, at least AutoFill is advised to be disabled). See https://www.privacy-handbuch.de/handbuch_21j2.htm#08_07_18.
Common User Preferences
Optional, but commonly used to ease browsing. Not security-related.
general.smoothScroll = false
general.smoothScroll.pages = false
mousewheel.min_line_scroll_amount = 40
browser.newtabpage.activity-stream.feeds.topsites = true
Optional and potentially dangerous in terms of website behavior, for GNU/Linux only.
image.mem.max_decoded_image_kb = 512000
media.getusermedia.aec_enabled = false
media.getusermedia.agc_enabled = false
media.getusermedia.noise_enabled = false
Additional hints
Besides securing Firefox, you should consider not using the DNS servers of your Internet provider and instead install system-wide DNS alternatives or a local DNS server which directly queries root DNS servers. There's really no downside of this.