• Home

  • Documents

  • Firefox About Config Privacy and Security Settings
3
Firefox about:config privacy and security settings November 4, 2014 Below are some configuration settings you may consider enabling in Mozilla Firefox in about:config for privacy and security reasons. This list is not meant to be exhaustive and generally does not list entries that can easily be set via the options or preferences menu. Some of these settings have a negative performance impact or remove functionality. Also keep in mind that the further you take your Firefox configuration away from the norm, the rarer your Firefox setup might become and therefore ironically enough, the more identifiable your system may be (see https://panopticlick.eff.org/ for details) and so we recommend reviewing the list below and setting those that make sense for your scenario. This list was created using Firefox v33. Begin by typing about:config in the Firefox location bar, then search for the following: network.prefetch-next Set it to false to disable. Link prefetching can be used by web sites to give web browsers hints about which pages are likely to be visited so that the browser can download them ahead of time, with the goal of improving performance. There is no same-origin restriction for link prefetching. According to this FAQ, "prefetching will generally cause the cookies of the prefetched site to be accessed". network.dns.disablePrefetch Set it to true to disable. Similar to above, this feature allows Firefox to perform DNS resolution proactively. network.http.sendRefererHeader Set it to 0 to prevent Firefox from ever sending the HTTP referer, however this is known to break certain web sites that check for the referer. Therefore an alternative to specifying this setting would be to install the Refcontrol add-on which allows you control the referer and specify per-site exceptions. You may also wish to review the setting network.http.sendSecureXSiteReferrer. browser.send_pings Set it to false to disable. According to MozillaZine: "If you are concerned about privacy and have already turned off referrer sending and JavaScript, you may want to set this preference to false". If you decide to keep browser.send_pings enabled, then you may wish to review browser.send_pings.require_same_host as well. beacon.enabled

Firefox About Config Privacy and Security Settings

Embed Size (px)

DESCRIPTION

Firefox About Config Privacy and Security Settings

Citation preview

Page 1: Firefox About Config Privacy and Security Settings

Firefox about:config privacy and security settings

November 4, 2014

Below are some configuration settings you may consider enabling in Mozilla Firefox in

about:config for privacy and security reasons. This list is not meant to be exhaustive and

generally does not list entries that can easily be set via the options or preferences menu. Some

of these settings have a negative performance impact or remove functionality. Also keep in

mind that the further you take your Firefox configuration away from the norm, the rarer your

Firefox setup might become and therefore ironically enough, the more identifiable your

system may be (see https://panopticlick.eff.org/ for details) and so we recommend reviewing

the list below and setting those that make sense for your scenario. This list was created using

Firefox v33.

Begin by typing about:config in the Firefox location bar, then search for the following:

network.prefetch-next

Set it to false to disable. Link prefetching can be used by web sites to give web browsers hints

about which pages are likely to be visited so that the browser can download them ahead of

time, with the goal of improving performance. There is no same-origin restriction for link

prefetching. According to this FAQ, "prefetching will generally cause the cookies of the

prefetched site to be accessed".

network.dns.disablePrefetch

Set it to true to disable. Similar to above, this feature allows Firefox to perform DNS

resolution proactively.

network.http.sendRefererHeader

Set it to 0 to prevent Firefox from ever sending the HTTP referer, however this is known to

break certain web sites that check for the referer. Therefore an alternative to specifying this

setting would be to install the Refcontrol add-on which allows you control the referer and

specify per-site exceptions. You may also wish to review the setting

network.http.sendSecureXSiteReferrer.

browser.send_pings

Set it to false to disable. According to MozillaZine: "If you are concerned about privacy and

have already turned off referrer sending and JavaScript, you may want to set this preference

to false". If you decide to keep browser.send_pings enabled, then you may wish to review

browser.send_pings.require_same_host as well.

beacon.enabled

https://panopticlick.eff.org/
http://kb.mozillazine.org/Network.prefetch-next
https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ
http://kb.mozillazine.org/Network.dns.disablePrefetch
http://kb.mozillazine.org/Network.http.sendRefererHeader
https://addons.mozilla.org/en-US/firefox/addon/refcontrol/
http://kb.mozillazine.org/Network.http.sendSecureXSiteReferrer
http://kb.mozillazine.org/Browser.send_pings
http://kb.mozillazine.org/Browser.send_pings.require_same_host
Page 2: Firefox About Config Privacy and Security Settings

Set it to false to disable. As per the W3C Editor's Draft, part of the reason for the Beacon

specification is for "analytics".

geo.enabled

Set it to false to disable. This feature enables location-aware browsing. Although when this

feature is enabled Firefox prompts you on whether you wish to share your location, setting

geo.enabled to false permanently turns off this prompt.

general.useragent.override

Set it to any string you wish in order to override the default Firefox HTTP user agent string.

You may need to create this entry first by right-clicking in the list of preferences and selecting

New | String. Note that depending on which user agent string you specify, this will greatly

change your browsing experience for certain web sites, and also keep in mind that certain

fields in the HTTP headers can betray the actual underlying user agent that is being used.

webgl.disabled

Set it to true to disable. If you do not need this functionality, you should disable it in order to

reduce your attack surface. See this SANS ISC entry for details.

pdfjs.disabled

Set it to true to disable. This will disable the built-in PDF reader thus reducing your attack

surface, assuming of course you are not going to load the PDFs in a more vulnerable PDF

reader.

plugins.notifyMissingFlash

Set it to false if you did not install the Adobe Flash plugin for Firefox, which is becoming

more feasible with the shift towards HTML5. This will stop causing Firefox to prompting you

to install Adobe Flash when detecting Flash content.

security.cert_pinning.enforcement_level

Can be set any value from 0 to 3 to control certificate pinning behavior (0 disables it, which

we do not necessarily recommend). Review this page to confirm the best setting for you. Note

that setting it to 2 may interfere with certain security solutions.

security.tls.version.min

https://w3c.github.io/beacon/
https://www.mozilla.org/en-US/firefox/geolocation/
http://useragentstring.com/
https://isc.sans.edu/forums/diary/Time+to+disable+WebGL+/10867
https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning
Page 3: Firefox About Config Privacy and Security Settings

Set it to 1 to disable SSLv3 entirely, and higher to make TLSv1.1 or 1.2 the minimum version

to use. But this will no longer be necessary with Mozilla planning on disabling SSLv3 in the

upcoming Firefox 34 in order to mitigate against the POODLE attack.

network.IDN_show_punycode

Set to true to have Firefox display internationalized domain names in Punycode instead of in a

language-specific script. Only set this if properly rendering IDNs is a feature you do not

desire.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
https://en.wikipedia.org/wiki/Internationalized_domain_name#ASCII_spoofing_concerns
http://www.w3.org/International/articles/idn-and-iri/
http://www.w3.org/International/articles/idn-and-iri/

Firefox üveggömb - Milyen fejlesztések érkeznek a Firefox-ba?

Firefox üveggömb - Milyen fejlesztések érkeznek a Firefox-ba?

Software
Firefox 4: Paper Cuts (Alexander Limi, Firefox User Experience)

Firefox 4: Paper Cuts (Alexander Limi, Firefox User Experience)

Documents
AWS Config - Guía para desarrolladores · AWS Config Guía para desarrolladores Modos de utilizar AWS Config Qué es AWS Config AWS Config proporciona una vista detallada de la configuración

AWS Config - Guía para desarrolladores · AWS Config Guía para desarrolladores Modos de utilizar AWS Config Qué es AWS Config AWS Config proporciona una vista detallada de la configuración

Documents
Firefox Guide

Firefox Guide

Documents
Firefox phonesimplifiedui

Firefox phonesimplifiedui

Technology
Because we care: Privacy Dashboard on Firefox OS€¦ · on Firefox OS Marta Piekarska (Technische Universitat Berlin), Yun Zhu (Technische Universitat Berlin), Dominik Strohmeier

Because we care: Privacy Dashboard on Firefox OS€¦ · on Firefox OS Marta Piekarska (Technische Universitat Berlin), Yun Zhu (Technische Universitat Berlin), Dominik Strohmeier

Documents
Privacy and Tracking Protection in Firefox

Privacy and Tracking Protection in Firefox

Internet
Chapter 1: Introduction to Firefox OS · Firefox OS 1.3 Simulator (stable) Firefox OS 1.4 Simulator (stable) Firefox OS 2.0 Simulator (stable) Firefox OS 2.1 Simulator (unstable)

Chapter 1: Introduction to Firefox OS · Firefox OS 1.3 Simulator (stable) Firefox OS 1.4 Simulator (stable) Firefox OS 2.0 Simulator (stable) Firefox OS 2.1 Simulator (unstable)

Documents
Privacy & Security using Firefox

Privacy & Security using Firefox

Internet
Why Firefox

Why Firefox

Documents
Designing Firefox

Designing Firefox

Design
HYLAFAX-CONFIG(5F) HYLAFAX-CONFIG(5F)people.ifax.com/~aidan/hylafax/man/hylafax-config.4f.pdf · HYLAFAX-CONFIG(5F) HYLAFAX-CONFIG(5F) NAME config − HylaFA X configuration database

HYLAFAX-CONFIG(5F) HYLAFAX-CONFIG(5F)people.ifax.com/~aidan/hylafax/man/hylafax-config.4f.pdf · HYLAFAX-CONFIG(5F) HYLAFAX-CONFIG(5F) NAME config − HylaFA X configuration database

Documents
Cisco Wide Area Application Services Command Reference · (config) aaa accounting 212 (config) alarm overload-detect 216 (config) asset 218 (config) authentication 219 (config) auto-register

Cisco Wide Area Application Services Command Reference · (config) aaa accounting 212 (config) alarm overload-detect 216 (config) asset 218 (config) authentication 219 (config) auto-register

Documents
Rick Fant Novedades Firefox OS en Firefox Update 2.0

Rick Fant Novedades Firefox OS en Firefox Update 2.0

Technology
5110490B Configuration Instructions Webasto Live · The configuration menu can be accessed via WLAN, LAN or USB. Webasto recommends Mozilla Firefox for the local config-uration. NOTE

5110490B Configuration Instructions Webasto Live · The configuration menu can be accessed via WLAN, LAN or USB. Webasto recommends Mozilla Firefox for the local config-uration. NOTE

Documents
Firefox Party: Firefox & Web Development

Firefox Party: Firefox & Web Development

Technology
Firefox - Mac Chrome – Windows Chrome – Mac · Firefox - Windows. Firefox - Mac Chrome – Windows. Chrome – Mac . Firefox - Windows . Step 1: While in Firefox go to the top

Firefox - Mac Chrome – Windows Chrome – Mac · Firefox - Windows. Firefox - Mac Chrome – Windows. Chrome – Mac . Firefox - Windows . Step 1: While in Firefox go to the top

Documents
Firefox & HTML5

Firefox & HTML5

Technology
Web viewOLABISI ONABANJO UNIVERSITY FIREFOX CLUB EVENT (TAGGED: ONLINE PRIVACY) 15th of February, 2016 @ Olabisi Onabanjo University Campus. The Firefox Student

Web viewOLABISI ONABANJO UNIVERSITY FIREFOX CLUB EVENT (TAGGED: ONLINE PRIVACY) 15th of February, 2016 @ Olabisi Onabanjo University Campus. The Firefox Student

Documents
What Firefox can tell about you? - Firefox Forensics

What Firefox can tell about you? - Firefox Forensics

Technology
Firefox per Android - The Mozilla Blog · Firefox per Android INDICE ... mobile ad offrire la funzione per la privacy. L’utente può attivare la funzione Do Not Track selezionando

Firefox per Android - The Mozilla Blog · Firefox per Android INDICE ... mobile ad offrire la funzione per la privacy. L’utente può attivare la funzione Do Not Track selezionando

Documents
Firefox presentation

Firefox presentation

Business
Tracking Protection in Firefox For Privacy and … · kontaxis@cs.columbia.edu Tracked user gets personalized third-party content 5

Tracking Protection in Firefox For Privacy and … · [email protected] Tracked user gets personalized third-party content 5

Documents
Hardening the Firefox browser - Uppsala Universityuser.it.uu.se › ~arvge836 › cryptoparty › 191122-Firefox-Hardening.pdf · Hardening Firefox: Method To harden Firefox we need

Hardening the Firefox browser - Uppsala Universityuser.it.uu.se › ~arvge836 › cryptoparty › 191122-Firefox-Hardening.pdf · Hardening Firefox: Method To harden Firefox we need

Documents
Privacy and security - Mozilla Firefox

Privacy and security - Mozilla Firefox

Internet
HDI Release Notes - Hitachi Data Systems · PDF fileThese release notes provide late-breaking information about Hitachi Data ... using Volume Shadow Copy ... config page in Firefox,

HDI Release Notes - Hitachi Data Systems · PDF fileThese release notes provide late-breaking information about Hitachi Data ... using Volume Shadow Copy ... config page in Firefox,

Documents
Hardening Firefox for Security and Privacy

Hardening Firefox for Security and Privacy

Software
Firefox os

Firefox os

Documents
Privacy & Security on the Web - Tools on Mozilla Firefox

Privacy & Security on the Web - Tools on Mozilla Firefox

Engineering
Practical Web Privacy with Firefox - OWASP · • For greater privacy, use Tor (tor.eff.org) • Be careful with either option - a malicious proxy or Tor exit node may be monitoring

Practical Web Privacy with Firefox - OWASP · • For greater privacy, use Tor (tor.eff.org) • Be careful with either option - a malicious proxy or Tor exit node may be monitoring

Documents