Article update (and some reminders): The Firefox Privacy Guide For Dummies!

Several minor changes were made to The Firefox Privacy Guide For Dummies! article. If you've slugged your way through the guide before, there's probably no reason to re-read it, but i will mention a few reminders…

Remember to run the 'ghacks' updater script occasionally (twice a month or so) to check for a new version of their user.js preferences file (make sure you exit Firefox prior).

Every time you run the updater script and it downloads a new version of the user.js, be sure to follow it up by running the prefsCleaner script. This is probably more important than you think.

I highly recommend NOT using any other flavor of Firefox other than the official release by Mozilla; no Waterfox, no Pale Moon, no whatever. These non-official builds often run (well) behind the Mozilla release cycle and therefore behind in security patches as well. Your web browser is your gateway to the Wild World Web and is therefore a most appealing target for malicious hackers which are lightening fast in exploiting security holes.

The privacy and security risks associated with 3rd party builds isn't worth the risk in the opinion of some very knowledgeable people. I mention this because i still see here in comments and emails where some people are running 3rd party builds. I fully understand the attraction to developers offering privacy hardened builds of Firefox, but understand that there is little, if anything, that they offer which cannot be accomplished with the official Mozilla version.

Among all of the capable web browsers out there, including Chromium, Chrome, Edge, Brave, Waterfox, etc., it is my opinion that Firefox is the only web browser available at this time which is best suited for the privacy conscious user. I am not a Firefox fanboy and so it is not with enthusiasm that i make such a statement, but i believe it to be factual at this time. Hopefully this will change in the not so distant future because i really dislike the direction Mozilla has taken with Firefox, their constant dumbing-down of their browser, and some of the utterly asinine decisions they've made, but for now it is what it is.

Lastly, don't apply either of my Firefox config guides to the Tor browser, else DOOM!

New article: uBlock Origin Suggested Settings

In creating the two Firefox configuration guides, there was some redundant content in them which i've been moving to separate pages. Such is the case for the uBlock Origin stuff which has now been given it's own page, uBlock Origin Suggested Settings.

Also i've changed my personal uBlock Origin settings (again) and these changes are reflected in the new uBlock article/guide if you care to review them.

uBlock Origin Suggested Settings

Following are my personal preferences for setting up uBlock Origin (uBO). This configuration is primarily intended to be used with either The Firefox Privacy Guide For Dummies! or the Firefox Configuration Guide for Privacy Freaks and Performance Buffs. Keep in mind these are my personal preferences and by no means do i claim them to be definitive, however i like to think they make sense since i've been using and tinkering with uBO for quite a while.

First and foremost, use only uBlock Origin by Raymond 'gorhill' Hill. Here's the uBlock Origin page on the Firefox Add-ons website. There are several other clones and forks out there and you do not want to be using any of them.

In conjunction with my Firefox configuration guides, uBlock Origin will be set up in its easy mode in order to block ads and other annoyances, as well as to help prevent tracking, malware, etc.. It is essential that you read the uBlock wiki sections pertaining to the easy mode to understand how to use it properly. If you are not following my guides, or are an advanced user who is comfortable with uBO but are not using uMatrix, then i would highly suggest enabling the advanced mode option in uBO in order to leverage its dynamic filtering capability.

Once uBO is installed, click its toolbar icon to reveal its settings interface, then click the little sliders icon to reveal the "secret" Dashboard (i say "secret" because apparently quite a few people don't know it exists and this has caused some of the attention deficient to leave nasty-grams on AMO). These are the options i recommend enabling:

'Settings' tab:

Hide placeholders of blocked elements 1
Show the number of blocked requests on the icon
Make use of context menu where appropriate
Disable tooltips
Color-blind friendly
Enable cloud storage support
I am an advanced user 2

Privacy
Disable pre-fetching (to prevent any connection for blocked network requests)
Disable hyperlink auditing
Prevent WebRTC from leaking local IP addresses
Block CSP reports

Default behavior
Disable cosmetic filtering
Block media elements larger than [50] KB
Block remote fonts 3
Disable JavaScript 4

Next we want to temporarily enable the advanced user option. Notice that a little gear icon appears after this option once it's enabled. Click the gear icon to display some advanced settings and change the value of suspendTabsUntilReady to true. Although there is no guarantee, uBO will attempt to prevent tab loading until it is ready to handle requests. This is perhaps especially useful when you exit Firefox with open tabs and have it set to restore your previous tabs on restart. After changing this setting, go back to the Dashboard and disable the 'I am an advanced user' option.

[1] If you are new to content blocking, you should not enable this option. Not enabling it will cause uBO to give you a visual indication in the form of an empty space when something is blocked from a webpage.

[2] Those following the Firefox Configuration Guide for Privacy Freaks and Performance Buffs should NOT enable this since uMatrix will be used along side uBO to handle dynamic content filtering. Those following The Firefox Privacy Guide For Dummies! should only enable this option after becoming familiar with uBO and only after reading the Advanced user features section of the uBO wiki.

[3] I do not suggest blocking remote fonts using this option. Not only will doing so uglify many websites, but there is a CSP issue involved with this option. See the 'My filters' section below for an alternative.

[4] Enabling this option disables JavaScript globally by default and causes uBO to honor <noscript> HTML tags. The problem with the latter is that some page elements that might have been displayed had the <noscript> tags been ignored, may not when this option is enabled. Also some websites may display a JavaScript disabled warning message, though this can be beneficial for novice users. If you are following The Firefox Privacy Guide For Dummies!, i highly suggest enabling this option since you won't have to enable and fool with uBO's dynamic filtering, however if you are following the Firefox Configuration Guide for Privacy Freaks and Performance Buffs, i recommend disabling this option and controlling JavaScript with uMatrix.

'Filter lists' tab:

Auto-update filter lists
Parse and enforce cosmetic filters
Ignore generic cosmetic filters
My filters​​​​​

Built-in
uBlock filters​
uBlock filters – Annoyances​​​​​
uBlock filters – Badware risks​
uBlock filters – Experimental​
uBlock filters – Privacy​​​​​
uBlock filters – Resource abuse​​​​​
uBlock filters – Unbreak​​​​​

Ads
Adblock Warning Removal List​
AdGuard Base List
AdGuard Mobile Ads​
EasyList​

Privacy
AdGuard Tracking Protection​
EasyPrivacy
Fanboy's Enhanced Tracking List​

Malware domains
Malvertising filter list by Disconnect​​​​
Malware Domain List​​​​​
Malware domains​
Spam

Annoyances
AdGuard Annoyances​
AdGuard Social Media​
Anti-Facebook List​
Fanboy's Cookie List​
Fanboy's Annoyance List
Fanboy's Social Blocking List

Multipurpose
Dan Pollock's hosts file​
hpHosts' Ad and tracking servers​
MVPS HOSTS​
Peter Lowe's Ad and tracking server list​

Don't worry about the 'Regions, languages' section unless you browse sites in languages other than English in which case you'll want to enable those languages.

As of this writing you can find over 12 million filter lists on the FilterLists website, however i strongly advise to be very careful about what ones you add, if any. In my experience the default filter lists offered by uBO are quite sufficient for general web browsing and adding more will use more memory, slow things down and potentially break more webpages.

'My filters' tab:

Instead of blocking remote fonts globally, i suggest adding the following to the 'My filters' tab which will allow 1st party fonts globally while blocking all 3rd party fonts except for the domains you specifically allow. Note that lines starting with an exclamation mark ( ! ) are comments and are ignored by uBO:

! fonts: the following line will allow 1st party fonts globally while blocking all 3rd party fonts:
*$font,third-party
! to allow 3rd party fonts by domain, append the following to the above filter, starting at the comma, where "example.com" is the domain for which you want to allow the fonts:
! ,domain=~example.com
! to allow 3rd party fonts for additional domains, append each domain separated by a pipe char:
! ,domain=~example.com|~example2.com

For more on font filtering see Blocking Web Fonts for Speed and Privacy | InfoSec.

'My rules' tab:

If you are using the Decentraleyes add-on you will need to add some rules to the 'My Rules' tab in the Dashboard. I recommend doing this even when uBO is configured for easy mode just in case you ever enable advanced mode. When adding the rules, be sure to remove any conflicting rules for the same domains if there are any (there won't be if you're starting fresh).

Article update: The Firefox Privacy Guide For Dummies!

I made some small changes to The Firefox Privacy Guide For Dummies! in order to clarify some stuff and bring the content up to date with the newest version of Firefox and my personal settings. For those who used the guide in the past, you might want to review the changes i made for the uBlock Origin options.

Firefox user-overrides.js update

This is essentially a pointless update which those that use my user-overrides.js for Firefox can ignore, however i needed to upload a new version for administrative reasons.

If you want to update anyway, the repository is here, the file is here and the change log is here. Don't forget to run the 'ghacks' updater and prefsCleaner scripts, in that order.