-
-
Save MrYar/751e0e5f3f1430db7ec5a8c8aa237b72 to your computer and use it in GitHub Desktop.
# AUTHOR WARNING- recommend not using this script as it does not guard against the variety of tracking methods used by databrokers. | |
# Please see https://www.iccl.ie/wp-content/uploads/2022/08/File-Stamped-2022-08-19-Oracle-Complaint.pdf | |
# | |
# Firefox telemetry and data collection denial | |
This is a fork of haasn "Firefox bullshit removal" | |
Also heavily based off pyllyukko "Firefox hardening" https://github.com/pyllyukko/user.js/ | |
There are two versions, one for Firefox 68 Firefox and another for 70+. Thanks to Kein for the work on 70+ | |
Instead of manually editing about:config, make changes to the user.js file | |
###How to use the user.js file | |
Copy `user.js` in your current user profile, or (recommended) to a fresh, newly created Firefox profile directory. | |
The file should be located at: | |
| OS | Path | | |
| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | | |
| Windows 10 | %APPDATA%\Roaming\Mozilla\Firefox\Profiles\XXXXXXXX.your_profile_name\user.js | | |
| Windows 7 | `%APPDATA%\Mozilla\Firefox\Profiles\XXXXXXXX.your_profile_name\user.js` | | |
| Linux | `~/.mozilla/firefox/XXXXXXXX.your_profile_name/user.js` | | |
| OS X | `~/Library/Application Support/Firefox/Profiles/XXXXXXXX.your_profile_name` | | |
| Android | `/data/data/org.mozilla.firefox/files/mozilla/XXXXXXXX.your_profile_name` and see [issue #14](https://github.com/pyllyukko/user.js/issues/14) | | |
| Sailfish OS + Alien Dalvik | `/opt/alien/data/data/org.mozilla.firefox/files/mozilla/XXXXXXXX.your_profile_name` | | |
| Windows (portable) | `[firefox directory]\Data\profile\` | |
// by Kein | |
/////////////////////////// | |
// New since 68ESR // | |
/////////////////////////// | |
// TOR Uplifts features: | |
// https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks | |
user_pref("network.http.referer.XOriginTrimmingPolicy", 2); | |
user_pref("network.http.referer.XOriginPolicy", 2); | |
user_pref("network.http.referer.trimmingPolicy", 2); | |
user_pref("dom.event.clipboardevents.enabled", false); | |
user_pref("browser.urlbar.speculativeConnect.enabled", false); | |
// Cache tracking: https://www.grepular.com/Preventing_Web_Tracking_via_the_Browser_Cache | |
// user_pref("browser.cache.offline.enable", false); | |
// Isolate cookies to 1st party domain. This WILL break logins/sessions | |
// user_pref("privacy.firstparty.isolate", true); | |
// Degrades performance of animations, like scrolling | |
// user_pref("privacy.resistFingerprinting", true); | |
// WebGL and DRM media | |
user_pref("webgl.disabled", true); | |
user_pref("media.eme.enabled", false); | |
// Addons suggestions features, Highlights on Home Tab and Snippets | |
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); | |
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); | |
user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false); | |
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); | |
user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); | |
// Custom user preferences | |
user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); | |
user_pref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); | |
user_pref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); | |
user_pref("browser.newtabpage.activity-stream.showSearch", false); | |
user_pref("browser.cache.disk.parent_directory", "N:\FIREFOX"); | |
user_pref("browser.urlbar.suggest.openpage", false); | |
user_pref("browser.urlbar.suggest.searches", false); | |
user_pref("media.videocontrols.picture-in-picture.video-toggle.enabled", false); | |
user_pref("signon.autofillForms", false); | |
user_pref("signon.generation.enabled", false); | |
user_pref("signon.management.page.breach-alerts.enabled", false); | |
user_pref("signon.rememberSignons", false); | |
user_pref("network.proxy.no_proxies_on", "192.168..1/24"); | |
user_pref("network.proxy.socks_remote_dns", true); | |
// Enable DNS-over-HTTPS (DoH) | |
// See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-http | |
// lets enable this by default. Set to 0 to disable DoH, 2 set TRR/DoH as priority but falls back to native, 3 only use DoH | |
user_pref("network.trr.mode", 2); | |
// ECH replaces ESNI | |
// https://blog.mozilla.org/security/2021/01/07/encrypted-client-hello-the-future-of-esni-in-firefox/ | |
user_pref("network.dns.echconfig.enabled", true) | |
user_pref("network.dns.use_https_rr_as_altsvc", true) | |
// From: https://gist.github.com/MrYar/751e0e5f3f1430db7ec5a8c8aa237b72 | |
// Cleaned up for 79+ | |
// Turn off "Sends data to servers when leaving pages" | |
user_pref("beacon.enabled", false); | |
// Prevention of some telemetry related to the newtab | |
user_pref("browser.newtabpage.enhanced", false); | |
// "In the release channels the Mozilla location service is used to help in figuring out regional search defaults." | |
// Which means sending collectable data | |
user_pref("browser.search.region", "US"); | |
user_pref("browser.search.suggest.enabled", false); | |
user_pref("browser.search.update", false); | |
// Datareporting is telemetry | |
user_pref("datareporting.healthreport.uploadEnabled", false); | |
user_pref("datareporting.policy.dataSubmissionEnabled", false); | |
user_pref("datareporting.sessions.current.clean", true); | |
// Disables web browser access of HAL sensors | |
user_pref("device.sensors.enabled", false); | |
// Prevention of an android ADB Helper Add-on auto installer and other dev tools | |
user_pref("devtools.webide.autoinstallFxdtAdapters", false); | |
// See https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/ | |
user_pref("dom.battery.enabled", false); | |
// See https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI | |
user_pref("dom.enable_performance", false); | |
// If enabled, your list of installed addons are sent once a day to mozilla | |
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ | |
user_pref("extensions.getAddons.cache.enabled", false); | |
// Disable pocket for obvious reasons | |
user_pref("extensions.pocket.enabled", false); | |
// Geo location sends location data | |
user_pref("geo.enabled", false); | |
// If you mistype the keyword, then Firefox will leak the content of your address bar to | |
// the default search engine instead of displaying some "The address wasn't understood" local error page | |
user_pref("keyword.enabled", false); | |
// Disable screensharing framework | |
user_pref("media.getusermedia.screensharing.enabled", false); | |
// Turn off WebRTC // see https://tinyurl.com/yc3yqnyv | |
user_pref("media.navigator.enabled", false); | |
user_pref("media.peerconnection.enabled", false); | |
user_pref("media.peerconnection.ice.default_address_only", true); | |
// Disable stat collection | |
user_pref("media.video_stats.enabled", false); | |
// Disable DNS prefetching | |
user_pref("network.dns.disablePrefetch", true); | |
// Disable speculative loading | |
user_pref("network.http.speculative-parallel-limit", 0); | |
// Disable prefetching and predicting | |
user_pref("network.predictor.cleaned-up", true); | |
user_pref("network.predictor.enabled", false); | |
user_pref("network.prefetch-next", false); | |
// Tracking protection. Though almost always ignored and useless... | |
user_pref("privacy.donottrackheader.enabled", true); | |
user_pref("privacy.trackingprotection.enabled", true); | |
user_pref("privacy.trackingprotection.introCount", 20); | |
// Overt telemetry disabling | |
user_pref("toolkit.telemetry.updatePing.enabled", false); | |
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); | |
user_pref("browser.newtabpage.activity-stream.telemetry", false); | |
user_pref("browser.ping-centre.telemetry", false); | |
user_pref("toolkit.telemetry.bhrPing.enabled", false); | |
user_pref("toolkit.telemetry.enabled", false); | |
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); | |
user_pref("toolkit.telemetry.hybridContent.enabled", false); | |
user_pref("toolkit.telemetry.newProfilePing.enabled", false); | |
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false); | |
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); | |
user_pref("toolkit.telemetry.unified", false); | |
user_pref("toolkit.telemetry.server", ""); | |
user_pref("toolkit.telemetry.archive.enabled", false); | |
user_pref("devtools.onboarding.telemetry.logged", false); | |
// Disable developer experiments and onboarding | |
user_pref("browser.onboarding.enabled", false); | |
user_pref("experiments.enabled", false); | |
user_pref("network.allow-experiments", false); | |
// Disable social networking site info exchange | |
user_pref("social.directories", ""); | |
user_pref("social.remote-install.enabled", false); | |
user_pref("social.toast-notifications.enabled", false); | |
user_pref("social.whitelist", ""); | |
// Disable retrieval of safebrowsing lists | |
user_pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false); | |
user_pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false); | |
// Disable reporting of crash information | |
user_pref("dom.ipc.plugins.reportCrashURL", false); | |
user_pref("breakpad.reportURL", ""); | |
// Safebrowsing sends a hash of your url to retrieve a list of partial matches. | |
user_pref("browser.safebrowsing.blockedURIs.enabled", false); | |
user_pref("browser.safebrowsing.downloads.enabled", false); | |
user_pref("browser.safebrowsing.downloads.remote.enabled", false); | |
user_pref("browser.safebrowsing.malware.enabled", false); | |
user_pref("browser.safebrowsing.phishing.enabled", false); | |
// Disable Firefox Screenshots | |
user_pref("extensions.screenshots.disabled", true); | |
user_pref("extensions.screenshots.system-disabled", true); | |
user_pref("extensions.screenshots.upload-disabled", true); | |
// Stops leave-page warning | |
user_pref("dom.disable_beforeunload", true); | |
// Don't constantly check if its the default browser | |
user_pref("browser.shell.checkDefaultBrowser", false); | |
// Keep the full url to see which sites are still http and not https | |
user_pref("browser.urlbar.trimURLs", false); | |
// No need to warn us | |
user_pref("general.warnOnAboutConfig", false); | |
user_pref("browser.aboutConfig.showWarning", false); |
// Turn off "Sends data to servers when leaving pages" | |
user_pref("beacon.enabled", false); | |
// Prevention of some telemetry related to the newtab | |
user_pref("browser.newtabpage.directory.ping", ""); | |
user_pref("browser.newtabpage.directory.source", ""); | |
user_pref("browser.newtabpage.enhanced", false); | |
// "In the release channels the Mozilla location service is used to help in figuring out regional search defaults." | |
// Which means sending collectable data | |
user_pref("browser.search.geoip.url", ""); | |
user_pref("browser.search.region", "US"); | |
user_pref("browser.search.suggest.enabled", false); | |
user_pref("browser.search.update", false); | |
// Selfsupport sends a heartbeat | |
user_pref("browser.selfsupport.url", ""); | |
// Datareporting is telemetry | |
user_pref("datareporting.healthreport.uploadEnabled", false); | |
user_pref("datareporting.policy.dataSubmissionEnabled", false); | |
user_pref("datareporting.sessions.current.clean", true); | |
// Disables web browser access of HAL sensors | |
user_pref("device.sensors.enabled", false); | |
// Prevention of an android ADB Helper Add-on auto installer and other dev tools user_pref("devtools.webide.autoinstallADBHelper", false); | |
user_pref("devtools.webide.autoinstallFxdtAdapters", false); | |
user_pref("devtools.webide.enabled", false); | |
user_pref("devtools.debugger.remote-enabled", false); | |
user_pref("devtools.chrome.enabled", false); | |
user_pref("devtools.debugger.force-local", true); | |
// See https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/ | |
user_pref("dom.battery.enabled", false); | |
// See https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI | |
user_pref("dom.enable_performance", false); | |
// If enabled, your list of installed addons are sent once a day to mozilla | |
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ | |
user_pref("extensions.getAddons.cache.enabled", false); | |
// Disable pocket for obvious reasons | |
user_pref("extensions.pocket.enabled", false); | |
// Geo location sends location data | |
user_pref("geo.enabled", false); | |
// If you mistype the keyword, then Firefox will leak the content of your address bar to | |
// the default search engine instead of displaying some "The address wasn't understood" local error page | |
user_pref("keyword.enabled", false); | |
// Disable screensharing framework | |
user_pref("media.getusermedia.screensharing.enabled", false); | |
// Turn off WebRTC // see https://tinyurl.com/yc3yqnyv | |
user_pref("media.navigator.enabled", false); | |
user_pref("media.peerconnection.enabled", false); | |
user_pref("media.peerconnection.ice.default_address_only", true); | |
// Disable stat collection | |
user_pref("media.video_stats.enabled", false); | |
// Disable DNS prefetching | |
user_pref("network.dns.disablePrefetch", true); | |
// Disable speculative loading | |
user_pref("network.http.speculative-parallel-limit", 0); | |
// Disable prefetching and predicting | |
user_pref("network.predictor.cleaned-up", true); | |
user_pref("network.predictor.enabled", false); | |
user_pref("network.prefetch-next", false); | |
// Tracking protection. Though almost always ignored and useless... | |
user_pref("privacy.donottrackheader.enabled", true); | |
user_pref("privacy.trackingprotection.enabled", true); | |
user_pref("privacy.trackingprotection.introCount", 20); | |
// Overt telemetry disabling | |
user_pref("toolkit.telemetry.updatePing.enabled", false); | |
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); | |
user_pref("browser.newtabpage.activity-stream.telemetry", false); | |
user_pref("browser.ping-centre.telemetry", false); | |
user_pref("toolkit.telemetry.bhrPing.enabled", false); | |
user_pref("toolkit.telemetry.enabled", false); | |
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); | |
user_pref("toolkit.telemetry.hybridContent.enabled", false); | |
user_pref("toolkit.telemetry.newProfilePing.enabled", false); | |
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false); | |
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); | |
user_pref("toolkit.telemetry.unified", false); | |
user_pref("toolkit.telemetry.server", ""); | |
user_pref("toolkit.telemetry.archive.enabled", false); | |
user_pref("devtools.onboarding.telemetry.logged", false); | |
// Disable developer experiments and onboarding | |
user_pref("browser.onboarding.enabled", false); | |
user_pref("experiments.enabled", false); | |
user_pref("network.allow-experiments", false); | |
// Disable social networking site info exchange | |
user_pref("social.directories", ""); | |
user_pref("social.remote-install.enabled", false); | |
user_pref("social.toast-notifications.enabled", false); | |
user_pref("social.whitelist", ""); | |
// Disable retrieval of safebrowsing lists | |
user_pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false); | |
user_pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false); | |
// Disable reporting of crash information | |
user_pref("dom.ipc.plugins.reportCrashURL", false); | |
user_pref("breakpad.reportURL", ""); | |
// Safebrowsing sends a hash of your url to retrieve a list of partial matches. | |
user_pref("browser.safebrowsing.blockedURIs.enabled", false); | |
user_pref("browser.safebrowsing.downloads.enabled", false); | |
user_pref("browser.safebrowsing.downloads.remote.enabled", false); | |
user_pref("browser.safebrowsing.malware.enabled", false); | |
user_pref("browser.safebrowsing.phishing.enabled", false); | |
// Disable Firefox Screenshots | |
user_pref("extensions.screenshots.disabled", true); | |
user_pref("extensions.screenshots.system-disabled", true); | |
user_pref("extensions.screenshots.upload-disabled", true); | |
// Enable DNS-over-HTTPS (DoH) | |
// network.trr.mode turns on DoH. It takes the following values | |
// 0 - Default value in standard Firefox installations (currently is 5, which means DoH is disabled) | |
// 1 - DoH is enabled, but Firefox picks if it uses DoH or regular DNS based o which returns faster query responses | |
// 2 - DoH is enabled, and regular DNS works as a backup | |
// 3 - DoH is enabled, and regular DNS is disabled | |
// 5 - DoH is disabled | |
// Users may want to set to 3 temporarily to verify DoH is working | |
user_pref("network.trr.mode", 2); | |
// users can use their own DoH server URL https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-servers | |
user_pref("network.trr.uri", "https://mozilla.cloudflare-dns.com/dns-query"); | |
// If DoH doesn't work, try uncommenting the line below (1.1.1.1 is cloudflare, can use google's 8.8.8.8 also) | |
// user_pref("network.trr.bootstrapAddress", 1.1.1.1); | |
// Enable Encrypted-SNI. Its a good idea to make sure its working by checking https://www.cloudflare.com/ssl/encrypted-sni/ | |
user_pref("network.security.esni.enabled", true); | |
// --- | |
// --- Protective but not telemetry or data collection related | |
// --- | |
// Disable javascript takeover of mouse menu | |
user_pref("dom.event.contextmenu.enabled", false); | |
// Stops leave-page warning | |
user_pref("dom.disable_beforeunload", true); | |
// Don't constantly check if its the default browser | |
user_pref("browser.shell.checkDefaultBrowser", false); | |
// Keep the full url to see which sites are still http and not https | |
user_pref("browser.urlbar.trimURLs", false); | |
// No need to warn us | |
user_pref("general.warnOnAboutConfig", false); | |
// Disable automatically updating your extensions (uncomment for settings to take effect) | |
//user_pref("extensions.update.autoUpdateDefault", false); | |
//user_pref("extensions.update.enabled", false); | |
// Disable automatic upgrading to newest version. Program will still ask you if you want to upgrade. (uncomment to activate setting) | |
//user_pref("app.update.auto", false); | |
//user_pref("app.update.enabled", false); |
I'm still currently using 68 ESR as that's what Slackware comes with. I do see the need for a version of this script that works for the latest, as that's what most people will be using. I'm hesitant to remove them as it provides protection for older versions. I could fork this project and remove them for firefox 7x, though I'm not sure I'm the best to maintain it as I don't use it. Any interest in taking on new versions in your own fork, Meriipu?
I do not think I am familiar enough with all the various privacy options to take responsibility for that, unfortunately.
Updated for 79:
///////////////////////////
// New in versions 78-79 //
///////////////////////////
// TOR Uplifts features:
// https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
user_pref("network.http.referer.XOriginPolicy", 2);
user_pref("network.http.referer.trimmingPolicy", 2);
user_pref("dom.event.clipboardevents.enabled", false);
user_pref("browser.urlbar.speculativeConnect.enabled", false);
// Cache tracking: https://www.grepular.com/Preventing_Web_Tracking_via_the_Browser_Cache
// user_pref("browser.cache.offline.enable", false);
// Isolate cookies to 1st party domain. This WILL break logins/sessions
// user_pref("privacy.firstparty.isolate", true);
// Degrades performance of animations, like scrolling
// user_pref("privacy.resistFingerprinting", true);
// WebGL and DRM media
user_pref("webgl.disabled", true);
user_pref("media.eme.enabled", false);
// Addons suggestions features, Highlights on Home Tab and Snippets
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
// Custom user preferences
user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
user_pref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
user_pref("browser.newtabpage.activity-stream.showSearch", false);
user_pref("browser.cache.disk.parent_directory", "N:\FIREFOX");
user_pref("browser.urlbar.suggest.openpage", false);
user_pref("browser.urlbar.suggest.searches", false);
user_pref("media.videocontrols.picture-in-picture.video-toggle.enabled", false);
user_pref("signon.autofillForms", false);
user_pref("signon.generation.enabled", false);
user_pref("signon.management.page.breach-alerts.enabled", false);
user_pref("signon.rememberSignons", false);
user_pref("network.proxy.no_proxies_on", "192.168..1/24");
user_pref("network.proxy.socks_remote_dns", true);
// Enable DNS-over-HTTPS (DoH)
// See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-https
// user_pref("network.trr.mode", 2);
// user_pref("network.trr.uri", "https://mozilla.cloudflare-dns.com/dns-query");
// user_pref("network.trr.bootstrapAddress", 1.1.1.1);
// Enable Encrypted-SNI. Its a good idea to make sure its working by checking https://www.cloudflare.com/ssl/encrypted-sni/
// user_pref("network.security.esni.enabled", true);
// From: https://gist.github.com/MrYar/751e0e5f3f1430db7ec5a8c8aa237b72
// Cleaned up for 79+
// Turn off "Sends data to servers when leaving pages"
user_pref("beacon.enabled", false);
// Prevention of some telemetry related to the newtab
user_pref("browser.newtabpage.enhanced", false);
// "In the release channels the Mozilla location service is used to help in figuring out regional search defaults."
// Which means sending collectable data
user_pref("browser.search.region", "US");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.update", false);
// Datareporting is telemetry
user_pref("datareporting.healthreport.uploadEnabled", false);
user_pref("datareporting.policy.dataSubmissionEnabled", false);
user_pref("datareporting.sessions.current.clean", true);
// Disables web browser access of HAL sensors
user_pref("device.sensors.enabled", false);
// Prevention of an android ADB Helper Add-on auto installer and other dev tools
user_pref("devtools.webide.autoinstallFxdtAdapters", false);
// See https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/
user_pref("dom.battery.enabled", false);
// See https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI
user_pref("dom.enable_performance", false);
// If enabled, your list of installed addons are sent once a day to mozilla
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
user_pref("extensions.getAddons.cache.enabled", false);
// Disable pocket for obvious reasons
user_pref("extensions.pocket.enabled", false);
// Geo location sends location data
user_pref("geo.enabled", false);
// If you mistype the keyword, then Firefox will leak the content of your address bar to
// the default search engine instead of displaying some "The address wasn't understood" local error page
user_pref("keyword.enabled", false);
// Disable screensharing framework
user_pref("media.getusermedia.screensharing.enabled", false);
// Turn off WebRTC // see https://tinyurl.com/yc3yqnyv
user_pref("media.navigator.enabled", false);
user_pref("media.peerconnection.enabled", false);
user_pref("media.peerconnection.ice.default_address_only", true);
// Disable stat collection
user_pref("media.video_stats.enabled", false);
// Disable DNS prefetching
user_pref("network.dns.disablePrefetch", true);
// Disable speculative loading
user_pref("network.http.speculative-parallel-limit", 0);
// Disable prefetching and predicting
user_pref("network.predictor.cleaned-up", true);
user_pref("network.predictor.enabled", false);
user_pref("network.prefetch-next", false);
// Tracking protection. Though almost always ignored and useless...
user_pref("privacy.donottrackheader.enabled", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.introCount", 20);
// Overt telemetry disabling
user_pref("toolkit.telemetry.updatePing.enabled", false);
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("browser.newtabpage.activity-stream.telemetry", false);
user_pref("browser.ping-centre.telemetry", false);
user_pref("toolkit.telemetry.bhrPing.enabled", false);
user_pref("toolkit.telemetry.enabled", false);
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
user_pref("toolkit.telemetry.hybridContent.enabled", false);
user_pref("toolkit.telemetry.newProfilePing.enabled", false);
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false);
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
user_pref("toolkit.telemetry.unified", false);
user_pref("toolkit.telemetry.server", "");
user_pref("toolkit.telemetry.archive.enabled", false);
user_pref("devtools.onboarding.telemetry.logged", false);
// Disable developer experiments and onboarding
user_pref("browser.onboarding.enabled", false);
user_pref("experiments.enabled", false);
user_pref("network.allow-experiments", false);
// Disable social networking site info exchange
user_pref("social.directories", "");
user_pref("social.remote-install.enabled", false);
user_pref("social.toast-notifications.enabled", false);
user_pref("social.whitelist", "");
// Disable retrieval of safebrowsing lists
user_pref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false);
user_pref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false);
// Disable reporting of crash information
user_pref("dom.ipc.plugins.reportCrashURL", false);
user_pref("breakpad.reportURL", "");
// Safebrowsing sends a hash of your url to retrieve a list of partial matches.
user_pref("browser.safebrowsing.blockedURIs.enabled", false);
user_pref("browser.safebrowsing.downloads.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
// Disable Firefox Screenshots
user_pref("extensions.screenshots.disabled", true);
user_pref("extensions.screenshots.system-disabled", true);
user_pref("extensions.screenshots.upload-disabled", true);
// Stops leave-page warning
user_pref("dom.disable_beforeunload", true);
// Don't constantly check if its the default browser
user_pref("browser.shell.checkDefaultBrowser", false);
// Keep the full url to see which sites are still http and not https
user_pref("browser.urlbar.trimURLs", false);
// No need to warn us
user_pref("general.warnOnAboutConfig", false);
user_pref("browser.aboutConfig.showWarning", false);
Thanks Kein! I split it into versions 68 and 79 and put yours in the 79.
#file-_about (per request)
| Windows 10 | %APPDATA%\Roaming\Mozilla\Firefox\Profiles\XXXXXXXX.your_profile_name\user.js |
Thanks Piers-P, changes adopted
ECH replaces ESNI in Firefox 85+
Also enabled DoH by default (mode 2).
It appears as though this script does not effectively guard against data tracking methods detailed in this lawsuit. Recommend not using this script anymore as it may provide a false sense of privacy. https://www.iccl.ie/wp-content/uploads/2022/08/File-Stamped-2022-08-19-Oracle-Complaint.pdf
This does not appear to exist either
And these are very useful (Tools>Web Developer>Browser Toolbox [ctrl+alt+shift+i]) while not being part of telemetry or logging from what I know (but if I am wrong I would like to know).