Firefox Customisation

From Manjaro Linux
Jump to: navigation, search
2-Dec-2016.  Updated the add-ons section by including
ShareMeNot. This add-on blocks the social media trackers.
27-Nov-2016. Updated the Firefox/Pale Moon add-ons section.
Also removed a redundant search related add-on from the end
of the page. Plus some other clean-up here & there. 


Firefox & Pale Moon Customisation - Security First - User Options Second

Pale Moon pages of interest

Pale Moon Home page: [1]

Pale Moon forum: [2]


Introduction

Firefox.jpg


This page is adapted from one I wrote at the now defunct spiralinear.org forum. It has been most recently updated on the 19th April 2015).

We all have our personal preferences for the way we like to use the internet & how valuable our personal privacy is, so the way one person likes to setup their system/browser for their internet use can be completely different to the way another does it.

With that in my mind, I've updated this page which now shows my current preferences (& some). Hopefully, if nothing else the reader may find something of use that may help them optimise their own way of using the Web.

Note: Due to the recent security leak exposing the 
practice of the Unites States, National Security 
Agency of spying on internet users internationally. 
Specifically those users who make use of the likes of
Google, Facebook, Twitter & other such extremely popular
internet services. I suspect that the information on this 
wiki page (& the like) may have gained some credibility 
where once it had none.

Here [3] is a link that lists some alternatives that will 
help you to protect your privacy, which we do in an effort to
dis-empower those that choose to manipulate the ill-gotten
knowledge in their huge & ever growing databases of 
information harvested by secretly observing our supposedly
private lives. 

Many people have the attitude, (usually based on ignorance
of the facts) that "I don't do anything wrong, so let them 
track me". It is not you who is doing the wrong here,
it is these organisations who gain influence via 
manipulating the information in their databases with
the use of incredibly sophisticated software, allowing
them to then most effectively manipulate unwitting
populations of people to whatever ends these organisations
see fit at the time. 

When the people & technology used to implement this spying &
the aforementioned manipulation & implementation of the data
is worth billions of dollars, it has to be considered worth
the investment by the corporate/government(s) that use this
technology & employ the people in these secret agencies.

Whether the basis of these ends are political,
corporate, (more likely a combination of the two), or any
other motive. They are doing what they do, in a top
secret fashion. Public scrutiny is the number one enemy of
those that operate in secret. 

Is it worth thinking about? & why?


A list of more & less useful internet testing sites

BrowserSpy.dk - A Brilliant browser Security test site.

IPLeak - Great multifaceted test site created by the AirVPN team particularly for testing your ID leakage.

Panopticlick.eff.org - A so-so FSF browser test.

DNS Stuff.com - An Oz site rarely of any use.

HackerWatch.org - Port Scanner.

PCFlank.com - Port Scanner.

WhatsMyIP.org - Lots of info' here.

WhatisMyIPaddress.com - A double check.

ShouldIChangemyPassword.com - Can help if a server you deal with has been hacked.

Just-Ping.com - Ping an IP address.

DownForEveryoneOrJustMe.com - Check your internet connection.

netindex.com - Check internet speed.


The Quest for Web Browser Security

I'll put the ixquick created Startpage Search Engine in its own category as it seem to be the champion internet search engine with regards to the user's privacy, & it works brilliantly unlike some of the others I have tried because it uses the Google search engine.

Unfortunately we have lost the Scroogle Google scraper, though I'm sure that the Scroogle guy at least has some comfort in knowing that Startpage (which is run by a wealthier organisation & is therefore a more polished production) is available & becoming increasingly more popular in many parts of the world (Europe in particular it would seem).


Cookies

I have blocked all third-party cookies in Firefox but I accept all of the others having Firefox ask me what I want to do with each new cookie that tries to live on my computer.

For any who don't know where the option to have Firefox "Ask me every time" about cookies is;- it is in the Preferences -> Privacy tab. You will find the option in the drop down menu next to "keep until:" & just under "Accept third-party cookies".

The Firefox cookie requester that comes up every time a cookie wants to live at my place, gives me, apart from the "Use my choice for all cookies on this site" option (which I always have checked) three other choices, "Deny" (which I hit as a reflex action), "Allow" & "Allow for session".

Handling cookies this way creates ever growing black & white lists that are not deleted when Firefox deletes all of my histories bar "active logins" as I have Firefox set to delete all but "active logins" history every time it is shut down.

As time goes by, due to the ever growing black/white lists, I only have to choose whether I want a cookie or not from the Firefox requester when I go to a new site that wants me to take a cookie.

After the initial stages of using this method, there is an ever diminishing number of cookies offered as the black list tells the sites I have been to not to offer & the white list lets those forums, internet banking & other sites that I have white listed, do their cookie thing quickly & quietly.


Manually Using the Firefox/Pale Moon, Black/White Lists

You could also go to your Firefox cookie preferences due to you wanting to delete a cookie from the black or white list. Which is very easily done & can be made even easier if after you have selected the "Preferences -> Privacy -> Exceptions" button - which takes you to where the black/white list lives, you then select the "Status" column header which puts them in alphanumeric order inside of their respective status group. Meaning the white & the black separate from each other & hang together in alphanumeric order.

Separating the black & white listed URL's this way makes it so much easier to work with them. i.e. Finding the URL(s) that you are looking for, which is a common task, as I quite often want to delete a URL from either group.


Here are a couple of reasons for manually editing the black/white list

1. I want to do an online purchase. Which is a sure fire way to get multiple tracking cookies on your machine, especially if you are accepting 3rd party cookies. So I accept the cookies (NEVER 3rd party cookies though), as they are required to be able to make the purchase, once done I go into the Firefox Preferences as detailed above & delete all the cookies associated with the shop.

2. Conversely, I may want to delete a black listed site so that I can add it to my white list next time that page is loaded or refreshed. I do block first & ask questions later.


Firefox/Pale Moon - Cookie Handling Add-ons

After (happily) using the Self Destructing Cookies add-on for some time (as well as manually setting rules per page), it has recently stopped working for me due to a Pale Moon upgrade. Rather than downgrade Pale Moon, I dumped SDC & installed uMatrix, which does all the SDC does & a whole lot more (I had been using it with Firefox on Win7 for sometime, it is an excellent piece of software). uMatrix can be complex to use, depending on how you set it up. So be prepared to spend a little time fine tuning it to suit your browsing style. It integrates tightly with uBlock Origin.

Note: After striking more problems due to both Firefox & Pale Moon upgrades & downgraded Pale Moon
so that at least my essential add-ons would function. So I ended up happily using uMatrix &
Self Destructing Cookies simultaneously - which worked extremely well. I'm currently testing
Vivaldi - one of the problems with that browser is there seems to be no Self Destructing Cookies
equivalent. Apart from that Vivaldi is looking to an excellent browser that has enough privacy/
security add-ons for it to be a most viable alternative to Firefox/Pale Moon.


The Web of Cookie Connections

I haven't tested this software for some time so it is
dated. I leave this section in place as the images
graphically demonstrate the cookie connection
problems that we all face. Those images were taken
years ago, this problem is now exponentially worse.

There has been a vastly superior version of Collusion created it is called Lightbeam. The mozilla foundation plus others have apparently put in a great deal of work in creating Lightbeam. I'll place a screenshot of it here above a screenshot of Collusion:

Lightbeam.png
  • I haven't a picture of lightbeam connected to other computers as the one of Collusion below has, for one of two reasons, 1. I have no unwanted connections OR 2. Lightbeam isn't functioning? I'll get back to you on this.
Cookies.only collusion.png
  • The screenshot to the left is of the display from a Firefox add-on called Collusion it shows you in a FF tab, all of the computers that your computer is connected to on the web. The aforementioned screenshot is set to show only cookies.

You can move your mouse pointer over each circle that represents one of these servers & get its url & see more info about it in a column on the left hand side. These computers basically connect to your computer via cookies of one kind or another.

When I first installed this software (roughly 8 months ago as of this writing) I ran the add-on for days & never had one computer show up on my screen. Even when I turned all my security add-ons off. The reason being I don't have any cookies on my machine unless I chose them.

DOM Collusion.png
  • After having been lulled into a false sense of security by that experience, I've found that my security had been compromised & that it is not so much cookies as DOM storage which is the newish but extremely widely used culprit. The screenshot to the left excludes the cookies that were shown in the previous screenshot shown above & shows only the DOM storage type connections. This is pretty scary.


Firefox & Pale Moon Privacy Add-ons

Ghostery no longer works on Pale Moon (& there is strong talk that those behind Ghostery are selling tracking info').

uBlock Origin is working fine with Pale Moon these days, which is great as it is vastly superior to Adblock Latitude the "native" Pale Moon ad blocker. uBlock Origin also integrates with uMatrix as you'll see when you set them up.

All of the following run fine on Pale Moon unless otherwise stated. 

uMatrix - is made to protect your browsing privacy: it will look after your cookies (as you choose) & quite a number of other variables in an effort to protect your privacy. Even spoofs your User Agent string, changing it as often as you choose (default every 5 minutes).

Privacy Badger - created by the EFF, it is a work in progress, having the intention of blocking spying adds & trackers.

uBlock Origin - (wonderful update to Adblock Edge which updated Adblock Plus - powerful capabilities for those that choose to use them).

RequestPolicy - added (see below).

NoScript - the well known essential protection.

ShareMeNot - stops you being tracked by the owners of the social media icons that you see on most web sites that exist today. Have a read about it on the makers' site at University of Washington's Computer Science & Engineering department: [4]

HTTPS-Everywhere - this one isn't essential though it is well worth knowing about.

Pale Moon Has forked HTTPS-Everywhere, the Pale Moon add-on is called Encrypted Web & can be found here: [5]

Swap Proxy - Easy to install & use if you are using Squid or another type of proxy. (I've not tested this with Pale Moon.)


A great source of protection from 3rd parties is RequestPolicy. Originally RequestPolicy was certainly most likely too hard for most users to live with;- these days it is very much easier, so it is worth giving it a try. If you don't like it, you can easily uninstall it via the Firefox Tools menu > Add-ons option. If you can get used to using it, it is a superb addition to our set of security tools.


On top of that, all Firefox users should have a look at uBlock Origin - which is a vast improvement on Adblock Edge, which was an effective improvement on Adblock plus.


Plus I've got DOM storage turned off in Firefox/Pale Moon, via about:config (see below) & some of the other about:config security options that follow. I've removed both Beef Taco & more recently Better Privacy as I've found them to be no longer helpful.

See the next section on modifying the /etc/hosts file, as it brings another extremely valuable layer of privacy protection to the table. (Though if you are using uBlock Origins / uMatrix you can avoid having to set up the hosts file if you set uBlock Origins to do it for you.)'


Modifying & using the .../hosts file for security purposes:

For an easy way (as it includes & highly regarded hosts file supplement) with a Windows how-to read this page.

Unless you are running Windows, forget the Windows how-to, just download, unzip & paste the supplied hosts file onto the end of your /etc/hosts after everything else.

You will need to open your text editor as root to do this. Replace the <editor-name> with the name of your preferred text editor in the following Terminal command-line:


sudo <editor-name>/etc/hosts


You can edit the /etc/hosts file, adding/removing what you want if you so desire. I've been using it in an unchanged state on both Linux & Win7 for years now. I did as of this edit (late 2015) update the host file (updates are from my observations fairly rare).

You can update the host file addition when new updates become available. You can also (if you are happy about doing so) register your email address to be notified when to go & download the new file.

Using this host file adds another strong, transparent & maintenance free layer of security & comfort (due to the advertisement related content that is blocked) which unfortunately these days we need.


about:config Edits

Firefox updates can restore default about:config
settings. We need to keep an eye on them, particularly
with the likes of turning off DOM storage.


About-config firefox.png




Turn off DOM Storage

DOM storage has become a much bigger threat to our privacy than the dreaded cookies were. Unfortunately this technology is certainly set to leave cookies in the dust, so changing the default value of this configuration to false is strongly recommended for security reasons. However, please note that it may cause a few web sites not to work properly at the same time.

Works with Pale Moon.

about:config Name: dom.storage.enabled

Default value: true

Modified value: false


The following is quoted from [6] though they have moved it for whatever reason, the above link now points to their main page on DOM:

HTML5 web storage, a better local storage than cookies. What is HTML5 Web Storage?

With HTML5, web pages can store data locally within the user's browser.

Earlier, this was done with cookies. However, Web Storage is more secure and faster. The data is not included with every server request, but used ONLY when asked for. It is also possible to store large amounts of data, without affecting the website's performance.

The data is stored in key/value pairs, and a web page can only access data stored by itself.


Turn off a number of Firefox "phone home" calls

I'll check Pale Moon out for this stuff, though I doubt
it will be applicable.

Read about the script here: [7]

Be warned if you use the script it will overwrite any
& all modifications that you have made to Firefox via
about:config edits...

Perhaps a better way to use the information in the script is to look at it here: [8] A then manually edit your about:config with any & all options that you choose to use.

This is very useful information, thanks to salome for bringing it to our attention in the forum.


Referrer Control

Works with Pale Moon.

about:config Name: network.http.sendRefererHeader

Default Value: 2

Modified Value: 0


By setting network.http.sendRefererHeader in about:config to 0, whenever you visit a link from one site, the destination site doesn't know the original site you were referred from.

This in effect makes the Firefox add-on RefControl (& others) redundant.

From the Knowledgebase:
network. http. sendRefererHeader	Integer
Determines when to send the Referer HTTP header.
0: Never send the referring URL
1: Send only on clicked links
2 (default): Send for links and image

If you find that you can't get into your online banking (or other) site, it can be due to you having set the integer to 0. You would then be best off using the integer value of 1. & Under such circumstances use the likes of RefControl as you can use whatever options you choose for your normal surfing & then choose a specific option that works with specific troublesome sites.

I am very rarely blocked from a site (for whatever reason) & under such circumstances I don't want to use the site anyway!


Prefetch Control

Works with Pale Moon.

about:config Name: network.prefetch-next

Default Value: true

Modified Value: false


By setting network.prefetch-next to false, we are controlling the following:

Link prefetching, is when a web page hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user request


How to Quash Firefox's Silent Requests

Works with Pale Moon.

about:config Name: network.http.speculative-parallel-limit

Default Value: 6

Modified Value: 0


By setting network.http.speculative-parallel-limit to 0, we are controlling the following:

Unlike older versions of Firefox, more recent versions will make a request to a destination server just by hovering over a link. No CSS, no JavaScript, no prefetch required.

For more information on this topic see the following slashdot page: [9]


Classic Theme Restorer

Not needed for Pale Moon.

If you prefer some or most all of the ways that the firefox interface was pre v30, then you will most likely like what the Firefox add-on Classic Theme Restorer [10] does for the Firefox v3*. UI.

This add-on gives you a large number of options with which to configure the Firefox v3*. UI to suit your taste.


NoSquint - Customize the look of web sites

Now ONLY works with Pale Moon, Firefox upgraded NoSquint away
There are alternatives for Firefox, though they are inferior
at this stage. Also, NoSquint is no longer supported by its
creator, though the source code is available here: [11]
(see below for add-on link)

NoSquint is an awesome add-on for those of us that like to adjust the size of fonts &/or colours on web sites that we visit. NoSquint will also remember your settings so that you only have to make the quick & simple modifications in the easy to use NoSquint GUI once for the sites that you frequently visit.

You can still find the NoSquint add-on here: [12]


FEBE & other Firefox/Pale Moon Extensions by Chuck Baker

Chuck has created some brilliant browser add-ons. FEBE is my favourite, as it allows you to backup your browser (cross platform too) extensions, bookmarks, cookies & much, much more. It even gives you a backup directory with all of your add-ons/extensions turned into individual .xpi files so that you can reinstall them individually, or whatever. You can set it to backup on a schedule, backing up only what you choose, even if it is just your Bookmarks. :)

Check out his page which has all of his extensions, including links to each add-ons own dedicated page: [13]


Open With - Firefox/Pale Moon add-on

Works with Pale Moon.

Open With can be found here (various versions): [14]

Is a Firefox add-on that has quite a number of powerful capabilities. I'm only going to mention two of the simple ones here. They are useful for both convenience & privacy/security:

1. Frees us from needing to use Flash or any of the open-source Flash options. Instead we get to use the very capable mpv media player, which is both technologically up to date & lite on resources.

2. Provides us with a very easy & convenient way to download video's from the web via the youtube-dl program. Which is open-source & far more likely to respect our privacy than any of the Firefox add-ons that it replaces.

As of this writing Open With 5.6.3.1-signed is the most
recent version that will install/work with Pale Moon.


Open With to view web video's

Use the Open With add-on Preferences page to Add a new item.

Rather than use the mpv.desktop file I used /usr/bin/mpv to call the mpv media player (your choice).

Add the following in the Open With - Preferences (if it suits you):

--no-resume-playback

Then play around with the menu options in the left hand side of the Preferences screen until you get what suits you. (If you don't understand what they mean, just use trial & error to get what you want, there aren't that many options.)

You may wait (I'm using it on a slowish internet line via a VPN) a little longer before a youtube (or whatever) video starts to play in mpv. I found the performance in every way was superior to watching the video in a browser via flash, html5, or the flash substitutes.

Open With to download video's via youtube-dl

I made a tiny little ~/.config/youtube-dl/config file which does all I need.

There was no config file installed on the machine in
~/.config (local user) or /etc (all users), so unless
things change, you will need to create the config file
& the directories in ~/.config manually. 

I change the names of any downloaded video files manually when required (if you want to know how to do more with youtube-dl have a look at the man page & elsewhere on the web - there exist an absolutely huge range of possibilities):

My ~/.config/youtube-dl/config file

# youtube-dl config file:

# recode video to mp4 format (if needed):
--recode-video mp4

# download path:
--output "~/data/downloads/unzip/dload-vids/%(title)s.%(ext)s" 


Using the above config file you only need to call youtube-dl with no arguments in the Open With - Preferences page. Change the ~/data/downloads/unzip/dload-vids/ section in the config file to specify your download location's path.

After you've set that up, just choose the youtube-dl option that you created, from the RMB menu that pops up in Pale Moon/Firefox to have it download your selected video to the folder specified in the config file shown above.

The config file has the added benefit of working for youtube-dl when used from the Terminal command line (or anywhere else).


See Also


Support

Following is a link to this page's forum counterpart where you can post any related feedback: [15]