Tweak your browser to enhance security and privacy

17 risposte [Ultimo contenuto]
pizzaiolo
Offline
Iscritto: 03/12/2015

Hi! I've just created this documentation page: https://trisquel.info/en/wiki/tweak-your-browser-enhance-security-and-privacy

It's basically copypasted from privacytools.io, but I thought it would be useful to have it here. I know these things are controversial, so here's the place to argue about it. Also, feel free to improve it!

Ideally we also want to include Midori tips and tricks :)

Dave_Hunt

I am a member!

Offline
Iscritto: 09/19/2011

Thanks for this contribution!
How is keeping an off-line browser cache a security risk?

GNUser
Offline
Iscritto: 07/17/2013

"webgl.disabled = true

WebGL is a potential security risk.
"

I noticed that in Tor Browser, that line is "true". Could it be that the NoScript addon handles that issue?
Anyway, I would encourage anyone to use NoScript. Even if you set it to allow all by default, it will protect you from XSS attacks and clickjacking.
How about adding an AppArmor profile to restrict browser access to the system? :)

cooloutac
Offline
Iscritto: 06/27/2015

yes apparmor should be in there, i'm happy that trisquel has a profile for abrowser :)

cooloutac
Offline
Iscritto: 06/27/2015

tks. I also typed cache in about:config, and changed every cache entry from true to false, I got fed up with the hdd caching and just disabled everything.

some things I didn't know to disable on that tutorial, and I really appreciate it. awesome job.

I'm still wondering though if the privacy.trackingdisabled.enabled is really doing anything. You are supposed to get the icon and drop down menu next to the address bar when it is activiely blocking something. For example, it should show up on youtube.

cooloutac
Offline
Iscritto: 06/27/2015

it is doing something, i tested on some pages with things i know it blocks. We just don't get the icon menu for it, for example if you wanted to disable it for a certain page only.

cooloutac
Offline
Iscritto: 06/27/2015

So I went to a porn site and did the see the icon pop up briefly for the first time for a domain. But its weird, it should be popping up on alot of other sites, even with noscript and an adblock installed.

SuperTramp83

I am a translator!

Offline
Iscritto: 10/31/2014

Excellent pizzamen! +1 and another +1 ! :)

G4JC
Offline
Iscritto: 03/11/2012

Nice list, added one item to it concerning DRM.

pizzaiolo
Offline
Iscritto: 03/12/2015

Thanks! I kept it out because I thought Abrowser and IceCat don't have DRM support anyway.

jei
jei

I am a member!

Offline
Iscritto: 02/18/2015

They don't have it and will never get it, because DRM support required proprietary software.

Legimet
Offline
Iscritto: 12/10/2013

Once DRM arrives on the GNU/Linux version of Firefox, quidam will disable it anyway.

SuperTramp83

I am a translator!

Offline
Iscritto: 10/31/2014

pizzaiolo. I've been working on the about:config preferences for several hours some months ago. In fact, at some point I was thinking about writing some kinda list and place it here in the wiki. But, for some reason, I didn't.

I know I changed a lot of things. Every single setting I double or triple checked. Changes in the list are all about privacy/security. And there are a lot of things I changed. These changes have not in any way broken my browser or browsing experience. Everything works just fine.

Here you can find my prefs.json -> https://paste.debian.net/280150/

Feel free to browse it and add to your list whatever you find useful from my list.
It's a tough work but somebody has to do it :)

And when the list in the page you created is final and done, when the page is mature, I will translate it to Italian.

cheerZ!

pizzaiolo
Offline
Iscritto: 03/12/2015

Thanks maestro! That's a lot of tweaks. I trust you to add them to the page, as I don't know what any of these do :P

When/if you do, be sure to explain a bit what each of these does. Cheers!

SuperTramp83

I am a translator!

Offline
Iscritto: 10/31/2014

As promised, here you will find a trimmed list with only the relevant entries and a brief description of what they do.

https://paste.debian.net/280285/

I'm sure there are many others I ignore.
I will give it another look one of these days.

cheerZ

tomlukeywood
Offline
Iscritto: 12/05/2014

never knew debian had there own pasting site!

tdlnx

I am a member!

Offline
Iscritto: 04/09/2014

I will usually recommend people take a look at www.prism-break.org also. It gives some great alternatives to nonfree programs and some recommended firefox/abrowser/etc addons.

GNUser
Offline
Iscritto: 07/17/2013

May I suggest adding this link?

http://www.insanitybit.com/2012/05/31/compile-and-patch-your-own-secure-linux-kernel-with-pax-and-grsecurity/

Grsec + linux-libre = damn secure linux kernel! Perfect for our GNU.