Hello! Protect yourself! Use a well-tuned Fox. And I'll show you how to do it.
1. Configure the browser configuration (about: config):
Open the browser and enter our favorite phrase.
about:config
privacy.firstparty.isolate
Changed it? Let's move on.
2) privacy.resistFingerprinting
is a user identification technique that takes into account all open parameters: browser version, set of plugins and extensions, screen resolution, and so on.With this parameter enabled, you won't be able to watch YouTube. But that's not why you set up your browser, is it?
3) privacy.trackingprotection.fingerprinting.enabled
4) browser.send_pings
5) browser.urlbar.speculativeConnect.enabled
6) dom.event.clipboardevents.enabled
7) media.eme.enabled
— Many cases of downloading media files were recorded. When uploading these files, it was proven that they were encrypted, and they and their data were difficult to detect. Firefox provides us with a way to make sure that nothing like this happens.
8) media.navigator.enabled
9) network.cookie.cookieBehavior
10) browser.sessionstore.privacy_level
11) beacon.enabled
12) browser.safebrowsing.downloads.remote.enabled
HOORAY!
2. Useful browser extensions:
The first thing you should pay attention to is TrackMeNot.
TrackMeNot functions as a low-priority background process, periodically launching randomized search queries to popular systems such as Yahoo, Google, and Bing. This hides the real traces of user searches among the "ghost" queries, which makes it much more difficult to create accurate or identifying user profiles.
Consequently, tracking your actual search queries in search engines becomes much more difficult, but this does not mean that by installing this add-on, you can easily enter queries with explicit content.
The next tool on the list that you should use is UserAgent Switcher and Manager. This utility is easy to use, but very powerful.
What is its functionality: it changes the user-agent of your browser to a pre-selected one (various browsers and their versions are presented inside). This is especially useful for researching your goal. If the investigation is conducted by the company itself, it will probably be difficult for it to identify you, provided that you use a VPN and regularly clear your logs.
Scam RIP — is scam RIP? He won't die with us!
1. Configure the browser configuration (about: config):
Open the browser and enter our favorite phrase.
about:config
- Let's start by isolating our own domains — a notable feature that the Mozilla team borrowed from the Tor browser.
- This feature is a mechanism for prohibiting the identification of so-called "unique network fingerprints of the user's browser" through system fonts. In the future, it is also planned to block HTML5 Canvas to prevent the removal of such "prints".
- By default, the First-Party Isolation(FPI) feature in Firefox is disabled, mainly due to possible conflicts with user authentication systems on some sites.
- To enable FPI, enter the pre-written code and press Enter. However, if you, like us, adhere to the principles of privacy and oppose tracking, we recommend that you double-click on this option with the left mouse button to change its value to true.
privacy.firstparty.isolate
Changed it? Let's move on.
2) privacy.resistFingerprinting
is a user identification technique that takes into account all open parameters: browser version, set of plugins and extensions, screen resolution, and so on.With this parameter enabled, you won't be able to watch YouTube. But that's not why you set up your browser, is it?
3) privacy.trackingprotection.fingerprinting.enabled
- Just like the last one, but it will additionally protect you from phishing attacks.
4) browser.send_pings
- Blocking Ping tracking — a tracking method where HTML code forces your browser to ping the specified URL. This URL is checked when you visit the website you are about to visit. This tracking method is different from other methods because it doesn't give users any choice. It just runs in the background without the user's knowledge.
5) browser.urlbar.speculativeConnect.enabled
- This helps us control URL preloading.Every time we enter a URL, you should have noticed the URL autocomplete halfway through. This is known as URL preloading. It works like this: when you start by entering a URL, it sends domain requests to continue working with autocomplete. So, by disabling it, preloading URLs to the address bar will stop. This helps prevent offers that we don't need the fuck out of or that might be considered unsafe.
6) dom.event.clipboardevents.enabled
- A function that hides your clipboard from websites.
7) media.eme.enabled
— Many cases of downloading media files were recorded. When uploading these files, it was proven that they were encrypted, and they and their data were difficult to detect. Firefox provides us with a way to make sure that nothing like this happens.
- Find this parameter and check if it has the value "false".
8) media.navigator.enabled
- If enabled, it will allow your browser to extract information from your system and provide it to the websites you visit. Data collected from the system can also be sent to Third-party domains. The thing is, if you allow this option, it will collect information about the operating system, screen resolution, system type, FrameRate, FaceMode of mobile devices, possible access to user media, etc. And even worse, they can manage the permissions of audio / video tabs in the browser, as well as access to to the camera or microphone. Therefore, we can all come to the conclusion that maintaining this option is a serious threat. And to save us from potential threats, we just need to disable it.
9) network.cookie.cookieBehavior
- Various cookies are created when you visit the website. These cookies may be necessary, which are used for website functions. And others are unimportant cookies, such as third-party cookies. These cookies are often the result of ads, widgets, and web analytics. They track your login information, shopping carts, the language you use, and so on.By default, network.cookie. cookiebehaviour is set to 0. This value can be set in the range from 0 to 4, where:
- 0 = accept all cookie values
1 = accept only from your own domains
2 = block all cookies by default
3 = use p3p settings
4 = Storage access policy: block cookies from trackers
We will choose the value 1 here, since we only need cookies from your own domains.
10) browser.sessionstore.privacy_level
- Disable session recovery, it often happens that the light may turn off at the most appropriate moment.
If the user has URLs opened in the browser or logged in to an application, they are restored when the user reboots the system. Starting with the release of Firefox 2.0, this option is enabled by default. Some users (idiots) think that this is a good feature that helps them recover data or sessions, but it is a security risk because the original intended user does not restart the system, or if it happens on a public system, and not the person who accesses the system. after a reboot, it gets potential access to the logged-in sessions and websites that the original user viewed. This option contains 3 possible values. - 0 = store additional session data for any site
1 = store additional session data only for unencrypted (non-HTTPS) sites
2 = never store additional session data
The default value for this option is 0, i.e. store session data for any site, and we will change its value to 2, i.e. never don't save any data.
11) beacon.enabled
- IEEE 802.12.4 says that beacon enabled mode must be applied over the network. It sends personal network information to servers to inform them of its presence. This allows you to connect to new devices from time to time. It is useful to maintain network synchronization. But this is not necessary, as it transmits detailed information about the network you are on.
I advise you to set the value to "false" otherwise there is a chance that you will be taken by the ass.
12) browser.safebrowsing.downloads.remote.enabled
- Secure remote downloads are enabled by default in Firefox. And we've often talked about cases where the file being uploaded appears to be genuine, but could instead be malware. And you can never be too sure. By using browser. safebrowsing.downloads. remote. enabled, we can be one step closer to knowing that we are downloading secure files and nothing is marked remotely along with the file.
Set the value to "false" to make sure that you are downloading secure files.
HOORAY!
2. Useful browser extensions:
The first thing you should pay attention to is TrackMeNot.
TrackMeNot functions as a low-priority background process, periodically launching randomized search queries to popular systems such as Yahoo, Google, and Bing. This hides the real traces of user searches among the "ghost" queries, which makes it much more difficult to create accurate or identifying user profiles.
Consequently, tracking your actual search queries in search engines becomes much more difficult, but this does not mean that by installing this add-on, you can easily enter queries with explicit content.
The next tool on the list that you should use is UserAgent Switcher and Manager. This utility is easy to use, but very powerful.
What is its functionality: it changes the user-agent of your browser to a pre-selected one (various browsers and their versions are presented inside). This is especially useful for researching your goal. If the investigation is conducted by the company itself, it will probably be difficult for it to identify you, provided that you use a VPN and regularly clear your logs.
- Further, of course, FoxyProxy is an indispensable thing when using BurpSuite or just any proxies. It makes it much easier to work with proxies and allows you to quickly switch between them. The interface is as primitive as possible and any fifth grader can handle it.
- Cookie Quick Manager another manager, but now for managing cookies, allows you to quickly edit your cookies with each open tab if you manage to intercept or pick up cookies, this add-on will be irreplaceable for you.
- Another irreplaceable assistant that you will need is the Auto Delete Cookie. The software cleans up your sessions, which allows you to avoid mistakes, and protects you from compromising your data.
- A very worthy addition to umatrix — it should be. It is a pity that the development of uMatrix is finished in 2020.
- Well, probably the last add-on that you can use AT YOUR OWN RISK is Wappalyzer Why do I have such distrust for it? So this is a lack of understanding of how it works and whether it can give you away, but it is worth paying tribute to the fact that it defines applications very accurately, which globally saves time on exploration.
- You can also add Ghostery and PrivacyBudger ad blocks (optional).
Scam RIP — is scam RIP? He won't die with us!
