Category Archives: Tutorials

Tutorials for a variety of subject matter

Tutorial

Firefox Configuration Guide for Privacy Freaks and Performance Buffs

See the revision history at the end of this document for a list of changes.

Introduction

Many of us are aware of the immense threats to our privacy and security posed by a plethora of technology corporations, governments and malicious hackers, some of which often go to great lengths to monitor our communications and web browsing habits. Governments and their “intelligence” apparatuses not only spy on each other, but on the citizenry as well and they leverage the services of many mega-corporations to do so, including Google, Facebook, Verizon, Comcast, Amdocs and countless others, many of which most of us have probably never heard of. While this data may be used for relatively benign purposes, such as displaying ads in our web browser, all too often the intentions are far more sinister and invasive. Much of what Edward Snowden has brought to the table is not new at all, but it seems the information has been presented in a way that has captured the attention of much of the public, prompting those who value their privacy to seek ways to mitigate the threats. The goal of this guide is to help the reader to thwart some of the efforts to track and profile us as we surf our way around the World Wide Web.

For many of us, our web browser is the primary interface we use to explore the digital world and it is therefore necessary for any privacy conscious individual to consider what information our web browsers are sending and receiving and how that information can be used to track our on-line activities and profile us. Only then can we take action to circumvent some of these threats.

Contrary to the statements made in The Mozilla Manifesto, it is my opinion that the non-profit, multi-million dollar Mozilla Foundation is hardly concerned with the privacy of its software audience, particularly when considering its flagship product, the Firefox web browser. This is readily apparent when one considers the array of ethically challenged multinationals which Mozilla has chosen to partner with, including Google, Yahoo, Microsoft, Telefónica, LG Electronics, Sony, Verizon, Cisco and others. Even the now defunct Firefox Pocket service was tied to a 3rd party company and it seems more “features” are being added with each iteration of the browser. Google Chrome is no better and Internet Explorer isn’t worth the effort required to express an opinion.

That being said, i think Firefox is still a good product in many ways and it is certainly one of the most versatile and hackable mainstream web browsers going. Because it is open source and wide open to customization, i believe the Gecko family of browsers are good candidates for those who wish to reduce their exposure to privacy and security threats. The folks behind the Tor Project seem to think so as well since Firefox is included in their Tor Browser Bundle, though i suspect possibly not for much longer.

This guide covers primarily the configuration of Firefox and the add-ons we will be employing and ends there. For additional privacy you may wish to consider using a VPN. Personally i use and recommend AirVPN due to their privacy policy, ethics, price, great service and the fact that they run a lot of servers all around the world and do not restrict any protocol, including BitTorrent traffic.

Audience

This guide is intended for those who are somewhat technically inclined, or are at least willing to learn, and who wish to reduce the threats to their privacy while enhancing browser security and performance. We will attempt to accomplish these goals while maintaining a reasonably carefree web browsing experience which means there will be some trade-offs between security and privacy for ease of use, but you can always adjust to suit your particular needs. This guide is not intended as a complete solution for those whose well-being depends on anonymity (whistle-blowers, etc.) or who require secure methods of transmitting data (journalists, etc.), though it may be a worthy supplement to more specific information. This guide is, a), a work in progress and b), not authoritative since i do not claim to be an authority on Firefox, Internet security or digital privacy. There are simply too many technologies, options and attack vectors for me to comprehend in something as incredibly complex as the modern web browser.

Though this guide is centered around Firefox, it should also be useful to users of other Gecko-based programs, including the SeaMonkey and Iceweasel browsers, as well as the Mozilla Thunderbird email client.

The Mozilla Firefox browser is based on the Gecko layout engine and, as with any mainstream browser, it is a very complex beast consisting of millions of lines of code and hundreds of configuration options, many of which are interlinked, obscure, or even completely hidden. Change a few settings without knowing what you’re doing and things can go south pretty quick. Poorly coded add-ons can compound the problem, especially when they conflict with one another. Here we will attempt to accomplish our goals in an efficient manner with a minimal dependency upon 3rd party add-ons.

There is a huge selection of Firefox add-ons for tweaking privacy and security, some of the most popular of which are Adblock Plus and it’s derivatives, NoScript, Flashblock, Ghostery, Web of Trust, BetterPrivacy, Lightbeam, Disconnect, Self-Destructing Cookies, Cookies Manager+, Request Policy, Policeman, Bluhell Firewall, RefControl, Smart Referer, HTTPS Everywhere and many, many others. With some possible exceptions, we won’t be using any of these, yet will retain most of the important functionality of most of them with just two add-ons along with a plethora of changes to our Firefox configuration.

A bit of a trade-off should be expected as we tighten up on security and privacy insomuch as some websites will cease to function properly until the settings for the affected sites are adjusted. Anyone who has used a content filter such as NoScript will understand that certain resources must be allowed for many websites to function in a way that is acceptable to us. As with NoScript however, the process of allowing these resources with the add-ons suggested herein, usually requires little more than a mouse click or two and a page refresh. Furthermore, once we have visited all of our favorite websites and made the necessary adjustments, our workload will be greatly reduced. Nevertheless, you should be prepared to put a little more effort into your web browsing experience in general and expect the occasional hard-case which will require more fiddling than usual to get a particular site to function properly. The pay-off however is a much cleaner, faster web that is less able to track and profile us as well as a hardened browser that is more resistant to attack.

Terminology

AMO: The Mozilla add-ons website.

Browser fingerprinting: A method whereby a web server attempts to uniquely identify your browser using various methods, including information contained in the HTTP headers, information collected with JavaScript, querying cached data, enumerating installed plug-ins and languages and more. For more information, see A Primer on Information Theory and Privacy.

Browser storage (web storage: cache, cookies, etc.): The modern web browser is a far more sophisticated tool than most people probably realize. In addition to HTTP cookies and web caching, a web server can store data using local and session storage, indexedDB storage, window.name storage and Etag cache storage. If you are concerned about preserving your inherent right to privacy, you have far more to worry about than so-called “cookies” which were once just simple text files.

Crapware: For the purpose of this document, crapware is considered to be code that is included in a browser or browser extension which is not relevant to the functionality users expect from main program. The term crapware encompasses adware, tracking mechanisms and malicious code. Crapware is often added to browser extensions (add-ons) by a marketing company or solo developer for the purpose of monetizing the extension. Crapware can present a significant threat to user privacy and browser security.

CDN: A Content Delivery Network is a service that often hosts reusable content, such as graphics and scripts, which website authors can leverage to make pages load faster.

CSS: Cascading Style Sheets are used to format and beautify website content. CSS itself presents no risk to privacy or security so far as i am aware since it is used only to apply visual styling to HTML elements, however it can be used for nefarious purposes when combined with a scripting language such as JavaScript.

Domain / Sub-domain / Hostname: For the purposes of this document a domain name and a hostname are interchangeable, both being human-friendly names for a website, such as example.com. A 1st party domain is the website you are currently viewing, (12bytes.org at the moment) while a 3rd party domain could be a web server which supplies content to the 1st party domain. For example, the web page http://example.com/video may include a video that is provided by youtube.com, making youtube.com a 3rd party domain. A sub-domain is a separate part of the main domain. For example, sub.example.com is a sub-domain of example.com.

TLD: Top Level Domain. For example, com is the top level domain in example.com.

HTTP/HTTPS: Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure are protocols used for sending and receiving data across the Internet. For HTTP, an unsecured, unencrypted connection to the server is established, while a secure, encrypted connection is used with HTTPS. One reason you should be concerned with unencrypted connections is the fact that it is possible for anyone between your computer and the site you are visiting, including your ISP (Internet Service Provider), to eavesdrop on your traffic and discover exactly where you are going and what you are looking at. While browser extensions like HTTPS Everywhere will attempt to encrypt your connection whenever possible, some web servers simply do not offer HTTPS. For this reason i will again point out the advantage of using a VPN.

JavaScript: A powerful programming language that is used to run code within the browser. Although JavaScript is used by many websites for legitimate reasons, it can also be used maliciously to perform a wide variety of attacks against the browser and your privacy.

UI/GUI: A User Interface, also known as a Graphic User Interface, is the graphical portion of a program usually containing various controls, such as buttons, check-boxes and other widgets which allow you to interact with the underlying code. UI’s are often referred to as “windows”.

Web server: For the purpose of this document, a web server is a computer that is connected to the Internet which hosts (serves) one or more websites.

Prerequisites

Getting Firefox

There are several flavors of Firefox other than the mainstream release, including the Firefox ESR (Extended Support Release) version which is usually an older version that may not contain the latest features, but may be more stable. If you’re running Linux, you may already have Iceweasel installed, which is nearly identical to Mozilla Firefox. Another option is the Firefox Developer Edition which, though i have not tested it with the configuration outlined in this guide, should work fine. Another option is Cyberfox from 8pecxstudios, though, again, i have not tested it with the configuration outlined in this guide. Cyberfox may be more privacy-centric than other versions in that several phone-home features have apparently been gutted, including telemetry, health reporting and possibly the Google “Safe Browsing” feature. One caveat with Cyberfox is that, like Pale Moon, it uses a different format for some of the profile files which requires using a tool to convert your current Firefox profile should you want to import your data. As for the many other custom builds of Firefox, a lot of them are not worthwhile and can/will cause problems due to bugs, add-on incompatibilities, etc.. The last time i tried Pale Moon i ran into some problems as well, though that was long ago and so the issues i had may not be issues any longer so feel free to try it.

Firefox post install cleanup

Some browsers that are based on Firefox may have some extensions, plug-ins and/or search engines preinstalled. Take care to check for this and uninstall or disable any extras that you don’t want. The search engine configuration files are located in the \Mozilla Firefox\browser\searchplugins folder. I suggest reading my guide, Opting out of the Firefox / Google / Yahoo partnership, for information about how Mozilla monetizes Firefox with the included search engines and what you can do to opt out of this affiliate scheme if you so choose.

If you have already run Firefox, you may notice that it has installed the OpenH264 Video Codec plug-in by Cisco Systems without asking you. Currently this plug-in seems to be used only for the WebRTC feature. If you do not use these features and do not want the browser to load this plug-in, you can delete the \gmp-gmpopenh264 folder in your profile directory along with the all of its contents. To prevent re-installation, make sure the configuration preferences media.gmp-gmpopenh264.enabled and media.gmp-gmpopenh264.autoupdate are both set to false (they already are in the user.js file linked to below) before the browser is restarted.

Browser object caching

Browser caching is a disk intensive activity. If you intend to store cache data, i would suggest storing it in system RAM rather than on your hard drive if you have enough memory available. Even 50 or 100 megabytes of space can help reduce disk workload for websites which you visit often. In addition to minimizing hard drive wear and tear, your web browser will be able to render revisited pages faster as long the resources for the site are still cached. The settings in Pants/ghacks user.js file will accomplish this, so if you do not want to store web cache in RAM, you will need to change these settings accordingly. Note that Firefox requires cache size values to be in kilobytes where 1024 KB = 1 MB.

The user.js file

The primary user.js file we will be using is a result of allot of effort by ‘Pants’ whose work became rather popular when it was published under the title, A comprehensive list of Firefox privacy and security settings by Martin Brinkmann at ghacks.net. Pants’ work is also published on GitHub which is where we will be getting it from.

Make sure to download the version which corresponds to the major version of Firefox you are using, so if your Firefox version is 51.0.1 for example (51 being the major version), then download version v51 of the user.js file.

Whether you want to use my user.js file in addition to Pants’ one is entirely optional. My user.js file depends entirely upon the Pants/Ghacks user.js file above and is intended to be appended to his, not replace it. Some of my preferences are original and some are copies of his where i changed the values to suit my own needs. In the latter case i tend to be slightly more relaxed with my privacy and security settings in return for a less problematic web surfing experience. My user.js also contains preferences to enable smooth, dynamic scrolling when using a mouse wheel.

Pants and i both follow a similar versioning scheme except i add a revision number after the major version number, so where his version might be v51, mine would be v51r1 if it is the first revision, v51r2 for the second revision and so on. You will want the latest revision that corresponds to the major version of Firefox that you’re running. How to combine the two files will be discussed later so just save them for now.

The necessary (and not so necessary) add-ons

This guide depends heavily upon the following add-ons:

  • uMatrix: You can think of uMatrix as a browser firewall which can block requests to 1st and 3rd party resources such as JavaScript, images, CSS, plug-ins, frames and more. uMatrix works with Firefox, Chrome and Opera and is available on AMO.
  • uBlock Origin: uBlock Origin, by the same developer of uMatrix, is a powerful content filter which works similarly to uMatrix but is tailored to blocking ads. These two excellent extensions compliment each other nicely when they are configured properly. uBlock can use the same filter lists as Adblock Plus for blocking ads, as well as many more which it cannot. There are currently two versions available; the original by Raymond Hill which has been renamed to uBlock Origin, and a fork by Chris Aljoudi which you do not want to use. uBlock Origin is an active project that offers features not found in Chris’ build, which appears to be dead anyway.

The following add-ons are optional, but recommended:

  • Decentraleyes: this add-on helps protect privacy and speeds-up page rendering by loading several common JavaScript resources locally rather than fetching them from a CDN. If you use this add-on, you will need to whitelist several domains in uMatrix. When adding the list of domains, be sure that no block rules exist for the same domains.
  • Load from Cache: similar to, but not the same as Decentraleyes, Load from Cache forces the browser to reuse cached data instead of downloading it again. The two work well together.
  • Clean Links: helps to protect user privacy by striping tracking/garbage parameters from URLs, such as those used by Google Analytics (utm_source, etc.). Unfortunately this add-on was removed from AMO due to an apparent issue with e10s support, but the developer has stated that they may submit a different build to AMO in the future. In the mean time you can get the add-on at GitHub or wait until it is back on AMO.
  • BetterPrivacy: install this if you are using the Adobe Flash Player plug-in. If you do not use the Flash plug-in, and i suggest you don’t (you can still watch many/most videos), you can try the EmbedUpdater add-on which will convert the code used to embed video in 3rd party websites so that the HTML5 player is used instead of Flash. Most 1st party sites, such as YouTube, already make use of the HTML5 player.

The following add-ons are completely optional:

  • NoScript Security Suite: since uMatrix will be used to block scripts, this functionality is not required from NoScript, though it may add a bit more protection in terms of cross-site request forgeries, click hijacking and possibly other areas. If you use NoScript, i would recommend disabling global script blocking and use uMatrix to handle scripts, though you could do it the other way around if you wanted.
  • Cookie Controller: apparently handles cookies, local and session storage, though in a manual and granular way that appears to require significant user interaction. I much prefer to handle browser storage with uMatrix.

For more possibilities regarding add-ons, see my article Firefox Extensions: My Picks.

If you’re running Windows and want to unpack an add-on to have a look at the code, you can use 7-Zip. I believe the built-in Windows archive utility can unpack .xpi files also, though you may have to add the .zip extension.

Automatic add-on updates

Regarding automatic add-on updates, they are disabled in the user.js files that are linked to below and i would highly suggest keeping them disabled and checking for updates manually on a regular basis. The problem with automatic add-on updates is that developers may, at any time and without warning, partner with or sell their work to a 3rd party which often results in adding code to monetize the add-on at the cost of your privacy. Examples of some very popular extensions which contain such crapware are Abduction, a screen capture utility, Quick Locale Switcher, a language switcher, FasterFox Lite, a largely useless utility which claims to speed-up Firefox, BlockSite, a content blocker, Google’s Search By Image, a reverse image search utility, and many others. Not all of these extensions contained crapware when they were first developed which is why i strongly suggest keeping automatic add-on updates disabled and reading the change logs and privacy policies carefully each time an update is available. The downside to this is that you need to remember to check for updates manually, perhaps once daily.

For peace of mind, you can also search your prefs.js file for all instances of “http” and check what the URLs are used for. If you want to disable the functionality you can simply add the preference to your user.js file and replace the URL with “”, or localhost, or you could point the URL to localhost in your HOSTS file.

Backup your current profile

Before you make any changes, be sure to back-up your current Firefox profile (click here to find it if you don’t already know). The easiest way to do this is to simply to select the profile folder inside the /Firefox/ folder, press Ctrl+C to copy it, then Ctrl+V to paste it in the same place with a different name. I might suggest keeping the original name and just appending .bak to the copy. Next, delete your current user.js file if you have one in your profile folder, but keep the one in your backup profile.

Editing the user.js file

If you do not have a comprehensive understanding of the the user.js file that is used by Firefox, i highly suggest reading this wiki article at GitHub.

We will be changing many Firefox preferences and storing them in a custom user.js file. You should always use this file to add, remove or change settings that you want to keep across sessions instead of editing the prefs.js file or using about:config. If you’re running Windows i would suggest using a quality text/code editor that has syntax highlighting such as Notepad++ or PSPad (the latter being a little simpler to use) for editing code. Linux users will likely already have something suitable installed, like Kate.

Build your new user.js file by starting with the Pants/ghacks file and then, if you want to use my settings also (it’s fine if you don’t), simply append the code from my user.js to his. If you already have a user.js file, you will want to be sure to address any preferences which may be duplicated in your new user.js file in order to avoid unexpected results.

!!! IMPORTANT !!!

Please read through this section in its entirety before making any changes in order to gain an understanding of exactly what we will be doing and how to revert those changes should it be necessary.

Because my user.js file is updated frequently and i wish to avoid the hassle of editing these settings for public consumption each time i update it, the settings in it are a direct copy of both Pants’ and my personal settings. You should therefore read all of the comments and review each of these settings carefully as it is very likely that you will want to change some of them. See below for my advice on how to edit the existing settings, as well as adding your own.

In the user.js file(s) you downloaded, you will notice the presence of a bogus preferences, “ghacks_user.js.parrot“, that Pants and i insert at the beginning of each section of our preferences. Firefox reads the user.js file from the top down and, if it encounters a syntax error, it will ignore everything following that error. Not good! To make it easy to discover whether Firefox loaded all of the preferences, these bogus preferences, which Firefox essentially ignores, are used for troubleshooting (this will be explained later).

If you want to make changes to your new user.js file, such as incorporating settings from your old one, or change anything else in it, i highly recommend appending all of your changes to the end of the file in your own custom section instead of editing the settings throughout the file. You will find an example section has already been created at the end of my user.js file for you to place your personal preferences. There is a very good reason why i suggest placing your preferences at the end of the file. Again, these user.js files is updated frequently and therefore it will be vastly easier to simply delete the contents of the old file, with the exception of your personal settings which you appended to the end of it, and copy and paste the contents of the new files above your personal preferences which avoids the headache of having to sift through the entire file trying to remember and edit everything you changed.

Making changes to your user.js file is easy to do. For example, the value for the preference browser.tabs.warnOnClose might be ‘false‘ and you might want to change it to ‘true‘ to have Firefox warn you when you try to close it with multiple tabs still open. The best way to accomplish this is to copy that line of code (user_pref("browser.tabs.warnOnClose", felse);) and paste it at the end of the file in your own personal preferences section where you would then change ‘false‘ to ‘true‘. Having duplicate preferences with different values is not a problem since Firefox will use the value of the last one it reads, thus why you need to place your personal settings at the end of the file and not the beginning.

At this point it is important to read all of the comments and review each of the settings in your new user.js file to be sure each preference is configured the way you want, preferably before you start Firefox. As stated above, any preferences you want to change should be copied to your personal preferences section at the end of the file where you will then make the change to the preference value. Note that if you comment out or delete a setting after having run Firefox, that setting will likely remain active because it will have been copied to the prefs.js file, so if you want to comment out or remove something from your new user.js file, you should do so before starting Firefox. If you delete or comment out a setting after you have run Firefox, simply enter about:config in the Firefox address bar, find the preference, right click it, click ‘Reset’ and restart Firefox. The preference will then be deleted after the browser starts. This only need be done if you remove or comment out a preference and is not necessary when simply changing their values.

Once you are finished editing your new user.js file, simply drop it in your profile folder alongside prefs.js and start Firefox.

Verifying the integrity of your user.js file

This integrity check should be performed every time you edit or update your user.js file.

When you run Firefox for the first time after making any changes to your user.js file, the first thing you should do is check the value of the troubleshooting preference by entering about:config in the address bar and searching for the ghacks_user.js.parrot preference. If you are using only the Pants/Ghacks file and have not added anything more to it, then the value should be “No no he's not dead, he's, he's restin'! Remarkable bird, the Norwegian Blue“. If you have appended my user.js to his and have not added anything more to the file, then the value should be “12bytes.org settings loaded” If you have added anything to the file in your personal preferences section at the bottom, and regardless of which user.js you are using, the value should be whatever you set it to, such as “user settings loaded“. An example troubleshooting preference and further instructions are contained in my user.js.

If the value for the troubleshooting preference is not what you expect, then you can use it to quickly determine in which section the syntax error lies. It will not tell you on which line the problem exists, but at least you will know in which section to begin looking. Some common mistakes (at least that i have made) are forgetting to end a line with a semi-colon, forgetting a bracket, a quote character or comma, a typo in user_pref, forgetting to put string values in quotes, or mistakenly putting quotes around integer or boolean values.

Updating the user.js file

If you want to keep up with the latest and greatest version of the user.js files that are published, you might want to the following:

Before updating your user.js, be sure the ones you download correspond to the version of Firefox you are using as described earlier. If you followed my advice and located your personal preferences at the end of the file in your own personal preferences section, then your job should be very easy. All you need to do is:

  1. backup your current profile (might want to dump your old backup if you were happy with the way Firefox was working)
  2. open your current user.js and delete everything above your personal preferences section if you created one
  3. copy everything from the new file(s) and paste it above your personal preferences section, being sure to paste the ghacks code first and then mine above yours
  4. check the change-logs for the new user.js files so you can determine whether you need to change anything in your personal preferences section
  5. start Firefox and check the value for the troubleshooting preference as described in the ‘Verifying the integrity of user.js‘ section

Add-on configuration

Between the features offered by Firefox, uMatrix and uBlock Origin, we have some overlapping functionality and it is therefore necessary to configure our settings with this in mind.

uMatrix

We will be using uMatrix as a browser firewall to block entire domains and specific content (cookies, CSS, images, plug-in enumeration, JavaScript, XHR, frames and ‘other’ requests) from both 1st and 3rd party domains, while uBlock Origin will handle the advertising and malware site blocking.

uMatrix configuration

After installing uMatrix, click the tool bar icon, then click the black title-bar to access the Dashboard:

Click the uMatrix title-bar to access the Dashboard
Click the uMatrix title-bar to access the Dashboard

Following are my recommended setings for each tab:

uMartix configuration - Settings tab
uMartix configuration – Settings tab
uMatrix configuration - Privacy tab
uMatrix configuration – Privacy tab

The content for the My rules tab will be set using the pop-up UI, so we need not worry about this now.

For the Hosts tab, uncheck all of the options since we will be using uBlock Origin to handle our filter lists.

Next, close the Dashboard tab and click the tool bar icon once again to display the pop-up UI.

In order to deter tracking by the web server, i would recommend configuring uMatrix as shown below. To begin, we need to reconfigure the default global settings — the settings that will affect every website we visit. When configuring uMatrix, it is critical to set the proper scope for the filter settings. In the image below, i happen to be visiting github.com, though the website you are currently viewing does not matter. What does matter is the scope in which we are working. Because “github.com” is displayed in the upper left block, all of the rest of the settings will apply only to github.com:

uMatrix configuration - scope selection
uMatrix configuration – scope selection

Since we want to adjust global settings, we need to click the blue block and change the scope to the global scope:

uMatrix configuration - setting the global scope
uMatrix configuration – setting the global scope

The scope block will change to an asterik:

uMatrix configuration - global scope set
uMatrix configuration – global scope set

Other than the scope block, most of the rest of the blocks are divided into an upper and lower half. Clicking the upper half will toggle the whitelisting of a domain or resource, while clicking the lower half will toggle the blacklisting of a domain or resource. What we want to do is globally allow all CSS and images for 1st party domains only and block everything else by default. Click the blocks until your settings match those shown here:

uMatrig configuration - setting global defaults
uMatrig configuration – setting global defaults

When you are finished, don’t forget to click the padlock icon to save the changes:

uMatrix configuration - saving changes
uMatrix configuration – saving changes

The upper part of the pop-up UI should now look like the following:

uMatrix configuration - saving settings
uMatrix configuration – saving settings

While the configuration of our global settings for uMatrix is now complete, the result is that many websites will not function properly and therefore we must configure the settings for each site we visit. While this may be a nuisance, the up-side is that we will be better protected against browser tracking, malware and other attacks.

uMatrix usage

Make sure to read the uMatrix manual to learn how to configure it for each domain you visit. The one very important point i would make is that you note the scope of the matrix before making adjustments to the settings. Remember: if you have the global scope selected (the upper-left box is an asterisk as shown above), then any rules you create will affect all websites, whereas if the scope is set to the current domain being visited, then the rules will affect only that domain.

uBlock Origin

uBlock Origin is a powerful content filter which can be used to prevent the loading of resources, or hide page elements when load blocking is not possible. While uBlock Origin can block in-line, 1st party and 3rd party JavaScript, ads, images, frames and more, we will be using primarily for ad, tracking and malware blocking. uBlock can use all of the same filter lists as Adblock Plus/Edge plus other lists they cannot. It also features a wizard for easy element hiding and a network request logger which is invaluable for troubleshooting when a website does not display and/or function properly.

Because uBlock filters unwanted content, websites will generally load much faster while still retaining all the functionality we require once the rules are configured properly for each site.

uBlock Origin configuration

Once the uBlock icon is on your tool-bar, click it to reveal the pop-up UI, then click the dark colored title-bar at the top to reveal the configuration UI:

uBlock Origin - title-bar
uBlock Origin – title-bar

Folowing are my recommended settings for uBlock Origin:

uBlock Origin configuration - Settings tab
uBlock Origin configuration – Settings tab

Note that we are not enabling the ‘I am an advanced user’ option since all dynamic filtering will be handled by uMatrix.

uBlock Origin configuration - 3rd-party filters tab
uBlock Origin configuration – 3rd-party filters tab

For the ‘My filters’ tab, i have added a few filters which override any exception filters that may be used in the 3rd party filter lists because i want to be sure they are always blocked:

! override exceptions in existing filter sets - see: https://github.com/chrisaljoudi/uBlock/wiki/Privacy-stuff
||google-analytics.com^$important
||platform.twitter.com/widgets.js$third-party
||gravatar.com^$third-party
||doubleclick.net^$important
||adserver.yahoo.com^$important

The ‘My rules’ tab is empty since we are using uMatrix to create our filtering rules.

The ‘Whitelist’ tab can be left as it is by default.

uBlock Origin usage

We are not using the advanced dynamic blocking features of uBlock Origin since this functionality is being handled by uMatrix. As such, there is basically nothing to configure or adjust after the initial setup, other than possibly disabling uBlock Origin for those websites where you do not want it to run. This is done simply by clicking the big blue power button (this setting will be remembered across browser sessions). Lastly, don’t forget about these important tools:

uBlock main UI - misc. tools
uBlock main UI – misc. tools

The eyedropper will open a wizard for hiding page elements that are not covered by the static filters and the other icon will open the network request log which can be extremely helpful for those occasional hard-cases when a website does not display and/or function properly and you have trouble determining why.

Clean Links configuration

You can enable all of the options, though some will be ignored when running when the Event Delegation Mode is enabled. While i prefer to have Clean Links rewrite and highlight links in real time, the developer has stated that the code for accomplishing this is old and unmaintained, therefore i personally use the Event Delegation Mode.

Securing DNS traffic

The Domain Name System (DNS) is an infrastructure which uses DNS resolvers to convert human-friendly domain names (example.com) to IP addresses (255.255.255.255) which are used by the computers that route internet traffic. The problem with DNS is that this traffic is not encrypted or secured and is therefore open to various attacks. To help secure your DNS traffic, please read my guide, Encrypting DNS Traffic (and why you want to).

Testing your configuration

The images below are from the JonDonym IP check website.

The first image is a result of a completely default Firefox release version 39.0 configuration with no add-ons or plug-ins installed.

JonDonym IP Check test - before
JonDonym IP Check test – before

This next image was captured after the configuring Firefox release version 39.0 as outlined in this guide. While the difference may not seem significant, some key changes have been made to help protect our privacy and security (see the list below the image).

JonDonym IP Check test - after
JonDonym IP Check test – after

HTTP header test results:

  • Cookies: Cookies have been blocked
  • Authentication: The sending of authentication data to 3rd party sites has been blocked
  • Cache (E-Tags): Although we remain vulnerable to E-tag cache tracking, the threat has been greatly reduced since we are using uMatrix to clear the browser cache at a regular interval. The only way to completely defeat this tracking technique that i am aware of is to completely disable both the disk and memory cache.
  • HTTP session: No change
  • Referrer: We score poorly here because the IP Check test tool is not aware that we are using uMatrix to spoof the referrer
  • Signature: No change
  • User-Agent: We score poorly here because the IP Check test tool is not aware that we are using uMatrix to randomize the User-Agent string at regular intervals
  • SSL_session_id: n/a (the connection was not encrypted)
  • Language: No change
  • Content types: No change
  • Encoding: No change
  • Do-Not-Track: The DNT header has been enabled, though this is largely useless
  • plug-ins test: These tests were not run because no browser plug-ins were installed

JavaScript test results (disabling JS would alleviate all of the these concerns):

  • JavaScript: We score poorly here because the IP Check test tool is not aware that we are using uMatrix to allow JS on a per-domain basis
  • Tab name: No change
  • Tab history: No change
  • Local storage: Local storage is being deleted by uMatrix after it is no longer needed
  • Screen: No change
  • Screen (usable): No change
  • Browser window: No change
  • Browser bars: No change
  • WebGL: WebGL has been disabled in the user.js configuration file
  • Browser type: No change
  • System: No change
  • Fonts: No change

Following is the uMatrix configuration that was used for the test. All other uMatrix and browser settings are consistent with those suggested earlier:

uMatrix configuration used for IP Check test
uMatrix configuration used for IP Check test

You can run your own tests using these resources:

Troubleshooting

General: Both uMatrix and uBlock Origin have the ability to log network requests, similar to how a firewall log might work. This can be a great help when troubleshooting website display or functionality issues. On the uMatrix pop-up UI you will notice a tiny ‘window’ icon that can be clicked to reveal the network request log. See the Logger documentation to learn how to use this feature.

Website does not display correctly: uMatrix: Check that content is allowed for the domain, as well as other domains which supply content to it.

Problems making a purchase: Firefox: make sure to allow 1st party cookies. uMatrix: Check that content is allowed for the domain, as well as other domains which supply content to it. If you are forwarded to a payment gateway such as PayPal during the transaction, make sure that content is allowed for the payment gateway domain, as well as other domains which supply content to it.

Firefox add-ons used in this guide

Further reading on 12bytes.org

References and resources

Revision history

Click to expand...

11-APR-2015

  • first publishing

14-APR-2015

  • removed all Shim Storage add-on information since this functionality is duplicated in HTTP UserAgent cleaner.
  • almost all of the documentation for HTTP UserAgent cleaner was heavily revised.
  • various other edits and corrections.

15-APR-2015

  • updated user.js file
  • several other small updates and a few corrections

16-APR-2015

  • updated user.js file
  • switched uBlock versions since a new fork was created
  • updated uBlock images and documentation
  • added a “Current notices” section
  • misc. other corrections/updates/edits

17-APR-2015

  • updated and added more information for uBlock
  • updated one HTTP UserAgent cleaner screen-shot
  • misc. other corrections/updates/edits

18-APR-2015

  • updated HTTP UserAgent cleaner information
  • for HTTP UserAgent cleaner settings, the suggested settings were split into Suggested global setting for casual browsing and Suggested global setting for best protection.

22-APR-2015

  • updated information for HTTP UserAgent cleaner
  • updated user.js file
  • minor updates to uBlock information
  • misc. other minor changes

23-APR-2015

  • updated some HTTP UserAgent cleaner information
  • deleted information for 2 bugs regarding the X-Forward-For setting for HTTP UserAgent cleaner since they were not bugs
  • misc. other minor changes

25-APR-2015

  • updated information for HTTP UserAgent cleaner, including adding descriptions for the newly added features, Canvas and Fonts on the HTTP tab
  • updated the user.js file
  • updated some definitions of terms used in this document
  • added some more resources

26-APR-2015

  • updated the information for the Fonts filter on the HTTP tab of HTTP UserAgent cleaner

2-MAY-2015

  • updated HTTP UserAgent cleaner information to match changes in version 0.7.4.11a

3-MAY-2015

  • added Pure URL as a suggested add-on
  • updated contents of the user.js file
  • added and edited some information for HTTP UserAgent cleaner
  • added more resources in the References section

5-MAY-2015

  • updated list of recommended filters for uBlock
  • updated user.js file contents

13-MAY-2015

  • updated user.js file contents
  • updated a few settings recommendations for HTTP UserAgent cleaner

14-MAY-2015

  • minor updates to user.js file contents

17-MAY-2015

  • added information for securing DNS traffic
  • misc. minor updates

5-JUN-2015

  • switched to Raymond Hill’s version of uBlock
  • updated uBlock filter information
  • added Fetch information for new version of HTTP UserAgent cleaner
  • updated user.js file contents
  • misc. minor updates

25-JUN-2015

  • updated uBlock settings to match the current development version (0.9.9.2)
  • misc. minor updates

8-JUL-2015

  • removed HTTP UserAgent cleaner since it is no longer being developed
  • removed Self Destructing Cookies add-on since its functionality can be handled by uMatrix
  • added uMatrix

9-JUL-2015

  • added more info for uMatrix and IP Config test results
  • updated user.js file contents
  • various other edits

13-JUL-2015

  • Minor edits for uMatrix usage text

20-AUG-2015

  • updated user.js file
  • removed pcxFirefox as a suggested 3rd party build since i had display corruption issues with it

5-FEB-2016

  • updated user.js file contents

12-FEB-2016

  • updated user.js file contents

29-APR-2016

  • updated guide information
  • updated user.js file and added a revision history to the file

1-MAY-2016

  • updated user.js file

12-MAY-2016

  • updated user.js file
  • minor grammar/spelling corrections

3-JUN-2016

  • corrected an error with pref ‘layout.css.devPixelsPerPx’ where the value was an integer instead of a string – this caused all prefs following it to be ignored

17-JUN-2016

  • set ‘browser.fixup.hide_user_pass’ back to its default value
  • added ‘network.http.redirection-limit’

23-JUN-2016

  • added some basic information for configuring the Clean Links add-on

1-JUL-2016

  • corrected ‘plugin.scan.*’ values to be strings
  • added bogus preferences in the user.js file at the end of each section for troubleshooting potential loading problems

3-JUL-2016

  • changed the name of the troubleshooting/bogus preference to 12bytes.org-user-js-settings and added values to indicate the point at which the file stopped loading – a huge thanks to commenter ‘Pants’ for suggesting the troubleshooting preference and also for suggesting a far better way of implementing it than what i had done (by the way, ‘Pants’ is the author of the user.js config file used in the ghacks article, A comprehensive list of Firefox privacy and security settings by Martin Brinkmann, so i’m very glad to have his input here)

16-SEP-2016

  • removed duplicate preferences in use.js file (see change-log in the file for details)

28-SEP-2016

  • removed Extension Defender from the list of recommended add-ons since it’s home page is gone and the code hasn’t been updated in two years
  • updated user.js file

18-FEB-2017

  • switched to using Pants’ config v0.11 and mostly just appending my settings to the end of his – because this is a major update, no history of changes to individual preferences will be published

19-FEB-2017

  • published my user.js on GitHub which was forked from Pants’ code
  • removed my user.js code from this page and linked to it on the GitHub page instead
  • changed my versioning scheme to match Pants’ where the user.js version coincides with the version of Firefox it was developed for, so v51r1 would equate to version 51.x of Firefox and the r1 signifies the revision, in this case the first revision
  • updated user.js to include v51 of Pants’ config – no preference changes so far as i know, just added/removed/changed comments
  • updated text in user.js section to account for the new changes
  • changes to comments and troubleshooting preference names and values, other minor changes

20-FEB-2017

  • updated user.js to version 51r2 – see the GitHub page for the change-log
  • updated info here regarding the user custom preferences section of user.js

12-MAR-2017

  • deleted the GitHub repository which i forked from Pants’ ghacks repository and created a new repository which does not include his code
  • some changes to user.js
  • some major editing of this document mostly in regard to the creation and changes of the GitHub repositories
Firefox Add-Ons Puzzle

Firefox: Troubleshooting Add-On Issues

If you notice a problem after installing an add-on, there are some fairly simple steps you can take to troubleshoot the issue before contacting the developer. In my experience, problems with add-ons are usually a result of a conflict with 1) a setting in prefs.js, 2) a setting in user.js, 3) another add-on, or 4) something in userchrome.css or usercontent.css. Whatever the case, the following information should help you to troubleshoot the issue.

For the non-techies, here are brief descriptions of some of the Firefox configuration files:

  • prefs.js: This is the main configuration file that controls much of how the browser looks and works. The file exists in the root of your Firefox profile directory. The contents of this file can be viewed and edited by entering “about:config” in the address bar, however you should not typically edit this file directly since your changes can be lost. For troubleshooting purposes however, we will be ignoring that rule of thumb.
  • user.js: This file does not exist until you create it in the root of your Firefox profile directory. Any preferences that you wish to change in prefs.js or about:config that are not available in the Firefox options interface, and which you want to preserve across Firefox updates, should be entered in this file.
  • userChrome.css: This file does not exist until the you create it in the chrome folder of your Firefox profile. userChrome.css is used to modify the appearance of virtually any element in the Firefox user interface.
  • userContent.css: This file does not exist until the you create it in the chrome folder of your Firefox profile. userContent.css can be used to modify the appearance or behavior of web pages.

One helpful asset for troubleshooting add-on related problems is the Firefox console, but this is not always the case. A diagnostic extension such as Preferences Monitor may also be of use. This guide is oriented more towards the novice, which is fitting considering i am no expert myself.

If you suspect an add-on is conflicting with another add-on

  1. Start Firefox and disable all add-ons except the one that is giving you trouble. When enabling or disabling add-ons, you need not restart Firefox until after you have toggled the state of all the add-ons you want to change.
  2. Restart Firefox and verify whether the problem still exists and, if so, then it’s probably not due to another add-on, in which case you can skip the rest of the troubleshooting steps and go to the How to submit a support request to an add-on developer section.
  3. One at a time, enable the other add-ons, restarting Firefox each time if you are asked to do so, until the problem reoccurs. At this point you have likely isolated the conflicting add-ons and can contact each of the respective developers. See the How to submit a support request to an add-on developer section.

If the problem is not related to another add-on

This is where it can get tricky and the following is one method of troubleshooting a problem for those who are not comfortable using the Firefox console, or where the console did not provide any useful information. This method works well and is fairly simple, but can be time consuming. You will need a capable tool for editing your configuration files, such as Notepad++.

The first thing you need to do is exit Firefox and create a new, clean profile and backup your current profile. The easiest way to do this is to rename your current profile, perhaps by adding an underscore to the beginning of the file name, then create a new folder with the same name, less the underscore. Do not copy anything from your backup profile to the new profile.

Next, start Firefox and install only the problematic add-on and verify that the problem still exists. If it does not, which is likely to be the case, then you know the problem is related to something in your old profile. If it does still exist, then it is likely to be the fault of the add-on developer and you can skip the rest of this guide and file a bug report with them. Assuming the former scenario however, you can begin a process of elimination in the following way:

  1. Exit Firefox
  2. One at a time, beginning with prefs.js and then user.js and any chrome configuration files if they exist, copy a single file from your backup profile into your new profile, overwriting any existing file if prompted.
  3. Restart Firefox and check if the problem reappears.
  4. Continue this process until the problem reappears, at which point you will know that the cause lies within the last file that was copied into the new profile.

If the problem lies in one of the configuration files (prefs.js, user.js, userchrome.css, usercontent.css, etc.), then we need to continue the process of elimination to isolate the offending preference or piece of code by following these steps:

  1. Starting at the top of the configuration file, comment out about half of the lines in the file and add a new, blank line below the last commented line to visually separate your commented block from the rest of the preferences. For the prefs.js and user.js, add two forward slashes ( // ) to the beginning of the lines which you can do easily using the column edit mode of Notepad++, or its find and replace function for the selected lines using a regular expression (find: ^ replace: //). For the userChrome.css and userContent.css, your comment will begin /* and end with */ which allows you to comment out large blocks of code easily.
  2. Restart Firefox and test to see if the problem is still present.
  3. Repeat steps 1 and 2, commenting out half of the remaining lines in the configuration file, restarting Firefox and testing until the problem no longer exists.

Once the problem is eliminated we will know that it lies in the last block of code that was commented out. It is now a simple matter to un-comment one line at a time in that block of code, restart Firefox and re-test for the problem until it reappears. Once the offending preference is identified, you should restore your backup profile and edit the relevant configuration file so that the problematic preference is commented out, then restart Firefox and verify that the issue remains resolved. If it does, then we can determine if we want to change the preference setting or file a bug report with the add-on developer. If it does not, then you may have to repeat this whole process, being more careful this time. Also be aware that the problem could be due to a combination of preferences in one of more configuration files, or with other files.

How to submit a support request to an add-on developer

You need to be able provide the developer with the best clues you can to make their job easier. Comments like “it doesn’t work” are utterly useless to a developer. They will need to know what version of Firefox you are running, your operating system flavor and, most importantly, a) a detailed description of the problem and b), the steps necessary to reproduce it, including any relevant website addresses if the issue is site specific.

With that information in hand, you need to find where the developer wants you to submit bug reports. Go to their add-on page at Mozilla and see if a link to a support page is available. If not, see if they offer a support email address. Leave your bug report in the comments only when no other support method is offered.

Tutorial

Encrypting DNS Traffic (and why you want to)

DNS — Domain Name System — is the service responsible for converting a domain name, such as ’12bytes.org’ to an IP address that is understood by computers routing internet traffic. The DNS server(s) that you are currently accessing to convert domains to IP addresses are configured in the properties of your network adapter, each adapter having its own DNS configuration.

The problem…

DNS is a weak link in the internet chain because this traffic is most often unencrypted and open to man-in-the-middle (MITM) attacks, even when visiting an encrypted (https) website. In such a case the attacker can easily set up their own DNS server and, using a little social engineering and/or malware, convince you to change your current DNS server, or change it without your knowledge, to the one controlled by the attacker. One possible result is that you could visit ‘your-bank.com’ but actually land on a forged website that may look exactly like the authentic one and thus there would be no cause for alarm while you log on with your user name and password, which would then be in the hands of the attacker. I am quite sure the tactic of DNS spoofing is used by law enforcement as well.

If you are using a VPN which provides their own secure DNS service, such as AirVPN does, it may not be necessary to take any further steps.

Lastly, i wrote this tutorial while using Windows and have since switched to Linux. A tutorial for the Debian flavors of Linux can be found here.

The solution…

Securing your DNS traffic is easy using DNSCrypt (don’t download the client from the OpenDNS page). If you’re not afraid of the command-line and wish to keep the process as efficient as possible, i would suggest reading the article How to Encrypt Your DNS for More Secure Browsing by How-To Geek. If you prefer a point-and-click approach however, along with a nice GUI for controlling DNSCrypt and selecting your DNS server, here’s how to install and configure Simple DNSCrypt:

If you have another version of DNSCrypt installed, uninstall it first. If there is no uninstaller, then run the following command:

dnscrypt-proxy --uninstall

Next, download Simple DNSCrypt from the authors site and install the .msi package. The GUI to configure the DNSCrypt client should start automatically after the installation is complete. Configuring the DNSCrypt client is easy:

  1. Enable DNSCrypt for your network adapter.
  2. Select a DNS service.
  3. Enable the Primary DNSCrypt Service. If the service does not start, try disabling DNSCrypt for your adapter and then enabling the service. Note that the Secondary Resolver settings are disabled because this feature is not completely implemented at the time of this writing.
  4. In the ‘Advanced Settings’ you can download a fresh copy of the DNS resolvers list and by clicking the ‘Plugins’ button you can disable IPV6.
  5. Open port 443 in your firewall to allow outgoing UDP traffic for dnscrypt-proxy.exe if you need to.
  6. If you installed the ‘dnscrypt-proxy’ service, you can exit the Simple DNSCrypt GUI, otherwise it will need to be left running.
Simple DNSCrypt configuration for Windows
Simple DNSCrypt configuration for Windows

Verify DNSCrypt is working…

Windows 7 Network Connection Dialogs
Windows 7 network connection settings

To verify that everything is working, check the properties for your network adapter and make sure the primary DNS server is set to 127.0.0.1 and that the secondary server is empty as seen in the screen-shot. If it is not, make it so. Next, try visiting a website to make sure everything is working.

If necessary, reboot your machine or flush the Windows DNS cache by opening a command prompt and entering: ipconfig /flushdns, then load a web page to ensure DNSCrypt is working.

If you’re wondering about the default Windows ‘DNS Client’ service, leave it running. You can also leave in place any firewall rules for DNS look-ups on port 53 to enable easy switching of the DNS servers in your network adapter for troubleshooting purposes.

At this point i’m not entirely sure what happens with DNS caching, but it appears that a query is sent with every request, which is not optimal. I hope to write more about this after i figure out exactly what is happening in this regard.

HTML-CSS code

CSS: Image Text Overlay

This is a quick tutorial for adding overlay text to an image using only CSS and HTML. Although this tutorial is centered around WordPress, it is easily adaptable for usage on any other publishing platform.

I wanted to achieve the following goals with this little hack:

  • Hyperlink everything that is visible so it does not matter on which element the visitor clicks
  • The cursor should remain as a hand cursor only while over the visible elements
  • No element wrapping/floating

This is the result :

Hers is the HTML:

<div class="imgoverlaywrapper">
  <a href="http://12bytes.org/"><img class="imgoverlay" src="[image_path]" /></a>
  <p class="imgoverlaytxt"><a href="http://12bytes.org/">The overlay text...</a></p>
</div>

Here is how it needs to be pasted in the WordPress TinyMCE editor so it doesn’t get mangled:

<div class="imgoverlaywrapper"><a href="http://12bytes.org/"><img class="imgoverlay" src="[path to image]" /></a>
<p class="imgoverlaytxt"><a href="http://12bytes.org/">The overlay text...</a></p>
</div>

And here is the CSS you will need to add to your theme’s style sheet:

/* image text overlay */
.imgoverlaywrapper {
    margin: 5px 5px 5px 12px;
    position: relative;
}

.imgoverlay {
    margin: 0px !important;
}

.imgoverlaytxt a {
    background-color: rgba(0, 0, 0, 0.5);
    border-radius: 5px 30px 30px 5px;
    color: #F5F5F5 !important;
    font: italic 22px verdana, tahoma, arial;
    left: -12px;
    margin: 0px !important;
    padding: 20px 60px 20px 40px;
    position: absolute;
    text-decoration: none;
    text-shadow: 2px 2px 5px #9B9B9B;
    top: 16%;
}

If you have trouble with the WordPress TinyMCE editor mangling your code, i would highly recommend installing the TinyMCE Advanced plug-in and activating the option to stop WordPress from removing the p and br tags in the text editor.

Police Traffic Stop

Dealing With The Fuzz

“The history of totalitarian regimes is reflected in the evolution and perfection of the instruments of terror and more especially the police.” —  Carl J. Friedrich

There you are, driving along, when suddenly you see that dreaded flashing light flickering in your rear-view. Perhaps you were speeding, or maybe you rolled through a stop sign. Whatever the case, one of the first questions you may be asked is, “Do you know why i stopped you?”. It’s a common question when you are pulled over for a traffic violation, but why does the officer ask it?

This question is actually a tactic that is used by police to manipulate you into admitting that you broke the law. By admitting that, yes, maybe you were going a little too fast, you just incriminated yourself and your answer can be used as evidence against you should you decide to dispute the charge in court. Secondly, you are now virtually guaranteed of being cited or arrested for whatever wrongdoing you just admitted to.

Cops are sneaky; while you are expected to provide truthful, accurate information, they are legally allowed to manipulate and lie in order to obtain a confession or trip you up in some way. While it may seem more ethical to be honest and admit your wrongdoing, keep in mind that the police operate under a very different standard. You don’t have to lie, nor should you, but not answering their questions is not lying and is perfectly within your rights.

RULE #1: NEVER TALK TO THE POLICE!

Never answer any questions. Never admit anything. Like the babbling baboon Bill O’ Reilly says, “Shut Up!”. Whether you are innocent or guilty, it does not matter; anything you say may be used against you and so the only thing you can possibly do, in most circumstances, is undermine your position by volunteering information, regardless of how certain you are that the information will work in your benefit.

If you are an honest person and you know you are guilty, and wish to accept responsibility for your actions, you can always choose to do so after the initial encounter. There is no reason to give law enforcement any information that can only erode your position.

RULE #2: Remain calm

Always remain calm and courteous and never raise your voice or make any quick moves or threatening gestures. You want to play a very non-threatening role, but you want to do so without sacrificing your rights. You want to make it appear that the officer is in control by not challenging their ego which, in turn, will give you greater control. The instant you get angry or threaten or intimidate the officer, you not only relinquish control, but you will greatly increase the chance of an unfavorable outcome, especially when dealing with a cop who has an over sized ego which is very often the case.

RULE #3: Know your rights

You are never obligated to consent to a search of your person, or property, or any other requests for which you are given a choice. In many states you are not even required to produce identification unless you are suspected of committing a crime. You do not have to give your name. You are not legally obligated to give the police permission to do anything, nor are you compelled to answer any of their questions, but you may ask questions that they may be obligated to answer. For example, if there is any doubt as to why you were pulled over during a traffic stop, simply ask the officer why you were stopped. A polite “Hello officer. May i ask why you stopped me?” will do. If the officer does not provide a reason, then ask if you are being detained or are free to go. Unless you are being detained, you may end the encounter any time you choose, but you should always confirm with the officer whether you are free to go to prevent any possibility of a misunderstanding.

RULE #4: Never resist

Never refuse an officers direct order, regardless of whether that order is legal. The only questionable exception to this rule is when you are certain that the order is unlawful and will very likely result in the officer physically attacking you and you are sure your situation will be improved by resisting. In this instance you may want to consider the consequences of that order before obeying it, but even for these very rare occasions it is highly questionable as to whether you — usually the one without the gun — should resist a trained and armed police officer. Having said that, you are obviously not obligated to follow an illegal order, but we can clearly see why we may choose to do so regardless.

RULE #5: Record the encounter

Your child didn’t steal that cookie while you were looking, did she? Similarly, law enforcement officers are more likely to observe the law if they know their actions are being monitored. Regardless of what the officer may tell you, you are legally permitted to record encounters with the police. For your own protection you should always record every encounter with the police and, though you should not make a big deal of it by positioning your camera right in the officers face, which may provoke an aggressive response, you should not make a secret of it either. Keep it unobtrusive, but obvious. A record of the encounter will prove to be invaluable as evidence if you are forced to defend yourself in court or choose to initiate a legal action against the police.

If the officer demands that you delete the recording or tries to take it from you, understand that your recording may not be confiscated without a warrant, but also understand that they may not know or care about the law, especially if tensions are high. If it seems clear the officer may use violence to confiscate your property, let them have it. In the event the officer forcefully deletes your recording, or forces you to do so, don’t sweat it. The files on your recording media should remain intact as long as you only delete them and did not format the memory card. After deleting the recording, power off the device and remove the memory card. When you get home, use a utility such as PhotoRec to recover the “deleted” files.

Regardless of any threats the police may issue, you are legally allowed to share your recording publicly and certainly this option is well worth considering when you know your rights were violated and/or the police have broken the law. Public pressure resulting from videos of aggressive police encounters have had a significant impact in many instances.

Resources for further study

Lastly, if you disagree with my advice, then understand that it is not really my advice. Much of it comes from a comical, fast-talking lawyer and and his detective accomplice:

 

 

Below are some examples of how to handle an encounter with law enforcement officers:

 

 

 

 

 

 

Also see: