-
-
Save MrYar/751e0e5f3f1430db7ec5a8c8aa237b72 to your computer and use it in GitHub Desktop.
Firefox telemetry and spy removal
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # AUTHOR WARNING- recommend not using this script as it does not guard against the variety of tracking methods used by databrokers. | |
| # Please see https://www.iccl.ie/wp-content/uploads/2022/08/File-Stamped-2022-08-19-Oracle-Complaint.pdf | |
| # | |
| # Firefox telemetry and data collection denial | |
| This is a fork of haasn "Firefox bullshit removal" | |
| Also heavily based off pyllyukko "Firefox hardening" https://github.com/pyllyukko/user.js/ | |
| There are two versions, one for Firefox 68 Firefox and another for 70+. Thanks to Kein for the work on 70+ | |
| Instead of manually editing about:config, make changes to the user.js file | |
| ###How to use the user.js file | |
| Copy `user.js` in your current user profile, or (recommended) to a fresh, newly created Firefox profile directory. | |
| The file should be located at: | |
| | OS | Path | | |
| | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | | |
| | Windows 10 | %APPDATA%\Roaming\Mozilla\Firefox\Profiles\XXXXXXXX.your_profile_name\user.js | | |
| | Windows 7 | `%APPDATA%\Mozilla\Firefox\Profiles\XXXXXXXX.your_profile_name\user.js` | | |
| | Linux | `~/.mozilla/firefox/XXXXXXXX.your_profile_name/user.js` | | |
| | OS X | `~/Library/Application Support/Firefox/Profiles/XXXXXXXX.your_profile_name` | | |
| | Android | `/data/data/org.mozilla.firefox/files/mozilla/XXXXXXXX.your_profile_name` and see [issue #14](https://github.com/pyllyukko/user.js/issues/14) | | |
| | Sailfish OS + Alien Dalvik | `/opt/alien/data/data/org.mozilla.firefox/files/mozilla/XXXXXXXX.your_profile_name` | | |
| | Windows (portable) | `[firefox directory]\Data\profile\` | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // by Kein | |
| /////////////////////////// | |
| // New since 68ESR // | |
| /////////////////////////// | |
| // TOR Uplifts features: | |
| // https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks | |
| user_pref("network.http.referer.XOriginTrimmingPolicy", 2); | |
| user_pref("network.http.referer.XOriginPolicy", 2); | |
| user_pref("network.http.referer.trimmingPolicy", 2); | |
| user_pref("dom.event.clipboardevents.enabled", false); | |
| user_pref("browser.urlbar.speculativeConnect.enabled", false); | |
| // Cache tracking: https://www.grepular.com/Preventing_Web_Tracking_via_the_Browser_Cache | |
| // user_pref("browser.cache.offline.enable", false); | |
| // Isolate cookies to 1st party domain. This WILL break logins/sessions | |
| // user_pref("privacy.firstparty.isolate", true); | |
| // Degrades performance of animations, like scrolling | |
| // user_pref("privacy.resistFingerprinting", true); | |
| // WebGL and DRM media | |
| user_pref("webgl.disabled", true); | |
| user_pref("media.eme.enabled", false); | |
| // Addons suggestions features, Highlights on Home Tab and Snippets | |
| user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); | |
| user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); | |
| user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false); | |
| user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); | |
| user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); | |
| // Custom user preferences | |
| user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); | |
| user_pref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); | |
| user_pref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); | |
| user_pref("browser.newtabpage.activity-stream.showSearch", false); | |
| user_pref("browser.cache.disk.parent_directory", "N:\FIREFOX"); | |
| user_pref("browser.urlbar.suggest.openpage", false); | |
| user_pref("browser.urlbar.suggest.searches", false); | |
| user_pref("media.videocontrols.picture-in-picture.video-toggle.enabled", false); | |
| user_pref("signon.autofillForms", false); | |
| user_pref("signon.generation.enabled", false); | |
| user_pref("signon.management.page.breach-alerts.enabled", false); | |
| user_pref("signon.rememberSignons", false); | |
| user_pref("network.proxy.no_proxies_on", "192.168..1/24"); | |
| user_pref("network.proxy.socks_remote_dns", true); | |
| // Enable DNS-over-HTTPS (DoH) | |
| // See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-http | |
| // lets enable this by default. Set to 0 to disable DoH, 2 set TRR/DoH as priority but falls back to native, 3 only use DoH | |
| user_pref("network.trr.mode", 2); | |
| // ECH replaces ESNI | |
| // https://blog.mozilla.org/security/2021/01/07/encrypted-client-hello-the-future-of-esni-in-firefox/ | |
| user_pref("network.dns.echconfig.enabled", true) | |
| user_pref("network.dns.use_https_rr_as_altsvc", true) | |
| // From: https://gist.github.com/MrYar/751e0e5f3f1430db7ec5a8c8aa237b72 | |
| // Cleaned up for 79+ | |
| // Turn off "Sends data to servers when leaving pages" | |
| user_pref("beacon.enabled", false); | |
| // Prevention of some telemetry related to the newtab | |
| user_pref("browser.newtabpage.enhanced", false); | |
| // "In the release channels the Mozilla location service is used to help in figuring out regional search defaults." | |
| // Which means sending collectable data | |
| user_pref("browser.search.region", "US"); | |
| user_pref("browser.search.suggest.enabled", false); | |
| user_pref("browser.search.update", false); | |
| // Datareporting is telemetry | |
| user_pref("datareporting.healthreport.uploadEnabled", false); | |
| user_pref("datareporting.policy.dataSubmissionEnabled", false); | |
| user_pref("datareporting.sessions.current.clean", true); | |
| // Disables web browser access of HAL sensors | |
| user_pref("device.sensors.enabled", false); | |
| // Prevention of an android ADB Helper Add-on auto installer and other dev tools | |
| user_pref("devtools.webide.autoinstallFxdtAdapters", false); | |
| // See https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/ | |
| user_pref("dom.battery.enabled", false); | |
| // See https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI | |
| user_pref("dom.enable_performance", false); | |
| // If enabled, your list of installed addons are sent once a day to mozilla | |
| // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ | |
| user_pref("extensions.getAddons.cache.enabled", false); | |
| // Disable pocket for obvious reasons | |
| user_pref("extensions.pocket.enabled", false); | |
| // Geo location sends location data | |
| user_pref("geo.enabled", false); | |
| // If you mistype the keyword, then Firefox will leak the content of your address bar to | |
| // the default search engine instead of displaying some "The address wasn't understood" local error page | |
| user_pref("keyword.enabled", false); | |
| // Disable screensharing framework | |
| user_pref("media.getusermedia.screensharing.enabled", false); | |
| // Turn off WebRTC // see https://tinyurl.com/yc3yqnyv | |
| user_pref("media.navigator.enabled", false); | |
| user_pref("media.peerconnection.enabled", false); | |
| user_pref("media.peerconnection.ice.default_address_only", true); | |
| // Disable stat collection | |
| user_pref("media.video_stats.enabled", false); | |
| // Disable DNS prefetching | |
| user_pref("network.dns.disablePrefetch", true); | |
| // Disable speculative loading | |
| user_pref("network.http.speculative-parallel-limit", 0); | |
| // Disable prefetching and predicting | |
| user_pref("network.predictor.cleaned-up", true); | |
| user_pref("network.predictor.enabled", false); | |
| user_pref("network.prefetch-next", false); | |
| // Tracking protection. Though almost always ignored and useless... | |
| user_pref("privacy.donottrackheader.enabled", true); | |
| user_pref("privacy.trackingprotection.enabled", true); | |
| user_pref("privacy.trackingprotection.introCount", 20); | |
| // Overt telemetry disabling | |
| user_pref("toolkit.telemetry.updatePing.enabled", false); | |
| user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); | |
| user_pref("browser.newtabpage.activity-stream.telemetry", false); | |
| user_pref("browser.ping-centre.telemetry", false); | |
| user_pref("toolkit.telemetry.bhrPing.enabled", false); | |
| user_pref("toolkit.telemetry.enabled", false); | |
| user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); | |
| user_pref("toolkit.telemetry.hybridContent.enabled", false); | |
| user_pref("toolkit.telemetry.newProfilePing.enabled", false); | |
| user_pref("toolkit.telemetry.reportingpolicy.firstRun", false); | |
| user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); | |
| user_pref("toolkit.telemetry.unified", false); | |
| user_pref("toolkit.telemetry.server", ""); | |
| user_pref("toolkit.telemetry.archive.enabled", false); | |
| user_pref("devtools.onboarding.telemetry.logged", false); | |
| // Disable developer experiments and onboarding | |
| user_pref("browser.onboarding.enabled", false); | |
| user_pref("experiments.enabled", false); | |
| user_pref("network.allow-experiments", false); | |
| // Disable social networking site info exchange | |
| user_pref("social.directories", ""); | |
| user_pref("social.remote-install.enabled", false); | |
| user_pref("social.toast-notifications.enabled", false); | |
| user_pref("social.whitelist", ""); | |
| // Disable retrieval of safebrowsing lists | |
| user_pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false); | |
| user_pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false); | |
| // Disable reporting of crash information | |
| user_pref("dom.ipc.plugins.reportCrashURL", false); | |
| user_pref("breakpad.reportURL", ""); | |
| // Safebrowsing sends a hash of your url to retrieve a list of partial matches. | |
| user_pref("browser.safebrowsing.blockedURIs.enabled", false); | |
| user_pref("browser.safebrowsing.downloads.enabled", false); | |
| user_pref("browser.safebrowsing.downloads.remote.enabled", false); | |
| user_pref("browser.safebrowsing.malware.enabled", false); | |
| user_pref("browser.safebrowsing.phishing.enabled", false); | |
| // Disable Firefox Screenshots | |
| user_pref("extensions.screenshots.disabled", true); | |
| user_pref("extensions.screenshots.system-disabled", true); | |
| user_pref("extensions.screenshots.upload-disabled", true); | |
| // Stops leave-page warning | |
| user_pref("dom.disable_beforeunload", true); | |
| // Don't constantly check if its the default browser | |
| user_pref("browser.shell.checkDefaultBrowser", false); | |
| // Keep the full url to see which sites are still http and not https | |
| user_pref("browser.urlbar.trimURLs", false); | |
| // No need to warn us | |
| user_pref("general.warnOnAboutConfig", false); | |
| user_pref("browser.aboutConfig.showWarning", false); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Turn off "Sends data to servers when leaving pages" | |
| user_pref("beacon.enabled", false); | |
| // Prevention of some telemetry related to the newtab | |
| user_pref("browser.newtabpage.directory.ping", ""); | |
| user_pref("browser.newtabpage.directory.source", ""); | |
| user_pref("browser.newtabpage.enhanced", false); | |
| // "In the release channels the Mozilla location service is used to help in figuring out regional search defaults." | |
| // Which means sending collectable data | |
| user_pref("browser.search.geoip.url", ""); | |
| user_pref("browser.search.region", "US"); | |
| user_pref("browser.search.suggest.enabled", false); | |
| user_pref("browser.search.update", false); | |
| // Selfsupport sends a heartbeat | |
| user_pref("browser.selfsupport.url", ""); | |
| // Datareporting is telemetry | |
| user_pref("datareporting.healthreport.uploadEnabled", false); | |
| user_pref("datareporting.policy.dataSubmissionEnabled", false); | |
| user_pref("datareporting.sessions.current.clean", true); | |
| // Disables web browser access of HAL sensors | |
| user_pref("device.sensors.enabled", false); | |
| // Prevention of an android ADB Helper Add-on auto installer and other dev tools user_pref("devtools.webide.autoinstallADBHelper", false); | |
| user_pref("devtools.webide.autoinstallFxdtAdapters", false); | |
| user_pref("devtools.webide.enabled", false); | |
| user_pref("devtools.debugger.remote-enabled", false); | |
| user_pref("devtools.chrome.enabled", false); | |
| user_pref("devtools.debugger.force-local", true); | |
| // See https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/ | |
| user_pref("dom.battery.enabled", false); | |
| // See https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI | |
| user_pref("dom.enable_performance", false); | |
| // If enabled, your list of installed addons are sent once a day to mozilla | |
| // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ | |
| user_pref("extensions.getAddons.cache.enabled", false); | |
| // Disable pocket for obvious reasons | |
| user_pref("extensions.pocket.enabled", false); | |
| // Geo location sends location data | |
| user_pref("geo.enabled", false); | |
| // If you mistype the keyword, then Firefox will leak the content of your address bar to | |
| // the default search engine instead of displaying some "The address wasn't understood" local error page | |
| user_pref("keyword.enabled", false); | |
| // Disable screensharing framework | |
| user_pref("media.getusermedia.screensharing.enabled", false); | |
| // Turn off WebRTC // see https://tinyurl.com/yc3yqnyv | |
| user_pref("media.navigator.enabled", false); | |
| user_pref("media.peerconnection.enabled", false); | |
| user_pref("media.peerconnection.ice.default_address_only", true); | |
| // Disable stat collection | |
| user_pref("media.video_stats.enabled", false); | |
| // Disable DNS prefetching | |
| user_pref("network.dns.disablePrefetch", true); | |
| // Disable speculative loading | |
| user_pref("network.http.speculative-parallel-limit", 0); | |
| // Disable prefetching and predicting | |
| user_pref("network.predictor.cleaned-up", true); | |
| user_pref("network.predictor.enabled", false); | |
| user_pref("network.prefetch-next", false); | |
| // Tracking protection. Though almost always ignored and useless... | |
| user_pref("privacy.donottrackheader.enabled", true); | |
| user_pref("privacy.trackingprotection.enabled", true); | |
| user_pref("privacy.trackingprotection.introCount", 20); | |
| // Overt telemetry disabling | |
| user_pref("toolkit.telemetry.updatePing.enabled", false); | |
| user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); | |
| user_pref("browser.newtabpage.activity-stream.telemetry", false); | |
| user_pref("browser.ping-centre.telemetry", false); | |
| user_pref("toolkit.telemetry.bhrPing.enabled", false); | |
| user_pref("toolkit.telemetry.enabled", false); | |
| user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); | |
| user_pref("toolkit.telemetry.hybridContent.enabled", false); | |
| user_pref("toolkit.telemetry.newProfilePing.enabled", false); | |
| user_pref("toolkit.telemetry.reportingpolicy.firstRun", false); | |
| user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); | |
| user_pref("toolkit.telemetry.unified", false); | |
| user_pref("toolkit.telemetry.server", ""); | |
| user_pref("toolkit.telemetry.archive.enabled", false); | |
| user_pref("devtools.onboarding.telemetry.logged", false); | |
| // Disable developer experiments and onboarding | |
| user_pref("browser.onboarding.enabled", false); | |
| user_pref("experiments.enabled", false); | |
| user_pref("network.allow-experiments", false); | |
| // Disable social networking site info exchange | |
| user_pref("social.directories", ""); | |
| user_pref("social.remote-install.enabled", false); | |
| user_pref("social.toast-notifications.enabled", false); | |
| user_pref("social.whitelist", ""); | |
| // Disable retrieval of safebrowsing lists | |
| user_pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false); | |
| user_pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false); | |
| // Disable reporting of crash information | |
| user_pref("dom.ipc.plugins.reportCrashURL", false); | |
| user_pref("breakpad.reportURL", ""); | |
| // Safebrowsing sends a hash of your url to retrieve a list of partial matches. | |
| user_pref("browser.safebrowsing.blockedURIs.enabled", false); | |
| user_pref("browser.safebrowsing.downloads.enabled", false); | |
| user_pref("browser.safebrowsing.downloads.remote.enabled", false); | |
| user_pref("browser.safebrowsing.malware.enabled", false); | |
| user_pref("browser.safebrowsing.phishing.enabled", false); | |
| // Disable Firefox Screenshots | |
| user_pref("extensions.screenshots.disabled", true); | |
| user_pref("extensions.screenshots.system-disabled", true); | |
| user_pref("extensions.screenshots.upload-disabled", true); | |
| // Enable DNS-over-HTTPS (DoH) | |
| // network.trr.mode turns on DoH. It takes the following values | |
| // 0 - Default value in standard Firefox installations (currently is 5, which means DoH is disabled) | |
| // 1 - DoH is enabled, but Firefox picks if it uses DoH or regular DNS based o which returns faster query responses | |
| // 2 - DoH is enabled, and regular DNS works as a backup | |
| // 3 - DoH is enabled, and regular DNS is disabled | |
| // 5 - DoH is disabled | |
| // Users may want to set to 3 temporarily to verify DoH is working | |
| user_pref("network.trr.mode", 2); | |
| // users can use their own DoH server URL https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-servers | |
| user_pref("network.trr.uri", "https://mozilla.cloudflare-dns.com/dns-query"); | |
| // If DoH doesn't work, try uncommenting the line below (1.1.1.1 is cloudflare, can use google's 8.8.8.8 also) | |
| // user_pref("network.trr.bootstrapAddress", 1.1.1.1); | |
| // Enable Encrypted-SNI. Its a good idea to make sure its working by checking https://www.cloudflare.com/ssl/encrypted-sni/ | |
| user_pref("network.security.esni.enabled", true); | |
| // --- | |
| // --- Protective but not telemetry or data collection related | |
| // --- | |
| // Disable javascript takeover of mouse menu | |
| user_pref("dom.event.contextmenu.enabled", false); | |
| // Stops leave-page warning | |
| user_pref("dom.disable_beforeunload", true); | |
| // Don't constantly check if its the default browser | |
| user_pref("browser.shell.checkDefaultBrowser", false); | |
| // Keep the full url to see which sites are still http and not https | |
| user_pref("browser.urlbar.trimURLs", false); | |
| // No need to warn us | |
| user_pref("general.warnOnAboutConfig", false); | |
| // Disable automatically updating your extensions (uncomment for settings to take effect) | |
| //user_pref("extensions.update.autoUpdateDefault", false); | |
| //user_pref("extensions.update.enabled", false); | |
| // Disable automatic upgrading to newest version. Program will still ask you if you want to upgrade. (uncomment to activate setting) | |
| //user_pref("app.update.auto", false); | |
| //user_pref("app.update.enabled", false); |
added user_pref("toolkit.telemetry.archive.enabled", false);
Even though datareporting is turned off, it still seems to save two days of telemetry pings unless this value is set (saves the pings in linux ./mozilla/firefox/profileid/datareporting/archived)
Hello there, thanks for upkeeping this ! :)
I also re-setted "keyword.enabled" to true, even if it is said that it "does mean that information will be sent to a third party" (cf.here) to improve my usage over time ^^
I just saw that all your "pref" has been query-replaced into "user_pref" and it broke some lines of your code ^^ (60, 123, 136 & 137)
Corrections made, thank you gurujam!
(better late then never I suppose)
It would be very helpful to have ini comments one per line so you really know what you are disabling.
Ones starting with services.sync.prefs.sync.xxxx are if you want that preference to sync across your devices if you use Firefox Sync. That way, if you do sync bookmarks, for example, your setting browser.safebrowsing.malware.enabled = false would also be set to false on your other computers. Like, you're just making it extra work to have to set all of these prefs up on every computer. If anything, I'd create services.sync.prefs.sync booleans for more of your settings to sync so you don't have to always configure extra computers.
Have you tried to place two spaces on the end of each line of user_pref??? It is the way markdown understand breaking lines without breaking paragraph (which is with one blank line separator).
Added a few new entries to go along with Firefox 63.0.3
Added comments/rationale for the preference changes.
Also removed unneeded ones that were outdated.
// If you mistype the keyword, then Firefox will leak the content of your address bar to // Google instead of displaying some "The address wasn't understood" local error page user_pref("keyword.enabled", false);
Curious if the 'Google' part of this comment is accurate?
When I change the pref to 'false' it kills the 'search from the url bar' function... but my default search engine is DDG. So if I leave the pref at 'true' and type in a phrase, it's sent to DDG as a search request.
Thank you gitter2741. I changed it to read "the default search engine" instead of Google.
Moved the non-telemetry items to a separate section for better organization.
// Not sure why these are disabled
This is the windows prompt that appears when you close firefox if privacy.sanitize.sanitizeOnShutdown is set to true and privacy.sanitize.promptOnSanitize is also true. But most about:config tweaks just delete all the cookies on close and change privacy.sanitize.promptOnSanitize to false, so the option to keep some of the cookies doesn't even appear.
user_pref("user_pref.privacy.disable_button.cookie_exceptions", false);
user_pref("user_pref.privacy.disable_button.view_cookies", false);
I think those prefs' names might be incorrect, @MrYar. They're written as pref.privacy.disable_button.cookie_exceptions and pref.privacy.disable_button.view_cookies in this Support Mozilla page, at least.
Anyway, I wanted to ask if these Tracking Protection related prefs are worth looking into or what's their purpose.
privacy.trackingprotection.fingerprinting.annotate.enabled
privacy.trackingprotection.cryptomining.annotate.enabled
privacy.trackingprotection.annotate_channels
LOuroboros, Those prefs names appear to be duplicated, probably as some sort of compatibility. In any case, they are not very important as they just hide the mentioned buttons in the preferences menu. Doesn't do anything beyond change the UI of the prefs menu. I am going to remove them
Added enabling of DNS over HTTPS. The default setting of 2 will work well for most users, but users may want to test that DoH works by setting that variable to 3 first.
Enabled Encrypted-SNI. Check if its working with https://www.cloudflare.com/ssl/encrypted-sni/
Quite a few duplicate entries.
Quite a few duplicate entries.
Thank you, they have been removed.
I am also not able to find these prefs in the sources for firefox-79, but perhaps they are still relevant for 68 and might be desirable to keep around.
user_pref("datareporting.sessions.current.clean", true);
user_pref("network.predictor.cleaned-up", true);
user_pref("devtools.onboarding.telemetry.logged", false);
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("toolkit.telemetry.hybridContent.enabled", false);
user_pref("network.allow-experiments", false);
user_pref("browser.onboarding.enabled", false);
user_pref("social.directories", "");
user_pref("social.remote-install.enabled", false);
user_pref("social.toast-notifications.enabled", false);
user_pref("social.whitelist", "");
This does not appear to exist either
user_pref("devtools.webide.enabled", false);
And these are very useful (Tools>Web Developer>Browser Toolbox [ctrl+alt+shift+i]) while not being part of telemetry or logging from what I know (but if I am wrong I would like to know).
user_pref("devtools.debugger.remote-enabled", false);
user_pref("devtools.chrome.enabled", false);
I'm still currently using 68 ESR as that's what Slackware comes with. I do see the need for a version of this script that works for the latest, as that's what most people will be using. I'm hesitant to remove them as it provides protection for older versions. I could fork this project and remove them for firefox 7x, though I'm not sure I'm the best to maintain it as I don't use it. Any interest in taking on new versions in your own fork, Meriipu?
I do not think I am familiar enough with all the various privacy options to take responsibility for that, unfortunately.
Updated for 79:
///////////////////////////
// New in versions 78-79 //
///////////////////////////
// TOR Uplifts features:
// https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
user_pref("network.http.referer.XOriginPolicy", 2);
user_pref("network.http.referer.trimmingPolicy", 2);
user_pref("dom.event.clipboardevents.enabled", false);
user_pref("browser.urlbar.speculativeConnect.enabled", false);
// Cache tracking: https://www.grepular.com/Preventing_Web_Tracking_via_the_Browser_Cache
// user_pref("browser.cache.offline.enable", false);
// Isolate cookies to 1st party domain. This WILL break logins/sessions
// user_pref("privacy.firstparty.isolate", true);
// Degrades performance of animations, like scrolling
// user_pref("privacy.resistFingerprinting", true);
// WebGL and DRM media
user_pref("webgl.disabled", true);
user_pref("media.eme.enabled", false);
// Addons suggestions features, Highlights on Home Tab and Snippets
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
// Custom user preferences
user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
user_pref("browser.newtabpage.activity-stream.showSearch", false);
user_pref("browser.cache.disk.parent_directory", "N:\FIREFOX");
user_pref("browser.urlbar.suggest.openpage", false);
user_pref("browser.urlbar.suggest.searches", false);
user_pref("media.videocontrols.picture-in-picture.video-toggle.enabled", false);
user_pref("signon.autofillForms", false);
user_pref("signon.generation.enabled", false);
user_pref("signon.management.page.breach-alerts.enabled", false);
user_pref("signon.rememberSignons", false);
user_pref("network.proxy.no_proxies_on", "192.168..1/24");
user_pref("network.proxy.socks_remote_dns", true);
// Enable DNS-over-HTTPS (DoH)
// See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-https
// user_pref("network.trr.mode", 2);
// user_pref("network.trr.uri", "https://mozilla.cloudflare-dns.com/dns-query");
// user_pref("network.trr.bootstrapAddress", 1.1.1.1);
// Enable Encrypted-SNI. Its a good idea to make sure its working by checking https://www.cloudflare.com/ssl/encrypted-sni/
// user_pref("network.security.esni.enabled", true);
// From: https://gist.github.com/MrYar/751e0e5f3f1430db7ec5a8c8aa237b72
// Cleaned up for 79+
// Turn off "Sends data to servers when leaving pages"
user_pref("beacon.enabled", false);
// Prevention of some telemetry related to the newtab
user_pref("browser.newtabpage.enhanced", false);
// "In the release channels the Mozilla location service is used to help in figuring out regional search defaults."
// Which means sending collectable data
user_pref("browser.search.region", "US");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.update", false);
// Datareporting is telemetry
user_pref("datareporting.healthreport.uploadEnabled", false);
user_pref("datareporting.policy.dataSubmissionEnabled", false);
user_pref("datareporting.sessions.current.clean", true);
// Disables web browser access of HAL sensors
user_pref("device.sensors.enabled", false);
// Prevention of an android ADB Helper Add-on auto installer and other dev tools
user_pref("devtools.webide.autoinstallFxdtAdapters", false);
// See https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/
user_pref("dom.battery.enabled", false);
// See https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI
user_pref("dom.enable_performance", false);
// If enabled, your list of installed addons are sent once a day to mozilla
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
user_pref("extensions.getAddons.cache.enabled", false);
// Disable pocket for obvious reasons
user_pref("extensions.pocket.enabled", false);
// Geo location sends location data
user_pref("geo.enabled", false);
// If you mistype the keyword, then Firefox will leak the content of your address bar to
// the default search engine instead of displaying some "The address wasn't understood" local error page
user_pref("keyword.enabled", false);
// Disable screensharing framework
user_pref("media.getusermedia.screensharing.enabled", false);
// Turn off WebRTC // see https://tinyurl.com/yc3yqnyv
user_pref("media.navigator.enabled", false);
user_pref("media.peerconnection.enabled", false);
user_pref("media.peerconnection.ice.default_address_only", true);
// Disable stat collection
user_pref("media.video_stats.enabled", false);
// Disable DNS prefetching
user_pref("network.dns.disablePrefetch", true);
// Disable speculative loading
user_pref("network.http.speculative-parallel-limit", 0);
// Disable prefetching and predicting
user_pref("network.predictor.cleaned-up", true);
user_pref("network.predictor.enabled", false);
user_pref("network.prefetch-next", false);
// Tracking protection. Though almost always ignored and useless...
user_pref("privacy.donottrackheader.enabled", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.introCount", 20);
// Overt telemetry disabling
user_pref("toolkit.telemetry.updatePing.enabled", false);
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("browser.newtabpage.activity-stream.telemetry", false);
user_pref("browser.ping-centre.telemetry", false);
user_pref("toolkit.telemetry.bhrPing.enabled", false);
user_pref("toolkit.telemetry.enabled", false);
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
user_pref("toolkit.telemetry.hybridContent.enabled", false);
user_pref("toolkit.telemetry.newProfilePing.enabled", false);
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false);
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
user_pref("toolkit.telemetry.unified", false);
user_pref("toolkit.telemetry.server", "");
user_pref("toolkit.telemetry.archive.enabled", false);
user_pref("devtools.onboarding.telemetry.logged", false);
// Disable developer experiments and onboarding
user_pref("browser.onboarding.enabled", false);
user_pref("experiments.enabled", false);
user_pref("network.allow-experiments", false);
// Disable social networking site info exchange
user_pref("social.directories", "");
user_pref("social.remote-install.enabled", false);
user_pref("social.toast-notifications.enabled", false);
user_pref("social.whitelist", "");
// Disable retrieval of safebrowsing lists
user_pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false);
user_pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false);
// Disable reporting of crash information
user_pref("dom.ipc.plugins.reportCrashURL", false);
user_pref("breakpad.reportURL", "");
// Safebrowsing sends a hash of your url to retrieve a list of partial matches.
user_pref("browser.safebrowsing.blockedURIs.enabled", false);
user_pref("browser.safebrowsing.downloads.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
// Disable Firefox Screenshots
user_pref("extensions.screenshots.disabled", true);
user_pref("extensions.screenshots.system-disabled", true);
user_pref("extensions.screenshots.upload-disabled", true);
// Stops leave-page warning
user_pref("dom.disable_beforeunload", true);
// Don't constantly check if its the default browser
user_pref("browser.shell.checkDefaultBrowser", false);
// Keep the full url to see which sites are still http and not https
user_pref("browser.urlbar.trimURLs", false);
// No need to warn us
user_pref("general.warnOnAboutConfig", false);
user_pref("browser.aboutConfig.showWarning", false);
Thanks Kein! I split it into versions 68 and 79 and put yours in the 79.
#file-_about (per request)
| Windows 10 | %APPDATA%\Roaming\Mozilla\Firefox\Profiles\XXXXXXXX.your_profile_name\user.js |
Thanks Piers-P, changes adopted
ECH replaces ESNI in Firefox 85+
Also enabled DoH by default (mode 2).
It appears as though this script does not effectively guard against data tracking methods detailed in this lawsuit. Recommend not using this script anymore as it may provide a false sense of privacy. https://www.iccl.ie/wp-content/uploads/2022/08/File-Stamped-2022-08-19-Oracle-Complaint.pdf
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I corrected the mistakes and implemented the suggestions. Thank you!