this post was submitted on 25 Jun 2023
83 points (98.8% liked)

Firefox

17884 readers
40 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

I use uBlock Origin and make some changes to the default settings. Have seen recommend configs, but haven't gotten to implement them yet.

What do you do to make Firefox even more privacy respecting and secure?

top 38 comments
sorted by: hot top controversial new old
[–] RvTV95XBeo@sh.itjust.works 17 points 1 year ago (1 children)

Honestly, Firefox and uBlock Origin together form a pretty solid combo - that's all I use.

See privacyguides.org recommendations for tuning FF & uBO settings.

[–] sycamore@lemmy.world 1 points 1 year ago (1 children)

I've been doing so for years, sometimes they do bit I will disable when they do.

[–] RvTV95XBeo@sh.itjust.works 1 points 1 year ago

Sometimes they do...?

[–] Nerd02@forum.basedcount.com 9 points 1 year ago

Regular firefox with enhanced protection on by default + ublock origin does most of the work for me. Personally I also like to add a user agent switcher on top of it. Oh and the Facebook container extension, that one is a must.

[–] CAPSLOCKFTW@lemmy.ml 4 points 1 year ago (2 children)
  • Ublock origin
  • noscript
  • localCDN
  • tampermonkey with anti ad blocker blocker scriipts
  • ptivacy redirects
[–] sycamore@lemmy.world 2 points 1 year ago* (last edited 1 year ago) (2 children)

I also use ghostery, ad-guard, and one that cleans trackers from linked urls. I forgot what it's called.

[–] dsdsds13@lemmy.world 3 points 1 year ago

Just so you know ghostery sells your data to financial services firms

I surely hope you're not running those two next to uBO. Multiple ad blockers WILL conflict.

[–] ShittyKopper@lemmy.w.on-t.work 2 points 1 year ago* (last edited 1 year ago) (2 children)

Both LocalCDN and any anti ad-block scripts are useless nowadays. uBO by itself does quite a bit of defusing itself as long as no other extensions conflict with it (so, make sure it's the only ad blocker you have) (also enable the built-in annoyance filters. They deal with anti-adblocks as well)

Noscript can also be replaced with uBO's dynamic filters/advanced mode. Read it's wiki if you want to learn how

[–] VerPoilu@sh.itjust.works 2 points 1 year ago

Is localdns backed in Firefox or ublock now?

[–] CAPSLOCKFTW@lemmy.ml 2 points 1 year ago

Please elaborate how LocalCDN is useless.

Anti ad blocker blocker scripts have been installed because of ad blocker blocker who blocked me using ublock origin. After enabling the anti ad blocker never bothered me again and since i have other user scripts and write my own occasionaly, tampermonkey isn't useless at all.

noScript has a very convienient menu and is superior to ublock regarding usability (when it comes to selectivly blocking scripts). No need to read a wiki. Therefore I prefer it.

[–] administrator@lemmy.pro 4 points 1 year ago (1 children)

Also try to use the Container feature in Firefox. I have acting Google all contained in one subset for example, so none of their tabs gets a view on my other tabs.

[–] RvTV95XBeo@sh.itjust.works 3 points 1 year ago (1 children)
[–] administrator@lemmy.pro 2 points 1 year ago

Ah cool I didn’t know that, thank you!

[–] Sidneys1@infosec.pub 4 points 1 year ago

Lots of good ones in this thread, but one I don't see is Adnauseam. Think of it as the inverse of uBlock Origin, in fact it is based on UO and you can even access the UO UI in it.

Basically: they can't track you if you don't load any trackers, sure.

But they also can't track you if you "click" literally every ad, plus it messes with their ad revenue calculations and tracking statistics.

[–] RvTV95XBeo@sh.itjust.works 4 points 1 year ago* (last edited 1 year ago)

A lot of people mentioning things like Privacy Badger, NoScript, ClearURLs, Ghostery, etc. Can anyone explain to me what benefit these provide over a properly configured uBO setup?

My understanding is these are all redundant, and just serve to slow things down or provide ways to leak your data (looking at you Ghostery...)

Also saw a comment about Multi Account Containers. I don't see this as necessary, at least in my case, ever since they introduced first party cookies isolation by default. The only application I see is if you want to log into the same website with two different accounts, e.g., using Outlook for work and personal email on the same machine.

tl;dr - FF+uBO=dream team

[–] brickfrog@lemmy.dbzer0.com 3 points 1 year ago

I use one of the security hardening user.js profiles as a baseline for Firefox e.g. https://github.com/pyllyukko/user.js

Beyond that I don't go crazy with extensions but I do still use NoScript to block javascript by default & only enable it for domains I choose. For ad blocking stuff I handle that at the router level with pfSense + the pfBlockerNG package.

[–] CadeJohnson@slrpnk.net 3 points 1 year ago (1 children)

Privacy Badger, Cookie Autodelete.

[–] privsecfoss@feddit.dk 3 points 1 year ago* (last edited 1 year ago) (1 children)

+1 for Cookie Autodelete. Forgot to mention it. Have some more advanced options than the native cookie delete, fx whitelisting. Privacy Badger broke some things for me but I think I'll give it another shot given the fine recommendations in this thread.

[–] ArtificialLink@lemmy.ml 2 points 1 year ago

When privacy badger breaks something i just turn it off for that site if i HAVE to use it. Otherwise i find another site.

[–] lvxferre@lemmy.ml 3 points 1 year ago (1 children)
  • Canvas blocker - prevents some usage of javascript for fingerprinting.
  • Change Geolocation - the actual reason that I use it is not privacy, but to prevent Google from forcing local results (I set my geolocation to Antarctica). However you can use it for privacy, specially if you live in a small town.
  • Decentraleyes - prevents tracking through content delivery.
  • Ninja Cookie - handles cookies banners, telling them that you don't allow cookies. It's one of those extensions where QoL is privacy, since those banners are often crafted in a way to tire you out so you allow cookies.
  • uBlock Origin - I guess most people here know about it.
[–] ShittyKopper@lemmy.w.on-t.work 5 points 1 year ago (1 children)

Decentraleyes - prevents tracking through content delivery.

Decentraleyes is AFAIK severely outdated. Use LocalCDN if you must, though I personally am not convinced there's any real threat model where these are useful.

[–] lvxferre@lemmy.ml 4 points 1 year ago

Thanks for the info - this is the sort of stuff that I installed a long time ago, then forgot about it. I'll look for further info on LocalCDN.

[–] MrPhibb@reddthat.com 3 points 1 year ago

No Script, UBlock and container tabs, specifically I have containers for Reddit, Google, Amazon, Pixiv and Discord.

[–] polskilumalo@lemmygrad.ml 3 points 1 year ago

Visit ffprofile.com, it's basically my starting point for creating a privacy concious config.

[–] FuriousLing@lemmy.world 2 points 1 year ago

I use Privacy Badger in addition to uBlock to block all kinds of trackers.

Privacy Badger

[–] plactagonic@beehaw.org 2 points 1 year ago

I have few profiles set up - stock, changed settings, different extensions...

I then use the one for the task I do - need to use Google I use Google profile, work stuff and simple search have different profiles ...

[–] Melody@lemmy.one 2 points 1 year ago

https://lemmy.one/comment/9485

I go over many of my plugins and why I use them here.

[–] maiskanzler@feddit.de 1 points 1 year ago

I use idontcareaboutcookies and have Firefox delete all cookies when I close it. Although I think that addon was bought out a few months ago.

[–] gmate8@lemmy.ml 1 points 1 year ago

Chameleon for anti fingerprinting, ublock, clearurls, noscript

[–] Veedems@lemmy.ml 1 points 1 year ago

I use AdGuard

[–] jacktherippah@lemmy.world 1 points 1 year ago (1 children)

Really shouldn't use anything more than uBo since extensions make it easier to fingerprint you.

[–] Melody@lemmy.one 5 points 1 year ago

This is absolutely false. In a standard browser environment you are going to require a multitude of plugins to achieve various tasks. In fact; having uBo installed is in and of itself fingerprintable to the n^th^ degree. An advanced fingerprinting suite can glean data from your browser based on which uBo lists you subscribe to.

With the sole exception being purpose-hardened browsers like Mullvad's or Tor Browser; there is no reason to skip having plugins. You already fingerprinted yourself by running that one plugin.

load more comments
view more: next ›