mikaela.github.io/pages/browser-extensions.markdown

10 KiB
Raw Blame History

Firefox containers

Firefox language packs

Firefox about:config

  • layout.css.devPixelsPerPx to 1.25 or 2.0 on macOS Retina to increase font size.
  • privacy.resistFingerprinting = true multiple effects to make your browser appear less unique, the ones I have found/understood:
    • warns if intl.accept_languages is not en-US, en .
    • starts the browser with common size (I love this on big displays).
    • spoofs the user-agent as the latest Firefox ESR version.
  • privacy.trackingprotection.cryptomining.enabled = true so cryptomining on some websites gets blocked and wont waste resources.
  • privacy.trackingprotection.fingerprinting.enabled = true I am not entirely sure what this does, but as I already recommend privacy.resistFingerprinting, why not?
  • intl.accept_languages to en-US, en
    • see above.
  • extensions.pocket.enabled to false so the Pocket integration goes away
  • On Linux widget.content.gtk-theme-override (a string that has to be created by user) to Adwaita:light so text boxes in dark themes become readable, thank you Dovydas Venckus
  • network.security.esni.enabled to true in order to enable encrypted SNI.
    • Requires DoH, see the next section!

DNS over HTTPS

  • network.trr.bootstrapAddress DNS server to use for resolving the DoH name, e.g. 84.200.70.40 (Resolver 2 of DNS.watch in Germany) or 149.112.112.112 (Resolver 2 of Quad9)
  • network.trr.mode 2 to prefer DoH, but fallback to system resolver (or 3 to enforce DoH without fallback)
    • DoH is required by Firefox ESNI support which encrypts SNI which would still leak which sites you visit.
    • I have ended up to recommending 2 as otherwise the DoH server going down stops DNS from working on your Firefox entirely, which may be more of a problem than unencrypted SNI as not everyone supports it.
  • network.trr.early-AAAA true to hopefully prefer IPv6
  • network.trr.uri for the actual resolver address, e.g. https://mozilla.cloudflare-dns.com/dns-query or https://dns.quad9.net/dns-query or check curl wiki

Some notes: * You can confirm TRR working by visiting about:networking#dns where you should be seeing DNS cache of Firefox and a lot of TRR: true. * Quad9 became my preferred resolver through anxiety about other options being small (and possibly more likely to go down) or commercial while Quad9 is non-profit organization and 2019-03-20 apparently the default fallback resolver of dnscrypt-proxy (at least in Debian). * Quad9 while having filtering of malicious domains should be easy to figure out as the problem if something doesnt work on my computers as due to the previously mentioned bug I am mainly using it on Firefox.

Passwords

Privacy

Tor

  • Firefox: Privacy Pass
    • Chrome
    • May reduce captchas with CloudFlare.
  • Firefox: Healthy.Onion
    • Only for Tor Browser or other browser going through Tor all the time as it redirects clearnet addresses to Tor .onion hidden services that cannot be accessed outside of Tor.

Productivity

Misc

Usability

Videos

Firefox Dictionaries