Hardening Firefox!

Privacy has become an interest of mine for a few years now.
Not that i do anything wrong, nor do I have anything to hide, its just that i believe our privacy is a basic fundamental human right that is fast becoming harder to keep a hold of today.

Whilst we can develop many 'layers' of privacy/security for ourselves, in many varied area's online.....Internet Browsing is probably a good start.

If your a Firefox user (you should be) here are a few cool config tweaks anyone can implement in order to help them increase their browser and online privacy.
Some of you are already probably aware of these tweaks, but for those that aren't, here is some code:
Im using version 59.0.1 (1)
(Note: Only apply these tweaks if your comfortable with them)

More sources:
Advanced Firefox configuration hardening source code: https://github.com/pyllyukko/user.js

MozillaZine: http://kb.mozillazine.org/Category:Security_and_privacy-related_preferences

A full HTTPS search engine and a personal favorite of mine: https://duckduckgo.com/

Safe browsing geeks!

 

This is what I use.
https://www.startpage.com/

 

Thanks Eldon, I have added your suggestion to my repertoire

 

Here's a website that tests your browser for privacy.
https://panopticlick.eff.org/

Results for Firefox 56.0.2 (32-bit)


Have you done some research into browser fingerprinting?

 

Startpage.com is pretty cool Eldon.....I have been testing and its much faster than duckduckgo.com with better features me thinks!
Also:
For email security I found a really cool server based in Switzerland.......Ya, ski-ing anyone?

Its totally anonymous as it requires no personal info to sign up, keeps no IP logs and uses end-to-end data encryption on all your mail......thats right, all of your email is now encrypted for security against prying eyes including black-hat hackers!

Kick Yahoo to the curb as they are now forced to monitor all your incoming & outgoing mail under pressure from the FBI and NSA.

Naturally their servers also utilize https only!

https://protonmail.com/

Enjoy, and stay secure online geeks

 

I'm definitely having a look at ProtonMail.

 

I'm not sure I'm in the right forum. Please direct if I'm not.
First, thank you for these privacy tips on this thread. I also care very much about my privacy. I think all of us should be concerned with it. I agree with replicator that i don't have anything to hide, but privacy is a basic human right. if we lose this, we are no longer individuals but puppets to the greater invasive forces thatbe.

with that said, I do use firefox private browser, duckduckgo for a search engine and I use a VPN called TunnelBear for 8 dollars a mth (I'm very satisfied, so far). i'm wondering why MajorGeeks does not give us the option for a secure https. thanks.

wilderness wire

 

https://forums.majorgeeks.com/threads/hardening-firefox.318427/#post-2013840

This is my address bar for this page. Note the "https".

 

The forums seem to be https served, however i did note that the main domain/home page, does not serve in this protocol.
http://www.majorgeeks.com/

I guess no one is going to want to exploit a page offering free software in 'plain text', and there is no login required to access this domain, so there is no need really.

The issues begin when others are attempting to sniff login credentials for other members of the forum itself, and thats why it needs to be protected with https.

 

Thank you, Imandy Mann.

 

Thanks replicator. Yes, this is indeed what I needed explained. It makes sense that if I'm not signing into anything, there's nothing to be hacked. However, members are signed into MG forums, anyone here can see who is online and browsing. Would it be possible for MajorGeeks online members be potential hackers?

 

Still, even though I'm not signing in to anything, DuckDuckGo uses https (my favorite search engine).
anyway, I'm not a programmer or anything close to it, as I feel I know less each time I learn something new about my pc, I'm just curious about this thread on hardening firefox (my fav browser) for privacy and online security.

 

Majorgeeks.com has not been hacked since 2015.This issue was fixed.

 

If you're concerned, you can hide your online presence on MajorGeeks.
Look at you Privacy Settings.

It's possible.
Just like it's possible for members of other forums and online services.
However, the owners of MajorGeeks take great care to safeguard the forums.

 

No problem dude!

As stated, its always possible, however one must remember that https in only an encrypted tunnel so data cannot be read in plain text, as it can with http.
It wont give you elevated privileges.

If your account were hacked, the elevation level of intrusion would be severely limited by the security layers put in force by MG's.
In other words, root access to the server would be extremely difficult and the only thing a blackhat hacker may achieve with a hacked account, is to 'spoof ' posts under your name.
This is rather immature and very 'low level hacking', so the server itself should remain safe.

Fear not, the owners of this site have seen it all before over the years, and they know how to protect themselves and their members.
I feel very confident that any of your personal information, is very safe here whether you are visible online, or not!

Rep

 

Its very much a game of cat & mouse Wile........What was patched yesterday, may not be safe tomorrow.
Know what i mean?
We must continue to close whats potentially exposed.

Thats why I always harp onto others to keep all software up-to-date, especially operating systems for both clients & servers. This is very important to try and keep ahead of the wolf pack!

And on the threads point, i recommend browsing with firefox and hardening it as best we can!

Stay safe geeks!

 

Yes i know

Nothing is never safe.No matter how much security you might have it's never enough.Hackers will find ways to by pass every thing.All they need is time and denial of service attacks.

 

What they really crave is motivation......a target must be worth the time and effort.
Its a big $$ industry.

82% of all online exploitation is now performed by organized crime syndicates, its a fact!
China, Russia, North Korea, Israel and even the good ol U.S of A are old hands.

Its not like you see in the movies where a blackhat pounds away at a keyboard and bang!, he's in.
It just doesn't work like that, its way more in depth and much more difficult than portrayed by Hollywood so the motivation must exist.
And that motivation is money and power!

World War III is being fought online today by these countries because information is power, and infiltration yields the secrets that are fiercely guarded.

 

What headers are my hardened Firefox browser sending out?

Results :
host: wtfismyip.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://wtfismyip.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1

Of particular interest to me was the last line 'upgrade-insecure-requests: 1

From what i could find, this seems the most logical conclusion, which is a good thing!

 

Why updating and re-hardening is so important when it comes to web browsers!
Web server applications are the biggest source of exploit today.

Mozilla Firefox ESR Multiple Security Vulnerabilities in Identified versions :

Not Vulnerable: Mozilla Firefox ESR 52.7

 

The internet has developed hugely over just the last couple of years......Its now at a stage where a simple AV is not enough anymore.
We need to be proactive in our defence and develop better security habits.
Your Web browser is a grand start.