BLog

ImprintImpressum
PrivacyDatenschutz
DisclaimerHaftung
Downloads 

My Advanced Privacy Settings for Firefox

The default privacy settings of Firefox are sort of sub-optimal. Here comes a list of advanced settings. In Firefox open a new tab about:blank and enter about:config into the address field. In the search field above the table with all known settings, enter telemetry, and here are my adjustments:

Note, the setting in purple color need to be created.

Telemetry

Setting name Value
app.update.lastUpdateTime.telemetry_modules_ping 2147483647
browser.newtabpage.activity-stream.feeds.telemetry false
browser.newtabpage.activity-stream.telemetry false
browser.newtabpage.activity-stream.telemetry.ping.endpoint  
browser.newtabpage.activity-stream.telemetry.ut.events false
browser.ping-centre.telemetry false
devtools.onboarding.telemetry.logged true
devtools.telemetry.tools.opened.version {}
media.wmf.deblacklisting-for-telemetry-in-gpu-process false
security.ssl.errorReporting.url  
services.sync.telemetry.maxPayloadCount 0
services.sync.telemetry.submissionInterval 2147483647
toolkit.telemetry.archive.enabled false
toolkit.telemetry.bhrPing.enabled false
toolkit.telemetry.cachedClientID 0
toolkit.telemetry.coverage.opt-out true
toolkit.telemetry.debugSlowSql false
toolkit.telemetry.enabled false
toolkit.telemetry.firstShutdownPing.enabled false
toolkit.telemetry.hybridContent.enabled false
toolkit.telemetry.infoURL  
toolkit.telemetry.newProfilePing.enabled false
toolkit.telemetry.previousBuildID 0
toolkit.telemetry.reportingpolicy.firstRun false
toolkit.telemetry.server  
toolkit.telemetry.server_owner  
toolkit.telemetry.shutdownPingSender.enabled false
toolkit.telemetry.shutdownPingSender.enabledFirstSession false
toolkit.telemetry.unified true
toolkit.telemetry.updatePing.enabled false

DNS over HTTPS

DoH is tearing a huge hole in my anti tracking and anti ad measures. I have installed my void-zones-tools on my FreeBSD server which is our gateway into the internet, and the mechanism works by informing so called void zones to the local DNS resolver. DoH would bypass this and render said measures non-functional. I want to make sure that Firefox under no circumstances would use DoH.

To begin with, I added the following Domains related to DNS over HTTPS to my customized list of void zones: /usr/local/etc/void-zones/my_void_hosts.txt:

...
# telemetry
...
0.0.0.0 detectportal.firefox.com
0.0.0.0 services.mozilla.org
0.0.0.0 telemetry.mozilla.org
...
# DoH blocking - list to be extended in the future
0.0.0.0 cloudflare-dns.com
0.0.0.0 dns.google.com
...

Now back to Firefox, under about:config in the search field above the table with all settings, enter trr - mnemonic for Trusted Recursive Resolver - vulgo DoH. My adjustments are:

Setting name Value
network.trr.allow-rfc1918 false
network.trr.blacklist-duration 60
network.trr.bootstrapAddress  
network.trr.confirmationNS  
network.trr.credentials  
network.trr.disable-ECS true
network.trr.early-AAAA false
network.trr.max-fails 0
network.trr.mode 5
network.trr.request-timeout 0
network.trr.uri  
network.trr.useGET false
network.trr.wait-for-portal true

Copyright © Dr. Rolf Jansen - 2018-10-26 11:34:55

PROMOTION