I would like to begin with the fact that this is my first experience in writing articles, so do not kick me hard.
Today we will learn how to optimize our browsers for work or for everyday web surfing. It will be useful first of all for those who want to broaden their horizons and learn something new, so let’s go. We will consider only Firefox browser and Tor browser, both distributed with open source code. By the way, antidetect type software is also made based on Firefox, but this software is more suitable for carders, so to speak for a narrower focus. Quite recently Firefox 54 has been released. The main feature of updated Firefox is support of multiprocess mode of web-pages processing, work on which was conducted for eight years under codename Electrolysis (E10S).
Download the installer from https://www.mozilla.org or download the archive with the portable version https://portableapps.com/apps/internet/firefox_portable Tor browser is available at https://torproject.org
Click the Setup icon, go to the Basic menu. Select When you start Firefox: Show Blank Page Uncheck Always check if Firefox is your default browser Next, in the Search menu, select the search engine DuckDickGo. The policy of this search engine emphasizes the confidentiality of user data, not recording or storing any user information, and not tracking users. Next Content, uncheck Play DRM content. Previously, Flash and Silverlight were used to run DRM content. Since version 52, it works only with Adobe Flash. Privacy tab, enable Do Not Track, put a checkmark in Use anti-tracking protection History: Firefox will not remember history Security tab, put a checkmark in Warn when websites try to install add-ons Uncheck the Block dangerous and deceptive content, this is Google Safe Browsing, about it next. And uncheck Remember logins for sites Advanced tab, then Data Selection, uncheck all the boxes.
Starting with Firefox 32, Mozilla is using Chrome Safe Browsing to validate all downloads, just as Chrome does. It computes a SHA-256 hash for each downloaded file and sends it to Google along with other information (URL, file size in bytes). It should also be added that domains are checked with the same system, in particular your links to bot admins, bindings and etc.
Google Safe Browsing
Type about:config into your browser’s address bar and press “Enter”. Read the warning and click “I promise I’ll be careful!”. Enter the lines below in the search box and change the value from true to false (double-click)
browser.safebrowsing.enabled = false browser.safebrowsing.downloads.enabled = false browser.safebrowsing.malware.enabled = false services.sync.prefs.sync.browser.safebrowsing.malware.enabled = false browser.safebrowsing.downloads.remote.enabled = false
Remember to clear the contents of the safebrowsing folder in your profile, at FirefoxDataprofilesafebrowsing
WebRTC Leak your real IP address when using VPN/TOR. Checkhttps://net.ipcalf.com media.peerconnection.enabled = false
Geolocation Disables the user location function. geo.enabled = false geo.wifi.uri = 127.0.0.1
Search prompts Everything you type in the search bar is merged with the search engine. browser.search.suggest.enabled = false
Disable IPv6 DNS requests network.dns.disableIPv6 = true
Tracking Protection Allows you to disable scripts and other mechanisms on sites that track what the user is viewing and doing. privacy.trackingprotection.enabled = true
Forbid to define connection parameters to the network (the connection type is transmitted: LAN, Wifi, 3G, 4G and so on) dom.network.enabled = false
Disables browser transmission of page load start and end timeinformation. Analysis of this data allows you to determine whether a proxy server is being used. dom.enable_performance = false
Disables DNS name preresolution for all links on a web page. This can cause DNS traffic leakage when working through a proxy server. network.dns.disablePrefetch = true
Send DNS queries through a proxy when using a proxy. Otherwise they will go directly and may expose the real IP address. network.proxy.socks_remote_dns = true
Prevent sites from accessing the local machine to detect open ports network.proxy.no_proxies_on = (no value)
Starting with Firefox 29, there is a seer mechanism that tracks and remembers requests when a page is visited. network.predictor.enabled = false
Disable browsing of PDF documents using the browser pdfjs.disabled = true
Prohibits monitoring the battery status and thereby retrieving identifiable information. dom.battery.enabled = false
Disable plugin-container crash messages that provide flash player operation dom.ipc.plugins.flash.subprocess.crashreporter.enabled = false
Ping-tracking allows the server to easily track user actions browser.send_pings = false
Preload resources network.prefetch-next = false
Prohibits sites from sending detailed information about the system’s graphical capabilities webgl.disable-extensions = true webgl.min_capability_mode = true
Disabling browser crash reports: Breakpad.reportURL = 127.0.0.1
For a more complete list, see https://forum.mozilla-russia.org/viewtopic.php?id=36226
3. Plugins and extensions
Press Ctrl Shift A in the browser, go to the plugins section, disable absolutely all plugins, including Shockwave Flash, Google Update, Java and others, the latter is better to be removed from the device completely or even further disable in Java Control Panel unchecking the Enable Java content in the browser
Go to the Extensions tab. I personally use these:
HTTPS Everywhere Automatically forces websites to use more secure HTTPS. PrefBar allows you to change User-agent and more in 1 click. Ghostery Detects and monitors invisible objects that embed in web pages and collect user data. Provides privacy for online activity. UBlock, Adblock Plus is the best option for ad blocking, the first with open source. Disable webRTC additional protection against webRTC. Privacy Setting allows you to change the desired security settings in 1 click, which we changed above.
Download plugins at https://addons.mozilla.org
With Firefox version 48 there is Electrolysis mode, which allows to work with each tab as a separate process. This significantly improves web security and results in up to 700% faster page rendering
browser.tabs.remote.autostart = true extensions.e10sBlockedByAddons = false extensions.e10sBlocksEnabling = false
Suppose you need to block a certain ip or domain. You have two options. You can use either hosts file or firewall. Let’s take a look at the first one. Almost all browsers do not work with hosts directly. You can put the HostAdmin extension(https://addons.mozilla.org/en-US/firdon/hostadmin/) and now you can specify unnecessary domain in the file WindowsSystem32driversetchosts, for example https://analytics.google.com, which is used to collect visitor data. You can also make a list of unnecessary addresses by typing in the browser line about:networking and going to the desired site you will see a list of outgoing connections.
You can download my hosts list here https://www.sendspace.com/file/ntqqgo
(c) 2017 v3n0m1
bin go dumps