Updated: Just use qutebrowser (and disable javascript). The web is done for.
-
-
Save haasn/69e19fc2fe0e25f3cff5 to your computer and use it in GitHub Desktop.
Funny that the stated goal of improving user privacy is undermined by the suggestions in this gist: by using non-standard configurations you are easier to track...
Also, I would advise against messing with your cryptography settings unless you know what you are doing (and, in case it wasn't clear, "I read it on a random gist" doesn't even come close to clear this bar).
People please do not disable Websockets OMG
Thanks for the info!
"required to turn Firefox into a functional brower" should be "required to turn Firefox into a functional browser" ("browser", not "brower").
:-)
I maintain a fork with most of the important changes here, along with a PKGBUILD for Arch Linux users. I manage to get changes out within 24 hours, usually. https://github.com/afontenot/firefox-clean
@quantumproducer Hi, this sounds great. I can't use the latest Firefox (Quanutm) because of the annoying WHITE SCREEN FLASH and also, it breaks several plugins. Any recommendations for this?
You have to disable the background for tab render areas - it gets shown while the tab is in the process of rendering. Reddit thread about it here: https://www.reddit.com/r/firefox/comments/6hv7rk/how_do_you_disable_the_white_flash_on_opening_a/
Hey, webgl and websockets aren't exactly bullshit. Perhaps more explanation about each option is needed, given some people can blindly copy these settings thinking they're just improving security without side effects.
It'd be really cool to a shell script that can do all these things idempotently. It sucks switching computers.
It might be worth considering Brave browser. I recently switched over Firefox because it focuses on privacy. They are planning on integrating a TOR private browsing tab. Really good stuff and it's by the guy who made JavaScript.
@CAFxX If you have a problem with any specific setting then say so, give your reasoning instead of dismissing settings vaguely and out of hand because it's a "random" gist, which has to be one of the worst reasons I could think of for ignoring information.
@casecoded .... "the guy who made JavaScript" is the man that was forcibly shamed into resigning as the CEO of Mozilla. A co-founder. Built it up and then they ejected him because at some stage in his life he legally donated his own private cash to a political party that others didn't agree with.
Isn't mob outrage and targetted smear campaigns just grand?
https://en.wikipedia.org/wiki/Brendan_Eich
also to haasn that owns this gist, you were told 2 years ago about a spelling mistake clear as day in the beacon setting and not a single thing has been done about it other than posting your links on social media platforms to spread the word on how great it is. Read your comments, think about what the person is writing and fix your shit up I guess. People are gonna come here blindly copy paste into about:config find that half the settings are missing and the other half dont show up because of blatant spelling mistakes and just look elsewhere for assistance
Setting security.OCSP.require
to true
breaks a lot of functionality, particularly around anything related to Google, in case anyone was having trouble after applying some of these settings
@yb66 if you re-read my comment you will find the reasoning for not using non-standard configurations is right there: because you are easier to track (and that defeats the implicit goal of most tweaks in this gist, see all the author's remarks about "avoiding fingerprinting" and "user privacy"). See e.g. https://panopticlick.eff.org/.
About my point about the random gist about cryptographic "suggestions": I'm sorry if I wasn't clear enough. Let me rephrase: you should never trust opinions about how to do or not do cryptography from sources that the cryptographic community does not consider to be respectable. I have nothing against the author of this gist but, as I stated, it does not come even close to clearing that bar. (note that a simple way for the author to clear that bar would be to provide references to respectable sources as to why he's changing cryptographic settings - something that is conspicuously missing from the gist)
I hope my comment is clearer now.
Webshitters are the modern-day Java corporate drones from the 00s.
Also Brendan Eich is a cunt.
Palemoon is the closest fork of Firefox with still some sanity in it.
Palemoon developers thinks he's in a position to dictate what extensions users can or cannot install, which makes his browser automatically unfit for purpose.
It is a shame this was taken down by the author. It lives on in the "revisions" tab regardless for those that wish to still use it.
I suggest people wanting to block telemetry and data collection use my fork. I pared it down so hopefully it is a good compromise between keeping browsing usable and privacy, and I hope to keep it maintained.
👍 @MrYar
Isn't the answer to the implied question to use the Tor browser?