Maximize Your Firefox Browser Privacy and Security with ZERO EXTENSIONS
December 15, 2021
In this blog, I will show you how to maximize your Firefox Browser Privacy and Security with no browser extensions by going into about:config and changing the settings for better privacy and security.
Requirements:
about:config tweaks:
Disable WebRTC:
WebRTC can give up your real IP even when using VPN or Tor.
media.peerconnection.enabled = false
Enable fingerprint resistance:
With this alone we pretty much negate the need for canvas defender, or any other fingerprint blocking addon.
privacy.resistfingerprinting = true
3DES Cypher:
3DES has known security flaws.
security.ssl3.rsadesede3_sha = false
Require Safe Negotiation: Optimize SSL
security.ssl.requiresafenegotiation = true
Disable TLS 1.0, 1.1:
security.tls.version.min = 3
Enable TLS 1.3:
tls.version.max = 4
Disable 0: round trip time to better secure your forward secrecy
security.tls.enable0rttdata = false
Disable Automatic Formfill:
browser.formfil.enable = false
Disable disk caching:
browser.cache.disk.enable = false
browser.cache.diskcachessl = false
browser.cache.memory.enable = false
browser.cache.offline.enable = false
browser.cache.insecure.enable = false
Disable geolocation services:
geo.enabled = false
Disable plugin scanning: Can improve functionality, as some sites scan for adblockers and script blockers. Should be used even on non-hardened firefox.
plugin.scan.plid.all = false
Disable ALL telemetery:
browser.newtabpage.activity-stream.feeds.telemetry browser.newtabpage.activity-stream.telemetry = false
browser.pingcentre.telemetry = false
devtools.onboarding.telemetry-logged = false
media.wmf.deblacklisting-for-telemetry-in-gpu-process = false toolkit.telemetry.archive.enabled = false
toolkit.telemetry.bhrping.enabled = false toolkit.telemetry.firstshutdownping.enabled = false toolkit.telemetry.hybridcontent.enabled = false toolkit.telemetry.newprofileping.enabled = false
toolkit.telemetry.unified = false
toolkit.telemetry.updateping.enabled = false toolkit.telemetry.shutdownpingsender.enabled = false
Disable WebGL: Allows direct access to GPU.
webgl.disabled = true
Enable first-party isolation: Prevents browsers from making requests outside of the primary domain of the website. Prevents supercookies. may cause websites that rely on 3rd party scripts and libraries to break, however those are generally only used for tracking so fuck em anyway.
privacy.firstparty.isolate = true
Disable TLS false start:
security.ssl.enablefalsestart = false
Conclusion:
This may be alittle outdated or they changed the names of these, If you find they re-named about:config tweaks, You can email me about them and i will update the blog post.