How to build a Firefox privacy arsenal

Discussion in 'privacy technology' started by CloneRanger, Aug 14, 2013.

Thread Status:
Not open for further replies.
  1. Alexandru

    Alexandru Registered Member

    Joined:
    Jan 18, 2014
    Posts:
    15
    Location:
    Netherlands
    I´m using Jondofox Plugin for Firefox and following addons

    - firegloves
    - better privacy
    - cookie monster
    - Adblock plus
    - Ghostery
    - NoScript
    - Request Policy
    - HTTPS-Everywhere

    Disabled:

    - Hardware acceleration
    - Safe browsing
    - cache
    - error reports to Firefox

    pfSense router:

    -added nearly all block lists with pfblocker. (www.iblocklist.com)
    -all Microsoft IP ranges blocked
    - extended /etc/hosts in pfsense

    Checked my browser on http://ip-check.info/?lang=en

    that´s all
     
  2. Phil McCrevis

    Phil McCrevis Registered Member

    Joined:
    Mar 25, 2012
    Posts:
    97
    Location:
    US
    Are you using JonDoFox browser?
     
  3. Alexandru

    Alexandru Registered Member

    Joined:
    Jan 18, 2014
    Posts:
    15
    Location:
    Netherlands
    Jondofox is a profile with custom settings für Firefox web browser, that´s what I´m only using on my linux machine.

    The other tool they are providing is Jondo, a proxy tool with cascades. But I have configured VPN, SSH cascades and/or ancrypted vLAN chains. That´s enough for me.
     
  4. Gitmo East

    Gitmo East Registered Member

    Joined:
    Jul 28, 2013
    Posts:
    106
  5. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    ive been trying out a very useful addon called random agent spoofer, its awesome it does the work for you aka randomizes through all kind of user agents at random intervals, you can disable certain agents that mess up your browsing experience of course, nothing comparable as of yet exspecially its feature set and definitely better than all the other outdated user agent addons mentioned , check it out and let me know what you guys think of it

    https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/?src=ss
     
  6. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    How interesting. Does this defeat browser fingerprinting? Have you tested it on that EFF website?
     
  7. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    appears to be unique among the 3,850,692 , score is at least 21.88 bits of identifying information.
    of course this literally changes with every user agent that it switches to in randomized orders at random intervals , so not sure what use panopticlick actually is tbh not to mention its database being outdated , except for jondonyms browser test im yet to find one that actually test your browsers security as of yet

    imo another great addon for the privacy arsenal , thou i wouldnt recommend using it with tor browser bundle that one got its own user agent spoofing going on dont wanna mess with that

    oh and add these 2 entrys into your about>config in order to prevent your browser from making thumbnails from your websites visited

    You see a New entry in the right-click context menu that shows three choices for creating a new pref: String, Integer, Boolean.

    You need to select the last choice: Boolean

    In the dialog that opens you can paste the name of the first pref that you need to create:

    browser.pagethumbnails.capturing_disabled

    Click OK to proceed to the next dialog where you can select the true value for this pref.

    You can repeat this this for the second pref and paste this for the name:

    pageThumbs.enabled

    Click OK to proceed to the next dialog where you can select the false value for this pref.

    and as always sandbox your web stuff anyhow
     
    Last edited: Feb 11, 2014
  8. Gitmo East

    Gitmo East Registered Member

    Joined:
    Jul 28, 2013
    Posts:
    106

    Thanks for posting, :thumb:
    Finally a user agent addon I like.
     
  9. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    Yes I agree. Thanks so much!
     
  10. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  12. Gitmo East

    Gitmo East Registered Member

    Joined:
    Jul 28, 2013
    Posts:
    106
    Something cool I've noticed while using this addon is it does a great job of messing with http://www.dnsleaktest.com/
    It gives a different location on each load/refresh :eek: I figure this is due to the Header spoofing.
    I'm going to say so far this is proving to be an outstanding product.
     
  13. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    Does Random Agent Spoofer mess with fonts on websites though ?
     
  14. Gitmo East

    Gitmo East Registered Member

    Joined:
    Jul 28, 2013
    Posts:
    106
    I've seen no difference when browsing at all... yet.
     
  15. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    I gave it a try and it failed on ebay/amazon quite badly made all the fonts and lining and spacing look strange and unviewable. In fact it won't let me even submit this reply on wilders forum!

    You can of course left click the random agent spoof icon and switch it on and off.

    Overall not sure how much this will make in the long run... for now ill uninstall it but I like the idea behind it just don't think its practical.
     
  16. Gitmo East

    Gitmo East Registered Member

    Joined:
    Jul 28, 2013
    Posts:
    106
    I checked Ebay and Amazon, both where fine in fact I haven't seen an issue yet.I figure it depends on the current profile in use. right click icon to change profile. I have selected Random (Desktop only), maybe this is why.
     
  17. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    Well despite uninstalling Random Agent Spoofer, I found my browser was acting very strange. Buttons not clicking no longer and options on websites unable to work.... even my webmail was not showing my inbox or anything.

    So ill issue a warning about Random Agent Spoofer, I think it alters your browser finger print and config despite being removed.

    Had to spend the last 2 hours reloading my browser + addons and tweeks again since sadly the last backup I did was with Agent spoofer installed:(

    Anyhow back up and running and all sites are normal and working.

    Could have just been myself but if anyone else trys it back up your browser first!
     
  18. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    well what you gona wanna do is disable standard font , i too have found out standard font not being particularily liked by a couple of sites makes some things go crazy like buttons displaying as numbers etc , again just disable standard font in extras
     
  19. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,868
    Location:
    Outer space
  20. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    Thanks a lot BoerenkoolMetWorst. Very useful link. I will review carefully and see update my browser settings as needed :)

    Also, i am awaiting for PrivacyBadger addon for its official release. Looks to be an promising addon based on the author's comments on the github page.

    Thanks, Harsha.
     
  21. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    I tried random agent spoofer on all of my browsers and I couldn't login to email accounts. And sometimes I could but it thought I was trying to login from a cell phone. But something else funny. After I removed it, I checked one of my browsers to make sure that geo.enabled was false and it was true. I wasn't sure if I had changed that particular browser. That's why I checked. But then I checked my other browsers and all of them had been toggled back to true, somehow. That addn was the only thing I could think of that could have changed it. Unless a Firefox update did it.
     
  22. Lyx

    Lyx Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    149
    Hi,

    I think it's a good choice to use jondofox profile (but maybe it could be better to use the jondobrowser itself).

    The jondofoxprofile comes with Adblock+, https everywhere, Cookies Monster, certificate patrol and Noscript, plus Safecache (and using jondofox profile or jondofox browser is in my knowledge the sole mean to get up-to-date version of safe cache). Disk cache is disabled, Ram cache is allowed. So, having disk cache already disabled, and the extension safecache enabled, why disabling the cache entirely ? You surely consume more bandwidth, your browsing experience may be impaired, but for what benefit in terms of privacy/anonymity with Safecache activated?

    Concerning Betterprivacy: Why not, but I think in an anonymity/pricacy point of view it is better to follow the Jondo team's advice and to modify the file mms.cfg. Doing so has further benefits moreover (see the link below).
    https://anonymous-proxy-servers.net/en/help/flash-applets.html

    Concerning Firegloves: This addon does something what surprisingly Jondofox/browser doesn't: It smooth and anonymyzes screen resolution and browser window. But it changes the HTTP-UA too, as the jondofox/browser does, and they are not the same. So, are you sure Firegloves is compatible with Jondo stuffs ? For screen/window anonymisation uniquely, you could use the new addon Happy Bonobo screen identifiers, which removes S.I. entirely (but that breaks some sites). This addon is in development, and I hope future versions will treat this problem.
    https://addons.mozilla.org/en-US/firefox/addon/happy-bonobo-clear-screen-iden/.

    In an anonymity/privacy point of view, you could use the Firefox option disable-webrtc, or use the addon Happy Bonobo Disable Webrtc
    https://addons.mozilla.org/en-US/firefox/addon/happy-bonobo-disable-webrtc/?src=api

    Concerning addons such as Ghostery Disconnect etc: The Tor's team warns :
    https://www.torproject.org/projects/torbrowser/design/


    There are 4 other addons I like, that seem not to have been cited in the previous posts:

    TrackMeNot, which send random request to the search engine of your choice at the rate of your choice:
    https://cs.nyu.edu/trackmenot

    You can choose to use a black list of queries-terms, such as those probably monitored by the DHS, in order to avoid to set a red flag on you:

    http://www.forbes.com/sites/reuvenc...ds-used-to-monitor-social-networking-sites/2/


    White Noise Generator: Same principle, but for surfing: In a dedicated browser-window, this addon opens random sites with randomly choose delay. The goal is that third party monitoring your traffic can not be able to see a difference between randomly opened websites and intentionally opened websites.
    https://addons.mozilla.org/en-US/firefox/addon/white-noise-generator


    Download Status Bar: Not really a privacy/security enhancer per se, but it has a cool features: It calculate the MD5/Sha1/MD2/Sha258/Sha512 checksum of the file you have downloaded, and offer you an easy mean to compare it with the fingerprint the file must have if all went well.
    https://addons.mozilla.org/en-US/firefox/addon/download-status-bar

    IPFlood: With it you can randomly spoof and synchronize eg the http headers X-FORWARDED-FOR and CLIENT-IP. That contributes to more obfuscate your connection.
    https://addons.mozilla.org/en-US/firefox/addon/ipflood



    Finally, what do you think about addons such that Self Destructing cookies and Dephormation ?
    https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies
    https://www.dephormation.org.uk/
     
    Last edited: Jun 4, 2014
  23. Alhaitham

    Alhaitham Registered Member

    Joined:
    May 18, 2013
    Posts:
    188
    Location:
    Egypt
    In my signature
     
  24. Lyx

    Lyx Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    149
    So, your signature indicates you like SDC. But.... Could you develop ? :)
     
  25. Alhaitham

    Alhaitham Registered Member

    Joined:
    May 18, 2013
    Posts:
    188
    Location:
    Egypt
    ?? :)

    Edit:

    OK got it

    - Some sites don't work if you disable cookies so using SDC to trick them :)
    - It supports whitelisting
    - It also removes localstorage
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.