amq / firefox-debloat Goto Github PK
View Code? Open in Web Editor NEWStop Firefox leaking data about you
License: MIT License
Stop Firefox leaking data about you
License: MIT License
Battery API can be used to track users
Maybe it should be disabled by default?
about:config
property is dom.battery.enabled
.
Is there a Firefox extension that sets all those properties to false?
DNS-over-HTTPS leaks the DNS queries to Cloudflare.
To disable set network.trr.mode
to 5
From https://lists.gnu.org/archive/html/bug-gnuzilla/2015-06/msg00005.html
Dear Rubin,
Congratulations! I wish you many happy years to come!
I have recently seen firefox adding more and more unnecessary and
dangerous things so I have decide to work on a version of firefox
which deletes them.
Then I discovered Icecat which shares a lot of my goals and I was able
to benefit from its source code. Thank you very much!
Here are the components I propose for deletion and why:
To delete EME I did an rm -r on all the relevant directories, added
ac_add_options --disable-eme to the mozconf and cleaned up any
dangling references to the EME stuff. I think it is important that the
code itself not be compiled into the program even if it is not used.
"dead" code has been used in security vulnerabilities in the past.
For NewTab I blanked out the XML inside content/newtab/newTab.xul and
deleted the unneeded files.
The patch for HealthReport off-by-default is based on icecat, since
icecat already does this!
To set WebGL off by default I edited modules/libpref/init/all.js.
Pocket and Hello! were removed by rm -r'ing the modules and then
cleaning up dangling references:
rm -r ./browser/components/pocket/
rm -rf ./browser/components/loop/
rm ./browser/base/content/browser-loop.js
I am keen on learning about new candidates for removal. I have heard
that firefox will soon search users history and provide adverts based
on this - I intend to produce a patch/script to remove that too.
I have included some patches and scripts here which I hope may be of
use or interested to folks.
I understand why people might want to disable SafeBrowsing, but it's worth noting that the service was designed with privacy in mind and does a fairly good job given the numerous constraints it works under. In addition, it provides a significant level of protection for most web users against phishing and malware, which can be much more harmful for security and privacy in the long run.
At the very least, you should explain why you recommend this, as well as the trade-offs. In my opinion it is a really bad idea for most users.
Here's a longer explanation (original on HN):
Please for the love of god do not disable the Google SafeBrowsing preferences. SafeBrowsing protects you from a lot of malicious websites, and does not leak much information to Google. For most people the security benefits of SafeBrowsing far outweigh the privacy concerns.
It is important to remember that malicious websites and malware in general may negatively impact your security and privacy in extremely harmful ways (malware compromises PII, website credentials, financial information, uses webcam and microphone to photograph/film/record you from blackmail/revenge porn purposes, ...)
For context, please see these relevant Mozilla bugs about SafeBrowsing privacy concerns: [0], [1]. tl;dr Firefox must set a cookie for SafeBrowsing, but it uses a separate cookie jar for SafeBrowsing so Google cannot tie the Safebrowsing activity to anything else you do related to Google or their services (which is the biggest concern here). They can learn a limited profile of your browsing activity, along the lines of "Random user x often uses their browser between 9am and 5pm on M-F".
The Safebrowsing implementation is specifically designed to be privacy-preserving. [2] It uses a Bloom filter to implement fast lookups in a minimally sized hash table of known malicious URL's. The only time a full URL (actually various hashes of multiple prefixes of the full URL, including the full URL) that you browse it sent to Google is when a prefix of it collides with a known malicious URL, in which case the URL must be sent to Google to resolve the question of whether the URL you are trying to visit is actually malicious or just a false positive from the Bloom Filter. Yes, the hashes are unsalted so it would be possible for Google to check if you were trying visit some pre-determined URL ("were they trying to visit www.thoughtcrime.org?") but only if it collided with a known malicious URL.
It would be helpful to know what the average rates of collisions and false positives are to get a sense of how much of an average user's browsing history is leaked to Google through Safe Browsing - can anybody from Google comment?
Thank you for tips. Here is my Firefox configuration:
https://bitbucket.org/snippets/cedricbonhomme/cbj6
if it can help you.
plugins.enumerable_names
By default (*
), websites can get a list of plugins, their version & details via navigator.plugins
.
You can set this option to an empty string, and websites will not see any Plugins:
PluginArray { length: 0 }
However, this does break some sites (e.g. Deezer) because they (wrongfully) use this API to test if a user has, for example, Flash installed. If you want to allow this, you can set the configuration to Shockwave Flash
. That will only return details about the Flash plugin.
Details about a Plugin look like this:
Plugin { 0: MimeType, 1: MimeType, application/x-shockwave-flash: MimeType, application/futuresplash: MimeType, description: "Shockwave Flash 18.0 r0", filename: "Flash Player.plugin", version: "18.0.0.194", name: "Shockwave Flash", length: 2 }
See also: Panopticlick.
Don't overcomplicate, don't try to include everything, don't break web functionality.
It'd be nice to have an explanation of what each option is and why one would want to change off of the defaults. Right now it's geared towards locking Firefox down entirely, but not everyone has this use-case.
Personally, I want to disable sending information to Google but would allow Pocket integration, for example. And I'm unsure what the impact would be if disabling the DRM options.
Hi,
I don't know if you've seen it, but User.js is already doing a good job that is pretty much like this one. You might take a look at it :)
network.http.sendReferheader
0 means never send, breaks many sites
1 means send only for clicked links, works fine for most sites
2 (default) means send always.
Recommendation can be to set to 0 or 1. More details here.
network.http.sendSecureXSiteReferrer
true
(default) Send referer header when navigating from one https site to another.
false
Don't send referer header when navigating from one https site to another
Recommendation can be false
. More details here
To easily change parameters, I have write an user.js : https://github.com/Oros42/firefox_change_prefs
You can use it or make your own :-)
What about making an add-on instead of fiddling with about:config
by hand? Perhaps something similar to TorBirdy for Thunderbird? Thoughts?
Hello. As we can notice it, manual interventions in order to apply your suggestions aimed to harden either privacy or security, are involved in this project which as a direct consequence diminish its potential of effectiveness. Others projects, at least arkenfox and pyllyukko here on that platform, were designed to partially automatize hardening operations. In this regard you might have planed a task of your own that is on-going, and even involves full automation of those operations by a script. If not, at least one of those projects might be worth a look at, so you could choose considering taking inspiration from in respect to the methodologies created to apply the customisations.
(This repo seems to have some sort of privacy tendency, so I'll rant a bit about Canvas Fingerprinting. If this is not a welcome forum, feel free to close this issue)
Canvas fingerprinting is a tricky problem. Websites can use the Canvas API to draw pixels and use system fonts as well as hardware specific rendering behavior to track a user and assign them a specific fingerprint, which has enough entropy to recognize them in the future (see wikipedia)
I don't think you want to disable canvas, completely though. It's heavily used in many useful apps.
The Tor Browser (Firefox + patches from the Tor project) tackles this by disabling reading from the canvas, which you can allow for each individual call (you get a "doorhanger UI", which is what most people know from Geolocation).
Newest Firefox versions doesn't have "browser.pocket.enabled", but "extensions.pocket.enabled"
... but the Browser regularly downloads a list of MD5-Hashes from Google and compares locally.
Nonetheless, Google will be contacted - there will be people who don't want that.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.