Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
security:privacy [2015/05/07 11:50] – cedric | security:privacy [2016/10/23 01:19] – [Firefox preferences] cedric |
---|
* [[https://www.eff.org/https-everywhere |HTTPS Everywhere]]; | * [[https://www.eff.org/https-everywhere |HTTPS Everywhere]]; |
* [[https://www.eff.org/privacybadger | Privacy Badger]]; | * [[https://www.eff.org/privacybadger | Privacy Badger]]; |
* [[https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/ | Adblock Plus]]; | * [[https://addons.mozilla.org/en-US/firefox/addon/ublock-origin | uBlock Origin]]; |
* [[https://addons.mozilla.org/en-US/firefox/addon/noscript/ | NoScript]] (only enable JavaScript on sites you trust, else enable temporally); | * [[https://addons.mozilla.org/en-US/firefox/addon/noscript | NoScript]] (only enable JavaScript on sites you trust, else enable temporally); |
* [[https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/ | FoxyProxy]]; | * [[https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard | FoxyProxy]]; |
* [[https://addons.mozilla.org/en-US/firefox/addon/donottrackplus/ | DoNotTrackMe]]; | * [[https://addons.mozilla.org/en-US/firefox/addon/donottrackplus | DoNotTrackMe]]; |
* [[https://addons.mozilla.org/en-US/firefox/addon/geolocater/ | Geolocater]]. | * [[https://addons.mozilla.org/en-US/firefox/addon/geolocater | Geolocater]]. |
* configurations in //about:config//: | * [[https://gist.github.com/cedricbonhomme/de05a2413273b8a3b7de | configurations]] in //about:config// with the file ''user.js'': |
* set the value of //browser.search.suggest.enabled// to //false//; | |
* set the value of //network.http.sendRefererHeader// to //0// (you may experience some problems with CSRF); | |
* set the value of //geo.enabled// to //false//; | |
* set the value of //browser.urlbar.trimURLs// to //false//; | |
* set the value of //browser.urlbar.formatting.enabled// to //false//; | |
* set the value of //javascript.enabled// to //false// (in this case no need to install NoScript). | |
* Firefox preferences: | * Firefox preferences: |
* in the privacy tab precise that you do not want to be tracked by sites; | * in the privacy tab precise that you do not want to be tracked by sites; |
* do not accept cookies from sites and allow (for session only) sites you trust ([[http://blog.cedricbonhomme.org/2013/08/04/nouvelle-attaque-sur-les-utilisateurs-de-tor/ | example]]); | * do not accept cookies from sites and allow (for session only) sites you trust ([[http://blog.cedricbonhomme.org/2013/08/04/nouvelle-attaque-sur-les-utilisateurs-de-tor | example]]); |
* install [[https://www.torproject.org/ | Tor]]/Privoxy and use FoxyProxy to switch faster between Tor and the "no proxy" mode; | * install [[https://www.torproject.org/ | Tor]]/Privoxy and use FoxyProxy to switch faster between Tor and the "no proxy" mode; |
* do not use Tor without HTTPS on sensible sites; | * do not use Tor without HTTPS on sensible sites; |
| |
If you are using a public computer I recommend you [[https://tails.boum.org/ | Tails]]. | If you are using a public computer I recommend you [[https://tails.boum.org/ | Tails]]. |
| |
| ==== Firefox preferences ==== |
| |
| === User preferences === |
| |
| <html><script src="https://gist.github.com/cedricbonhomme/de05a2413273b8a3b7de.js"></script></html> |
| |
| === Privacy === |
| |
| {{ :security:firefox_configuration.png |}} |
| |
| |
===== Browsing advices ===== | ===== Browsing advices ===== |
* DukGo or another Jabber/XMPP service. Use [[https://otr.cypherpunks.ca/ | Off-the-Record]] (OTR), easy with Pidgin or Kopete; | * DukGo or another Jabber/XMPP service. Use [[https://otr.cypherpunks.ca/ | Off-the-Record]] (OTR), easy with Pidgin or Kopete; |
* a worth watching project: [[https://trac.torproject.org/projects/tor/wiki/org/meetings/2014WinterDevMeeting/notes/RoadmapTIMB | TIMB]]; | * a worth watching project: [[https://trac.torproject.org/projects/tor/wiki/org/meetings/2014WinterDevMeeting/notes/RoadmapTIMB | TIMB]]; |
| * another interesting project: [[https://ricochet.im | Ricochet]]; |
* IRC. | * IRC. |
| |
| |
Of course, this list is not exhaustive. | Of course, this list is not exhaustive. |
| |
| ===== /etc/hosts ===== |
| |
| The content of my ''/etc/hosts'' file is based on [[http://someonewhocares.org/hosts/ | this very good example]]. |
| |
| |
| |
===== DNS ===== | ===== DNS ===== |
| |
//resolvconf// is a set of scripts and hooks managing DNS resolution.\\ | //resolvconf// is a set of scripts and hooks managing DNS resolution.\\ |
The configuration of the internet connection is specified in the file ''/etc/resolvconf''.\\ It is possible to edit this file, but any change manually done will be lost as it gets overwritten next time something triggers resolvconf.\\ | The configuration of the internet connection is specified in the file ''/etc/resolvconf''. It is possible to edit this file, but any change manually done will be lost as it gets overwritten next time something triggers resolvconf.\\ |
An solution is to use the file ''/etc/resolvconf/resolv.conf.d/head'' in order to ensure a DNS server is always the first one in the list. | A solution is to use the file ''/etc/resolvconf/resolv.conf.d/head'' in order to ensure a DNS server is always the first one in the list. |
| |
<code bash> | <code bash> |