Firefox user-overrides.js update

The user-overrides.js preferences file for Firefox was updated. You can grab the file at its GitLab repo (direct link). Following are the changes since the last release:

* added 'extensions.blocklist.url'
* changed value and description for 'browser.display.use_document_fonts'
* changed regular expression used for finding syntax errors

Remember that this user-overrides.js is useless by itself. See one of the Firefox config guides for information on how to use it.

Content update: Firefox Configuration Guide for Privacy Freaks and Performance Buffs

I updated the Firefox Configuration Guide for Privacy Freaks and Performance Buffs guide with instructions for cleaning obsolete preferences from the Firefox user-overrides.js file. Removing old preferences should be done on occasion in order to keep the file clean and avoid potential problems. The instructions include a few regular expressions that could probably be optimized to make the process quicker, but i’m no expert with RegEx. If you can do better, let me know.


Article update: Firefox Extensions – My Picks

Firefox Extensions – My Picks received a minor update. I added both the Site Bleacher and First Party Isolation add-ons to the list.

Site Bleacher is a noteworthy new extension for Firefox in that it appears to address a problem faced by other developers of storage cleaners regarding the inability to remove IndexedDB (IDB) storage. The current (and very limited) add-on API doesn’t allow to remove IndexedDB storage on a domain basis by usual methods, however the developer of Site Bleacher has apparently found a way around the problem. While the solution does not appear to be an optimal one, it does seem to work according to my tests. What Site Bleacher does, is it removes IDB data that was stored from an earlier visit of a domain when the domain is re-visited. In other words the IDB storage is set when you visit a website that makes use of it and it remains even after you close its tab, however it is removed as soon as you re-visit the domain.

Firefox and website updates

The user-overrides.js for Firefox was updated to 65r3. You can download it here (just press Ctrl+S). The change-log is here. As always, if you’re using the ‘ghacks’ user.js, remember to run the updater and prefsCleaner scripts after copying the user-overrides.js file to your profile directory.

Firefox Extensions – My Picks was slightly updated to include some new YouTube redirect rules for the Firefox Header Editor extension if you’re using that. The new rules redirect YouTube links to a YouTube front-end service provided by Snopyta (don’t ask me how to pronounce that). Snopyta offers several services, all of which are focused on privacy and the cool thing about their YouTube front-end is that you can watch YouTube videos without loading any YouTube resources in the browser, which means an absence of cookies and other web storage as well as the tracking that goes with that. Their website is definitely worth checking out.

Asus Routers and Spyware

The goal was to run OpenVPN on my network router instead of running separate instances on each client device. I had an old and very reliable Asus WL-520GU with Shibby’s Tomato on it and i quickly discovered that the router didn’t have the horsepower to handle an encrypted VPN connection and so i began searching for a new router. After reading many reviews and checking out the specs, i bought an Asus AC86U. Unfortunately i didn’t do enough research.

One of the things a manufacturer may do to drop the price of their products is to bundle third party “features” with their devices and in the case of the Asus AC86U, and probably many other models, they come with several “features” that collect data and send it off to companies that have found ways to monetize it. Trend Micro, which is apparently some sort of anti-virus, was one of the “features” that the router was shipped with. In order to potentially avoid (and i emphasize potentially) the phoning home nonsense, one must not enable several of the built-in features of the router firmware, including AiProtection, Traffic analyzer, Apps analyzer and Adaptive QoS. You can read the EULA here.

None of this mattered much to me anyway since i intended to flash the Asuswrt-Merlin firmware which i assumed would be devoid of such crap. It wasn’t, and so i started looking for ways to disable or remove this Trend Micro garbage, however i was never able to discover a solution. The Trend Micro spyware/malware (let’s call it what it really is) appears to well-baked into the firmware and apparently Merlin, one of the very well known developers for third party Asus firmware, has no interest in removing it. In my searching for solutions i came across some interesting stuff, including the following:

VPNIntegrity: AsusWRT/Merlin AI-Protection calling home to US Department of Defense, Hardening AsusWRT against NSA/DoD & the Whores of SNBForums

Asus router warnings on privacy and security | Computerworld

384.6 Now sharing data to Trend Micro? | SmallNetBuilder Forums

With no solution for removing the Trend Micro spyware, i started looking for other third party custom firmware, however i wasn’t able to find anything that would work on the AC86U specifically. In the end my solution was to box up the Asus and ship it back, exchanging it for a Linksys WRT1900ACS which i flashed with DD-WRT (actually i flashed OpenWRT first but quickly realized i was in way over my head). The Linksys WRT series of routers are not an ideal solution either, nor is any other equipment that uses proprietary hardware and drivers, however i wasn’t able to find a source that would ship a Turris Omnia to the U.S.. Now that is a router!

My advice is to stay away from Asus routers, or any other manufacturer that bundles third party crap with their products or forces you to register the device before it can be activated.

As far as the DD-WRT firmware (version 3), it’s not great. Merlin’s was better, but obviously it wasn’t an option for me. The use of VPNs is apparently on the rise and yet there’s no option to import VPN configuration files with DD-WRT so you have to set everything up manually. Just as bad is the fact that you can only setup a single VPN client, so if the configured server drops for any reason, you can’t quickly switch to another. I liked Shibby’s Tomato a lot, but it doesn’t work with the newer ARM based routers unfortunately.

What do you think about all this?