“If you have nothing to hide, you have nothing to fear” Bullshit. Power corrupts and the more power internet companies, governments, and other gate keepers of knowledge and technology have the more they will abuse it. Whatever you research, post, look at online should be private and not up for Google to package and sell like many internet companies do. Such information not only gives ad companies data on your browsing habits, but also enables a compilation of data about what makes you you. You’re political beliefs, where you live, how many people are in your house, if you’re pregnant, etc.. Of course you shouldn’t do anything illegal, but do I really need to tell you that? This tutorial will show you a beginner friendly way to obfuscate your internet activity and stop trackers from tracking you. Per the usual of my posts I’m getting down to brass tacks, so let’s get started.
First, download the Firefox browser. The plan is to disassociate browsing history so what you do on Privacy Firefox is different from what you do on say Google Chrome. We’re also going to install add-ons to show trackers and disable them as well eliminate unneeded features on browsers to increase our overall security. There are deeper levels to this, but hardening Firefox for easy browsing is our level one security action.
Basic Privacy Changes
Navigate to the three stripes on the upper right corner of the browser and click it, then go to Settings, then Privacy and Security
Just as you see in the above picture, select Custom and select the check boxes to block cookies (All cross site cookies), tracking content in all windows, crypto miners, known fingerprinters and suspected finger printers in all windows. A bit below that are Website Privacy Preferences where you can tell websites not to sell or share your data and Send websites a “Do Not Track” request. The thing is that you can send or demand whatever you want. The website owners don’t have to oblige by anything you request or tell them. Even with laws on the books, Facebook still will commit illegal practices and no one will go to jail. Now if you were to do the same or similar thing you would head straight to jail and business besmirched and shut down. If only we all had millions of dollars to buy the law.
Next, scroll down to Passwords and unselect Ask to Save Passwords for obvious reasons. I would also suggest AGAINST using password managers because its only a matter of time before they’re hacked and your data is rendered vulnerable. As for Firefox settings, do not enable Ask to save passwords, do not use a primary password, and do not allow Windows single sign on for Microsoft, work and school accounts. In the Autofill section disable the save and fill addresses alongside the Save and fill payment methods. Why would you want Firefox to know and save your credit card and address?
History
Select Firefox will Never Remember History
Permissions
Select settings and click the checkbox to block new requests requesting your Location, Camera, Microphone, Notifications, Autoplay, and VR
Select the checkbox to Block popup windows and to warn you when websites try to install add ons.
Firefox Data Collection and Use
Uncheck “Allow Firefox to make personalized extension recommendations“, “Allow Firefox to send technical and interaction data to Mozilla“, “Allow Firefox to install and run studies“, “Allow Firefox to send backlogged crash reports on your behalf“.
Website Advertising Preferences
Uncheck “Allow websites to perform privacy-preserving ad measurement”
Security
Select the checkbox to block dangerous and deceptive content and downloads as well as warn you about unwanted and uncommon software. Some websites try to auto install apks when you visit which is an app, but could easily be a virus or spyware.
HTTPS-Only Mode
Enable on all windows
About:Config Settings Changes
Now we will alter how Firefox works. Some settings are already altered as part of Firefox’s commitment to privacy, but we always trust but verify things are as they’re reported.
Go to your address bar and type about:config where you’ll get a warning about these preferences impacting performance and security– but that’s the point. Accept the Risk and Continue.
Adjust all of the following. If they’re already in the suggested state, move on to the next settings adjustment. The settings can be adjusted by changing a boolean value and by changing the integer value.
The illustration below shows how to change the boolean (basically true or false) value of a setting. You do this by clicking the double facing arrows, which changes false setting to true and vice versa.
Next is the integer value, which is changed by clicking the pencil icon and inputting the desired integer value.
The quickest way to input the text is by copying everything to the left of the equal sign below and pasting it in your about:config settings.
privacy.firstparty.isolate= true
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don’t do this if you are using the Firefox Addon “Cookie AutoDelete” with Firefox v58 or below.)
privacy.resistFingerprinting= true
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
privacy.trackingprotection.fingerprinting.enabled= true
[FF67+] Blocks Fingerprinting
privacy.trackingprotection.cryptomining.enabled= true
[FF67+] Blocks CryptoMining
privacy.trackingprotection.enabled= true
This is Mozilla’s new built-in tracking protection. One of it’s benefits is blocking tracking (i.e. Google Analytics) on privileged pages where add-ons that usually do that are disabled.
browser.send_pings= false
The attribute would be useful for letting websites track visitors’ clicks.
browser.urlbar.speculativeConnect.enabled= false
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to.
dom.event.clipboardevents.enabled= false
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
media.eme.enabled= false
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc.
DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.
media.gmp-widevinecdm.enabled= false
Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content.
media.navigator.enabled= false
Websites can track the microphone and camera status of your device.
network.cookie.cookieBehavior= 1
Disable cookies
0 = Accept all cookies by default
1 = Only accept from the originating site (block third-party cookies)
2 = Block all cookies by default
network.http.referer.XOriginPolicy= 2
Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.)
0 = Send Referer in all cases
1 = Send Referer to same eTLD sites
2 = Send Referer only when the full hostnames match
network.http.referer.XOriginTrimmingPolicy= 2
When sending Referer across origins, only send scheme, host, and port in the Referer header of cross-origin requests.
0 = Send full url in Referer
1 = Send url without query string in Referer
2 = Only send scheme, host, and port in Referer
webgl.disabled= true
WebGL is a potential security risk.
browser.sessionstore.privacy_level= 2
This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data.
0 = Store extra session data for any site. (Default starting with Firefox 4.)
1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before Firefox 4.)
2 = Never store extra session data.
beacon.enabled= false
Disables sending additional analytics to web servers.
browser.safebrowsing.downloads.remote.enabled= false
Prevents Firefox from sending information about downloaded executable files to Google Safe Browsing to determine whether it should be blocked for safety reasons.
Disable Firefox prefetching pages it thinks you will visit next:
Prefetching causes cookies from the prefetched site to be loaded and other potentially unwanted behavior.
network.dns.disablePrefetch= true
network.dns.disablePrefetchFromHTTPS= true
network.predictor.enabled= false
network.predictor.enable-prefetch= false
network.prefetch-next = false
network.IDN_show_punycode = true
Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice.
Add- Ons
To access, click on the three horizontal lines in the upper right hand corner of your screen and select Add one and themes
Once selected, search for the following and add to your Firefox:
uBlock Origin (uBlock Origin Setup Guide)– Video manual
HTTPS Everywhere— (Redundant now that Firefox already supports HTTPS Everywhere and we enabled the settings already in the about config)
Cookie Auto Delete (Cookie AutoDelete User Guide)
Adblocker Ultimate
Clear URLS
And there you go! You’ve now made the first vital step to internet privacy! To delve deeper into privacy add-ons, take a look using Cookie Auto Delete For Internet Privacy, or uBlock Origin For Internet Privacy.