Privacy improvements
Privacy
Do you like privacy when you surf and need further configuration to your Mozilla, these are the settings you should consider to change on your browser with the help from configuration of it with:
about:config
Firefox has this 2017 summer started arbitrary telemetry to improve your internet surfing and making sure to activate and send ping out to your surfing habits to site owners and hence improving telemetry at your end and to site owner. They are calling it load and speed improvements. I would say this is only to gain more analytics telemetry sent and received to site owner and to improve loading's cookies to your browser, and if you ask me, that is becoming just creepy how internet surfing is becoming more and more invasive of your internet surfing, becoming more and more security issue and prone for more being prayed upon.
How to disable Toolkit telemetry of your Firefox, so it does not send ping out:
Start browser: Type in the address bar, and hit enter and accept the warning.
about:config
about configuration search bar, type in these subjects as follow:
toolkit.telemetry
= false
(look at the attached picture as reference further below)
By changing these to false, it will stop sending ping out upon exit of your browser and / or send ping out so it will not receive your browser personal id and profile information. Look at the picture for and make sure to disabling these in order to NOT send ping out and once again after you close your browser, this is stated as shutdown ping sender.
This is what I usually set.
toolkit.telemetry.shutdownPingSender.enabled
= false
Below the image here are optional to further privacy.
Start browser: Type in the address bar, and hit enter and accept the warning.
about:config
about configuration search bar, type in these subjects as follow:
privacy.trackingprotection.annotate_channels
= true Flag network channels loading resources on the tracking list (see how that information can be used)
- This could be deleted later, hence I am testing it overall.
privacy.trackingprotection.enabled
= true This is Mozilla’s new built in tracking protection.
privacy.trackingprotection.pbmode.enabled
= true (make sure it is active, it is active as standard) to enable TP in Private Browsing mode (not needed if the global pref is enabled)
privacy.trackingprotection.ui.enabled
= true show a checkbox to toggle privacy.trackingprotection.enabled in the Preferences (PC only and not avaible in smartphones)
geo.enabled
= false Disables geolocation.
browser.safebrowsing.phishing.enabled
= true (use 'false' if you don't want google-analytics to zero in on how you use internet surfing).
Disable Google Safe Browsing and phishing protection. Security risk, but privacy improvement.
browser.safebrowsing.malware.enabled
= true (use 'false' if you don't want google-analytics to zero in on how you use internet surfing).
Disable Google Safe Browsing malware checks. Security risk, but privacy improvement.
browser.cache.offline.enable
= false Disables offline cache.
browser.send_pings
= false The attribute would be useful for letting websites track visitors’ clicks.
browser.send_pings.max_per_link
= 0 The Web Applications 1.0 specification (also known as HTML5) defines a new attribute for <a> elements: ping. This attribute contains one or more URL's to “ping” (send a POST request to) when the user clicks the link. The attribute would be useful for letting websites track visitors’ clicks.
This preference restricts the number of URL's to which pings will be sent.
webgl.disabled
= true WebGL is a potential security risk.
webgl.disable-wgl
= true Antiquated WGL API. Can pose security issue nowadays and known to have toolkit developing nowadays from Github from no such agencies.
dom.battery.enabled
= false Website owners can track the battery status of your device.
How to disable WebRTC in Firefox?
WebRTC (Web Real-Time Communications) is a technology which enables Web applications and sites to capture and optionally stream audio and/or video media, as well as to exchange arbitrary data between browsers without requiring an intermediary. The set of standards that comprises WebRTC makes it possible to share data and perform teleconferencing peer-to-peer, without requiring that the user to install plug-ins or any other third-party software.
DTMF is an audio codecs, an AudioConduit and can setup dtmp payload type.r=bwc a bool to enable dtmf tones it can become audio stream medium, eavesdropping.
If you want to make sure every single WebRTC related setting is really disabled change these settings:
media.peerconnection.dtmf.enabled
= false
media.peerconnection.enabled
= false
media.peerconnection.ice.no_host
= false
media.peerconnection.ice.proxy_only
=false
media.peerconnection.identity.enabled
= false
media.peerconnection.turn.disable
= true
media.peerconnection.use_document_iceservers
= false
media.peerconnection.video.enabled
= false
media.peerconnection.identity.timeout
= 1 (instead of 1000).
media.peerconnection.video.vp9_enabled
= false (competing next generation video compression formats)
Alternative if you want further privacy by default and where you have to or rule your browser how it defines and this is only for advanced user, here are for disable copy and paste or rule your own cookies or if you want to disable tab undo.
Look away this part if you already configured your settings from Options and the way you like it.
dom.event.clipboardevents.enabled
= true
(use 'false' if you are not going to use copy and paste).
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
network.cookie.cookieBehavior
- alter this, if you want cookies privacy in right place; if you visit banks, betting sites and/or have favorite sites with settings and setup, leave it as it is.
= 0 (Alternative advise? use 3 or 1)
Mozilla Cookies definition
0 = Accept all cookies by default (standard)
1 = Only accept from the originating site (block third party cookies)
2 = Block all cookies by default
3 = Third-party cookies are allowed only if that site has stored
cookies already from a previous visit (Firefox 22.0 and SeaMonkey
2.19 and later) (obsolete) Cookies are allowed based on the cookie
P3P policy.
If you should encounter, that you cannot alter settings on a site/homepage due to that it has not saved cookies before, alter it to '0' and do your business of that site/homepage, finished?, close it and change it back to '3'.
network.cookie.lifetimePolicy
= 1
(use '2' if don't want to use tools like Ccleaner etc., but it won't remember configuration, advertisement or site usage configurations, cookies are deleted at the end of the session).
0 = Accept cookies normally
1 = Prompt for each cookie
2 = Accept for current session only
3 = Accept for N days
browser.sessionstore.max_tabs_undo
= 0
Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu -> History -> Recently Closed Tabs.
accessibility.typeaheadfind.flashBar
= 0 (Default, is it set for 1, set it to 0)
(0 The Find Toolbar has flashed before; don’t flash when text is found. 1 Flash the Find Toolbar when text is found. (Default) )
browser.ssl_override_behavior
= 2 (Default is 1, look below why or set it accordingly to your own opinion)
(0 Do not pre-populate the current URL as an exception and do not pre-fetch the SSL certificate. 1 Pre-populate the current URL but do not pre-fetch the certificate. (Default). 2 Pre-populate the current URL and pre-fetch the certificate. )
Mozilla has prebuild Video Codec that comply with the WebRTC
You can disable OpenH264 Video Codec (and Flash Player, unless you use it excessively) and because they really have no point on having them running. Also remember to update as soon as Flash Player has new update, unless you uninstall and remove it from your device.
Where to find them? Go to about:addons then on the left "Plugins".
Widevine content Decryption Module is mostly used to decrypt protected videos like YouTube, Netflix etc., making it playable directly from your browser. Also it makes watching video content from internet lag-free or less interrupted.
(On Google Chrome, this can be found under Chrome://plugins - is the Widevine not there you can get it by typing in Chrome://components - Look for Widevine and press update. After updated go to plugins again, then check if this plugin always starts - otherwise Widevine can be installed from this site if not found: https://tools.google.com/dlpage/widevine ).