Difference between revisions of "Firefox privacy"

From ArchWiki
Jump to: navigation, search
m (Disconnect: I changed the link to the Disconnect page from "the offocial website" to "offocial website".)
m (Ghostery: rm useless inline code)
 
(31 intermediate revisions by 14 users not shown)
Line 1: Line 1:
[[Category:Web Browser]]
+
[[Category:Web browser]]
{{Article summary start}}
+
[[ja:Firefox プライバシー]]
{{Article summary text|Configuration and installation of recommended add-ons to the Firefox browser to improve privacy}}
+
{{Related articles start}}
{{Article summary heading|Required}}
+
{{Related|Firefox}}
{{Article summary wiki|Firefox}}: Installing and troubleshooting the Firefox browser and plugins
+
{{Related|Tor}}
{{Article summary heading|Related}}
+
{{Related|Browser Plugins}}
{{Article summary wiki|Tor}}: Anonymous proxy network
+
{{Related|Firefox tweaks}}
{{Article summary wiki|Browser Plugins}}: Acquiring and installing plugins such as [[Flash]]
+
{{Related|Firefox on RAM}}
{{Article summary wiki|Firefox Tweaks}}: Configuration and modifications
+
{{Related articles end}}
{{Article summary wiki|Speed-up Firefox using tmpfs}}: Caching the profile in RAM
+
{{Article summary end}}
+
  
This article overviews some useful extensions which enhance security and privacy while using the Firefox web browser.
+
This article overviews some useful extensions which enhance security and privacy while using the [[Firefox]] web browser.
  
 
==HTTPS Everywhere==
 
==HTTPS Everywhere==
Line 20: Line 18:
  
 
{{Note|HTTPS Everywhere does not magically enable HTTPS for every site on the internet. The site needs to support HTTPS and HTTPS Everywhere should have a ruleset configured for that site.}}
 
{{Note|HTTPS Everywhere does not magically enable HTTPS for every site on the internet. The site needs to support HTTPS and HTTPS Everywhere should have a ruleset configured for that site.}}
 +
 +
==uBlock==
 +
 +
uBlock (previously μBlock) is a lightweight, efficient blocker which is easy on [https://github.com/gorhill/uBlock#performance memory and CPU]. It comes with several filter lists ready to use out-of-the-box (including EasyList, Peter Lowe's, several malware filter lists).
 +
 +
The lead developer forked the project and created uBlock Origin. As of July 2015, most of the development is being done on uBlock Origin and the codebases are deviating substantially.
 +
 +
uBlock Origin: [https://github.com/gorhill/uBlock Github]; [https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/ Firefox Add-ons].
 +
 +
uBlock: [https://github.com/chrisaljoudi/uBlock Github]; [https://addons.mozilla.org/en-US/firefox/addon/ublock/ Firefox Add-ons].
  
 
==Adblock Plus==
 
==Adblock Plus==
  
[https://adblockplus.org/en/ Adblock Plus] can be used to stop intrusive advertisments but it can also be configured to block websites from tracking you.
+
[https://adblockplus.org/en/ Adblock Plus] can be used to stop intrusive advertisements but it can also be configured to block websites from tracking you.
  
 
Once installed visit the [https://easylist.adblockplus.org/en/ Easy List website] and add the EasyList and EasyPrivacy lists to your Adblock Plus filter subscriptions. This is done by simply clicking any of the "Add [filter] to Adblock Plus" on the webpage. This will bring up the add filter prompt. Review the details and click "Add Subscription".
 
Once installed visit the [https://easylist.adblockplus.org/en/ Easy List website] and add the EasyList and EasyPrivacy lists to your Adblock Plus filter subscriptions. This is done by simply clicking any of the "Add [filter] to Adblock Plus" on the webpage. This will bring up the add filter prompt. Review the details and click "Add Subscription".
Line 30: Line 38:
  
 
EasyPrivacy is a supplementary subscription for EasyList which removes all forms of tracking from the internet, including web bugs, tracking scripts and information collectors.
 
EasyPrivacy is a supplementary subscription for EasyList which removes all forms of tracking from the internet, including web bugs, tracking scripts and information collectors.
 +
 +
== Privacy Badger ==
 +
 +
[https://www.eff.org/privacybadger Privacy Badger] is an extension that monitors third-party trackers loaded with web content. It blocks trackers once they appear on different sites. It does not block advertisements in the first place, but since a lot of ads are served based on tracking information these are blocked as well. For more information on the mechanism, see its [https://www.eff.org/privacybadger#faq-How-is-Privacy-Badger-different-to-Disconnect,-Adblock-Plus,-Ghostery,-and-other-blocking-extensions? FAQ].
  
 
==Disconnect==
 
==Disconnect==
  
Disconnect is a open source project aimed at stopping 2,000 third-party sites from tracking a user. It encrypts data sent to popular sites and claims to loads web pages 27 percent faster. Disconnect shows its users, in real time, how many tracking attempts from Google, Twitter, Facebook, and more are stopped. It categorizes tracking attempts into advertizing, analytical, social, and content, which makes it easy to monitor how one is being tracked.
+
Disconnect is a open source project aimed at stopping 2,000 third-party sites from tracking a user. It encrypts data sent to popular sites and claims to loads web pages 27 percent faster. Disconnect shows its users, in real time, how many tracking attempts from Google, Twitter, Facebook, and more are stopped. It categorizes tracking attempts into advertising, analytical, social, and content, which makes it easy to monitor how one is being tracked.
  
Disconnect can also stop side-jacking, which utilizes stolen cookies to steal personal data. It's easy to use and well supported. It can be added to firefox at the [https://disconnect.me/ offocial website].
+
Disconnect can also stop side-jacking, which utilizes stolen cookies to steal personal data. It is easy to use and well supported. It can be added to Firefox at the [https://disconnect.me/ official website].
 +
 
 +
{{Note|Firefox gained a feature based on the Disconnect list. See [[Firefox tweaks#Enable firefox optional tracking protection]].}}
  
 
==Ghostery==
 
==Ghostery==
  
[https://www.ghostery.com/ Ghostery] is similiar to Disconnect, but is a proprietary project to track businesses which employ the use of website trackers. From the website:
+
[https://www.ghostery.com/ Ghostery] is similar to Disconnect, but is a proprietary project which employ the use of website trackers to track businesses. There is controversy due to Ghostery, Inc. being formerly known as The Better Advertising Project, and being in the business of online-advertising and market intelligence in addition to internet privacy. From the website:
  
''Ghostery tracks over 1,000 trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity.
+
''Ghostery tracks over 1,000 trackers and gives you a roll-call of the ad networks, behavioural data providers, web publishers, and other companies interested in your activity.
  
Ghostery can be installed from the [https://www.ghostery.com/download official website]. Once installed Ghostery can be configured from:
+
Ghostery can be installed from the Firefox add-on manager or from the [https://www.ghostery.com/download official website]. Once installed, Ghostery can be configured by selecting preferences from the Add-ons Manager in Firefox which will bring you to the configuration page.  It may also be configured from:
  chrome://ghostery/content/options.html
+
  
Or by selecting preferences from the Add-ons Manager in Firefox which will bring you to the configuration page.  
+
  https://extension.ghostery.com/settings
  
 
Alternatively you can configure Ghostery through the included wizard:
 
Alternatively you can configure Ghostery through the included wizard:
   chrome://ghostery/content/wizard.html
+
   https://extension.ghostery.com/intro#start
 
+
From the configuration page you can configure what 3rd party elements(3pes) Ghostery should block. When navigating the categories you can click on the individual profiles for more information about that specific company. You can also choose to clear Flash and Silverlight cookies on exit. Also, you can enable the cookie protection feature which prevents selected websites from setting cookies in your browser.
+
  
 
==NoScript==
 
==NoScript==
Line 58: Line 69:
  
 
Once installed you can configure settings for NoScript by either clicking its icon on the toolbar or right clicking a page and navigating to NoScript. You will then have the option to enable/disable scripts for the current page, as well as any third party scripts that the page is linking to. Alternatively you can choose to enable scripts temporarily for that session only.
 
Once installed you can configure settings for NoScript by either clicking its icon on the toolbar or right clicking a page and navigating to NoScript. You will then have the option to enable/disable scripts for the current page, as well as any third party scripts that the page is linking to. Alternatively you can choose to enable scripts temporarily for that session only.
 +
 +
Be aware a lot of modern websites use scripts for layout purposes, hence content may look different. For example, failed rendering due to missing fonts might occur on websites that load fonts at runtime via scripts, which were blocked by NoScript.
  
 
For more detailed configuration see the [http://noscript.net/faq NoScript FAQ].
 
For more detailed configuration see the [http://noscript.net/faq NoScript FAQ].
 +
 +
==uMatrix==
 +
[https://addons.mozilla.org/de/firefox/addon/umatrix/ uMatrix] is forked and refactored from HTTP Switchboard. It allows you to selectively block Javascript, plugins or other resources and control third-party resources. It also features extensive privacy features like user-agent masquerading, referering blocking and so on. It effectively replaces NoScript and RequestPolicy. See the [https://github.com/gorhill/httpswitchboard/wiki/How-to-use-HTTP-Switchboard:-Two-opposing-views old HTTP Switchboard wiki] for different ways how to use it.
 +
 +
For more Information visit the [https://github.com/gorhill/uMatrix project site].
  
 
==Cookie Monster==
 
==Cookie Monster==
Line 72: Line 90:
  
 
To do this open RefControl's preferences and change the setting for "Default for sites not listed:" to <Block>.
 
To do this open RefControl's preferences and change the setting for "Default for sites not listed:" to <Block>.
 +
 +
{{Note|Firefox has options to control emitted HTTP referers, possibly replacing plugins such as RefControl and Smart Referer. See [[Firefox tweaks#Referer header control]].}}
  
 
== RequestPolicy ==
 
== RequestPolicy ==
Line 78: Line 98:
  
 
For more information on cross-site requests and RequestPolicy visit [https://www.requestpolicy.com/faq.html here].
 
For more information on cross-site requests and RequestPolicy visit [https://www.requestpolicy.com/faq.html here].
 +
 +
== Configuration Tweaks ==
 +
 +
The following are privacy-focused configuration tweaks to prevent [https://panopticlick.eff.org/ browser fingerprinting] and tracking.
 +
 +
=== Enable Tracking Protection ===
 +
 +
Mozilla's built-in tracking protection may be enabled in {{ic|about:config}} by setting the following preference to {{ic|true}}:
 +
 +
  privacy.trackingprotection.enabled
 +
 +
Note that this is not a replacement for extensions such as UBlock Origin and it may or may not work with [[List of applications/Internet|Firefox forks]].
 +
 +
=== Change browser time zone ===
 +
 +
The time zone of your system can be used in browser fingerprinting. To set firefox's time zone to UTC launch it as:
 +
 +
$ TZ=UTC firefox
 +
 +
Or, set a script to launch the above (for example, at {{ic|/usr/local/bin/firefox}}).
 +
 +
=== Change user agent and platform ===
 +
 +
To change the user agent in firefox, add the following {{ic|string}} key in {{ic|about:config}}:
 +
 +
  general.useragent.override
 +
 +
The value for the key is your browser's user agent. Select a known common one.
 +
 +
{{Tip|The value {{ic|Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0}} is used as the user agent for the Tor browser, thus being very common.}}
 +
 +
{{Warning|Changing the user agent without changing to a corresponding platform will make your browser nearly unique.}}
 +
 +
To change the platform for firefox, add the following {{ic|string}} key in {{ic|about:config}}:
 +
 +
  general.platform.override
 +
 +
Select a known common platform that corresponds with your user agent.
 +
 +
{{Tip|The value {{ic|Win32}} is used as the platform for the Tor browser, corresponding with the user agent provided above.}}

Latest revision as of 13:14, 20 May 2016

This article overviews some useful extensions which enhance security and privacy while using the Firefox web browser.

HTTPS Everywhere

HTTPS Everywhere is an extension which encrypts your communication with a website. It forces a connection over HTTPS instead of HTTP wherever possible.

HTTPS Everywhere will be automatically configured and enabled upon restarting Firefox. For information on how to set up your own rules for different websites please visit the official website.

Note: HTTPS Everywhere does not magically enable HTTPS for every site on the internet. The site needs to support HTTPS and HTTPS Everywhere should have a ruleset configured for that site.

uBlock

uBlock (previously μBlock) is a lightweight, efficient blocker which is easy on memory and CPU. It comes with several filter lists ready to use out-of-the-box (including EasyList, Peter Lowe's, several malware filter lists).

The lead developer forked the project and created uBlock Origin. As of July 2015, most of the development is being done on uBlock Origin and the codebases are deviating substantially.

uBlock Origin: Github; Firefox Add-ons.

uBlock: Github; Firefox Add-ons.

Adblock Plus

Adblock Plus can be used to stop intrusive advertisements but it can also be configured to block websites from tracking you.

Once installed visit the Easy List website and add the EasyList and EasyPrivacy lists to your Adblock Plus filter subscriptions. This is done by simply clicking any of the "Add [filter] to Adblock Plus" on the webpage. This will bring up the add filter prompt. Review the details and click "Add Subscription".

EasyList is the primary subscription that removes adverts from English webpages, including unwanted frames, images and objects.

EasyPrivacy is a supplementary subscription for EasyList which removes all forms of tracking from the internet, including web bugs, tracking scripts and information collectors.

Privacy Badger

Privacy Badger is an extension that monitors third-party trackers loaded with web content. It blocks trackers once they appear on different sites. It does not block advertisements in the first place, but since a lot of ads are served based on tracking information these are blocked as well. For more information on the mechanism, see its FAQ.

Disconnect

Disconnect is a open source project aimed at stopping 2,000 third-party sites from tracking a user. It encrypts data sent to popular sites and claims to loads web pages 27 percent faster. Disconnect shows its users, in real time, how many tracking attempts from Google, Twitter, Facebook, and more are stopped. It categorizes tracking attempts into advertising, analytical, social, and content, which makes it easy to monitor how one is being tracked.

Disconnect can also stop side-jacking, which utilizes stolen cookies to steal personal data. It is easy to use and well supported. It can be added to Firefox at the official website.

Note: Firefox gained a feature based on the Disconnect list. See Firefox tweaks#Enable firefox optional tracking protection.

Ghostery

Ghostery is similar to Disconnect, but is a proprietary project which employ the use of website trackers to track businesses. There is controversy due to Ghostery, Inc. being formerly known as The Better Advertising Project, and being in the business of online-advertising and market intelligence in addition to internet privacy. From the website:

Ghostery tracks over 1,000 trackers and gives you a roll-call of the ad networks, behavioural data providers, web publishers, and other companies interested in your activity.

Ghostery can be installed from the Firefox add-on manager or from the official website. Once installed, Ghostery can be configured by selecting preferences from the Add-ons Manager in Firefox which will bring you to the configuration page. It may also be configured from:

 https://extension.ghostery.com/settings

Alternatively you can configure Ghostery through the included wizard:

 https://extension.ghostery.com/intro#start

NoScript

NoScript is an extension which disables JavaScript, Java, Flash and other plugins on any website not specifically whitelisted by the user. This extension will protect you from exploitation of security vulnerabilities by not letting anything but trusted sites (e.g: your bank, webmail) serve you executable content.

Once installed you can configure settings for NoScript by either clicking its icon on the toolbar or right clicking a page and navigating to NoScript. You will then have the option to enable/disable scripts for the current page, as well as any third party scripts that the page is linking to. Alternatively you can choose to enable scripts temporarily for that session only.

Be aware a lot of modern websites use scripts for layout purposes, hence content may look different. For example, failed rendering due to missing fonts might occur on websites that load fonts at runtime via scripts, which were blocked by NoScript.

For more detailed configuration see the NoScript FAQ.

uMatrix

uMatrix is forked and refactored from HTTP Switchboard. It allows you to selectively block Javascript, plugins or other resources and control third-party resources. It also features extensive privacy features like user-agent masquerading, referering blocking and so on. It effectively replaces NoScript and RequestPolicy. See the old HTTP Switchboard wiki for different ways how to use it.

For more Information visit the project site.

Cookie Monster

Cookie Monster is a similar extension to NoScript but will the goal of managing cookies.

From the preferences for Cookie Monster select "Block All Cookies". Once this is done, just as with NoScript, you can enable the use of cookies for specific pages from either the Cookie Monster icon on the toolbar or by right clicking the page and navigating to Cookie Monster. You have the option to accept cookies from the website in question or alternatively to only temporarily allow cookies for the current session.

RefControl

RefControl is an extension to control what gets sent as the HTTP Referer. Once installed RefControl can be configured so that no referer gets sent when navigating to a new webpage. This prevents the server from knowing which website you originated from.

To do this open RefControl's preferences and change the setting for "Default for sites not listed:" to <Block>.

Note: Firefox has options to control emitted HTTP referers, possibly replacing plugins such as RefControl and Smart Referer. See Firefox tweaks#Referer header control.

RequestPolicy

RequestPolicy is an extension for Mozilla browsers which lets you have control over cross-site requests. The latest development version lets you blacklist or whitelist requests by default. Disabling unnecessary cross-site requests leads to better privacy, safety and faster browsing.

For more information on cross-site requests and RequestPolicy visit here.

Configuration Tweaks

The following are privacy-focused configuration tweaks to prevent browser fingerprinting and tracking.

Enable Tracking Protection

Mozilla's built-in tracking protection may be enabled in about:config by setting the following preference to true:

 privacy.trackingprotection.enabled

Note that this is not a replacement for extensions such as UBlock Origin and it may or may not work with Firefox forks.

Change browser time zone

The time zone of your system can be used in browser fingerprinting. To set firefox's time zone to UTC launch it as:

$ TZ=UTC firefox

Or, set a script to launch the above (for example, at /usr/local/bin/firefox).

Change user agent and platform

To change the user agent in firefox, add the following string key in about:config:

 general.useragent.override

The value for the key is your browser's user agent. Select a known common one.

Tip: The value Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0 is used as the user agent for the Tor browser, thus being very common.
Warning: Changing the user agent without changing to a corresponding platform will make your browser nearly unique.

To change the platform for firefox, add the following string key in about:config:

 general.platform.override

Select a known common platform that corresponds with your user agent.

Tip: The value Win32 is used as the platform for the Tor browser, corresponding with the user agent provided above.