Technical details

Mar-14-2022: 'Cipher Suite Order' updated. -> 'Use GPO Editor for TLS 1.3 and TLS 1.2 in Cipher Suite Order'.

Feb-15-2022: 'Use TLS 1.2 or TLS 1.3' changed to 'Use TLS 1.3 and TLS 1.2'.

Feb 14-2022: 'Use GPO Editor for TLS 1.2 in Cipher Suite Order' changed to 'Use GPO Editor for TLS 1.3 and TLS 1.2 in Cipher Suite Order' with 4 Options. Minor shortcut titel change in 'Use TLS 1.2 and TLS 1.2' for 'Use GPO Editor for TLS 1.3 and TLS 1.2 in Cipher Suite Order'.

Dec-16-2020: Added configuration and activation of HTTP3 and Webrender to use hardware GPU as default with configuration and disable software based Webrender.

Dec-11-2020: Removed Clear URLs extension from the list, even though it was listed as recommended, it was easily broken and had questionable no injection protection. It does not operate well if it is broken and configuration just don't work anymore.

Oct-07-2020: Added three more extensions and corrected extension url's with no search and clear of tracking details. The extensions added are excellent tool that will show information of negotiated SSL/TLS protocol version and extension for remove, block tracking elements from your browser.

July-11-2020: There are new two vulnerabilities for Firefox 78.0.2 released July 9, 2020 - SSL encryption because of dropped TLS 1.0 and TLS 1.1 along with added DHE_RSA_AES that was some how added, is now removed and RSA_AES_GCM are still included cipher suites, this causes to have cipher suites open vulnerability . Please add two SSL encryption and disable these with boolean: (dhe_rsa_aes_128_cbc_sha and dhe_rsa_aes_256_cbc_sha and) rsa_aes_128_gcm_sha256 and rsa_aes_256_gcm_sha384. It is updated on page how to Firefox SSL settings. Opinion, get rid of TLS 1.0 and TLS 1.1 and including fully removal of cipher suite encryption DHE_RSA_AES and RSA_AES and RSA_AES_GCM.

June-30-2020: There are new four vulnerabilities for Firefox 78.0 SSL encryption because of dropped TLS 1.0 and TLS 1.1 along with added DHE and RSA_AES_GCM cipher suites, this causes to have cipher suites open vulnerability . Please add four SSL encryption and disable these with boolean: rdhe_rsa_aes_128_cbc_sha and dhe_rsa_aes_256_cbc_sha and rsa_aes_128_gcm_sha256 and rsa_aes_256_gcm_sha384. It is updated on page how to Firefox SSL settings. Opinion, get rid of TLS 1.0 and TLS 1.1 and including fully removal of cipher suite encryption DHE and RSA_AES and RSA_AES_GCM.

Apr-06-2020: There has been a slight change on Cloudflare and offers now for 1.1.1.1 for Families in which involves Malware and Phishing protection, which is why TRR - DNS over HTTPS been updated, also created how to setup DNS.

Jan-19-2020: Minor image replacement for Autoplay, and testing Geckoview by adding integer and booleans finds from smartphone and pc's , then having it same configurations.

Jan-08-2020: Due to roll out of Firefox 72.0 - Minor content updates to Delegated Credentials in TLS and TRR - DNS Over HTTPS - no change in OCSP and Mixed Content Block

Jan-06-2020: Minor content updates to DNS Over HTTPS and changed title to TRR - DNS Over HTTPS also now including OCSP and Mixed Content Block

Dec-24-2019: Use NoOpener to protect yourself from Malicious and Index HMTL sites for New Tab and NoReferrer for targetting and tag, Analytics

nov-11-2019: Use TLS 1.2 been updated due to deprecation of SSL in Internet Options. Also we now have short-lived certificate in Firefox which Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called ' Delegated Credentials for TLS '. Minor updates done also to DNS Over HTTPS / Privacy & Security - Content Blocking / Firefox SSL Settings.

may-21-2019: Finally a bit better privacy with new content blocking, Cryptominers and Fingerprinters.

may-19-2019: Updated Guide for Autoplay. Due to noticed changes of preference names and values has altered value as standard.

may-1-2019: DNS Over HTTPS with Cloudflare DNS to your Firefox Browser

april-25-2019: Updated GPO Editor TLS 1.2 in Cipher Suite Order only 2 or 1 for Best practice strong encryption. Also Changed Firefox SSL Settings Guide.

april-25-2019: Updated Multiprocessing feature conten processing set it to 10 stability default or if you use high-end to 12 not 8 standard for Firefox version 66.

april-10-2019: Removed search engine Google Encrypted hence it a standard today, also Duckduck Go Plus is not adequate anymore hence at times it seems to not function properly.

mar-03-2019: Updated Multiprocessing feature conten processing set it to 8 stability default or if you use high-end to 10-15 and not 4 standard for Firefox version 65.

feb-25-2019: Updated GPO Editor TLS 1.2 in Cipher Suite Order only 6 or 3 for Best practice strong encryption. Also Changed Firefox SSL Settings Guide.

feb-09-2019: Advise to depricate IE 11.

jan-20-2019: Stop Firefox Video Autoplay.

jan-19-2019: Changed Firefox SSL settings guide.

sept-14-2018: Added Firefox SSL settings guide.

sept-14-2018: Use GPO Editor for TLS 1.2 in Cipher Suite Order weak encryption removal, hence update.

sept-13-2017: Firefox Better Privacy addon removed by author and advisory to disable ping on exit or Firefox telemetry for better load and speeds from revisited policy from Mozilla.

aug-24-2017: Prebuild Plugin Widevine Content Decryption Module pose no security issue and can be left as Always Activate, except for WebRTC OpenH264 Video Codec plugin can pose security issue due to alterings can be made from GitHub and No Such Agencies are heavily starting groups in GitHub.

aug-9-2017: Disabling WebRTC competing next generation video compression media.peerconnection.video.vp9_enabled , audio cmedia.peerconnection.dtmf.enabled media.peerconnection.ice.no_host and media.peerconnection.ice.proxy_only are now active, disable them and rather antiquated wgl api from WebGL can pose security issue webgl.disable-wgl.

jul-23-2017: Privacy Tracking Protection enhancement and arbitrary Peer Media Connection Identity deactivation (WebRTC identity disable).

jul-19-2017: Advisory to use TLS 1.3 minimum and fix fallback to TLS 1.3 and not less.

jul-9-2017: Due to "Accessibility flashBar" and "SSL override behavior".

jun-30-2017: Updated due to HTML5 max ping sending per click.

jun-28-2017: Updated due to one extension removal.

jun-19-2017: Updated due to Multiprocessing feature can be improved when it is not improved as standard.

jun-18-2017: Due to TLS 1.3 experimental state.

june 14-2018:

• Depricated extention known as DuckDuckGo Privacy Essentials. This extension had features far advanced and extensive and was bassically not user friendly, hence the deprication from the list.

• Updated image and guide-line for insecure encryption from Internet Options by depricating SSL 2.0, SSL 3.0 and TLS 1.0, TLS 1.1.

• Change your PC/Laptop/Server to use TLS 1.2 with high encryption from SSL Cipher Suite Order by entering it from Group Policy Object Editor.

Updated TLS information due to resource found from june 15th 2017:

How to enable TLS 1.3 support in Firefox and Chrome

https://www.ghacks.net/2017/06/15/how-to-enable-tls-1-3-support-in-firefox-and-chrome/

For testing browser is using TLS, look from this site:

• https://www.ssllabs.com/ssltest/viewMyClient.html

• TLS 1.3 is still experimental state but is a great browser agent.

Browsing securely today is a most have, Mozilla Firefox with a better privacy just shows you how that can be achieved and I hope someone will find it better secure connection and better encryption with TLS 1.3. Remember cannot be compared to Tor browsing which is highly arbitrary and has connection to no such agency and criminal underworld. I do not condone such browser.

Other interests:

• Next question will be when will IPv6 going to be implemented, some VPN providers and Servers have already implemented to include IPv6 but main connection source IPv4 is still active and cannot function without it. When will we get rid of IPv4 then?

• Some have guessed by 2020 and some 2048, since IEEE 802.11ax: High Efficiency WLAN is estimated by (~ May 2018) I guess in couple of years, IPv4 be starting to be obsolete.

• About latest Bluetooth and WiFi: Router and upgrade to your pc or laptop can wait, since 802.11ac are no longer in, since this year there are going to be massively provide and can be purchased separately already with 802.11ad, which has greater capacity than 802.11ac. Newer and latest versions of Bluetooth can be bought today in connection with upgrades or from smartphones, which will mostly be version 4.2, but Bluetooth is already mentioning Bluetooth version 5, big time.

• All in all, buy new router IEEE 802.11ad today (or wait until IEEE 802.11ax comes), WiFi upgrade wait for it to buy one, and buy when it includes Bluetooth version 5 with 802.11ad (or wait until 802.11ax is available).