Differences

This shows you the differences between two versions of the page.

--- security:privacy [2015/05/24 14:26] – [Browser] cedric
+++ security:privacy [2017/11/24 22:52] (current) – [Browser] update list of Firefox extensios cedric
@@ Line 8: / Line 8: @@
     * [[https://www.eff.org/https-everywhere |HTTPS Everywhere]];
     * [[https://www.eff.org/privacybadger | Privacy Badger]];
-    * [[https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/ | Adblock Plus]];
+    * [[https://addons.mozilla.org/en-US/firefox/addon/ublock-origin | uBlock Origin]];
-    * [[https://addons.mozilla.org/en-US/firefox/addon/noscript/ | NoScript]] (only enable JavaScript on sites you trust, else enable temporally);
+    * [[https://addons.mozilla.org/en-US/firefox/addon/umatrix | uMatrix]];
-    * [[https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/ | FoxyProxy]];
+    * [[https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard | FoxyProxy]].
-    * [[https://addons.mozilla.org/en-US/firefox/addon/donottrackplus/ | DoNotTrackMe]];
+  * [[https://gist.github.com/cedricbonhomme/de05a2413273b8a3b7de | configurations]] in //about:config// with the file ''user.js'':
-    * [[https://addons.mozilla.org/en-US/firefox/addon/geolocater/ | Geolocater]].
-  * [[https://bitbucket.org/snippets/cedricbonhomme/cbj6 | configurations]] in //about:config//:
-    * set the value of //browser.search.suggest.enabled// to //false//;
-    * set the value of //network.http.sendRefererHeader// to //0// (you may experience some problems with CSRF);
-    * set the value of //geo.enabled// to //false//;
-    * set the value of //browser.urlbar.trimURLs// to //false//;
-    * set the value of //browser.urlbar.formatting.enabled// to //false//;
-    * set the value of //javascript.enabled// to //false// (in this case no need to install NoScript);
-    * set the value of //privacy.trackingprotection.enabled// to //true//.
   * Firefox preferences:
     * in the privacy tab precise that you do not want to be tracked by sites;
-    * do not accept cookies from sites and allow (for session only) sites you trust ([[http://blog.cedricbonhomme.org/2013/08/04/nouvelle-attaque-sur-les-utilisateurs-de-tor/ | example]]);
+    * do not accept cookies from sites and allow (for session only) sites you trust ([[http://blog.cedricbonhomme.org/2013/08/04/nouvelle-attaque-sur-les-utilisateurs-de-tor | example]]);
   * install [[https://www.torproject.org/ | Tor]]/Privoxy and use FoxyProxy to switch faster between Tor and the "no proxy" mode;
   * do not use Tor without HTTPS on sensible sites;
-  * if you are not already using all Google services you can use Google's DNS (8.8.8.8 and 8.8.4.4).
+  * avoid using Google DNS (even if they are fast and reliable). Prefer [[https://www.fdn.fr/actions/dns/ | French Data Network]] DNS resolvers (80.67.169.12, 80.67.169.40).
 Another good solution is to use the [[https://www.torproject.org/projects/torbrowser.html.en | Tor Browser]] which is based on Firefox and pre-configured  with the best settings for your privacy and uses the Tor network by default. No technical knowledge is required.
 If you are using a public computer I recommend you [[https://tails.boum.org/ | Tails]].
+==== Firefox preferences ====
+=== User preferences ===
+<html><script src="https://gist.github.com/cedricbonhomme/de05a2413273b8a3b7de.js"></script></html>
+=== Privacy ===
+{{ :security:firefox_configuration.png |}}
 ===== Browsing advices =====
@@ Line 66: / Line 68: @@
   * DukGo or another Jabber/XMPP service. Use [[https://otr.cypherpunks.ca/ | Off-the-Record]] (OTR), easy with Pidgin or Kopete;
   * a worth watching project: [[https://trac.torproject.org/projects/tor/wiki/org/meetings/2014WinterDevMeeting/notes/RoadmapTIMB | TIMB]];
+  * another interesting project: [[https://ricochet.im | Ricochet]];
   * IRC.
@@ Line 76: / Line 79: @@
 Of course, this list is not exhaustive.
+===== /etc/hosts =====
+The content of my ''/etc/hosts'' file is based on [[http://someonewhocares.org/hosts/ | this very good example]].
 ===== DNS =====
@@ Line 95: / Line 104: @@
 # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
 #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
-nameserver 8.8.8.8
+# French Data Network DNS resolvers
-nameserver 8.8.4.4
+nameserver 80.67.169.12
+nameserver 80.67.169.40
 # resolvconf -u
@@ Line 116: / Line 126: @@
 netmask 255.255.255.0
 gateway 192.168.1.1
-dns-nameservers 8.8.8.8 8.8.4.4
+dns-nameservers 80.67.169.12 80.67.169.40
 </code>
@@ Line 126: / Line 136: @@
 # exit
 $ nslookup cedricbonhomme.org
-Server:         8.8.8.8
+Server:         80.67.169.40
-Address:        8.8.8.8#53
+Address:        80.67.169.40#53
 </code>