Many of these sites suggest making edits via “about:config”. The problem is it’s difficult to keep track of which settings you’ve altered. I highly recommend you use a user.js [1] file. The best part is you can make notes so later you knows why a setting was enabled or disabled.
The only downside is if you decide to undo a setting in user.js you’ll also have to make the same change in about:config.
Firefox's about:support page lists the about:config prefs that have non-default values ("Important Modified Preferences"). That includes prefs you've changed and internal prefs changed by Firefox code.
Unfortunately the info provided by about:support doesn’t separate changes made via the gui and changes made via about:config. It also includes settings that may have been altered by Add-ons.
Another benefit to using a user.js file is that your changes are persistent. If Mozilla changes a setting via an upgrade, like they did with experiments and plan to do with DoH, your changes aren’t overridden.
They are saved under the user profile directory in the `prefs.js` file. src[0] I have it symlinked to `~/.config/firefox/pref.js` (which also contains `chrome/userChrome.css`, also symlinked to from the firefox profile) in this way they get checked into git with the rest of my dotfiles.
>And it suggests you disable HTML5 EME, which has nothing to do with privacy at all.
DRM requires proprietary software, and effective DRM requires obfuscated proprietary software. How do you know it's not harming your privacy, even accidentally?
It looks like DNT is turned on automatically if tracking protection is on, so it probably doesn't identify you any more than "a Firefox browser with tracking protection on".
I just tested. With standard settings for "Content Blocking" (under "Privacy and Security") and "Only when Firefox is set to block known trackers" selected, Firefox does not send the DNT header in regular windows. It only sends it in private windows. Therefore if you don't want to stand out, you should not enable DNT.
Someone can explain what's the reason to disable telemetry? Telemetry data is anonymized and important for Firefox development. What and how is transferred is documented well. If certain measures are suggested, there should be given a reasoning.
While nice for supporting the development of Firefox, it adds nothing to your subjective browsing experience. As far as I understand, disabling it is also not a data point by which you could be fingerprinted.
You're taking it for granted that the reported data is adequately anonymized to the point of being impossible to make any inferences about individuals, which is a huge leap, not only in trust, but data science.
As mentioned later in the article, Mozilla is based in a country with sweeping surveillance legislation, and so should not be trusted to hold or process [potentially] personally identifying data, no matter how well intentioned they themselves may be.
> it adds nothing to your subjective browsing experience
Firefox decision makers actively consult the telemetry data when making decisions. If you've disabled telemetry and I haven't then my experiences count double and yours are discarded entirely.
For example, TLS 1.0 (and 1.1) is deprecated and will be disabled by mutual agreement among browser vendors in 2020. On the road there, Firefox are watching their telemetry to determine how many users are affected and how much effort it's appropriate to put into mitigating difficulties for those who have systems that can't be upgraded.
For me this will go fine, I don't have any systems that aren't capable of TLS 1.2 and very few that can't do TLS 1.3 so my telemetry data will show all is well. Maybe you are not so lucky. Too bad, you've disabled telemetry so nobody is coming to help. Bye.
> it adds nothing to your subjective browsing experience
It increases the chances that Firefox developers address performance and other problems that are affecting you. If you disable telemetry, your problems "don't count" when doing data-driven prioritization of development work. (note: I'm a Mozilla employee, working on gecko)
> You're taking it on trust that it's anonymized to the point of being impossible to make any inferences about individuals, which is a huge leap, not only in trust, but data science.
I don't doubt that someone at Mozilla could de-anonymize that data, but I have enough trust in the organization that they won't
A year or so ago, they started sending telemetry letting them know that you have telemetry disabled! [0]
That one pissed me off, just on principle.
I'm not sure exactly what's happened in the last 10 years or so but, at some point, everyone apparently just decided it was okay to start spying on their users (read: "telemetry"). Mozilla and some others, at least, allow you to "opt out" -- although you should never have to! -- as if that somehow makes it okay.
Then, a while back, they decided they were going to go ahead and send in some "telemetry" even if the user has explicitly disabled telemetry!
I can easily remember a time -- and it wasn't that long ago! -- when slipping in even the slightest hint of "telemetry" without a clear, explicit "opt-in" from the user would have been absolutely unheard of.
Mozilla doesn't have much of a user base left. You'd think they would try to avoid alienating us and pissing us off.
---
On a related note -- and with the above in mind -- I recently (within the last several days) started working on my own .js "preferences" to lock Firefox down as much as I can. I've just posted it [1] if anyone is interested (a lot of it was taken from [2]).
Disclaimer: it's very much still a work-in-progress, likely breaks things that I haven't noticed yet, and almost certainly is not what you want to use. I'm fairly happy with it at the moment, however. (There's a bunch of "notes to self" in there that I tried to remove; if I missed any, please just ignore them!)
I don't see any. I skimmed what was sent (about:telemetry) and didn't find anything too egregious. Yes, you can be uniquely identified by your telemetry pings, but that alone isn't really an issue. All it tells Mozilla is that you use Firefox. It doesn't tell them anything about your browsing habits. The biggest risk I can see is malicious actors getting the IP information associated with telemetry submissions and using it to deanonymize your browsing sessions by correlating telemetry submission IPs with other sites' IP information. To mitigate that risk, I would recommend batching telemetry submissions (every week/month rather than in real time) and using separate connection/proxy settings for telemetry submissions.
It's impossible to actually anonymize telemetry data, they can only promise they don't tie the data to your IP, FF account, or any other data their servers can't help but know specifically about you. A quick search will reveal plenty of historic examples of breaking promises just like that one, with very little repercussion.
This is pretty good -- there are a number of config options here that I didn't realize existed.
My only real quibble is that I don't think people should turn on DNT if they can help it. Most sites don't respect it, and for some sites it's actually another tracking vector on its own.
I believe if you turn on fingerprinting protection in Firefox it gets automatically enabled, so this isn't a suggestion anyone can practically act on. But if I had the choice to disable DNT, I would. I think we should deprecate any tracking protection that relies on good actors respecting our choices.
were DNT anywhere near widely accepted it would probably be possible to enforce it via GDPR. (That is, report the pants off websites that show GDPR popups as you've already told them you don't want that)
Ironically, making changes like this makes you far, far more fingerprintable, as the vast majority of users don't make changes like this. Thus, the users that do stick out like a sore thumb. The article does mention this.
A lot of Firefox's fingerprinting protection is genuinely helpful because the stuff it's blocking can be used to very, very precisely target you.
Canvas/WebGL fingerprinting is a good example of this. Yes, very few people block it, but the fingerprinting for canvas is so individualized to each device that there is no hiding in the crowd if you leave it enabled. You're hiding in a crowd of size 1.
Think of it like wearing gloves during the summer. Yes, that's unusual. But a human fingerprint (except in rare-ish cases) will usually be good enough to track an individual person. In a world where people are regularly collecting fingerprints or tracking them around town to figure out who's been in what stores, being unusual is preferable to being unique.
There are a few settings (normalizing screen sizes) where the benefits aren't so clear-cut. But at the very, very least, you should be doing stuff like turning off webRTC/webGL/canvas. The majority of changes being listed here are strict improvements to privacy.
I have only just taken an interest in the canvas fingerprinting. My understanding is that it relies on a unique hash of an "image" created using HTML5, including the time it takes to draw. Is it not possible to alter this hash by throttling or slightly modifying some GPU settings? I know this is a weird and most likely highly technical question. I'm just curious.
Maybe a bit tangential, but I have been having a difficult time using Google Sheets lately in Firefox (like starting about 2-3 months ago). I keep track of my expenses (like groceries) in Google Sheets and always use Firefox to do data entry. Nowadays, Firefox browser freezes for a minute or two when I load/modify cells in Google Sheets.
I only have one extension, 'muBlockOrigin', installed in Firefox and have been using that for many years, so I'm sure the extension is not getting in the way of loading Google Sheets. So that leads me to believe that Google is probably supporting less and less of Firefox.
Google products (Sheets/Analytics/Gmail) simply run slower on FF these days. It's clear that Google optimizes their products to run well on Chrome, and doesn't bother benching performance on FF. I have a chromium portable laying around for the sole purpose of logging into google products that I need to access for work, and access everything else in FF.
I don't think Google is maliciously making FF slower on their products, but I believe they simply don't care to tweak/tune performance on FF like they would have years ago. As everything else google does, the devs metaphorically cover their ears and proclaim "lalalalalala we are google we don't care!" ...and it's more telling every passing year.
Create a fresh profile and install nothing into it and don’t change any defaults at all. If the problem still occurs, open a Webcompat issue about it. If the problem goes away, it’s either the addon or some sort of non-default config settings.
quickest fix if the top of my head would be to stop using google sheets :D
if you only need basic functionality then libreoffice would be a good place to start since it's cross platform and if youre running Windows then there's a portable version that you can bring around on a usb.
I use syncthing myself to sync my documents between all my devices. but there lots of other options around like resilio sync, nextcloud etc there's not really much of a reason to be tied to Google anymore
A word of caution, some of these settings break stuff.
I don't remember the exact items anymore, but seemingly innocous privacy-related changes I did some time ago from a list very much like this broke the ability to paste to google docs (which was a bit confusing, since I noticed it weeks later when it "just" didn't work with no messages hinting why) and the integration for the Evernote WebClipper plugin; and it was a bit of a hassle to find which changes I need to revert.
If someone else is in the habit of randomly selecting text and they're using linux, they may want to disable at least `clipboard.autocopy` if they don't use it. No reason to simply tell websites every selection you do, IMHO.
this article doesn't address the main issue with firefox and privacy: it sends your very complete fingerprint to google on its very first launch, before you get the chance to change any privacy settings. from that moment on, unless you have JS disabled, google will know your every move one way or another.
all their talk about privacy is hot air as long as that is true.
you install firefox and launch it for the first time. immediately, a page with google analytics opens up and google gets to fingerprint your browser and hardware before you've had a chance to implement any privacy measures.
I find it rather unlikely that mozilla needs GA on that page, considering that firefox is sending tons of telemetry to their own servers.
Readit News
The only downside is if you decide to undo a setting in user.js you’ll also have to make the same change in about:config.
[1] http://kb.mozillazine.org/User.js_file
Another benefit to using a user.js file is that your changes are persistent. If Mozilla changes a setting via an upgrade, like they did with experiments and plan to do with DoH, your changes aren’t overridden.
[0] https://support.mozilla.org/si/questions/965842
> The only downside is if you decide to undo a setting in user.js you’ll also have to make the same change in about:config.
You could change it to the inverse/default explicitly in user.js?
And it suggests you disable HTML5 EME, which has nothing to do with privacy at all. Whatever your views on DRM, that’s not a privacy concern.
This is yet another “opinionated guide to Firefox” that misleadingly uses privacy to convince people to read it.
Do not harm your friends and family’s experience by making the changes suggested in this guide.
DRM requires proprietary software, and effective DRM requires obfuscated proprietary software. How do you know it's not harming your privacy, even accidentally?
Does the DRM really not leak data about the content you're watching to the license server?
You're taking it for granted that the reported data is adequately anonymized to the point of being impossible to make any inferences about individuals, which is a huge leap, not only in trust, but data science.
As mentioned later in the article, Mozilla is based in a country with sweeping surveillance legislation, and so should not be trusted to hold or process [potentially] personally identifying data, no matter how well intentioned they themselves may be.
Firefox decision makers actively consult the telemetry data when making decisions. If you've disabled telemetry and I haven't then my experiences count double and yours are discarded entirely.
For example, TLS 1.0 (and 1.1) is deprecated and will be disabled by mutual agreement among browser vendors in 2020. On the road there, Firefox are watching their telemetry to determine how many users are affected and how much effort it's appropriate to put into mitigating difficulties for those who have systems that can't be upgraded.
For me this will go fine, I don't have any systems that aren't capable of TLS 1.2 and very few that can't do TLS 1.3 so my telemetry data will show all is well. Maybe you are not so lucky. Too bad, you've disabled telemetry so nobody is coming to help. Bye.
It increases the chances that Firefox developers address performance and other problems that are affecting you. If you disable telemetry, your problems "don't count" when doing data-driven prioritization of development work. (note: I'm a Mozilla employee, working on gecko)
I don't doubt that someone at Mozilla could de-anonymize that data, but I have enough trust in the organization that they won't
That one pissed me off, just on principle.
I'm not sure exactly what's happened in the last 10 years or so but, at some point, everyone apparently just decided it was okay to start spying on their users (read: "telemetry"). Mozilla and some others, at least, allow you to "opt out" -- although you should never have to! -- as if that somehow makes it okay.
Then, a while back, they decided they were going to go ahead and send in some "telemetry" even if the user has explicitly disabled telemetry!
I can easily remember a time -- and it wasn't that long ago! -- when slipping in even the slightest hint of "telemetry" without a clear, explicit "opt-in" from the user would have been absolutely unheard of.
Mozilla doesn't have much of a user base left. You'd think they would try to avoid alienating us and pissing us off.
---
On a related note -- and with the above in mind -- I recently (within the last several days) started working on my own .js "preferences" to lock Firefox down as much as I can. I've just posted it [1] if anyone is interested (a lot of it was taken from [2]).
Disclaimer: it's very much still a work-in-progress, likely breaks things that I haven't noticed yet, and almost certainly is not what you want to use. I'm fairly happy with it at the moment, however. (There's a bunch of "notes to self" in there that I tried to remove; if I missed any, please just ignore them!)
[0]: https://blog.mozilla.org/data/2018/08/20/effectively-measuri... (see the "Telemetry Coverage" section)
[1]: https://gitlab.com/snippets/1904354
[2]: https://github.com/pyllyukko/user.js
And where, and when. That's pretty sensitive information.
> the clientId, a UUID identifying a profile and allowing user-oriented correlation of data
[1] https://firefox-source-docs.mozilla.org/toolkit/components/t...
On line anonymity is a myth. Why do we keep spreading it?
Online anonymity is an entirely different topic than whether this one data set collected here is effectively anonymized.
My only real quibble is that I don't think people should turn on DNT if they can help it. Most sites don't respect it, and for some sites it's actually another tracking vector on its own.
I believe if you turn on fingerprinting protection in Firefox it gets automatically enabled, so this isn't a suggestion anyone can practically act on. But if I had the choice to disable DNT, I would. I think we should deprecate any tracking protection that relies on good actors respecting our choices.
But overall, good article.
Leaving it as default makes you hide in the crowd
Canvas/WebGL fingerprinting is a good example of this. Yes, very few people block it, but the fingerprinting for canvas is so individualized to each device that there is no hiding in the crowd if you leave it enabled. You're hiding in a crowd of size 1.
Think of it like wearing gloves during the summer. Yes, that's unusual. But a human fingerprint (except in rare-ish cases) will usually be good enough to track an individual person. In a world where people are regularly collecting fingerprints or tracking them around town to figure out who's been in what stores, being unusual is preferable to being unique.
There are a few settings (normalizing screen sizes) where the benefits aren't so clear-cut. But at the very, very least, you should be doing stuff like turning off webRTC/webGL/canvas. The majority of changes being listed here are strict improvements to privacy.
WebGL fingerprinting, in my investigation, seems to be identifiable by gpu vendor, and potentially by generation, but not individual GPU.
So there's still bits of info, but not as bad as they used to be, or as bad as people generally fear.
You're confusing privacy and anonymity. They can be mutually exclusive.
I only have one extension, 'muBlockOrigin', installed in Firefox and have been using that for many years, so I'm sure the extension is not getting in the way of loading Google Sheets. So that leads me to believe that Google is probably supporting less and less of Firefox.
I don't think Google is maliciously making FF slower on their products, but I believe they simply don't care to tweak/tune performance on FF like they would have years ago. As everything else google does, the devs metaphorically cover their ears and proclaim "lalalalalala we are google we don't care!" ...and it's more telling every passing year.
if you only need basic functionality then libreoffice would be a good place to start since it's cross platform and if youre running Windows then there's a portable version that you can bring around on a usb.
I use syncthing myself to sync my documents between all my devices. but there lots of other options around like resilio sync, nextcloud etc there's not really much of a reason to be tied to Google anymore
I don't remember the exact items anymore, but seemingly innocous privacy-related changes I did some time ago from a list very much like this broke the ability to paste to google docs (which was a bit confusing, since I noticed it weeks later when it "just" didn't work with no messages hinting why) and the integration for the Evernote WebClipper plugin; and it was a bit of a hassle to find which changes I need to revert.
https://developer.mozilla.org/en-US/docs/Mozilla/Preferences...
If someone else is in the habit of randomly selecting text and they're using linux, they may want to disable at least `clipboard.autocopy` if they don't use it. No reason to simply tell websites every selection you do, IMHO.
all their talk about privacy is hot air as long as that is true.
so this pretty much invalidates my other two comments here.
sorry could you explain in more detail please ?
I find it rather unlikely that mozilla needs GA on that page, considering that firefox is sending tons of telemetry to their own servers.