Even after switching to the Quantum version (becoming a much faster browser than the old versions) and many popular add-ons could not be used, Mozilla Firefox remains the best browser when you think about security, privacy and regular updates.
Mozilla Firefox lets you use the best of the best when it comes to security and privacy. You can do this in three simple ways:
1. Mozilla Firefox security settings
2. Mozilla Firefox Add-ons
3. Hidden settings in about:config
The lists for each of the three above are huge. I could write dozens of pages to describe in full and I would never reach the end. I will try to show only the basic settings for each category.
1. Security and privacy settings for Mozilla Firefox
If you want to get to Firefox’s settings, open the browser and click on the three horizontal lines at the top right of the address bar and then click Options.
Now, you can choose from the categories on the left and we will take them one at a time.
a) General.
When Firefox starts – Show a blank page. Firefox will open an empty page when it starts. The same can be done by choosing Show your home page and below in the home page box to write “about: blank” without quotation marks. If Firefox opens https://www.google.com on the startup page for example, it would already be a problem. Google already locates you by IP address and you will be redirected to the nearest Google site (probably in your own language). Cookies will be set for this site. If you attempt to change your location by using a VPN or something, you will be recognized by the old fingerprint.
Digital right management (DRM) content – unchecked. Digital Rights Management (DRM) is a technology that enables online video and audio services to enforce that their content is used in accordance with their requirements. Once you uncheck this feature, HTML5 DRM will disappear from your hard drive, but you will have problems using Netflix, Amazon Prime and Hulu.
Firefox Updates – Allows Firefox to – Never check for updates (checked). Use a background service to install updates automatically (unchecked) and Automatically update search engine (unchecked). Why do we need all of these? Sometimes, after updating Firefox, some settings change and you do not want that. Also, if you hit the Search Engine list, you want your settings to not be changed automatically by updates.
b) Search
Add search bar in toolbar – checked. If you want to use a search engine you want to do this in a dedicated space, not on the address bar.
Default search engine – DuckDuckGo (or any other than Google)
Provide search suggestion – Off. Recommended means that you’re often tracked.
c) Privacy and security
“Remember logins and passwords for websites” – disabled. “Remember” means neither privacy nor security.
History – Firefox will – Use custom settings for history – “Remember my browsing and download history” – disabled, Remember – “Remember search and form history” – disabled, “Clear history when Firefox closes” – enabled and in the Settings tab (on the right) enable all options (at least Site Preferences and Offline Website Data) and then click OK.
“Accept cookies and site data from websites (recommended)” – enabled. Choose Keep until – I close Firefox and “Accept third-party cookies and site data” – Never. You don’t want cookies from the advertiser X when you are browsing the site Y. Never!
Tracking protection – Use “Tracking Protection to block known trackers” – choose Always, “Send websites a “Do Not Track” signal that you don’t want to be tracked” – also choose Always. Although it does not apply to all web sites, it’s good to set them up.
Firefox data collection and use – just uncheck all of them.
2. Security and privacy add-ons for Mozilla Firefox
There are tons of add-ons that boast about security and privacy for Firefox. The problem is that many of them create problems navigating on some sites, and others do not really do anything.
I use the following add-ons in Firefox:
a) uBlock Origin: In addition to removing unwanted ads with this plug-in, its settings can turn on some important security features: Prevent WebRTC from leaking local IP address or Block remote fonts. To enable the settings, after installing uBlock origin, click on its icon in the top bar and under the big blue button (for On / Off) there are four icons. Click the one on the right (open the dashboard). There you have all the uBlock Origin settings.
Canvas Blocker: it helps you get over your browser’s Canvas fingerprint. I wrote a tutorial on canvas fingerprinting and self defense. Install the plug-in and set everything up as in this tutorial. Until Mozilla Firefox closes, you will have the same fingerprint, but after closing it (all windows) you will have another fingerprint.
3. Hidden settings of Firefox in about:config
To reach these settings, type “about:config” in the address bar and press the Enter key. You will be warned that you have entered a dangerous area. Click on “I accept the risk” and you will have a huge table with hidden settings of Mozilla Firefox, ordered by default in an alphabetical order.
Settings can be changed by double-clicking on the name of that specific setting.
Their values can be any of the three: boolean (true or false), integer (a number), or string (a string of characters). The boolean type changes automatically by double-clicking from true to false and from false to true without any other action by the user. For integer and string types, you can change the value in a box that opens up when you double click the setting. You can write another number (for integer) or a string (for string).
Settings that are changed will appear in bold, whereas the default ones appear in the normal font. Also, in the Status column, the modified ones appear as “modifies” and the untouched ones are “default”.
To change a setting, start writing in the Search box and the list of settings will change as you type.
Let’s modify:
media.peerconnection.enabled – Can enable Web RTC (Real Time Connections, PeerConnection and DataChannels). The default is true and it must be set to false
network.dns.disablePrefetch – In theory, it’s a very good option. The browser will use future DNS data in the future. Prefetching is to speed up things for the user. But for security and privacy, this is a big problem. You do not want to expose your DNS server previously used. The default option is false and you must set it true.
geo.enabled – I do not think you want to show your real location regardless of the situation. The default is true and you must set it false.
geo.wifi.uri – Your localization is not the best idea, especially when it’s based on Google’s wireless networks map. There’s no point in using a proxy or a good VPN if this feature in your browser will expose your real location. The default is a Google address. Simply delete it or write 127.0.0.1 instead
network.proxy.socks_remote_dns – If you use a proxy or socks set in your browser, Firefox also allows you to use the DNS servers of the proxy or socks address. This will not expose your DNS server. The default option is false and must be changed to true.
Of course there are additional settings, but I have mentioned earlier that this topic can stretch over hundreds of pages. With these settings and plug-ins you will not be perfectly covered on the internet, but at least you will get the people trying to track you down in a lot of trouble. And do not forget that it is very important that you hide your IP address through a high quality VPN service. Otherwise, the advice I gave you does not make any sense.