-
Notifications
You must be signed in to change notification settings - Fork 525
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to disable these newish Firefox features? #820
Comments
|
Hey, Pants! I'm quietly following you along the way. Every day... I don't know how these are implemented, but I don't want Firefox to call home / send visited URLs anywhere / download files from servers, etc. 1. There is no way this is done locally. 2. I like to generate my passwords by myself (KeePass). Do I need this one as well: 3. I use uBlock Origin & uMatrix with custom filters. Tracking Protection means redundancy, lack of control over the filters and harder troubleshooting when something is broken. I will add this one as well: 4. If it's local and doesn't fetch info from some server, I might leave it alone. Otherwise I will add this one as well: 5. I don't want to send any info (including my IP) to any server on certificate error (or any error for that matter). I will add these two:
6. fxmonitor sounds like a spyware: 7. Is this local or the info is being send to a remote server? 8. Is this being used to fingerprint users? Rising / lowering entropy? In summary:
Is anyone else going to use some of these prefs? |
/* 6602: disable firefox's buildin tracking-protection
* uBlock origin can do this better ***/
user_pref("privacy.trackingprotection.enabled", false);
user_pref("privacy.trackingprotection.pbmode.enabled", false);
user_pref("privacy.trackingprotection.cryptomining.enabled", false);
user_pref("privacy.trackingprotection.socialtracking.enabled", false);
user_pref("privacy.trackingprotection.fingerprinting.enabled", false);
/* 6603: disable updates of the trackingprotection lists ***/
user_pref("browser.safebrowsing.provider.mozilla.updateURL", "");
user_pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); |
FF 70 keeps uploading and downloading stuff to 99.86.243.90 upon start and during use. Unlike FF 60.9.0. Any ideas? 99.86.243.68, 99.86.243.71, 99.86.243.73, 99.86.243.90, etc. I will test the versions between 60 and 70 to narrow down the possibilities. P.S.: So starting v68 something potentially very bad was introduced... |
Only disable the suggestions on 99.86.243.90 is AWS, look at |
Request URL:https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2019-12-01-23-34-03.chain |
I am also seeing content-signature-2.cdn.mozilla.net - I was under the impression it was something to do with 'certificates' whether checking or updating [?] They never seem to make it easy to figure out what they're up to. |
That would be content signature protocol of autograph service. Prior to FF69, a call to content-signature-2.cdn.mozilla.net would accompany a daily fetch of remote-settings. It would seem to be working incorrectly right now. Funny how it’s gone unnoticed. |
There's nothing we can really do about RemoteSettings because that's also how some of the useful features like blocklists, revoked certs etc get their data.
maybe not the best name for a security feature but it's definitely not spyware, last I checked. There may be some telemetry in there but since fxmonitor is now a builtin component, any such telemetry would/should probably be covered by disabling the main telemetry thing. You can also sign up to get notified if your email address shows up in any data dumps from such server breaches but that's entirely optional. Unless someone can show some proof that there's more than the intended functionality outlined above hiding somewhere in fxmonitor and because I don't feel like doing an in-depth code-review every time someone brings up a "suspiciously named" pref, I don't see a reason to disable a security feature that doesn't seem to have any downsides |
Thanks everyone for the help! As far as I understand: NOT IMPORTANT:
TO CONSIDER:
SIMPLY ANNOYING:
TO INVESTIGATE:
|
I hadn't seen that empty bar before ! (I very rarely type into the address bar) I fixed it with a CSS rule:
|
get rid of it with
|
Are these prefs enough to completely disable the features that I don't want?
1. How to disable "Show alerts about passwords for breached websites"?
user_pref("signon.management.page.breach-alerts.enabled", false);
user_pref("signon.management.page.breachAlertUrl", "");
user_pref("signon.management.page.enabled", false);
2. How to disable "Suggest and generate strong passwords"?
user_pref("signon.generation.enabled", false);
3. How to disable Tracking Protection - Cryptominers?
user_pref("privacy.trackingprotection.cryptomining.enabled", false);
4. How to disable "What's new" gift icon from toolbar and main menu?
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
Are these prefs of any interest to us?
user_pref("browser.contentblocking.report.lockwise.enabled", false);
user_pref("browser.contentblocking.report.monitor.enabled", false);
user_pref("media.mediacapabilities.from-database", false);
Thank you in advance!
The text was updated successfully, but these errors were encountered: