mikaela.github.io/browser-extensions.markdown at dcaeffded8a10fcc7aa876d451d5ec3c214b8b8c

Mikaela/mikaela.github.io

mirror of https://github.com/mikaela/mikaela.github.io/ synced 2024-11-05 03:29:28 +01:00

* add comment to Facebook container on being nice even without a Facebook
  account
* strike temporary containers
* warn about layout.perpixels likely increasing fingerprintability
* note firstparty.isolate doesn't break Finnish strong identification
* add link to ghacks-user.js for a better list on
  privacy.resistfingerprinting
    * Thanks @beerisgood ( privacytoolsIO/privacytools.io#1006 )
* bootstrapaddress remove mention to DNS.watch which I am not actively
  following/using
* mention using Quad9 DNS#2 IP directly for network.trr.uri
* add link to my Android 9 DoT post
* Strike True Sight
* Strike Healthy.Onion
* Strike Nudge by Siempo for Firefox
* move RSS extensions around
* update IPFS Companion date (still not Tor compatible)
* fix Nicer dark note location
* add ViolentMonkey for Firefox
* Strike Firefox Dark Mode (Webextension)
* Strike Zenfox
* Add Grayscale for Firefox
* add changelog links (GitHub, gitea.blesmrt.net file history pages)

Ref: #129

2019-07-13 23:58:20 +03:00

15 KiB

Raw Blame History

Ecosia search engine at Mycroft Project

Firefox containers

Facebook Container
- nice when clicking Facebook links even while not being a Facebook user
Google Container
Firefox Multi-Account Containers
~~Temporary containers~~ I am not just learning to use this properly
- Especially in Automatic mode it renders Cookie Autodelete unnecessary in my opinion and is likely more secure.
- READ THE FINE MANUAL ON THAT PAGE!

Firefox language packs

Firefox about:config

layout.css.devPixelsPerPx to 1.25 or 2.0 on macOS Retina to increase font size.
- Warning: very likely increases fingerprintability
privacy.firstparty.isolate to true for preventing domains from accessing each other’s data.
- If something breaks, it’s most likely related to this. ~~I am yet to test if this~~ Surprisingly it doesn’t breaks Finnish strong electric authentication.
privacy.resistFingerprinting = true multiple effects to make your browser appear less unique, the ones I have found/understood:
- warns if intl.accept_languages is not en-US, en .
- starts the browser with common size (I love this on big displays).
- spoofs the user-agent as the latest Firefox ESR version.
- Firefox’s protection against fingerprinting has the upstream list.
  - A better list under section 4500: RFP (RESIST FINGERPRINTING)
privacy.trackingprotection.cryptomining.enabled = true so cryptomining on some websites gets blocked and won’t waste resources.
privacy.trackingprotection.fingerprinting.enabled = true I am not entirely sure what this does, but as I already recommend privacy.resistFingerprinting, why not?
intl.accept_languages to en-US, en
- see above.
extensions.pocket.enabled to false so the Pocket integration goes away
On Linux widget.content.gtk-theme-override (a string that has to be created by user) to Adwaita:light so text boxes in dark themes become readable, thank you Dovydas Venckus
- Bug 70315: text in menus and boxes unreadable if using dark GTK theme
image.animation_mode to once in order to have gifs play once and then stop everywhere (none to never have them play).
geo.wifi.uri to https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY% in order to send nearby WiFi networks to Mozilla instead of Google. See also MLS Software.
network.security.esni.enabled to true in order to enable encrypted SNI.
- Requires DoH, see the next section!

Future note: network.dns.blockDotOnion;false ?

DNS over HTTPS

network.trr.bootstrapAddress DNS server to use for resolving the DoH name, e.g. 149.112.112.112 (Resolver 2 of Quad9)
network.trr.mode 2 to prefer DoH, but fallback to system resolver (or 3 to enforce DoH without fallback)
- DoH is required by Firefox ESNI support which encrypts SNI which would still leak which sites you visit. Another bug about ESNI + Android DoT
- I have ended up to recommending 2 as otherwise the DoH server going down stops DNS from working on your Firefox entirely, which may be more of a problem than unencrypted SNI as not everyone supports it.
network.trr.early-AAAA true to hopefully prefer IPv6
network.trr.uri for the actual resolver address, e.g. https://dns.quad9.net/dns-query or https://149.112.112.112/dns-query (removes the need for network.trr.bootstrapAddress and allows ǹetwork.trr.mode3`?) or check curl wiki

Some notes: * You can confirm TRR working by visiting about:networking#dns where you should be seeing DNS cache of Firefox and a lot of TRR: true. * Quad9 became my preferred resolver through anxiety about other options being small (and possibly more likely to go down) or commercial while Quad9 is non-profit organization and 2019-03-20 apparently the default fallback resolver of dnscrypt-proxy (at least in Debian). * Quad9 while having filtering of malicious domains should be easy to figure out as the problem if something doesn’t work on my computers as due to the previously mentioned bug I am mainly using it on Firefox. * While investingating how Android 9 Private DNS works, I also wrote a DNS provider comparsion here

SSDs

This information is from Arch Wiki on Firefox tweaks

browser.cache.disk.enable to false to only cache to RAM.
(browser.cache.memory.enable to true which should be default)
browser.sessionstore.interval to 600000 in order to only store open session every ten minutes (instead of 15 seconds) in case of crashes.
- alternatively browser.sessionstore.resume_from_crash to false to not store the session data for crash recovery at all. I think this may be the more healthy option with all the information flood and dozens of tabs.

Why?

Every object loaded (html page, jpeg image, css stylesheet, gif banner) is saved in the Firefox cache for future use without the need to download it again. It is estimated that only a fraction of these objects will be reused, usually about 30%. This because of very short object expiration time, updates or simply user behavior (loading new pages instead of returning to the ones already visited). The Firefox cache is divided into memory and disk cache and the latter results in frequent disk writes: newly loaded objects are written to memory and older objects are removed.

Firefox stores the current session status (opened urls, cookies, history and form data) to the disk on a regular basis. It is used to recover a previous session in case of crash. The default setting is to save the session every 15 seconds, resulting in frequent disk access.

and this is the reason why Firefox is at times accused of killing SSDs.

Passwords

Firefox: Bitwarden
- Chrome

Privacy

~~Firefox: Cookie Autodelete~~
- ~~Chrome~~
Firefox: HTTPS Everywhere
- Chrome
~~Firefox: Privacy Badger~~
- ~~Chrome~~
Firefox: Decentraleyes
~~Firefox: Google search link fix~~
- Copied from PrivacyTools.io, cleans Google results links. I am not actually using Google Search, so it’s useless for me.
~~Firefox: True Sight~~
- This is a CDN detector and it being a privacy extension can be debated but I just feel like putting it here. I will still say that not all CDNs are bad (IPFS). I mostly don’t have it enabled
Firefox: µMatrix
- Chrome
- It can easily replace Cookie Autodelete (block cookies for global scope), Privacy Badger (by default), NoScript and possibly others.
- Quick usage: click top half of red boxes to allow blocked content or allow everything from that domain by cliking top half of the domain box. Click the lock to remember this. For global changes, press the asterisk to have it affect everywhere by default and see the first link below.
- Reading I recommend:
  - How to block 1st party scripts everywhere by default and I suggest adapting it to block cookies too so Cookie Autodelete becomes unnecessary.
  - Ruleset recipes
  - A lot of other instructions in the wiki

Tor

Firefox: Privacy Pass
- Chrome
- May reduce captchas with CloudFlare.
~~Firefox: Healthy.Onion~~
- Only for Tor Browser or other browser going through Tor all the time as it redirects clearnet addresses to Tor .onion hidden services that cannot be accessed outside of Tor.
- I cannot figure out how to edit the list and I keep getting stuck with some dead onions. Due to these issues I am also unsure on trusting it.

Productivity

Firefox: Mind The Time
- Chrome equivalent: Webtime tracker
~~Firefox: Nudge by Siempo~~ Pulled from AMO?
- Chrome: Nudge by Siempo

Misc

Firefox: IPvFoo
- Chrome
Firefox: RSS feed preview
- Chrome: RSS
Firefox: IPFS Companion
- Firefox: beta channel of IPFS Companion
  - doesn’t sync automatically with Firefox Sync.
- Chrome
- At the time of writing, 2019-07-13, I consider IPFS as incompatible with Tor Browser as Tor browser would use the local IPFS daemon, which is not using Tor and thus the IPFS network could see your real IP especially if not many nodes are requesting the fetched content.
Firefox: Foxy Proxy
- Chrome?
- Onions to Tor, I2P to I2P. My rules
Firefox: Tab Counter
Firefox: Lightbeam
Firefox: Duolingo Boost
- Chrome: Duolingo Boost
- Bitbucket
Firefox: Violentmonkey

Usability

Firefox: Tree Style Tab
~~Firefox: Text Contrast for Dark Themes~~ see about:config section
~~Firefox: Dark Mode (WebExtension)~~ ViolentMonkey + Grayscale
- I especially like nicer dark with Memrise.
~~Firefox: Zenfox (Solarized themes)~~ Breaks the buttons in find in page CTRL + F
Firefox: Grayscale

Videos

Firefox: PeerTubeify
- Chrome: PeerTubeify
Firefox: Alternate Tube Redirector
- to redirect YouTube videos to https://invidio.us/
- GitLab

Firefox Dictionaries

Changelog: GitHub.com commits | gitea.blesmrt.net commits

15 KiB Raw Blame History Unescape Escape