This guide contains updated recommendations and privacy tweaks for Firefox, revised to reflect the latest version and new features for 2022.
Mozilla Firefox is one of the best browsers available that combines strong privacy protection features, good security, active development, and regular updates. The newest version of Firefox is fast, light-weight, and packed full of privacy and security features.
It is for this reason that I consider Firefox to be the best all-around browser for privacy and security. It remains a solid alternative to some of the other options, such as Google Chrome, Microsoft Edge, and Safari.
Another great aspect of Firefox is that it is highly customizable, which is the point of this guide. Below we will go over how you can customize Firefox to give you the security and privacy you desire, while still working well for day-to-day browsing.
But before we jump in, let’s cover some important details.
Important considerations before starting
There are many factors to consider when configuring Firefox to meet your needs, including your threat model and browsing preferences. In other words, there is no “one-size-fits-all” configuration that will work for everyone. This guide is a basic overview covering some of the different configurations options.
Before you start modifying Firefox and installing a bunch of add-ons, it’s important to consider browser fingerprinting.
Browser fingerprinting
The issue of browser fingerprinting (or device fingerprinting) is a big topic that covers all the different ways you can be tracked and identified by your system and various settings. All of the different add-ons you install and preference modifications you make to Firefox are inputs that can potentially be used to identify and track you.
Herein lies the catch-22: the more browser add-ons you install and settings you modify, the more likely you will stand out from the crowd and be easier to track. There are solutions for this and the latest version of Firefox does offer some fingerprinting protection. I discuss this problem and also provide solutions in the browser fingerprinting guide.
And that leads us to the next point that…
More is not always better
When it comes to browser add-ons and modifications, you don’t want to be like that kid who puts every topping imaginable on his ice cream. Similarly, more is not always better with Firefox browser add-ons.
Aside from the issue of browser fingerprinting, having too many add-ons may slow down performance and break things. Many of the popular Firefox add-ons also fulfill the same functions and are redundant when used together.
Therefore it is best to strike a balanced approach. Install and modify only what you think will be useful and necessary for your specific situation.
Proceed with caution
Modifying some of these settings may interfere with your browsing experience and break some websites (they won’t load properly). Therefore taking an incremental approach may be the best way to proceed. You can continue to install add-ons and adjust your settings as you see what works best for your needs.
This allows you to modify the settings, create exceptions, or add sites to a whitelist.
Firefox privacy tweaks
Before you get going with Firefox you may want to adjust the following settings for better privacy.
Note: if you are a Mac OS user, you will see the word “Preferences” in your menu rather than “Options” as it is listed below.
Disable Firefox telemetry
With the latest version of Firefox, it is configured to share “technical and interaction data” with Mozilla. This includes the ability to “install and run studies” on your computer. You can learn more about these studies and data collection practices, but I’d recommend disabling these settings.
To disable go to Open Menu (three bars at the top right corner of the browser) > Options > Privacy & Security > Firefox Data Collection and Use and then uncheck the boxes as you see below:
You can also disable data sharing with Firefox for Android by going to Menu > Options > Privacy > Data Choices and then uncheck all three categories for Telemetry, Crash Reporter, and Mozilla Location Service.
Note: You can also disable this in the About:Config settings with toolkit.telemetry.enabled set to false.
Change the default search engine in Firefox
Firefox now uses Google as the default search engine, but there are other private search engines you can use instead.
To do this, go to Menu > Options > Search > Default Search Engine. Firefox does not provide you with very many alternatives directly in the settings area. However, you can view more options by going down to One-Click Search Engines and then click Find more search engines to see the other alternatives.
See our guide on private search engines to dive into this topic more.
Firefox also has a guide on modifying your search engine preferences.
Firefox Content Blocking
Another great new feature with Firefox is Content Blocking. This customizable feature will automatically block “content that tracks the sites you visit and profiles you.” You can choose between Standard, Strict, and Custom modes, which allow you to block:
- Cookies
- Tracking content
- Cyrptominers
- Fingerprinters
To adjust the Firefox Content Blocking settings, go to Menu > Options > Privacy and Security > Content Blocking and then select which mode you want to use.
The Standard setting may be the best balance for regular users. Firefox warns that Strict mode may “cause some websites to break.” However, you can still…
Disable content blocking for specific sites
It’s easy to disable content blocking for certain trusted sites. Simply enter the website URL, then click the “i” icon to the left of the address bar, then click the grey button to “Turn off Blocking for This Site.”
Another benefit of Firefox’s Content Blocking feature is that it can save your data and improve page load speeds.
The “Do Not Track” request
Firefox also has an option to request that websites “do not track” you online. This is simply an HTTP header field that you can easily enable. However, the key word here is request, because this is not actually blocking anything. We have also learned that many websites simply ignore these requests.
In addition to being ignored by most sites, this is also a value that can be used for browser fingerprinting purposes, as explained here. Therefore I no longer recommend enabling or modifying the Do Not Track settings, which you’ll find in the Content Blocking settings area.
You can learn more about the Do Not Track feature here.
Firefox About:Config settings
Aside from the general Menu settings we used above, you can also make a number of different modifications using about:config.
Note: If you made all of the changes above, you may notice that some of these settings are already updated in about:config. We will still cover the different about:config since some people prefer to modify settings in this area, rather than through the general Menu.
To access these configuration settings, simply enter about:config into the URL bar and hit enter. You will then be prompted with a warning screen stating “This might void your warranty.” Just click “I accept the risk” to continue.
After proceeding, you will see a large list of preferences, which each include a status, type, and value.
These preferences will be listed in alphabetical order and are easily searchable from the search bar near the top.
Modifying preferences – You can modify any of these Firefox preferences by simply double clicking the preference name. If the preference is a “boolean” type, then double clicking will change the value to true or false. If the preference is an “integer” or “string” type, double clicking will open a box to change the value.
Here are my recommended changes:
Disable WebRTC:
media.peerconnection.enabled (WebRTC) = false
WebRTC stands for “Web Real-Time Communication” and it allows for voice, video chat, and P2P sharing through your browser. Unfortunately, this capability can also expose your real IP address through browser STUN requests, even if you are using a good VPN service. (This is called a WebRTC leak.)
To disable WebRTC in Firefox simply enter media.peerconnection.enabled into the search bar and then double click the value to change it to false.
Aside from Firefox, the WebRTC vulnerability also affects Chrome, Opera, Brave, and other Chromium-based browsers. Safari is also in the process of implementing WebRTC.
Note: If you disable WebRTC, services like Google Meet and Whereby may not work.
Resist Fingerprinting:
privacy.resistFingerprinting = true
Changing this preference to true will help to make Firefox more resistant to browser fingerprinting.
Note: There are many factors that go into browser fingerprinting and the ability of an adversary to identify you. See the browser fingerprinting guide for additional details.
privacy.trackingprotection.fingerprinting.enabled = true
This is a new preference with Firefox 67+ to block fingerprinting.
privacy.trackingprotection.cryptomining.enabled = true
Another new preference with Firefox 67+, this will block cryptominers.
First party isolate
privacy.firstparty.isolate = true
Changing this to true will isolate cookies to the first party domain, which prevents tracking across multiple domains. First party isolation also does much more than isolating cookies, it affects: cookies, cache, HTTP Authentication, DOM Storage, Flash cookies, SSL and TLS session resumption, Shared Workers, blob URIs, SPDY and HTTP/2, automated cross-origin redirects, window.name, auto-form fill, HSTS and HPKP supercookies, broadcast channels, OCSP, favicons, mediasource URIs and Mediastream, speculative and prefetched connections.
This preference was added in late 2017 as part of the Tor Uplift Project.
Tracking protection
privacy.trackingprotection.enabled = true
Another new update, this is Mozilla’s built-in tracking protection feature. This will use a Disconnect.me filter list, but may be redundant if you are using uBlock Origin 3rd party filters.
Disable geolocation tracking
geo.enabled = false
Setting this to false will disable geolocation tracking, which may be requested by a site you are visiting. As explained by Mozilla, this preference is enabled by default and utilizes Google Location Services to pinpoint your location. In order to do that, Firefox sends Google:
- your computer’s IP address
- information about nearby wireless access points
- a random client identifier, which is assigned by Google (expires every two weeks)
Before this data is sent to Google, you would first get a request by the site you are visiting. Therefore you do have control over this, even if geo remains enabled.
media.navigator.enabled = false
Setting this preference to false will block websites from being able to track the microphone and camera status of your device.
network.cookie.cookieBehavior
This is an integer type preference with different values. Here are the cookie preference options:
- 0 = Accept all cookies by default
- 1 = Only accept from the originating site (block third-party cookies)
- 2 = Block all cookies by default
- 3 = Block cookies from unvisited sites
- 4 = New Cookie Jar policy (prevent storage access to trackers)
Any selection between 1 and 4 would improve privacy. The New Cookie Jar policy (value 4) offers more protection, but it may also break the functionality of some websites. Ghacks has a discussion of the New Cookie Jar policy here.
network.cookie.lifetimePolicy = 2
This is another integer type preference that you should set to a value of 2. This preference determines when cookies are deleted. Here are the different options:
- 0 = Accept cookies normally
- 1 = Prompt for each cookie
- 2 = Accept for current session only
- 3 = Accept for N days
With a value of 2, websites you visit should work without any problems, and all cookies will be automatically deleted at the end of the session.
network.dns.disablePrefetch = true
Setting this preference to true will disable Firefox from “prefetching” DNS requests. While advanced domain name resolution may slightly improve page load speeds, this also comes with some risks, as described in this paper.
network.prefetch-next = false
Similar to prefetching DNS requests above, setting this preference to false will prevent pages from being prefetched by Firefox. Mozilla has deployed this feature to speed up web pages that you might visit. However, it will use up resources and poses a risk to privacy. This is another example of performance at the price of privacy.
Disable WebGL:
webgl.disabled = true
WebGL is a potential security risk, which is why it is best disabled by setting webgl.disabled to true. Another issue with WebGL is that it can be used to fingerprint your device.
You can get more information on the WebGL issue here and here.
dom.event.clipboardevents.enabled = false
This prevents websites from getting notifications if you copy, paste, or cut something from the page.
media.eme.enabled = false
This disables the playback of DRM-controlled HTML5 content. See details here.
Firefox “safe browsing” preferences
There are many recommendations to disable the Safe Browsing feature in Firefox due to privacy concerns and potential Google tracking. However, these concerns are based on an older version of the Safe Browsing feature, which would utilize “real-time lookup” of website URLs. This method has not been in use since 2011 – explained further here.
If a URL is needed, Firefox takes the following precautions to protect user privacy, as explained by François Marier, a security engineer for Mozilla:
- Query string parameters are stripped from URLs we check as part of the download protection feature.
- Cookies set by the Safe Browsing servers to protect the service from abuse are stored in a separate cookie jar so that they are not mixed with regular browsing/session cookies.
- When requesting complete hashes for a 32-bit prefix, Firefox throws in a number of extra “noise” entries to obfuscate the original URL further.
Therefore I would conclude that disabling Safe Browsing would give you no tangible privacy benefits, while also being a security risk. That being said, if you still want to disable this feature, here’s how in the about:config area:
- browser.safebrowsing.phishing.enabled = false
- browser.safebrowsing.malware.enabled = false
Firefox privacy and security add-ons
There are some great Firefox browser add-ons that will give you more privacy and security. With that being said, many of the add-ons we previously recommended are no longer necessary thanks to Firefox’s upgraded privacy and security settings.
Note: When looking for Firefox add-ons, be sure to consider what you need in relation to the preferences you modified above. Some add-ons will be redundant and not necessary depending on your Firefox preferences and the other add-ons you are using.
uBlock Origin
uBlock Origin is an efficient, light-weight blocker that filters both ads and tracking. It has risen to popularity as a powerful alternative to Adblock Plus, which allows “acceptable ads” that many users disdain. One added benefit of uBlock Origin is that it can significantly improve performance and page load speed.
Another great feature with uBlock Origin is the ability to whitelist certain websites. Given that many sites will block access if they detect an ad-blocker, the ability to whitelist will come in handy. uBlock Origin is free and entirely open source.
NoScript
NoScript is a script-blocker that allows you to identify/block scripts running on websites. While it does give you control, NoScript can be a pain to get configured properly. It breaks many websites, which requires you to tweak and configure the options. If you are already using uBlock Origin, then you probably don’t need to be using NoScript.
This is definitely not an add-on for the casual user or those who don’t have the patience to devote some time into configuration.
Using a VPN with Firefox
Firefox currently offers a VPN (virtual private network) called Mozilla VPN. However, this is just a rebranded version of Mullvad and I have seen many users complaining on various forums about the lack of support when things go wrong.
Note that while some VPNs offer browser extensions for Firefox, these are fundamentally different from a full VPN. A VPN will run on your operating system (not just your browser) and encrypt all internet traffic on your operating system. This is different from a browser extension that only wraps your browsing traffic inside an additional layer of encryption.
Additionally, some Firefox VPN extensions are actually just an extension of the desktop VPN application. These “extensions” literally just extend control of the VPN to a convenient browser interface. We discuss this and more in our guide on the best VPNs for Firefox.
Firefox DNS over HTTPS (DoH) is not a great idea
Just like with Firefox Private Network, the implementation of DNS over HTTPS also relies on Cloudflare infrastructure. In fact, it makes Cloudflare the central processing point for all DNS requests in the Firefox browser by default.
While DNS over HTTPS may sound advantageous in some respects, there are also potential concerns. Rather than going over why, you can read the article, Centralised DoH is bad for privacy, in 2019 and beyond, which concludes:
Centralised DoH is currently a privacy net negative since anyone that could see your metadata can still see your metadata when DNS is moved to a third party. Additionally, that third party then gets a complete log per device of all DNS queries, in a way that can even be tracked across IP addresses.
Even if further privacy leaks are plugged, DoH to a third party remains at best a partial solution, one that should not be relied upon as a serious security layer, since it will be hard to plug everything, especially if non-CDN content providers survive.
Encrypting DNS is good, but if this could be done without involving additional parties, that would be better.
And for actual privacy on untrusted networks, nothing beats a VPN, except possibly not using hostile networks.
Many people also assume that encrypted third-party DNS will somehow offer privacy and anonymity. This is a false assumption. Your IP address and location remains exposed with everything you do online, while your ISP will still be able to see the websites you visit (IP addresses) even if it’s no longer handling DNS requests. In conclusion, a good VPN will offer much more protection than DoH through Cloudflare.
To disable DNS over HTTPS (DoH) in Firefox go to Menu > Options > General and then scroll down to Network Settings and click the Settings button. In the box that opens, scroll down to Enable DNS over HTTPS, where it can be enabled or disabled.
user.js Firefox hardening
For more information and resources on Firefox hardening, see here: user.js Firefox hardening.
As explained on their GitHub page, this is a “configuration file that can control hundreds of Firefox settings. For a more technical breakdown and explanation, you can read more on the overview wiki page.”
Their Wiki page is also full of great information.
Firefox privacy conclusion
In my opinion, Firefox remains the best all-around, mainstream browser on the market for privacy when it is modified as recommended above.
While many of the configurations and add-ons discussed in this guide will go a long way to giving you more privacy, there is one issue that remains: concealing your IP address and location. To do this, a good VPN service is necessary. The Tor network also achieves this end, but it comes with the drawbacks of slow speeds, risks, and limitations (only works in a browser).
For more options in addition to Firefox, see the secure browser guide.
Hi Sven,
I noticed that this guide is dated October 2019. Is it still valid, and are there any changes I should make to my Firefox configuration?
I have been using this guide since mid-2019 and I am always wary of policy and configuration changes that companies come out with, and Mozilla do not have the best track record.
Regards,
Chris
Hi Chris, I’ll be updating it soon, but there still probably won’t be many changes as this all still applies to the latest version of Firefox.
Instead of doing all of these things, it’s better to just use Pale Moon. I see a lot of misinformation from Firefox and Chrome fanboys being said about it.
Hello Sven!
I wanted to ask whether I can trust uBlock Orgin while logging into sites….
Like can it see my passwords or any sensitive info??
Also, Brave has an ad-blocker built into it…
So, which one is better and superior in terms of privacy, features and functionality??(Brave’s built-in ad blocker or uBlock Origin?)
Thanks For Answering in advance!
Also, Thanks for providing us with such a great article!!
Hi Mikey, it really depends because you get more customization and filter lists options with uBlock if you want to configure things exactly as you want it. Brave is more of an out-of-the-box solution, but there are a few different things you can tweak under Brave Shields with the ad blocker, choosing between Aggressive and Standard for “Trackers & ad blocking”.
hey Sven Taylor
this has been very helpful and very clear.
and i am just here to express my gratitude.
thank you so much for taking the time and compile such an elaborate article.
privacy.resistFingerprinting make my firefox open in an small window.
Is there any solution for that?
That is done to hide your screen resolution. The solution is very easy: just click on the + in the top right corner of the browser to go full screen (if you don’t mind revealing your screen resolution).
I’ve done all this and now when I watch videos on firefox, the mac goes to sleep when not used… I obviously want it to be open during videos and I won’t be using the computer whilst watching videos. What’s going on here?
Which of these changes affects the way firefox communicates with the computer to let it know that it’s still awake/active?
Hi Sven, sorry for asking again but I am really curious to learn your opninion on it: Does it make sense to install Decentraleyes when I am already using NordVPN CyberSec and set everything in about:config as described above?
No, Decentraleyes is not necessary. If you are using a VPN, then the CDNs are not seeing your source IP address anyway. So you are good to go with NordVPN and CyberSec.
Nice post! However, anyone should beware of some config value. changing privacy.firstparty.isolate broke some of my addons (like pushbullet and Save to Koofr).
Hello,
Do you recommend privacy focused browsers for iPhone? I read your article on making changes in Firefox on desktop to enable more privacy, but doesn’t seem to apply to iPhone. Thank you.
I don’t spend much time on mobile devices, but you could check out Firefox on iPhone, it works fine.
Does it make sense to install Decentraleyes when I am already using NordVPN CyberSec and set everything in about:config as described above?
Hello Sven and Everyone…
Just had a quick question…
Does enabling Search suggestions in Firefox compromise my privacy or security in any way??
Thanks In Advance for Answering!!
Search suggestions are not good for privacy because everything you type in the address bar will be sent to the search engine you have selected within Firefox. I’d recommend disabling this.
Thanks For The Value-able information and quick response Sven!!!
Had another question….
Should I let Firefox remember my browsing, downloading, search and form history??
Will that compromise my privacy in any way?
Thanks Again For Answering!!
Just for info, MetaGer Maps needs webGL to work, so I had to set “webgl.disabled” to FALSE again.
But it’s worth turning this feature on instead of relying on Google 😉
Does creating an anonymous account and syncing between devices compromise security?
Hi John, I had the same problem. See the description of the dom.event.clipboardevents.enabled setting above. Disabling it will solve the problem, but then avoid copy pasting passwords or other sensitive information during your browser sessions.
Hi Sven, would the extension recommendations in this article also apply to chromium based browsers like Iridium or Brave? Thanks
Yes
Mozzila have clearly stated they are against freedom of speech.
Their subreddit love to censor user opinions, and they delete every “tracking exception” and “whitelist exposition” from their recent post. They are nothing but Google puppets.
Thanks for sharing this.
I had heard these things but knew it was only a matter of time.
Being funded by Google and then by Soros ran enterprises, I am amazed they are as highly viewed as they are.
Maybe one day they tighten up their ship, shrink their business to more moderate size, and get back to their founding.
Thanks for the heads up.
In a pig’s eye, unfortunately. And that founding was already tied to questionable hidden funding if you know how to look deeply enough.
For gits and shiggles, take a look in about:config, search bar type: url
That is, of course, after you’ve searched: telemetry, interval, push, ping [and whatever else you can think of, respectively].
Nothing conclusive, except when you consider the mission statements that are everywhere in their periphery.
And, for me, I don’t even care about the bigger picture. Too much water under all bridges. I’d just like to spend some time being able to do something without every key stroke being logged and every day being urged to update to something that is finding ways to log ever more keys.
Throw in the add-ons and you’ve got some dipstick somewhere getting you to agree that it’s cool if they access all of your movements as well…further, they’d like you to donate to their efforts. Go ahead, read their policies, too.
I made the switch to Firefox from Chrome over a year ago, as I’m trying to make better-informed decisions about what services I use. Can any of you link to these censorship actions or statements that Mozilla has made? I’m genuinely curious, but at this point, it sounds like hear-say.
Their official blog post here:
https://blog.mozilla.org/blog/2021/01/08/we-need-more-than-deplatforming/
Thanks. So, does the logic that Mozilla is pro-censorship stem from their not explicitly demanding social media platforms to be more transparent about their content removal/censorship policies?
The main message I’m picking up is that Mozilla doesn’t see “deplatforming” by social media services as the ultimate solution to dealing with bad actors. Granted, compared to the statement made by EFF on the same topic, Mozilla’s statement does falls short in not calling on such platforms to be consistent in their censorship practices (EFF post: https://www.eff.org/deeplinks/2021/01/eff-response-social-media-companies-decision-block-president-trumps-accounts). But I’m hesitant to draw the conclusion that Mozilla flat-out condones censorship because of this.
@ei,
Mozilla flat out condones whatever they’re told to condone. You don’t actually think that a privacy policy is binding on the author of the privacy policy, do you? Have your attorney take a look at all of the big words and get back to me when he/she/they has/have resolved all of the conflicting statements.
I only say that because they really don’t have any obligation to you. They are more focused on YOUR obligation to them. A hint: ALWAYS understand that “we may” means “we will”, and you’ll be miles ahead on the road to informed consent in terms of what they prod you with online.
So, it’s not all about content and removal policies, which are as circumventable as an election law, it’s about what their overall inherited agenda is. Inherited from their funders, that is.
Here is another article and example.
[https://www.breitbart.com/tech/2019/04/11/google-mozilla-blacklist-gabs-dissenter-browser-extension/]
Notice All the companies listed.
I respect the work that @Sven does on here and I have learned a lot and have referred people to articles on here to show what I am saying.
But in my opinion, Brave is a superior browser. I am waiting to hear more about Dissenter.
Brave was one Of the very few that would not silence free speech:
[https://unhashed.com/cryptocurrency-news/brendan-eich-says-brave-wont-ban-gabs-browser-extension/]
I do not say this as an attack on @Sven. WE just have a differing opinion. I know Sven does give good marks to Brave, so I am not discounting that at all. But I am wondering why FF does get so much high marks when they are very tarnished at best and deceitful about their beliefs and financing at worse.
Can they really be trusted with privacy if they take their cues from Google in regards to free speech when majority of these companies on this site do a better job of championing the right of all to have freedom off speech and privacy?
I should also add that FF gets a lot of money from Google and George Soros:
[https://www.opensocietyfoundations.org/grants/past?filter_keyword=Mozilla&grant_id=OR2016-30709]
[https://www.ghacks.net/2020/12/10/mozillas-revenue-jumped-to-828-million-u-s-dollar-in-2019/]
I do hope this is understood that this is not an attack at all. Just an honest question that, while I may not agree with the answer, I am willing to hear what or why FF is still highly recommended. Maybe I am missing something? @Sven.
“why FF is still highly recommended.”
Easy answer. Firefox is an alternative to Google’s Chrome and Chromium based browsers, which are dominating the market.
@ Sven,
I do understand the idea of the Monopoly with Chrome and Chromium seems to have.
However, are they really different if Google is truly giving them this much support? And if they are able to be manipulated by the big tech, are they truly different, even though they are different in their programming?
I am not arguing, just asking, what I think, are really probing questions. No doubt, the Geiko (sp?) program is different than the Chromium, but what good is an alternative when the alternative is in fact a subsidiary of that which is trying to be avoided?
I do know that Firefox can be really customized and am very aware of those customization for I did it on my computers and on my phone. But the more I dig into this, it really makes me wonder what is going on under the “hood” as it were.
When they fire a couple hundred programmers, but then show a several million dollar increase on income, it raises, especially to me, to be a red flag. I believe in a few other places you have also said there were some red flags with Firefox.
Again, please know I am not trying to argue against you but trying to help not only those who come here often, but those who are just starting out to see the full ramifications one way vs. another. These are questions that linger in my mind and I am not seeing a positive light toward them. Maybe I am wrong but in that I am willing to learn.
Sven, thank you for your discussion with me on this and again, I appreciate what you put on this site and it has helped me a lot. So please don’t take this as me being argumentative but just seeking and trying to lift the hood and look at the engine and hoping we can both learn from this discourse.
All good J.M. Yes I agree those are good questions to be asking. And I’m not sure how this will all play out, but we’ll keep an eye on how things develop and update recommendations accordingly.
@Sven,
I know you will and that is why I direct people here and recommend your site. I enjoy the reading and it really helps.
Thank you for the work you are doing.
And thank you for the feedback and tips.
No, they cannot be trusted. Nor can ungoolged chrome. All you have to do is fire up one of your browsers and watch their connections with resource monitor. All browsers, at rest, with no reason, connect to various urls. Regardless what the reason is, there’s something fishy about all of that. Therefore, I literally block any url that my browsers connect to, if they do so at rest; without my direction to do so.
The crazy thing is the honey pot that is Tor. Take a look at about:config in Tor. There’s not a whole hell of a lot of difference to the regular FF browser….yeah, except for the circuits, which, well, gee, do we know any of those people administering those? No. I’m sorry, but you probably don’t. and even if you do, do you think that they’re keeping your info out of other hands? Can they?
No.
The only thing that you are getting from any privacy effort is the reenforcement in your global data dump that you are one of those loons that actually cares about not being tracked and poked and prodded. Seriously, cattle have more privacy buying firearms than you do on any of the available browsers or devices.
The only solution is to make your own eveything. I’m working on my first iPhone from scratch…it’s taking a while to source the parts.
@ei,
It also, after reading this article:
https://blog.mozilla.org/blog/2020/10/20/mozilla-reaction-to-u-s-v-google/
that Mozilla is concerned. As I mentioned below, this would be very telling considering the links I made that show they receive upward of 70-80% of their funding from Google itself.
They draw a comparison from the 90s in regard to Microsoft, but that was a different time and day. At that time, they truly were the opposition. Now they are beholding to groups like Alphabet to keep functioning.
Congrats Sven for your amazing site…
Why does setting “privacy.resistFingerprinting” disables the audio reader?
My sys is a ff dev ed’n in a win10…
Thanks!
Hey Sven,
What do you think about using pi-hole instead in addition of what you presented ?
Thanks!
Pi-hole is a good option. We discuss it briefly in our ad blockers guide.
Ola Sven Taylor,
This guide reads last Updated Oct 2019 is it still viable / complete to version 83.0 Firefox?
Some things may be slightly different, but not much. We’ll get an update out soon.
Mozilla Firefox is dead.
Mozilla turns its attention to censoring decentralized tech
https://reclaimthenet.org/mozilla-turns-its-attention-to-censoring-decentralized-tech/
Genuinely curious to learn about this stark rejection of Firefox, I read the article you linked, Mozilla’s blog post, and the paper by Emmi Bevensee. This RTN article’s title and content both strike me as reactionary and incomplete.
I strongly disagree with RTN’s claim that “The focus on [Bevensee’s] paper is not to present, bolster, and promote technology like P2P networks for all its immensely useful uses, but to present it as as one increasingly used by ‘bad actors'”. The author mentions several times that P2P offers benefits while concurrently noting the adoption of P2P frameworks for nefarious purposes. They are also aware of ideological tensions within communities surrounding P2P. This claim from RTN strikes me as a rough interpretation at best and willful ignorance at worst. Either way, the jabs at Mozilla are blatant.
“Through this report, the hope is to get ahead of the hate curve of web 3.0 and shed light on these issues while recognizing and capitalizing on the incredible value offered by the tools themselves (p. 6)”
“The same technology that makes P2P technology resilient against censors, also makes it resilient against things like natural disasters and poor Internet connectivity (p. 9)”
“Peer-to-peer systems simultaneously hold the keys to solving a wide array of coordination problems and unleashing harmful web content to spread unabated (p. 10)”
Have you looked at localCDN? It is a fork of decentraleyes with support for more CDNs, also there is an about:config tweak to enable https only mode in Firefox (Basically EASE in https everywhere)
Sven,
Have you tried the ClearURLs extension? I tested this recently, and it blocked trackers on every page I visited including mozilla.org, which recommends it. It even removed ETag headers from eff.org, which is particularly disturbing.
No we haven’t tested it, thanks for the info!
Thank you so much Sven! This site is a fantastic resource. So thorough. I didn’t realise how exposed I was. I’ve got a lot of work ahead!
some hardening suggestions
https://proxy.metager.de/b648739bf066f50a1e92464bb361c058/dWdnY2Y6Ly90dmcuYXZrYXJnLmtsbS9kaHZhcXJwdnovemJtdnl5bi5wc3QvZmVwL29lbmFwdS96bmZncmUvcGJhc3Z0L3pibXZ5eW4ucHN0
the only way to ungoogle ffox is with blocking all involved ranges on the security gateway connected to the ISP internet box and make sure no upnp and ip6 packets are ever allowed in/out your lan, this beginning with your computer.
be carefull with all the trojan horse protocols endorsed by the sec state
I know this sounds kinda crazy but does anyone know how to make a “ungoogled Firefox”? If I had the knowledge I would try it myself…got the time though. Every update of Firefox always reinstalls Google spyware and changes a lot of my about:config settings and that’s one reason I don’t update Firefox every time new updates come out. But if anyone knows how to remove all Google, Amazon, Bing, and that “detectportal.firefox.com/success.txt” crap from Firefox please inform me!!!
I googled this one coincidentally: search terms about how Firefox makes money.
It was quite concise and even also somewhat amusing.
Anyway, it seems securing some money for Firefox as a user is a good idea. If this works well everywhere (otherwise too basically, as is known how it is now) it is probably a good idea to keep communications.
Hm, disabling studies etc. in Firefox. I wonder if it really matters or even being a good decision. I just disabled it, before reading this because still personalisation, having turned it off. E.g. in Google options not being logged in. And then going on youtube. Just because I did it. Nothing uneerable on youtube. But elsewhere too switching it off.
But if it’s said I have my doubts. I had have enough of it. But now that someone else is also saying it. I really don’t think it’s such a privacy matter. Even also telemetrics in Windows.
Firefox is without a monetary price. So all these conflicting issues.
Regarding DNS over HTTPS and Cloudfront, Firefox has added a secondary option of NextDNS, although I’m not sure how(/if) it does it make this function viable. Any thoughts?
https://www.bleepingcomputer.com/news/software/firefox-73-released-with-security-fixes-new-doh-provider-more/
I would also add datareporting.healthreport.uploadEnabled = false
this will disable LeanPlum – more info on this at https://support.mozilla.org/en-US/kb/how-do-you-use-leanplum-firefox
Thanks for this guide Sven. I’ve been a long-time NoScript user, but am thrilled to move to uBlockOrigin as an easier alternative. I would not have had the confidence to make the switch without a guide like yours. Of course, I learned a lot along the way and updated a number of other settings.