privacy.sexy icon indicating copy to clipboard operation
privacy.sexy copied to clipboard

Published 20 hours ago verified publisher icon undergroundwires

Some scripts that can be used to customize Firefox for better privacy.

Open plantindesk opened this issue 11 months ago • 3 comments

Operating system

Windows, macOS, or Linux.

Name

Tweaks For Firefox

Code

function Add-PrefsToJsFile {
  param (
    [Parameter(Mandatory = $true)]
    [string] $FilePath,
    [Parameter(Mandatory = $true)]
    [array] $DataToInsert
  )
  try {
    $linesToInsert = @("")
    foreach ($item in $DataToInsert) {
      if ($item.key -and $item.value) {
        $linesToInsert += 'user_pref("' + $item.key + '", ' + $item.value + ');'
      } else {
        Write-Warning "Invalid item in data: $item"
      }
    }
    Add-Content -Path $FilePath -Value $linesToInsert
    Write-Verbose "Successfully added preferences to '$FilePath'."
  } catch {
    Write-Error "Error adding content to '$FilePath': $_"
    Write-Log -LogName Application -Message "Error adding content to '$FilePath': $_" -EventID 1
    [System.Windows.Forms.MessageBox]::Show("An error occurred while adding content to the file.", "Error", "OK", "Error")
  }
}
$dataToInsert = @(
    [PSCustomObject]@{ key = "media.peerconnection.enabled"; value = "false" },
    [PSCustomObject]@{ key = "privacy.resistFingerprinting"; value = "true" },
    [PSCustomObject]@{ key = "privacy.trackingprotection.fingerprinting.enabled"; value = "true" },
    [PSCustomObject]@{ key = "privacy.trackingprotection.cryptomining.enabled"; value = "true" },
    [PSCustomObject]@{ key = "privacy.firstparty.isolate"; value = "true" },
    [PSCustomObject]@{ key = "privacy.trackingprotection.enabled"; value = "true" },
    [PSCustomObject]@{ key = "geo.enabled"; value = "false" },
    [PSCustomObject]@{ key = "media.navigator.enabled"; value = "false" },
    [PSCustomObject]@{ key = "network.cookie.cookieBehavior"; value = 1 },
    [PSCustomObject]@{ key = "network.cookie.lifetimePolicy"; value = 2 },
    [PSCustomObject]@{ key = "network.dns.disablePrefetch"; value = "true" },
    [PSCustomObject]@{ key = "network.prefetch-next"; value = "false" },
    [PSCustomObject]@{ key = "dom.event.clipboardevents.enabled"; value = "false" },
    [PSCustomObject]@{ key = "media.eme.enabled"; value = "false" }
)
Add-PrefsToJsFile -FilePath "<path-to-user-profile>/prefs.js" -DataToInsert $dataToInsert
OS Path
Windows NT (NT4.x/2000/XP/Vista/7/8/10) "%APPDATA%\Mozilla"
Unix/Linux ~/.mozilla/
Mac OS X ~/Library/Mozilla/ ~/Library/Application Support/

Revert code

network.cookie.cookieBehavior

This is an integer type preference with different values. Here are the cookie preference options:

  • 0 = Accept all cookies by default
  • 1 = Only accept from the originating site (block third-party cookies)
  • 2 = Block all cookies by default
  • 3 = Block cookies from unvisited sites
  • 4 = New Cookie Jar policy (prevent storage access to trackers)

Choosing between 1 and 4 would improve privacy. The New Cookie Jar policy (value 4) provides more protection, but may break some sites' functionality.

network.cookie.lifetimePolicy = 2

This is another integer type preference that you should set to a value of 2. This preference determines when cookies are deleted. Here are the different options:

  • 0 = Accept cookies normally
  • 1 = Prompt for each cookie
  • 2 = Accept for current session only
  • 3 = Accept for N days

Setting this to 2 should allow the websites you visit to work and all cookies will be automatically deleted after the session.

Category

Configuring Browsers | |_____Firefox

Recommendation level

STRICT

References

Restore Privacy

plantindesk avatar Mar 28 '24 15:03 plantindesk

Hi @plantindesk, thank you for the suggestion. If you check Linux > Configure programs > Configure Firefox, you'll see that almost all of these are covered.

We need a way to share scripts between OSes, it would be painful to replicate these in Windows, better to roll to all three platforms including macOS from same place. I need to refactor how scripts are compiled to achieve this so the compiler allow using shared scripts/categories between collections.

I will check other missing ones and can add on Linux and implement share mechanism so Windows collection can use all stuff Linux has. This will take time though.

Some comments:

  • You do not want to enable privacy.firstparty.isolate, disable it but keep network.cookie.cookieBehavior with option 5. You can search for those in Linux collection and read more.
  • I think ´network.cookie.lifetimePolicywith2` is too aggressive, but we can add this without recommending it.

undergroundwires avatar Mar 29 '24 00:03 undergroundwires

Yes, we can indeed disable telemetry in various desktop environments such as KDE, GNOME, and others. To provide an example, in the case of the KDE desktop environment, there is a package called kdeuserfeedback that gathers user data through telemetry and feedback surveys. By disabling this package, we can prevent any further collection of user information.

Furthermore, For Solus OS, we may consider adding a script to remove its telemetry functionality entirely.

plantindesk avatar Mar 29 '24 12:03 plantindesk

They're great suggestions but I don't know how to do those. I can add these only if I knew how to disable KUserFeedback or remove telemetry in Solus OS.

undergroundwires avatar Apr 04 '24 12:04 undergroundwires