
Firefox Privacy How-To Guide - Garbage
https://restoreprivacy.com/firefox-privacy/
======
nominated1
Many of these sites suggest making edits via “about:config”. The problem is
it’s difficult to keep track of which settings you’ve altered. I highly
recommend you use a user.js [1] file. The best part is you can make notes so
later you knows why a setting was enabled or disabled.

The only downside is if you decide to undo a setting in user.js you’ll also
have to make the same change in about:config.

[1]
[http://kb.mozillazine.org/User.js_file](http://kb.mozillazine.org/User.js_file)

~~~
cpeterso
Firefox's about:support page lists the about:config prefs that have non-
default values ("Important Modified Preferences"). That includes prefs you've
changed and internal prefs changed by Firefox code.

~~~
nominated1
Unfortunately the info provided by about:support doesn’t separate changes made
via the gui and changes made via about:config. It also includes settings that
may have been altered by Add-ons.

Another benefit to using a user.js file is that your changes are persistent.
If Mozilla changes a setting via an upgrade, like they did with experiments
and plan to do with DoH, your changes aren’t overridden.

------
floatingatoll
Sigh, yet another “privacy” guide that has you enable options like DNT that
make you easier to fingerprint.

And it suggests you disable HTML5 EME, which has nothing to do with privacy
_at all_. Whatever your views on DRM, that’s not a privacy concern.

This is yet another “opinionated guide to Firefox” that misleadingly uses
privacy to convince people to read it.

Do not harm your friends and family’s experience by making the changes
suggested in this guide.

~~~
SquishyPanda23
> it suggests you disable HTML5 EME, which has nothing to do with privacy at
> all.

Does the DRM really not leak data about the content you're watching to the
license server?

~~~
gruez
That's my thinking as well. I've been to a few non-media sites (eg.
aliexpress) that inexplicably ask to play DRM content.

~~~
hsivonen
Do you have a URL for a page that exhibits this behavior without obvious
reason?

~~~
gruez

        https://www.aliexpress.com/item/32678087225.html

------
flywithdolp
Someone can explain what's the reason to disable telemetry? Telemetry data is
anonymized and important for Firefox development. What and how is transferred
is documented well. If certain measures are suggested, there should be given a
reasoning.

~~~
gnode
While nice for supporting the development of Firefox, it adds nothing to your
subjective browsing experience. As far as I understand, disabling it is also
not a data point by which you could be fingerprinted.

You're taking it for granted that the reported data is adequately anonymized
to the point of being impossible to make any inferences about individuals,
which is a huge leap, not only in trust, but data science.

As mentioned later in the article, Mozilla is based in a country with sweeping
surveillance legislation, and so should not be trusted to hold or process
[potentially] personally identifying data, no matter how well intentioned they
themselves may be.

~~~
tialaramex
> it adds nothing to your subjective browsing experience

Firefox decision makers actively consult the telemetry data when making
decisions. If you've disabled telemetry and I haven't then my experiences
count double and yours are discarded entirely.

For example, TLS 1.0 (and 1.1) is deprecated and will be disabled by mutual
agreement among browser vendors in 2020. On the road there, Firefox are
watching their telemetry to determine how many users are affected and how much
effort it's appropriate to put into mitigating difficulties for those who have
systems that can't be upgraded.

For me this will go fine, I don't have any systems that aren't capable of TLS
1.2 and very few that can't do TLS 1.3 so my telemetry data will show all is
well. Maybe you are not so lucky. Too bad, you've disabled telemetry so nobody
is coming to help. Bye.

~~~
luckylion
> Firefox decision makers actively consult the telemetry data when making
> decisions. If you've disabled telemetry and I haven't then my experiences
> count double and yours are discarded entirely.

Yours won't count double unless there are only two users, in which case
decision makers will likely disregard telemetry data all together.

You're right that the individual's usage pattern isn't directly considered,
but for most users that won't matter because their usage patterns aren't
uncommon. If you're one of a small group of users that do $weirdThing and that
group is so small that your individual telemetry data contributes
significantly, a) that group will likely be ignored and b) anonymizing is a
problem you may not want to be involved in as a user.

~~~
catalogia
Yeah, I don't really buy that telemetry is actually guiding design in the
first place. Rather, I wager telemetry most often gets used to create post-hoc
rationalizations for changes somebody already has their heart set on. And if
the most relevant statistic plainly doesn't support the change, then a less
obvious statistic is found instead and said to be more important (e.g. _"
telemetry says 85% of our users use this feature.... but telemetry also says
that 90% of users close the application within five minutes of using this
feature every time they use it, so users might think they like this feature
but actually they're wrong and it drives down user engagement."_)

I've not worked at Mozilla, but that's how I've seen it happen just about
every time I ever saw telemetry get cited in situations I had some insider
insight into.

~~~
staktrace
FWIW, I work at Mozilla and I have used telemetry in the way it's meant to be
used. I'm sure there are cases where it's misused the way you describe, but by
no means are all the cases like that.

~~~
catalogia
Relating to my other comment in this thread, when you used telemetry at
Mozilla did you make or violate the default assumption of user equality? Were
all users given equal weight, or were socially influential power users given a
greater weight?

~~~
staktrace
All users were given equal weight. From the dashboards at
telemetry.mozilla.org you can't even tell which users are more socially
influential. And to be precise, with many of the metrics that I've used, they
tend to be per-pageload or per-action rather than per-user.

Edited to add: my comment makes it sound like there is some other way to tell
from telemetry data which users are more socially influential. That's not the
case as far as I know.

~~~
catalogia
Has anybody at Mozilla been pointing out that "data-driven" design predicated
on incomplete data, making incorrect assumptions about the relative importance
of different users, might be contributing to the decline of Firefox?

A single power user who happens to be a system administrator for a public
school district has the power to install or uninstall hundreds of firefox
instances. And it was power users that spread word-of-mouth awareness of
firefox the most during the days when firefox was actually growing. Continue
to treat them as equals to all other users and I predict firefox will continue
its tragic slide into obscurity.

~~~
staktrace
Yes, this argument comes up once in a while, and is handled by people who know
more about it than I do.

~~~
catalogia
Are you sure they know more about it than you, or do they just style
themselves as knowledgeable? If mozilla really wants to be truly data driven,
then maybe they should look at the data and realize that perhaps _trying_ to
be data-driven has contributed to Firefox's decline into relative obscurity.

The way I see it, "data driven" design is often similar to an over-reliance on
standardized testing or zero-tolerance policies; a way of abdicating
responsibility for a decision and covering your own ass. _" Users hate this
but I'm not to blame because I was just going off the data"_ has become the
new _" Sure everything ended up going sideways, but can you really blame me
for buying IBM? Nobody gets fired for buying IBM."_

Where is the data to suggest that data-driven design actually produces the
desired results? That seems to be missing.

~~~
staktrace
This is not a very productive discussion. I don't want to blow you off with a
"trust the experts" kind of response, but that's basically what it boils down
to. You are certainly entitled to second guess people whose livelihood it is
to keep Mozilla going from your comfortable armchair, but I'm going to
extricate myself from this discussion.

------
danShumway
This is pretty good -- there are a number of config options here that I didn't
realize existed.

My only real quibble is that I don't think people should turn on DNT if they
can help it. _Most_ sites don't respect it, and for some sites it's actually
another tracking vector on its own.

I believe if you turn on fingerprinting protection in Firefox it gets
automatically enabled, so this isn't a suggestion anyone can practically act
on. But if I had the choice to disable DNT, I would. I think we should
deprecate any tracking protection that relies on good actors respecting our
choices.

But overall, good article.

~~~
user9361
> DNT

Leaving it as default makes you hide in the crowd

~~~
danShumway
I'm pretty sure that DNT is off by default in Firefox. That's what I mean when
I say that turning it on can be an additional tracking data point.

------
fzzzy
Ironically, making changes like this makes you far, far more fingerprintable,
as the vast majority of users don't make changes like this. Thus, the users
that do stick out like a sore thumb. The article does mention this.

~~~
danShumway
A lot of Firefox's fingerprinting protection is genuinely helpful because the
stuff it's blocking can be used to very, very precisely target you.

Canvas/WebGL fingerprinting is a good example of this. Yes, very few people
block it, but the fingerprinting for canvas is so individualized to each
device that there is no hiding in the crowd if you leave it enabled. You're
hiding in a crowd of size 1.

Think of it like wearing gloves during the summer. Yes, that's unusual. But a
human fingerprint (except in rare-ish cases) will usually be good enough to
track an individual person. In a world where people are regularly collecting
fingerprints or tracking them around town to figure out who's been in what
stores, being unusual is preferable to being unique.

There are a few settings (normalizing screen sizes) where the benefits aren't
so clear-cut. But at the very, very least, you should be doing stuff like
turning off webRTC/webGL/canvas. The majority of changes being listed here are
strict improvements to privacy.

~~~
rwmurrayVT
I have only just taken an interest in the canvas fingerprinting. My
understanding is that it relies on a unique hash of an "image" created using
HTML5, including the time it takes to draw. Is it not possible to alter this
hash by throttling or slightly modifying some GPU settings? I know this is a
weird and most likely highly technical question. I'm just curious.

~~~
danShumway
Short answer, I don't know, but probably not?

Long answer, I'm also curious about this. I feel like the future of
fingerprinting resistance isn't refusing to give up information (since sites
can block you or force you to turn the settings back on) -- it's lying. Don't
block microphone access, just feed it white noise. Don't block the location,
just spoof it.

BUT, a bunch of people who are smarter than me have decided that zeroing out
the canvas is better than making it return random values, so for the moment, I
assume there's something they know that I don't.

~~~
Santosh83
The CanvasBlocker extension which has been around for longer than Firefox
started implementing anti-fingerprinting measures does exactly this: spoof
canvas readout values. Since blocking Javascript is no longer an option for
most people, blocking fingerprintable APIs simply breaks many sites. What we
need is frictionless ways to spoof values for these APIs unless the user
trusts the site in which case real values can be sent (example the site needs
to work and fake values will not be useful to the user).

------
programmertote
Maybe a bit tangential, but I have been having a difficult time using Google
Sheets lately in Firefox (like starting about 2-3 months ago). I keep track of
my expenses (like groceries) in Google Sheets and always use Firefox to do
data entry. Nowadays, Firefox browser freezes for a minute or two when I
load/modify cells in Google Sheets.

I only have one extension, 'muBlockOrigin', installed in Firefox and have been
using that for many years, so I'm sure the extension is not getting in the way
of loading Google Sheets. So that leads me to believe that Google is probably
supporting less and less of Firefox.

~~~
degenerate
Google products (Sheets/Analytics/Gmail) simply run slower on FF these days.
It's clear that Google optimizes their products to run well on Chrome, and
doesn't bother benching performance on FF. I have a chromium portable laying
around for the sole purpose of logging into google products that I need to
access for work, and access everything else in FF.

I don't think Google is maliciously making FF slower on their products, but I
believe they simply don't care to tweak/tune performance on FF like they would
have years ago. As everything else google does, the devs metaphorically cover
their ears and proclaim " _lalalalalala we are google we don 't care!_" ...and
it's more telling every passing year.

------
PeterisP
A word of caution, some of these settings break stuff.

I don't remember the exact items anymore, but seemingly innocous privacy-
related changes I did some time ago from a list very much like this broke the
ability to paste to google docs (which was a bit confusing, since I noticed it
weeks later when it "just" didn't work with no messages hinting why) and the
integration for the Evernote WebClipper plugin; and it was a bit of a hassle
to find which changes I need to revert.

~~~
johnp_
Likely `dom.event.clipboardevents.enabled`:

[https://developer.mozilla.org/en-
US/docs/Mozilla/Preferences...](https://developer.mozilla.org/en-
US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled)

If someone else is in the habit of randomly selecting text and they're using
linux, they may want to disable at least `clipboard.autocopy` if they don't
use it. No reason to simply tell websites every selection you do, IMHO.

------
romkin
this article doesn't address the main issue with firefox and privacy: it sends
your very complete fingerprint to google on its very first launch, before you
get the chance to change any privacy settings. from that moment on, unless you
have JS disabled, google will know your every move one way or another.

all their talk about privacy is hot air as long as that is true.

~~~
kbrosnan
GA was removed from the first run page
[https://github.com/mozilla/bedrock/pull/7621](https://github.com/mozilla/bedrock/pull/7621)

~~~
romkin
oh. didn't know that, and yeah, can confirm - all requests on that page are
made to mozilla.org. good! might have been an oversight then.

so this pretty much invalidates my other two comments here.

------
SCdF
Has anyone worked out if Do Not Track is actually worth it's weight?

You're effectively flipping another bit that de-anonymises your browser a
little bit more, and I can't why a bad actor (the people you're actually
worried about) would honour it.

~~~
oil25
Enabling DNT is worth it, but not for the reason which seems obvious. The DNT
header was created so Internet advertisers could point and say, "only 0.1% of
users have enabled DNT - this is evidence that people don't care about or even
WANT to be tracked" in the face of scrutiny by regulators. It's a single extra
bit of information about your request; I wouldn't worry about "de-
anonymization" resulting from enabling it, but would suggest enabling it as a
token gesture anyway.

------
AdmiralAsshat
And Firefox refuses to load the page because of a cert error. Oh, the irony!

~~~
danShumway
Works for me on the most recent version of Firefox. Might be a clock issue?

Regardless, Outline link for anyone who can't read:
[https://outline.com/T3fGAk](https://outline.com/T3fGAk)

If Outline doesn't load, try enabling referrer headers. I always forget to do
that and get annoyed when Outline links break. I should _probably_ just switch
to a different service at some point, since I refuse to leave referrer headers
enabled permanently.

~~~
tialaramex
That's quite a clock issue given the cert is valid from May 2018 to May 2020,
so the entire year is wrong on their system.

------
ilikenwf
This is an ok guide for people who don't know what to do, however I'd argue
using ghacks userjs, and also disabling the built in content blocking and
safebrowsing entirely is in order, along with disabling captive portal
detection, and dns over https.

These all call back to google and/or mozilla, cloudflare.

[https://github.com/ghacksuserjs/ghacks-
user.js](https://github.com/ghacksuserjs/ghacks-user.js)

------
cookie_monsta
There are so many hardware and OS level fingerprinting vectors that software
tweaks like these are only marginally useful.

Once you've done your tweaking, have a look at
[https://amiunique.org/](https://amiunique.org/) to see how anonymous you
really are.

~~~
0-_-0
amiunique.org only checks whether your fingerprint is unique, but if some data
that was used to create your fingerprint was random (as common with some anti-
fingerprinting methods) then that doesn't mean you're identifiable.

------
romaniitedomum
Ironically, uBlock flags this site leaking tracking cookies to two third-party
sites, getclicky.com and presidium.com. Who watches the watcher, eh?

But there's no denying that site is a good handy guide to things in Firefox
that can be tweaked to suit one's privacy stance.

------
bvinc
Caution: I kept having problems in websites where timestamps were hours off,
and every captcha was super annoying. It took me a while to figure out it was
due to the fingerprint protection that I had enabled.

------
yCloser

      privacy.resistFingerprinting = true
    

breaks whatsapp web login page, interesting

------
paulcarroty
This howto isn't helpful on first run when Firefox sends tons of telemetry to
Google:
[https://twitter.com/jonathansampson/status/11658588961766604...](https://twitter.com/jonathansampson/status/1165858896176660480)

~~~
kbrosnan
GA was removed from that page
[https://github.com/mozilla/bedrock/pull/7621](https://github.com/mozilla/bedrock/pull/7621)

------
ma2rten
about:config shows a screen that says "This might void your warranty.". Is
this supposed to be a joke? Which warranty is being voided here?

~~~
rahuldottech
Yeah it's a joke. These settings might break a few websites, although I don't
recall that ever happening to me. And any websites these settings break
shouldn't be websites you're visiting anyway.

~~~
cyphar
> dom.event.clipboardevents.enabled = false

This breaks copy-paste for quite a few rich text editors (it was the reason
why pasting into Riot didn't work for me for several months). So, some of
these options can subtly break harmless websites.

------
superkuh
Step 1. Stop using browsers that don't respect user freedoms.

There are plenty of good firefox forks out there.

