My Advanced Privacy Settings for Firefox
The default privacy settings of Firefox are sort of sub-optimal. Here comes a list of advanced settings. In Firefox open a new tab about:blank and enter about:config into the address field. In the search field above the table with all known settings, enter telemetry, and here are my adjustments:
Note, the setting in purple color needs to be created.
Telemetry
|
Setting name
|
Value
|
app.update.lastUpdateTime.telemetry_modules_ping
|
2147483647
|
browser.newtabpage.activity-stream.feeds.telemetry
|
false
|
browser.newtabpage.activity-stream.telemetry
|
false
|
browser.newtabpage.activity-stream.telemetry.ping.endpoint
|
|
browser.newtabpage.activity-stream.telemetry.ut.events
|
false
|
browser.ping-centre.telemetry
|
false
|
browser.urlbar.eventTelemetry.enabled
|
false
|
devtools.onboarding.telemetry.logged
|
true
|
devtools.telemetry.tools.opened.version
|
{}
|
dom.security.unexpected_system_load_telemetry_enabled
|
false
|
media.wmf.deblacklisting-for-telemetry-in-gpu-process
|
false
|
privacy.trackingprotection.origin_telemetry.enabled
|
false
|
security.app_menu.recordEventTelemetry
|
false
|
security.certerrors.recordEventTelemetry
|
false
|
security.identitypopup.recordEventTelemetry
|
false
|
security.protectionspopup.recordEventTelemetry
|
false
|
security.ssl.errorReporting.url
|
|
services.sync.telemetry.maxPayloadCount
|
0
|
services.sync.telemetry.submissionInterval
|
2147483647
|
telemetry.fog.test.localhost_port
|
-1
|
telemetry.number_of_site_origin.min_interval
|
2147483647
|
telemetry.origin_telemetry_test_mode.enabled
|
false
|
toolkit.telemetry.archive.enabled
|
false
|
toolkit.telemetry.bhrPing.enabled
|
false
|
toolkit.telemetry.cachedClientID
|
0
|
toolkit.telemetry.coverage.opt-out
|
true
|
toolkit.telemetry.debugSlowSql
|
false
|
toolkit.telemetry.ecosystemtelemetry.enabled
|
false
|
toolkit.telemetry.enabled
|
false
|
toolkit.telemetry.firstShutdownPing.enabled
|
false
|
toolkit.telemetry.geckoview.batchDurationMS
|
0
|
toolkit.telemetry.geckoview.maxBatchStalenessMS
|
0
|
toolkit.telemetry.geckoview.streaming
|
false
|
toolkit.telemetry.ipcBatchTimeout
|
0
|
toolkit.telemetry.pioneer-new-studies-available
|
false
|
toolkit.telemetry.hybridContent.enabled
|
false
|
toolkit.telemetry.infoURL
|
|
toolkit.telemetry.newProfilePing.enabled
|
false
|
toolkit.telemetry.previousBuildID
|
2050000000000
|
toolkit.telemetry.reportingpolicy.firstRun
|
false
|
toolkit.telemetry.server
|
|
toolkit.telemetry.server_owner
|
|
toolkit.telemetry.shutdownPingSender.enabled
|
false
|
toolkit.telemetry.shutdownPingSender.enabledFirstSession
|
false
|
toolkit.telemetry.testing.overrideProductsCheck
|
false
|
toolkit.telemetry.unified
|
true
|
toolkit.telemetry.updatePing.enabled
|
false
|
DNS over HTTPS
DoH is tearing a huge hole in my anti tracking and anti ad measures. I have installed my void-zones-tools on my FreeBSD server which is our gateway into the internet, and the mechanism works by informing so called void zones to the local DNS resolver. DoH would bypass this and render said measures non-functional. I want to make sure that Firefox under no circumstances would use DoH.
To begin with, I added the following Domains related to DNS over HTTPS to my customized list of void zones: /usr/local/etc/void-zones/my_void_hosts.txt:
...
# telemetry
...
0.0.0.0 detectportal.firefox.com
0.0.0.0 services.mozilla.org
0.0.0.0 telemetry.mozilla.org
...
# DoH blocking - list to be extended in the future
0.0.0.0 cloudflare-dns.com
0.0.0.0 dns.swmnbn.com
...
Now back to Firefox, under about:config in the search field above the table with all settings, enter trr - mnemonic for Trusted Recursive Resolver - vulgo DoH. My adjustments are:
|
Setting name
|
Value
|
network.trr.allow-rfc1918
|
false
|
network.trr.blacklist-duration
|
60
|
network.trr.bootstrapAddress
|
|
network.trr.confirmationNS
|
|
network.trr.credentials
|
|
network.trr.disable-ECS
|
true
|
network.trr.early-AAAA
|
false
|
network.trr.max-fails
|
0
|
network.trr.mode
|
5
|
network.trr.request-timeout
|
0
|
network.trr.uri
|
|
network.trr.useGET
|
false
|
network.trr.wait-for-portal
|
true
|
Copyright © Dr. Rolf Jansen - 2018-10-26 11:34:55
Discussion on Twitter: 1082833247468425216
|
