See the revision history at the end of this document.
When 'free' software isn't
I suggest reading The Mozilla Monster as a primer.
Have you ever wondered how Mozilla gets paid by the privacy-hating mega-monopolies like Google? Simple; when you use the default search engine plugins that are packaged with the browser, parameters similar to these are added to your search query:
client=firefox name="appid" value="ff" name="hspart" value="mozilla"
These parameters inform the search engine that you're using a Firefox/Mozilla product and that's all it takes for Mozilla to rake in the dough. If you do not wish to support highly unethical companies like Google, and/or value your privacy, read on...
Types of search engines
The two primary types of search engines are meta search engines and search indexes and it is important to understand the difference. Google, Yahoo and Bing for example, use software robots called "crawlers" to discover and index web content. In other words these companies actively seek out updated and fresh content to store in their databases so it's ready for you to find. On the other hand, meta search engines do not index the web and instead rely upon third parties like the aforementioned to provide their search results. When you use these so-called "alternative" search engines, such as DuckDuckGo, Startpage, Searx, etc., you are still subject to the filter bubbles and censorship that is employed by the corporate giants like Google. That said, the privacy-respecting meta search engines still make a great deal of sense since they offer a method to access the data-harvesting corporate giants without the privacy violations that accessing them directly would incur. Understand though that they are not true alternatives as they are often described, but rather proxies. These alternative search engines are also subject to local laws, such as secret surveillance requests issued by a government.
Indexing the web and storing the massive amount of data that results is an incredibly expensive proposition which requires a massive amount of infrastructure and this is why the much smaller meta search companies like DuckDuckGo, Startpage, Qwant and others rely heavily upon corporations like Alphabet's Google and Microsoft's Bing. There are better alternatives that both respect your privacy and are censorship resistant however. Ever hear of a peer-to-peer distributed search engine? Imagine a free, open-source, decentralized search engine where the web index is created and distributed by ordinary people using personal computers, each storing a piece of the whole. This is what the developers behind YaCy have done with their search engine and i think it's a great way to escape the filter bubbles created by big tech.
For a list of alternative search engines, see Alternative Search Engines That Respect Your Privacy.
Adding search engines to Firefox
Possibly the easiest way to mitigate risks to your anonymity posed by the default Firefox search engines is to simply disable all of them and use alternatives such as the open source and highly customizable Searx meta search engine which you can host on your own server if you like, or you can use any one of a number of Searx instances hosted by others. Like DuckDuckGo, Startpage and others, Searx does not use robots to crawl the web and index content like Google, however the big difference between Searx and most of the other meta search engines is that it is capable of pulling results from many other indexes including Google, Yahoo, Bing, Wikipedia, DuckDuckGo, Startpage, Qwant and more, as well as decentralized peer-to-peer indexes such as YaCy. The Searx interface also offers a lot of configuration options for fine-tuning your search results, including the ability to select exactly what combinations of search engines you want to use for a particular type of search, of which there are currently 10.
One easy way to add Searx to Firefox is to locate a hosted instance which you like and which is preferably close to you geographically. After loading the search page, open the search bar menu or the address bar 3-dot menu and click the "Add" menu item. A potential pitfall with the third party Searx instances is that the server may be logging traffic, such as IP addresses, location, etc., so you'll have to decide whether you can trust them.
Most other search engines can be added to Firefox in the same way, but there are additional methods also. The Mycroft Project hosts tens of thousands of preconfigured search engine plugins for a variety of web browsers, the top 100 of which are listed here. They also have a form for writing your own search plugins. Although it is not possible to review the code from the main listing of search plugins, you can use their submission form to do so by mousing over the plugin name to reveal its numeric ID, then filling in that ID in their submission form page. Because Mozilla changed they way search engine plugins are added to Firefox, you'll need the Add Search Engine from Mycroft Project add-on to install the search plugins from Mycroft.
Another easy way to add a custom search engine to Firefox is with the Search Engines Helper add-on by Soufiane Sakhi which allows more control over the above methods, including the ability to define the website icon path or base64 code (a binary-to-text encoding scheme that encodes the site icon in text form). The advantage of using a base64 encoded version of the site icon is that the browser won't have to fetch the icon from the server. A great on-line resource for converting an icon to base64 code is the Base64 Encoder utility which can accept the icon URL or an uploaded file.
You can also use the mozlz4-edit Firefox add-on by 'serj_kzv' to add and edit the Firefox search engines. This slick extension allows you to edit the
search plugin file directly from within Firefox, though a browser restart is necessary before the changes are realized. It is in this file that Firefox stores the code for all of the search engine plugins. If you use this tool, be careful not to touch the default search engines that are packaged with Firefox, else all your changes will be lost. Instead you can create copies of the default engines and sanitize the copies. Read on...
Manually editing search.json.mozlz4
If you would rather avoid the hassle of manually editing the default Firefox search engine plugins, see the Pre-sanitized search plugins section below.
If you have already added custom search engines to Firefox, then the first thing to do before you start hacking is to create a copy of
and work with the copy, reason being that if you mess up, Firefox will will delete all of your search plugins and restore only the default ones. If you don't want to see or use the default ones, disable them in the search preferences of Firefox rather than removing them from the plugin file.
To edit the
file you first need to decompress it. There's at least a few utilities available that will handle this, but i would suggest using the mozlz4-edit Firefox add-on by 'serj_kzv' since it is very easy to use and it provides a basic code editor with syntax highlighting. If you use this tool to modify the default search engine plugins that are packaged with Firefox, you must make copies of them and edit the copies, else Firefox will rebuild the entire file and all your changes will be lost. Also be sure to give the new entries a different name since no two plugins can share the same name.
Download pre-sanitized search plugins
If you do not want to sanitize the default search engine plugins yourself you can download my pre-sanitized copy which contains a
file that should work for Firefox version 57 and up ("up" meaning until the next time Mozilla decides to break everything again). The download contains the default engines which come with U.S. English version of Firefox 62, plus the sanitized versions of them, plus all of the engines i personally use. All in all there's over 40 search engine plugins which you can edit or disable as you see fit. Many are already disabled since i only use them occasionally, so be sure to adjust as necessary in your Firefox Search preferences.
Install: Backup your existing
file, then extract the the one from the archive to your Firefox profile directory and restart Firefox.
Removing Firefox system add-ons
Mozilla packages some system add-ons with Firefox, installs them without your permission and doesn't provide the user with any convenient means to remove or disable them. These system add-ons have been used for very controversial purposes in the past. To remove them, see the 'System add-ons' section of the Firefox Configuration Guide for Privacy Freaks and Performance Buffs.
We've only scratched the surface...
Sanitizing the default Firefox search engine plugins is a good start, but there is much more to do if you're interested in circumventing the risks to your privacy. For further information see the Tech section of this website.
Special mention goes to 'Thorin-Oakenpants' (aka 'Pants') as well as the 'arkenfox' crew and their GitHub repository where they host an excellent privacy-centric user.js for Firefox and its derivatives, as well as an extensive Wiki full of valuable information.
Resources at 12bytes.org:
- Alternative Search Engines That Respect Your Privacy
- Everything Firefox
- Firefox Configuration Guide for Privacy Freaks and Performance Buffs
- The Firefox Privacy Guide For Dummies!
- mozlz4-edit Firefox add-on by serj_kzv
- Measuring Search in Firefox | Firefox Data
- followonsearch/METRICS.md at master · mozilla/followonsearch · GitHub
- Firefox: How to remove all System Add-ons? | Techdows
- Addressing default search engine privacy · Issue #88 · arkenfox/user.js/arkenfox/user.js · GitHub
- list: Search Engines [for Wiki] · Issue #118 · arkenfox/user.js/arkenfox/user.js · GitHub
- Specifications/OpenSearch/1.1/Draft 5 - OpenSearch
- Creating OpenSearch plugins for Firefox
- Mycroft Project: Search Engine Plugins - Firefox IE Chrome
- The Ultimate Guide to the Google Search Parameters
- 5 Best Search Engines That Respect Your Privacy - BestVPN.com
- Duck Duck Go: Illusion of Privacy
- Neat URL :: Add-ons for Firefox
- User.js file - MozillaZine Knowledge Base
Revision historyClick to expand...
- first publish
- added this change log
- corrected an error in the pre-sanitized Wikipedia search plugin and re-uploaded sanitized_search_plugs.zip
- added information as suggested by 'Pants' in his comment below, particularly details and resources regarding the
firstname.lastname@example.org add-on in a new section titled "Removing the 'Follow On Search' system add-on"
- added Hulbee and MetaGer to the search engine list
- added a "Decentralized" column to the search engine table
- added resource: 5 Best Search Engines That Respect Your Privacy - BestVPN.com
- misc. cleanup and edits
- corrected typo in metager URL
- added "Requires JS / Cookies" column in search engine table
- changed links for search engines in table to point to company/about page and added links to point to search page
- added link to the 'lite' version of DDG
- added a link to the uBO filters to block Startpage/Ixquick tracking images
- misc. minor edits
- added "Client Required" column to search engine table
- corrected some info regarding the search engines in the table
- minor misc. edits
- added a link to the Duck Duck Go: Illusion of Privacy article
- added findx to the search engine list
- minor edits
- added Qwant to the search engine table
- misc. edits and added info, nothing really important
- very minor edits
- moved the list of alternative search engines to it own page
- minor edits
- minor change to the section 'Sanitizing the default search engine plugins' thanks to commenter 'nohamelin' - more changes coming shortly thanks to this persons comments
- updated search plugin import/export instructions as per the very helpful comment left by 'nohamelin', the developer of the XML Search Engines Exporter/Importer add-on in which he made available Scratchpad scripts that work with FF v57+
- corrected an error in the pre-sanitized search engine archive, added Startpage and re-uploaded a new archive
- misc. minor edits
- major changes, additions and deletions
- fixed corrupted download files
- added info about Add custom search engine add-on
- added better instructions for installing the search plugin file,
- minor edits
- rewrote the section on manually sanitizing search plugins
- various minor edits
- updated the search.json.mozlz4 file
- spelling corrections
- updated the search.json.mozlz4 file
- minor edits
- referred to my Firefox configuration guide for info on removing system add-ons
- moved info about Mozilla to it's own page
- minor edits, corrections
- updated search.json.mozlz4
- minor edits
- many changes - much was rewritten and some parts were removed
- i removed the bulk of the instructions for editing the search.json.mozlz4 since it was obsolete - thanks to 'Damien' for contacting me about an issue with this article which reminded me that changes were needed