LibreWolf - PrivacyLockedLoop - w/some modifications

PhaseLockedLoop · October 11, 2021, 9:44pm

Firefox is open-source and has less than 6% market share - #242 by AbstractConcept
Firefox is open-source and has less than 6% market share - #240 by qtwork
Firefox is open-source and has less than 6% market share - #243 by PhaseLockedLoop

Requests and discussions made by @AbstractConcept @ThatGuyB @qtwork @The_DM_Barlow

At request let them have cake LibreWolf

So you want privacy but you hate what Firefox has become out of the box but your also not quite wanting everything broke. You have an option. Its called LibreWolf

You can find their documentation here.

https://librewolf-community.gitlab.io/docs/

https://librewolf-community.gitlab.io/

Download it via their page or if you are running the most based distro … our lord and savior arch linux you can grab it from the AUR

oh by the way I run arch

My experience thus far

Its been a bit bumpy. LOTS of stuff is disabled. Its not got the most secure default certificate policy etc so I have made the following changes to my about:config. Ill get into extensions in a moment but these are my modifications. IMHO there is no good browser. They are all various levels of however it doesnt mean we cant have a preference Browsers will always suck because the web sucks: Why The Web Sucks (You Just Don't Know It)

Disclaimer: I know some of these compromise privacy. Im well aware of needing to configure IPv6 properly. You can take issue with it and not use the moidifcation but I am NOT willing to entertain the discussion as I rely on it. Feel free to contest or discuss it below amongst yourself as well as my other modifications

About Config Modifications

// TURN OCSP BACK ON 
user_pref("security.OCSP.require", true);
user_pref("security.xfocsp.errorReporting.automatic", true);


// HARDEN SSL to LIBRESSL defaults
user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
user_pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", false);
user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false);
user_pref("security.ssl3.rsa_aes_128_sha", false);
user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false);
user_pref("security.ssl3.rsa_aes_256_sha", false);
user_pref("security.ssl3.rsa_des_ede3_sha", "false");

// More tracking protection enabled
user_pref("privacy.trackingprotection.cryptomining.enabled", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.fingerprinting.enabled", true);

// Modified Privacy Shutdown settings
user_pref("privacy.clearOnShutdown.cookies", true);
user_pref("privacy.clearOnShutdown.offlineApps", true);
user_pref("privacy.clearOnShutdown.siteSettings", true);
user_pref("privacy.donottrackheader.enabled", true);
user_pref("privacy.history.custom", true);
user_pref("privacy.purge_trackers.date_in_cookie_database", "0");
user_pref("privacy.resistfingerprinting", "true");

// I require IPv6
ser_pref("network.dns.disableIPv6", false);
user_pref("network.http.fast-fallback-to-IPv4", false);

// Adding my DNS over HTTPS server
user_pref("network.proxy.socks_remote_dns", false);
user_pref("network.proxy.type", 0);
user_pref("network.trr.blocklist_cleanup_done", true);
user_pref("network.trr.custom_uri", "https://dns.< MY-TLD >.net/dns-query");
user_pref("network.trr.mode", 2);
user_pref("network.trr.uri", "https://dns.< MY-TLD >.net/dns-query");

// Vacuuming Databases
user_pref("storage.vacuum.last.index", 0);
user_pref("storage.vacuum.last.places.sqlite", 1633932227);

Extensions I current run

I have taken the following provisions that uMatrix is my replacement for NoScript as it allows me finer granular control. In addition to uBlock I am running a DoT + DoH + DoQ (soon) recursive DNS resolver locally with a pihole front end.

Temporary containers is nice but I have it on automatic mode. I also only use it when I really dont want a link to track me. It does not launch a new container each time. I find that to break too much.

User Agent Switcher rotates my user agent

Smart Referer is kind of nice. tyring it out. I ABSOLUTELY LOVE clear URLs.

Canvas Blocker and LocalCDN are thing that I have always ran

Cookies Autodelete is nice once configured properly. I really like Terms Of Service did not read. It allows you to look at the agreements and legal that might concern you

Lets here your experiences.

Also give back to the project if you can

Feel free to make this a continuous megathread of experiences

Mandatory Question: What browsers are you running. Whats your alternative to firefox

qtwork · October 11, 2021, 9:48pm

Oh Honey, aren’t you cute

Jokes aside, I’ve seen the countless ADs for it on youtube. Its probably pretty decent. Don’t know the relevance of it outside the US though, I’m saying that as a user who never even tried it.

PhaseLockedLoop · October 11, 2021, 9:50pm

LOL its my one vice… shhhh

Well it is and it isnt. Its nice enough. Just sign up with email not google or FB

Anyways thread created. Feel free to hate on FF in here. I approve any shade thrown at Firefox defaults

qtwork · October 11, 2021, 9:55pm

Well you and other peoples ramblings about Firefox made me switch to Brave the other day, I’m trying that for a while now. The only problem these days is that hardware is so good that with my fairly simple use the difference isn’t that big to be honest.

PhaseLockedLoop · October 11, 2021, 9:59pm

I definitely don’t have too many harsh things to say about brave I would use it if you want to I just created this thread because people wanted it and it seemed to be people’s default now that they’re switching away from Firefox and if I can make a place for them to all discuss it and discuss their stuff about extensions ETC… then that’s great That old thread if you read back into it it was actually quite toxic at a lot of points in it and I think it just needed to die

In any case here’s the thread If someone wants to make a brave thread they can.

I think it’s high time that I made a thread explaining the actual back end architecture of the internet and certificate authorities and ICANN and DNS roots and all the sorts because I don’t think enough people understand it and they all start kind of slapping each other around not realizing their own hypocrisy

In such a thread lunduke would play a role

regulareel · October 11, 2021, 10:47pm

The honey portion killed me

My only gripes:

Privacy Badger’s own devs think the addon isn’t usefull anymore and may actually increase tracking?
Is uMatrix actively maintained vs NoScript? I reverted back to NoScript because it was more recent, last I checked it.

I always like how you present your post. Much appreciated!

PhaseLockedLoop · October 11, 2021, 11:00pm

No problem

Its lightly maintained. It really doesnt need much maintenance… From what I see.

Thats a personal concern of mine as well. We will see in the developing months

Look its my one starbucks frappadappa-unicorn-dustchino level white girl addon OKAY

(incase you dont know what im referring to)

regulareel · October 11, 2021, 11:32pm

Its blaytiful!

Wait, this is a legit thing?

I wonder if I can order this from my local SB…
What do I say to the barista?

I tried to PM you instead of going offtopic but your messages seem blocked.

PhaseLockedLoop · October 11, 2021, 11:45pm

That’s on purpose. Lol

I’m a person of transparency I like to answer any questions publicly

It depends is she hot? There I go being me again

Bonk Shields Up… yellow alert

The_DM_Barlow · October 12, 2021, 1:06am

Honey. Of all things.

PhaseLockedLoop · October 12, 2021, 1:36am

Listen Linda

heres my logic. Im already being tracked using a credit card or amazon etc. Im tracked via a bank account for crying out loud. I might as well save some money on some online shopping occasionally

The_DM_Barlow · October 12, 2021, 2:02am

Are you aware of virtual CCs?

PhaseLockedLoop · October 12, 2021, 2:03am

It doesnt stop the tracking… LOL bank still sees everything through the transaction per their addendum arbitrarium

Literally not worth my time.

The_DM_Barlow · October 12, 2021, 2:06am

So get a decent bank, not a bad one. The same principle guiding people to use Librewolf does apply…

PhaseLockedLoop · October 12, 2021, 2:07am

Is there a decent bank? andrew jackson intensifies

The_DM_Barlow · October 12, 2021, 2:08am

Probably?

Vr234btXx · October 12, 2021, 4:31pm

To be honest, I am glad that you mentioned LibreWolf. Thanks.

PhaseLockedLoop · October 12, 2021, 4:32pm

I may hate mozilla. I dont hate the base software. I think the company corrupts it but any and every fork that stands against their ways is IMHO a good way to protest. So I will promote librewolf

Vr234btXx · October 12, 2021, 4:37pm

I totally understand. I like Firefox as well. But yes, Mozilla, like all companies following for profit models, whom are possibly even legally obligated to obey pressure from IC or congress, seem to be heading down one path. Where we are the product and our dataflow is the currency. After reading and watching and searching, I discovered exactly what you point out here, that there is a difference between a company and its products. Especially in development, as things unfold, evolve, overtime. I am loving LibreWolf dude, and I have you to thank for this. I feel safer now, and realize why Mozilla’s actions are questionable. I was unaware of somethings that I learned yesterday and that simply, changes everything. So, thank you.

PhaseLockedLoop · October 12, 2021, 4:38pm

in fairness I dont mind that you called me out on that other thread. Your welcome… I was fuming… like fuming… and a bit drunk xD