(OLD) (ARCHIVED) Puppy Linux Discussion Forum

[labbe5]

This project aims at enforcing privacy and security of Firefox without forking the project.

Librefox uses more than 500 privacy/security/performance settings, patches, Librefox-Addons (optional) and a cleaned bundle of Firefox (updater, crashreporter and Firefox's integrated addons that don't respect privacy are removed).

How to use Librefox :
Linux

Download and extract the last version of Firefox x32 release or x64 release
Download Librefox zip file and extract it
Copy the extracted Librefox files to the newly downloaded firefox directory
You can use directly Librefox by running 'firefox/firefox'
You can as well create a shortcut to 'firefox/firefox' to open Librefox easily.
https://github.com/intika/Librefox#installation-instructions

Zero unauthorized connection by default.

Download :
For 64-bit systems
https://github.com/intika/Librefox/releases/download/Librefox-v2.1-v64.0.0/Librefox-2.1-Firefox-Linux-64.0.0-x64.tar.xz

For 32-bit systems
https://github.com/intika/Librefox/releases/download/Librefox-v2.1-v64.0.0/Librefox-2.1-Firefox-Linux-64.0.0-x32.tar.xz

Recommended addons are not bundled and need to be installed manually

Cookie Master: Block all cookies and only allow authorized sites
First Party Isolation: Enable/Disable FPI with the click of a button
User Agent Platform Spoofer: Spoof a different UserAgent OS Linux/Windows/Mac
Browser Plugs Privacy Firewall: Sets of settings to prevent fingerprinting and security issues
uBlock Origin + IDCAC List + Nano-Defender List: Block web advertisement and tracking

Source : https://github.com/intika/Librefox

Further reading :
A discussion about browser fingerprinting
https://www.wilderssecurity.com/threads/browser-fingerprinting-relevance-and-countermeasures.406103/
FigLeaf app
It combines several tools to give you full control of your private information across your entire internet experience.
https://figleafapp.com/
Firefox Profilemaker
This tool will help you to create a Firefox profile with the defaults you like.
You select which features you want to enable and disable and in the end you get a download link for a zip-file with your profile template. You can for example disable some functions, which send data to Mozilla and Google, or disable several annoying Firefox functions like Mozilla Hello or the Pocket integration.
https://ffprofile.com/
Firefox: Privacy Related "about:config" Tweaks
https://www.privacytools.io/#about_config
Hardening Mozilla Firefox Quantum For Privacy & Security 2018 Edition
https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security
Firefox about:config edits
https://wiki.manjaro.org/index.php?title=Firefox_about:config_edits
Firefox about:config privacy and security settings
https://www.rationallyparanoid.com/articles/firefox-about-config-security.html

COMMENT : As a FF user, you probably use it on all your devices. Backup your FF profile once you are satisfied will your privacy tweaks and use this backup on all your instances of FF on all your devices. You will save a good amount of time, because tweaking FF for privacy is time-consuming.

about:profiles is where to find your profile directory (Root Directory).

If you prefer Chrome, fine. Your data are not important to you, fine. Some unsavory companies think your data is important and saleable.

On the other hand, you can flood such companies with a steady flow of data that are not related to your browsing sessions. Look for Noisy in Github and keep flooding Google, Facebook and lesser known tracking companies with a steady flow of data. Kodachi Linux 5.6 has this feature built-in.

Basic privacy tweaks :


beacon.enabled = false

browser.cache.disk.enable = false

browser.cache.diskcachessl = false

browser.cache.offline.enable = false

browser.pocket.enabled = false

dom.event.clipboardevents.enabled = false

dom.storage.enabled = false

geo.enabled = false

geo.wifi.uri = 127.0.0.1

media.peerconnection.enabled = false

network.cookie.lifetimePolicy = 2

network.dns.disablePrefetch = true

network.http.sendRefererHeader = 0 (this will break a few sites)

network.http.sendSecureXSiteReferrer = false

network.http.speculative-parallel-limit = 0

network.prefetch-next = false

pdfjs.disabled = true

webgl.disabled = true

Further reading :
Attention: Librefox will use the default Firefox profile on start unless you assign a new profile to it.
https://www.ghacks.net/2018/12/24/librefox-firefox-with-privacy-enhancements/

[labbe5]

https://github.com/pyllyukko/user.js/tree/relaxed

A user.js configuration file for Mozilla Firefox designed to harden browser settings and make it more secure.

[8Geee]

This is reallynot-for-nothing, but I recently did an about:config configuration pointing towards security/privacy on FF65.0.2. It is not for the faint-of-heart, or for the impatient person. I did in excess of 430 lines of re-configuration from the default. This editing can be viewed in about:support. When I did this for FF27.0.1 in AtomicPup-XIX the about:support page for that is lengthy.

***EDIT I found a delayed breakage not found in my initial run-through. I have changed the list back to original... see below.

Regards
8Geee

[muggins]

I don't know if librewolf is a derivative/spinoff of librefox, but I downloaded the
latest appimage LibreWolf-78.0.1-1.x86_64.AppImage, and it
seems to run quite well.

[mikeslr]

According to it's publisher's website "A fork of Firefox, focused on privacy, security and freedom". "It is the community run successor to LibreFox", https://librewolf-community.gitlab.io/docs/. Installation of the same addons noted by labbe5 are suggested*. Emphasis added in that the website indicates that LibreFox development stopped for some unknown reason and Librefox is its continuation.

Thanks, muggins, for calling it to our attention.

* Have to break for lunch -- a little foggy-headed due to low sugar. But that suggest to me unpacking the AppImage, running it as an external application, installing the addons and repacking.

Back from Lunch. The above was wrong. Although LibreWolf is an AppImage --IINM, mounts at /tmp-- it creates a profile in /root/.librewolf. Remember to execute a Save to preserve settings.

Most of the recommended addons were easy to install: Their names on that list are direct links to their download locations. Just click, then click to install. But the Nano-Defender List for Ublock origin lead to a dead link. Googling lead here, https://jspenguin2017.github.io/uBlockProtector/ and some complexity I haven't tried to unravel.

I also haven't figured out what is meant by "uBlock Origin: Additional filters are availables here: https://filterlists.com/ (don’t surcharge it to avoid performance loss)" under Recommended Addons Settings.

Then there's are Lists of Privacy Addons and Other Useful Addons. Looks like several hours of work for a User to figure out what is wanted and then implement that. And if my recollection is correct, you can't use your profile in a new version = do it again when you update.

Don't get me wrong. I may do the work. On the other hand; given that its profiles are in root, an unsafe location, maybe I'm better off using their recommendations on firefox run as spot. Will have to think about it.

In case you're wondering, streaming music/videos generated sound even though I didn't configure to use apulse. This was under Bionicpup64.

[Mike Walsh]

Looks like a security freak's dream. Looking in Preferences, it says they're being managed by your organization, and upon closer examination, it looks like over 95% of all settings are screwed down tighter than a Jewish financier's wallet. Almost everything is "blocked by default", so to get it working anyhow at all, you've got to spend a good chunk of time carefully configuring it, and "tailoring" it to your personal preferences...

Personally, I'm just not that paranoid. I'll definitely pass on this one, I think.


Mike.