
Firefox Profilemaker - octosphere
https://ffprofile.com/
======
papayawhip
I feel the strong need to point out some of these settings will break Firefox
in subtle and hard to understand ways. There’s a reason you “void the
warranty” when tweaking the about:config preferences. No rule against it, but
just watch out. (Mozilla employee)

~~~
xte
As a FF user (and a browser's user in general) I found actual browsers absurd
monsters that service like ffprofile only try to mitigate. Few example: any
complex enough software offer config files/dir. normally human readable and
manageable. I can easily install plugins in Emacs via a simple config edit,
same for (n)vim, same for zsh or fish, I can change my OS (NixOS) with a
simple human-readable config file. Same for GuixSD, same for services etc in
nearly all unices.

On FF however I found no damn simple way to do basic things like:

\- install extensions via CLI/wrappers (for instance homeManager), there are
some hack but they are not reliable and Mozilla seems to try _avoiding_
supporting such a thing;

\- configure preferences, like about:config, outside firefox;

\- customize ff themes in a simple manner.

Modern browsers seems to mimic the most closed commercial OSes I know of
instead of mimic classic FOSS model and that's a big problem.

Today I can easily automate my entire desktop, but browsers and they demand
more and more settings and third parties tools/extensions to be "at least less
unsafe" for us users (from firejail/capsicum to cookies deleters, adblockers
etc.

That's a horrific mess.

~~~
mrmr1993
This seems to be by design: when these things are available, spyware --
especially on Windows -- will be quick to make malicious changes in all these
if they can.

It's a pain, but I can see the compromise. If it makes the average Firefox
user more vulnerable, there's definitely a case to protect them, even at the
expense of its more capable users.

~~~
rhizome
if spyware has permissions to change ".firefox-prefs" doesn't it have
permission to change about:config items, too?

~~~
mrmr1993
Yes, this leads Firefox to be fairly conservative with its permissions.

In general, blocking userspace from installing extensions and otherwise
running malicious code stops FF from being exploited. Blocking all of these
options blocks the OS from bad behaviour, especially where the user may expect
a new computer/phone to have the default behaviour.

The vendors of phones and personal computers seem to have an interest in
interfering with users' internet access; perhaps it is a good decision that
Firefox does not let them.

~~~
xte
Actually homeManager can manage Firefox, installing extensions etc... Only
it's a hack-ish and not much reliable way.

So no, actual Mozilla strategy does NOT work to stop malware's on Windows nor
commercial OEMs customization, as a matter of fact made only life of pro users
and admin harder and open the door for less safe setup (for instance
extensions added via homeManager may not get updated by FF).

~~~
mrmr1993
We would and should expect that it is be possible: unless Firefox signs
configuration changes per-user, server-side (violating their privacy
intentions), the whole configuration code is open source, and can easily be
easily used or reverse engineered to make an external editor.

This doesn't change that a sanctioned API invites abuse far more readily than
reverse-engineering, especially when spyware is less frequently updated than
Firefox itself. That there isn't a sanctioned API, and that the de facto API
can and does change every version, is an advantage for Firefox against
potential attackers.

If this is something you are sorely lacking, Firefox has also been
straightforward to modify and compile, in my experience. You can always share
a patch and enjoy these features as part of a smaller community, without
compromising the userbase as a whole.

------
gruez
>Disable malware scan

>The malware scan sends an unique identifier for each downloaded file to
Google.

AFAIK that's not how safebrowsing works. it checks the hash against a local
database, and it only sends the hash to google if there's a match.

~~~
cpeterso
You're correct. Firefox compares a hash of the URL in question to a local
database of hashes of unsafe URLs. If a an unsafe hash match is found, Firefox
will then double check by contacting Google's Safe Browsing server to request
the current status for a truncated part of the suspect URL plus some random
"chaff" hashes. So Google never receives the suspect URL or even the URL's
full hash.

[https://support.mozilla.org/en-US/kb/how-does-phishing-
and-m...](https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-
protection-work)

~~~
Sylos
More technical article: [https://feeding.cloud.geek.nz/posts/how-safe-
browsing-works-...](https://feeding.cloud.geek.nz/posts/how-safe-browsing-
works-in-firefox/)

------
nicoburns
I wish Firefox exposed a better UI for it's profiles. It seems like a really
powerful feature that is much less useful than it might be due to poor
ergonomics...

~~~
WorldMaker
That's something that I like about experiments in "Container Tabs", where you
get the power of separate profiles, but the ability to mix-and-match them in
the same browser window and opening a profile can be as simple as opening a
new tab.

I understand though why Mozilla seems to be having such a hard time converging
on a UX for Container Tabs that makes everyone happy and it may be impossible
to ever surface 100% of the power of profiles to the average user. But
-ProfileManager is so long in the tooth and so clearly predates modern
niceties that it would be great for better UI/UX out of the box today.

~~~
alexis_fr
« Container Tabs » doesn’t build trust in user’s mind. You’re always one click
away from sending data with the wrong profile. With Chrome, you get a separate
window, and different skins, and a different data folder on the hard drive,
you can at least comfort yourself with the idea that you’ve somewhat isolated
your lives.

Besides the classic work/home/sysadmin profiles, I also have a profile for
browsing websites like /r/MensRights or christian websites: People have been
fired for way less, so with such an incentive, Firefox tabs are way below
expectations in terms of design.

~~~
ppseafield
You can configure container tabs to always open desired URLs in specified
containers. You just click the containers button and check "Always open in
<container>".

After that when you click a link to that site from a different container, it
will prompt you and ask if you want to use the other container or continue
with the one you were just using. It will remember your choice.

~~~
Tomte
But it will not leave the container when clicking a link to "outside".

One moment of inattention, and you're surfing the whole web for hours in your
Facebook container.

~~~
hcs
I think the Facebook Container add-on does support this, though just for
Facebook. There's an issue to add something similar to Multi-Account
Containers, not sure what the status is on that:

[https://github.com/mozilla/multi-account-
containers/issues/8...](https://github.com/mozilla/multi-account-
containers/issues/847)

------
baliex
I'm not after a whole profile-builder but the Google Redirects Fixer &
Tracking Remover add-on ([https://addons.mozilla.org/en-
GB/firefox/addon/google-no-tra...](https://addons.mozilla.org/en-
GB/firefox/addon/google-no-tracking-url/reviews/)) caught my eye.

Unfortunately look's like it's defunct, a bunch of 1-star reviews being left
recently. Perhaps worth removing it from the tool if the author is here?

~~~
10bass
An alternative that works would be "Google search link fix" [1], which is
written/maintained by the current developer of Adblock Plus. (There's probably
no reason that the core script [2] couldn't be adapted into a userscript for
Tampermonkey/Greasemonkey/etc. if he isn't considered trusted.) It does
currently have a problem on Firefox for Android where a long-press on a link
doesn't trigger the tracking removal. [3]

[1]: [https://addons.mozilla.org/en-US/firefox/addon/google-
search...](https://addons.mozilla.org/en-US/firefox/addon/google-search-link-
fix/)

[2]:
[https://github.com/palant/searchlinkfix/blob/master/data/con...](https://github.com/palant/searchlinkfix/blob/master/data/content.js)

[3]:
[https://github.com/palant/searchlinkfix/issues/71](https://github.com/palant/searchlinkfix/issues/71)

------
pretty_bubbles
Mozilla Hello ? This is a very very old website if it still mentions that
product. I think it was shutdown years ago.

------
garysahota93
I used to work in IT and had built this exact thing via Python for large
scale, role-based, preference management on our workstations (particularly in
lab situation at Universities). I wish chrome had something similar!

------
igoose1
Found that when was trying to make Firefox browser safer.

I'd recommend to read these notes of Firefox config:
[https://www.privacytools.io/#about_config](https://www.privacytools.io/#about_config)

It might be difficult to read, but there a little bit more information and
links which aim to protect privacy.

------
nwrk
Something like this should be made for all Microsoft products.

Really love how transparent this is + description of each field.

~~~
vtesucks
Every single MS product is configurable by registry. You just have to know the
right keys. Fire up that powershell

------
dangom
If I opt for multiple "hidden" settings that make my browser more private, am
I not giving away my privacy? I mean, finger-printers will notice my unique
fingerprint consisting of tailor made privacy choices.

------
keyle
I've seen expensive training seminars for less options than that!

It's sad that someone would ever need to know half of these to browse the
Internet safely.

------
oneplane
I wonder if this is portable to Thunderbird. Would be nice to be able to
provision profiles.

------
vtesucks
How do I get the two row address bar back?

I don't know who decided it was a good idea to have it single row without
doing basic UX research.

