I use uBlock Origin and make some changes to the default settings. Have seen recommend configs, but haven’t gotten to implement them yet.

What do you do to make Firefox even more privacy respecting and secure?

  • Nerd02@forum.basedcount.com
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    Regular firefox with enhanced protection on by default + ublock origin does most of the work for me. Personally I also like to add a user agent switcher on top of it. Oh and the Facebook container extension, that one is a must.

  • CAPSLOCKFTW@lemmy.ml
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago
    • Ublock origin
    • noscript
    • localCDN
    • tampermonkey with anti ad blocker blocker scriipts
    • ptivacy redirects
    • ShittyKopper [they/them]@lemmy.w.on-t.work
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Both LocalCDN and any anti ad-block scripts are useless nowadays. uBO by itself does quite a bit of defusing itself as long as no other extensions conflict with it (so, make sure it’s the only ad blocker you have) (also enable the built-in annoyance filters. They deal with anti-adblocks as well)

      Noscript can also be replaced with uBO’s dynamic filters/advanced mode. Read it’s wiki if you want to learn how

      • CAPSLOCKFTW@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Please elaborate how LocalCDN is useless.

        Anti ad blocker blocker scripts have been installed because of ad blocker blocker who blocked me using ublock origin. After enabling the anti ad blocker never bothered me again and since i have other user scripts and write my own occasionaly, tampermonkey isn’t useless at all.

        noScript has a very convienient menu and is superior to ublock regarding usability (when it comes to selectivly blocking scripts). No need to read a wiki. Therefore I prefer it.

    • sycamore@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      I also use ghostery, ad-guard, and one that cleans trackers from linked urls. I forgot what it’s called.

  • 🇺🇦 seirim @lemmy.pro
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Also try to use the Container feature in Firefox. I have acting Google all contained in one subset for example, so none of their tabs gets a view on my other tabs.

  • Sidneys1@infosec.pub
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    Lots of good ones in this thread, but one I don’t see is Adnauseam. Think of it as the inverse of uBlock Origin, in fact it is based on UO and you can even access the UO UI in it.

    Basically: they can’t track you if you don’t load any trackers, sure.

    But they also can’t track you if you “click” literally every ad, plus it messes with their ad revenue calculations and tracking statistics.

  • RvTV95XBeo@sh.itjust.works
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    1 year ago

    A lot of people mentioning things like Privacy Badger, NoScript, ClearURLs, Ghostery, etc. Can anyone explain to me what benefit these provide over a properly configured uBO setup?

    My understanding is these are all redundant, and just serve to slow things down or provide ways to leak your data (looking at you Ghostery…)

    Also saw a comment about Multi Account Containers. I don’t see this as necessary, at least in my case, ever since they introduced first party cookies isolation by default. The only application I see is if you want to log into the same website with two different accounts, e.g., using Outlook for work and personal email on the same machine.

    tl;dr - FF+uBO=dream team

  • Brickfrog@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I use one of the security hardening user.js profiles as a baseline for Firefox e.g. https://github.com/pyllyukko/user.js

    Beyond that I don’t go crazy with extensions but I do still use NoScript to block javascript by default & only enable it for domains I choose. For ad blocking stuff I handle that at the router level with pfSense + the pfBlockerNG package.

    • privsecfoss@feddit.dkOP
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      +1 for Cookie Autodelete. Forgot to mention it. Have some more advanced options than the native cookie delete, fx whitelisting. Privacy Badger broke some things for me but I think I’ll give it another shot given the fine recommendations in this thread.

      • ArtificialLink@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        When privacy badger breaks something i just turn it off for that site if i HAVE to use it. Otherwise i find another site.

  • Mx Phibb@reddthat.com
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    No Script, UBlock and container tabs, specifically I have containers for Reddit, Google, Amazon, Pixiv and Discord.

  • plactagonic@beehaw.org
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I have few profiles set up - stock, changed settings, different extensions…

    I then use the one for the task I do - need to use Google I use Google profile, work stuff and simple search have different profiles …

  • Lvxferre@lemmy.ml
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago
    • Canvas blocker - prevents some usage of javascript for fingerprinting.
    • Change Geolocation - the actual reason that I use it is not privacy, but to prevent Google from forcing local results (I set my geolocation to Antarctica). However you can use it for privacy, specially if you live in a small town.
    • Decentraleyes - prevents tracking through content delivery.
    • Ninja Cookie - handles cookies banners, telling them that you don’t allow cookies. It’s one of those extensions where QoL is privacy, since those banners are often crafted in a way to tire you out so you allow cookies.
    • uBlock Origin - I guess most people here know about it.
    • Decentraleyes - prevents tracking through content delivery.

      Decentraleyes is AFAIK severely outdated. Use LocalCDN if you must, though I personally am not convinced there’s any real threat model where these are useful.

      • Lvxferre@lemmy.ml
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        Thanks for the info - this is the sort of stuff that I installed a long time ago, then forgot about it. I’ll look for further info on LocalCDN.