Securing Firefox

1 minute read

</div><p>Written By: Unknown</p>

Introduction

Chaining a socks with proxychains/proxifier means forfeiting the protection of Torbutton, which leaves you open to browser fingerprinting.

Set everything up as you would at the point of entering card details (enable javascript & allow noscript), then run a test at http://ip-check.info (just cancel the pop-up).

You might get a nasty surprise at some of the info your browser is leaking. Admittedly some of it is a bit alarmist (they’re trying to sell a product after all), but some are of genuine concern – particularly if you’re trying to card the same site a few times.

I tend to use one browser (regular firefox) for only chaining proxies, and have found the following adjustments helpful. Please feel free to add to the list. http://check2ip.com is also a useful check for mismatches

about:config

Quote

geo.enabled = false

geo.wifi.uri = [leave blank]

network.http.accept.default = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

network.http.use-cache = false

network.http.keep-alive.timeout = 600

network.http.max-persistent-connections-per-proxy = 16

network.proxy.socks_remote_dns = true

network.cookie.lifetimePolicy = 2

network.http.sendRefererHeader = 0

network.http.sendSecureXSiteReferrer = false

network.protocol-handler.external = false [set the default and all the subsettings to false]

network.protocol-handler.warn-external = true [set the default and all the subsettings to true]

network.http.pipelining = true

network.http.pipelining.maxrequests = 8

network.http.proxy.keep-alive = true

network.http.proxy.pipelining = true

network.prefetch-next = false

browser.cache.disk.enable = false

browser.cache.offline.enable = false

browser.sessionstore.privacy_level = 2

browser.sessionhistory.max_entries = 2

browser.display.use_document_fonts = 0

intl.charsetmenu.browser.cache = ISO-8859-9, windows-1252, windows-1251, ISO-8859-1, UTF-8

dom.storage.enabled = false

extensions.blocklist.enabled = false

</blockquote>

Other Settings

Quote

Disable all plugins [tools -> addons -> plugins] Disable all live bookmarks [bookmarks -> bookmarks toolbar -> R/click latest headlines -> delete] Disable all updates [tools -> options -> advanced -> update] Enable ‘do not track’ feature [tools -> options -> privacy] Enable private browsing, configure to remember nothing & disable 3rd party cookies. [tools -> options -> privacy]</blockquote>

Useful add-ons

BetterPrivacy
Close n forget
Ghostery
Https-Everywhere
Modify Headers
NoScript
RefControl
User Agent Switcher

Share and Enjoy

Updated: 2014-05-11