[Dril] Recommended Firefox Settings?
Brett Bonfield
brett at leadpi.pe
Thu Aug 13 17:57:59 UTC 2015
Thanks, Alison. Based mostly on the links you provided, I've been
using a similar setup:
Better Privacy
Disconnect
HTTPS Everywhere
Privacy Badger
uBlock (Origin)
And also...
Request Policy Continued
Self-Destructing Cookies
SSleuth
But not (yet?)...
Lightbeam
Terms of Service; Didn't Read
I've stayed away from NoScript because it can be so time consuming to
use properly, but wonder if that's the right decision.
This answers the question I asked, but not the question I was trying
to ask. What I want to know is...
1. What does it make sense to install on the Firefox installations on
public workstations? On staff machines? And what does it make sense to
recommend to people with basic computer stills? With advanced computer
skills?
2. Do we have a useful way to explain why we're using these extensions
and what each one does? Is there a chart of specific threats and which
extensions address those threats? Are any of the extensions redundant?
Are any of them undermining each other? You know, aside from the fact
that Panopticlick reveals that my browser is unique, and that it
conveys at least 22.45 bits of identifying information... and there's
nothing to be down about it, right?
I'm not necessarily asking for someone to answer all these questions,
unless there's a resource out there that has the answers and I've
missed it. In that case, I would love for you to direct me to it. But
if that resource doesn't yet exist, I'd be happy to help create it.
And if any EFF folks or Mozilla folks or other security or privacy
experts want to help out, that would be splendid.
Brett
On Wed, Aug 12, 2015 at 8:17 PM, Alison Macrina
<alison at libraryfreedomproject.org> wrote:
> I know you already linked to my suggestions, but here's the Firefox
> setup I have (I use Tor Browser 90% of the time, but like to have a good
> FF setup so that I'm prepared to answer questions about it for more
> basic users who aren't ready for Tor):
>
> Starting with all of these settings, which stops saved form info and 3rd
> party cookies and all of that by default:
> https://support.mozilla.org/en-US/products/firefox/privacy-and-security
>
> Privacy Badger
> Disconnect (includes Disconnect Search, but DDG works just as well and
> has a toolbar extension too)
> uBlock (better than Adblock Plus but that works too)
> HTTPS Everywhere
> Better Privacy (only for LSO/Flash cookies, so if you can't get people
> to delete Flash...)
> Lightbeam
> Terms of Service; Didn't Read
>
> I don't have NoScript on FF cause I've tried to keep it to "easy/basic
> user stuff".
>
> Alison Macrina
> Library Freedom Project
> libraryfreedomproject.org
>
> Brett Bonfield:
>> I hope to offer my first privacy training in September or October, and
>> I'd be grateful for the list's help in identifying the Firefox
>> configuration and extensions I should recommend (and how I should
>> recommend that FF users configure the recommended extensions).
>>
>> LFP has several good links:
>> * https://libraryfreedomproject.org/resources/onlineprivacybasics/
>>
>> Prism Break has several links as well (under Web Browser Addons), and
>> includes recommendations in its notes:
>> * https://prism-break.org/en/all/
>>
>> I've also seen this discussed recently in other places, including:
>>
>> * https://www.reddit.com/r/privacy/comments/3bjyws/questions_about_firefox_extensions_configurations/
>>
>> * https://news.ycombinator.com/item?id=10017778
>>
>> Thanks,
>>
>> Brett
>> _______________________________________________
>> DRIL mailing list
>> DRIL at lists.noisebridge.net
>> http://www.noisebridge.net/mailman/listinfo/dril
>>
> _______________________________________________
> DRIL mailing list
> DRIL at lists.noisebridge.net
> http://www.noisebridge.net/mailman/listinfo/dril
More information about the DRIL
mailing list