12bytes site updates, 5-Jan-2019

user-overrides.js

My user-overrides.js for Firefox was heavily updated. If you're new to all this, this file is intended to be appended to the 'ghacks' user.js which is then read by Firefox. The 'ghacks' file greatly enhances Firefox security and privacy, but it is not a complete solution, thus why i (and others) have written a couple of guides which cover a much wider scope, details below.

Firefox Configuration Guide for Privacy Freaks and Performance Buffs

The 'Firefox Configuration Guide for Privacy Freaks and Performance Buffs' was also heavily updated. Currently the guide in a state of flux as i attempt to finalize how to make more efficient use of the Firefox 'container' feature and what add-on(s) offer the best options for working with containers.

Containers, if you are not aware, better isolate websites from one another which is great for privacy. Depending on how they are configured, each container can hold most of the data stored by Firefox for each website/domain in separate 'boxes' that are isolated from one another. This is similar to First Party Isolation (FPI) which can be toggled with the 'privacy.firstparty.isolate' preference (currently disabled by default up to Firefox v64). Containers become even more like FPI when you use the Temporary Containers (TC) add-on which has the ability to automatically create empty containers for every domain you visit and then trash them after you leave, something FPI doesn't do. This solves the problem which every storage/cookie cleaner currently faces in that none can clear all storage (IndexedDB for one) on a per-domain basis because of shortcomings with the WebExtension API.

There are problems with containers however. Since most of the stored data in each container is separated from other containers, the browser may have to re-download and store multiple copies of certain resources, such as common JavaScript libraries delivered by a CDN, though in this particular case the Decentraleyes add-on alleviates much of the problem.

Another problem — and one which is currently giving me a headache, backache and side-ache — is when you want to allow a website to store data, such as cookies, so you can save settings for that particular site. Or how about websites like addons.mozilla.org (AMO) which use a completely different domain for the log-on process? If you keep them in separate containers, the log-on fails because site (a) can't 'talk' to site (b).

When using the Temporary Containers add-on and configuring it so that it opens all domains in new disposable containers, these problems become a PITA because TC apparently doesn't offer any method by which you can assign domains to a permanent container, at least not without a hassle. Even the TC page on AMO indicates that yet another add-on, Firefox Multi-Account Containers (MAC), is required for this seemingly trivial job as described with the AMO site. And even with MAC installed, the process is still pathetically counterintuitive.

And so this is why the advanced Firefox config guide is in a state of flux until i can get all this worked out in such a way so that it's easier for my readers to use containers. So you may want to hold off on adopting any of the new changes unless you want to have a shot at dealing with containers, but if you do, please let me know if you find more intuitive ways of dealing with them.

Visit the guide to see the full change-log.

The Firefox Privacy Guide For Dummies!

The Firefox Privacy Guide For Dummies! is a new guide aimed at the 'not so technically inclined' audience for increasing Firefox security and privacy. It uses a subset of techniques from the advanced guide, as well as some originals, and is written in such a way as to be less boring.

Most of the tech lingo and detailed explanations are absent and the whole container mess is avoided, for now, and, instead, website isolation is accomplished using Firefox's built-in First Party Isolation.

Since the 'dummy' guide was just published, there's likely going to be some/many mistakes corrected and oversights addressed in the following weeks, after which it will become more solidified. Again i welcome any feedback you may have.

RAM it!

Just a reminder…

Left to their own devices, web browsers are happy to beat the hell out of your storage media by constantly writing and erasing data for the various storage methods they employ. I believe this issue is further amplified with containers which, i suspect, are going to be permanently featured in one or both of my Firefox config guides.

Regardless of whether you use containers or not, i would recommend considering storing your Firefox profile in RAM and creating automatic backups. There are more advantages to doing so than just speed. You'll find some info in the advanced guide, though it benefits Linux users primarily. With Windows you're kind of on your own since i don't use it, but i do remember finding a very good freeware 'RAM disk' program that did the job and kept backups.

Leave a Reply