Is there a way to backup/restore for the current settings before making adjustments, and is there a “factory reset” option, to return to default settings, should things go awry?

hello n.n

i have a question… what about plug ins like Privacy Settings from firefox addons, it’s useful?
thanks n.n

? says:
Thanks for the heads up everyone appreciates all the extra security we can get these days…
I’m running persistent live cd usb’s so i’m not too worried about any more borking than I already do for myself. I ran all the telemetry blocking after you let us know about it the other day and no problems, so far.
Check with our security loving German compatriot Martin Brinkmann’s Ghacks.net for three more:

http://www.ghacks.net/2013/04/27/firefox-prefetching-what-you-need-to-know/

the way i’m running (on purpose) makes worries about viruses non existent
the big eye in the sky can look all it wants (it is going to anyway) so when i’m feeling extra frisky and bored i will lead it back onto itself… kinda like the endless loop (yes i did) on the old mainframe arpanet… see:https://en.wikipedia.org/wiki/ARPANET if interested.
anyway, enough from me (for now) and thanks again for having my back whilst on our journey riding the wild interweb today…

I followed all the suggestions and it seems that all but one of my dozens of open tabs work normally. However, feedly.com gave me the dreaded “Oops. Something went wrong!” page. As feedly is my most accessed site, I may have to copy back my saved profile. Bummer! BTW, it is not that feedly is coincidentally having problems, as it shows up OK in Chrome.
Any ideas which of the many settings may have borked feedly?
kk

It might also be worth unticking ‘play drm content’ if you’re not using it. I also unticked the ‘block dangerous and deceptive content’ option under security because that communicates back to the google mothership – https://support.mozilla.org/t5/Protect-your-privacy/How-does-built-in-Phishing-and-Malware-Protection-work/ta-p/9395 – i have enough other protections in place for me not to be too concerned with this but ymmv.

-T

1 user thanked author for this post.

HiFlyer

Nice job. For those of us not intimately familiar with FireFox it’s nice to have a targeted list with some explanations.

-Noel

2 users thanked author for this post.

HiFlyer, Microfix

Microfix wrote:

The top two security tweaks are the most important LOGJAM & POODLE even if they are set correctly without changing them, it’s better to check anyway.

thanks for the advise n.n/
i’m using FF ESR and logjam “problem” is present, now is fixed (yeah).
(somebody maybe ask… why im using esr? it’s because i feel more stable tan “normal” version)

Backing Up Firefox Profiles both when Firefox and its Extensions are Available and when Firefox and its Extensions are Not Available:

For Windows, Mac and Linux, these instructions look good:
https://www.howtogeek.com/255587/how-to-find-your-firefox-profile-folder-on-windows-mac-and-linux/

What differs is the exact location of the Mozilla or Firefox Profile Directories, and the kinds of permissions and hidden attributes which need to be considered for a successful copy-paste backup procedure.

Good storage options include a separate partition, a USB device, or an external drive. Preferably with an extra copy on an external drive just in case.

Both backing up and restoring are simple copy-paste operations.

BTW, Firefox and Chrome, Edge and Internet Explorer, all by default now exclude the insecure cipher sets which logjam and poodle relied on. No internal tweaking is required unless you are using a site which still relies on older, insecure cipher suites. Which no one should be doing now. The same applies to the TLS and SSL settings involved in these attacks.

I personally do use Ghostery, Abine Blur, HTTPS Everywhere and an extension to block HTML autoplay, for security and privacy. If NoScript is added, pretty much all telemetry and DOM and persistent cookie tracking can be blocked. (This involves using some Extension settings which are not set by default. Also, Click And Clean Extension has some settings panels, but these are more useful for Chrome — see below — than for Firefox.)

Tweaking the Firefox config. settings may bork the browser or make some sites unusable, so this is not my recommended action. It’s a lot easier to reset, suspend or disable an extension than to reconfigure a borked config. file.

RELATED ABOUT CHROME SETTINGS:
We should develop a KB article here about the changes in Chrome 57 with regard to Flash Player and Plugins controls. Most former Chrome Plugins have been moved to Extensions. There are also security settings which have been moved into little icons in the Location Bar in Chrome 57.

These changes have caused a lot of finger-pointing, false accusations of loss of user controls and general confusion among Chrome users. I am still sorting through these Chrome changes. And unlike Firefox, if you mess with the Chrome configuration settings, you have no easy way to back up and restore these settings. Which is why the Chrome://Plugins page is no longer available to users.

1 user thanked author for this post.

jburk07

hello n.n
what about “about:telemetry” option? does help in something?
sorry for many questions…

Re: Additional Privacy Tweaks #5

woody wrote:

geo.wifi.uri set to 127.0.0.1

My setting is [http://localhost:8888/]
Does this need to be changed?

Additional Privacy Tweaks Note 3):
Setting the ‘dom.storage.enabled’ entry to false can “break” some websites as they are reliant on DOM storage tracking.
Changing this setting should therefore be done with caution.
If you have done this and find website does not display, revert setting back to default.

1 user thanked author for this post.

Rick R

An additional security tweak for a link issue which has recently resurfaced using language coding for weblinks.

The problem: Some letters in other languages like Cyrillic are different but look almost identical. You can get identical-looking versions of “a”, “B”, “c”, “i”, “l”, “O” and “p,” among others.

So by combining the codes for these other letters with non-coded letters you can appear to spell out a word like “apple,” therefore tricking people into visiting a different website from the one they think they are visiting.

To avoid this go to:

about:config

set the following string to TRUE

network.IDN_show_punycode

Source: Here

In depth info: Link

4 users thanked author for this post.

Steve, Rick R, HiFlyer, Elly

I want to point out that anyone resetting “dom.storage.enabled” = False, will encounter an issue with the Microsoft Catalog.

Thanks to Microfix for mentioning potential issues regarding websites. It helped me identify the change that broke MS catalog.

I use the MSCat for Group B downloads, so for others in B, set this to default (True).

This is what you get with “False” set.

1 user thanked author for this post.

Microfix

For the truly adventurous, here’s a link to the ghacks website and an article by Martin Brinkmann on all kinds of Firefox tweaks for privacy and security. Remember, YMMV and some settings, such as those mentioned in posts above, may “break” certain or possibly most websites, so tread with caution. I suggest reading the explanations above each section to see what’s involved with that section to see if you really need to pay attention to it or if you feel you can ignore it.

The link was on this thread some time ago, but must’ve bitten the big one with the server migrations of recent months. If it’s still listed above, my sincerest apologies and feel free to delete this post.

Ok, here’s the link:https://www.ghacks.net/2015/08/18/a-comprehensive-list-of-firefox-privacy-and-security-settings/

As noted on the page itself, the list has been updated to reflect certain changes in newer editions of Firefox. Latest changes were last year, 2017. Enjoy!

For Firefox Quantum 61.0 or greater, change the following attributes within about:config

1) Type: security.tls.version.min set to 3 (1 = TLS 1.0 / 2 = TLS 1.1/ 3 = TLS 1.2)
2) Type: security.tls.version.max set to 4 (Enables TLS 1.3)

Remember: to take note of your existing settings prior to changing, should you need to revert back due to some websites not functioning properly.

1 user thanked author for this post.

Steve

? says:

found this tidbit (only 10 months after)

Improving DNS Privacy in Firefox

as always, Martin is on it :

https://www.ghacks.net/2018/03/20/firefox-dns-over-https-and-a-worrying-shield-study/

and:

https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/

if u have ever looked at the in/out traffic on wireshark…

I found this string geo.provider.ms-windows-location set to true in Waterfox for Windows, so if found Firefox users should toggle that to false as another casual defense against geographical location queries.

This is a great resource —any chance of an update? Firefox ver 65.02  currently.

Thank you
DriftyDonN

? says:

building yet another linux \w Firefox (loads more fun than watching the pain(t) dry on Microsoft) and stumbled upon thesse 3 additional security\telemetry tweaks:

https://www.ghacks.net/2017/10/14/what-is-pingsender-exe-on-windows/

https://www.askvg.com/tip-disable-telemetry-and-data-collection-in-mozilla-firefox-quantum/

and: ui.submenu.Delay (=0)  just for fun!

? says:

here is a way to disable “dom.push.enabled in “about:config:” in FF from a few years ago:

https://www.ghacks.net/2015/11/04/everything-you-need-to-know-about-push-notifications-in-firefox/

there used to be a setting in about:preferences. i turned off APPLE PUSH in itunes long ago. i object to being “pushed” especially if i’m not sure what i’m being “pushed,” into…