- Feb 25, 2017
- 2,597
KeyScrambler by QFX Software Corp. – The most effective anti-keylogging software
www.qfxsoftware.com
plugin.scan.plid.all = false
But I doubt that it's that effective..
8 reasons to ditch Chrome and switch to Firefox
- Thread starter Imranmt
- Start date
www.qfxsoftware.com
But I doubt that it's that effective..
- Mar 19, 2022
- 651
I've tried software like that before, it works but it has a huge impact on your browsing experience. Everything you type has delays and you end up with more grammatical errors. I can't have even more of thoseit also has the option to impact your typing speed, so that you can't be profiled with the way you type.KeyScrambler by QFX Software Corp. – The most effective anti-keylogging software
I have that turned on. It works very well for add-ons because none are visible after you enable it, but it does nothing for plugins (eg PDF viewer, Chrome PDF viewer). I think the developers confused add-ons and plugins while writing that part of the code.
- Feb 25, 2017
- 2,597
You can regulate the intesity of the the impact but I agree, probably not worth the hassle.
I looked at your config, my settings are exactly the same as yours but I'm not getting the results you are, the only difference is your addons. I don't use bitwarden, skip redirect or adguard, and I don't sandbox my browser. I use uBlock, ClearURLs and Kee instead.check out my security config. There you can see my Firefox settings in detail.
The only thing I can think of is my CanvasBlocker spoofing a value to a unique value. Do you get a WebGL Hash when testing on Cover Your Tracks?
I still don't think the site is the best tool to measure uniqueness but it bothers me that the same settings get better result on one computer as they do on the other.
- Feb 25, 2017
- 2,597
You can just use the Legitimate URL Shortener blocklist in uBlock Origin instead of a standalone extension like ClearURLs. The fewer extensions the better for privacy. And why would you use CanvasBlocker while having privacy.resist.fingerprinting enabled? Choose either built in fingerprinting protection, or the extension. And yes, I also get a webgl hash.
The URL shortening list no longer exists in uBlock or they renamed it, I can't find it anymore.
CanvasBlocker allows you to protect navigator, it allows you to spoof your navigator to force your OS when using a VPN. If you don't you'll get a double OS fingerprint (one for your computer and one for the server OS) in your canvas unless you use Linux. I don't know of any other add-on that allows you to change this.
Last edited:
- Feb 25, 2017
- 2,597
Trace was a great extension, but it's discontinued now. But then at least disable privacy.resist.fingerprinting if you use CanvasBlocker. They just overlap.
It's a third party filterlist for url parameters. You will have to manually add it to your filterlist, if you'd like to use it. In uBlock Origin, however, there is a built-in URL tracking list from AdGuard (AdGuard URL Tracking Protection).
They do overlap but they also don't, CanvasBlocker sees the Canvas and fakes it, then RFP kicks in and randomizes it. So the result is the same as RFP alone but if that fails and gets disabled (by a now unknown exploit) it gets faked by CanvasBlocker so it will still be random.
Like Thorin-Oakenpants (who contributes to Arkenfox) says at the bottom of this github issue it's fine to use CanvasBlocker in default mode he also talks about a few times in the Arkenfox Wiki.
RFP is superior and Extensions can leak so having it as a fall back, so I can use it to spoof Navigator, is more secure than CanvasBlocker alone.
Adblockers are very easy to fingerprint by testing the list entries so adding all the defaults is fine but the more special lists you add (country specific etc.) makes you more unique. If you start adding manual lists you'll become even more unique because the scripts that identify adblockers are written for add-ons such as uBlock or AdGuard and test those lists. By using a separate add-on like ClearURL it will be harder to track because it does things locally as far as I know. But I could be wrong.
With Firefox in specific, it doesn't matter. Addons in itself makes Firefox as a browser more unique in that regard, more so as opposed to Chromium browsers. Since it was built and intended to be customizable, hence it always being "unique". Anywho, I merely pointed out where you could find it, since you asked.
Filterlists are such a minor fingerprint in Firefox (specifically), that it can be neglected with how the algorithms target it. While I agree with you that is true and Add-ons do make you more unique I haven't found a leak in using "plugin.scan.plid.all = false" yet. Every site I test on says I'm not using any Add-ons at all.With Firefox in specific, it doesn't matter. Addons in itself makes Firefox as a browser more unique in that regard, more so as opposed to Chromium browsers. Since it was built and intended to be customizable, hence it always being "unique". Anywho, I merely pointed out where you could find it, since you asked.
It's easier to break and exploit a simple rule in a configuration (Firefox) than a browser built around not using any (or many) Add-ons (Brave) it looks like it still works.
I tested it with multiple different Add-ons enabled, none of them ever showed up in tests so far.
- May 17, 2015
- 714
Report for https://madaidans-insecurities.github.io/firefox-chromium.html/security-researcher-views | Norton Safe Web = Safe -> Technology/Internet
Last edited:
- Mar 9, 2014
- 617
You can also use the Multi-Account Containers addon and put various sites in their own containers.
- Feb 25, 2017
- 2,597
You might want to read this regarding the overlap of Total Cookie Protection (which is enabled if you set enhanced tracking protection to Strict) and Multi-Account Containers.
I personally think that MAC are not worth the hassle and that TCP is absolutely enough. I already discussed this with @oldschool and @SeriousHoax some time ago if I remember correctly.
Last edited:
That what I do to an extent. Microsoft services in one container, same for Google in another, but to also organise the tabs visually. If I got a dozen tabs open, then I could also notice immediately by colour, where colour x is for subject 1 and Y for subject 2 for example. A bit backwards organising while in use, however, since I got the add-on installed, might as well make use of it.
Side-note: I block all third-party cookies through ETP custom settings, so I don't get the cookie jar from Total Cookie Protection. Well, as far as I'm aware, that is.
Side-note: I block all third-party cookies through ETP custom settings, so I don't get the cookie jar from Total Cookie Protection. Well, as far as I'm aware, that is.
The link gets redirected to the Github Homepage, instead of the github issue. Due to the tld referring to .co, instead of .com.You might want to read this regarding the overlap of Total Cookie Protection (which is enabled if you set enhanced tracking protection to Strict) and Multi-Account Containers.
GitHub · Build and ship software on a single, collaborative platform
Join the world's most widely adopted, AI-powered developer platform where millions of developers, businesses, and the largest open source community build software that advances humanity.github.co
I personally think that MAC are not worth the hassle and that TCP is absolutely enough. I already discussed this with @oldschool and @SeriousHoax some time ago if I remember correctly.
- Feb 25, 2017
- 2,597
Post editedThat what I do to an extent. Microsoft services in one container, same for Google in another, but to also organise the tabs visually. If I got a dozen tabs open, then I could also notice immediately by colour, where colour x is for subject 1 and Y for subject 2 for example. A bit backwards organising while in use, however, since I got the add-on installed, might as well make use of it.
Side-note: I block all third-party cookies through ETP custom settings, so I don't get the cookie jar from Total Cookie Protection. Well, as far as I'm aware, that is.
The link gets redirected to the Github Homepage. Due to the tld referring to .co, instead of .com.
- Mar 16, 2019
- 3,868
Yeah but I'm still confused about what happens if mine is set to block all third party cookies? Does Total Cookie Protection work in that case?
- Feb 25, 2017
- 2,597
Anyone can correct me, but the way I understood it all was that if you put the custom setting to "block third-party cookies" than you won't get the benefits of Total Cookie Protection. Sometimes also casually referred to as cookie jar. While only "strict" would give you that benefit. So I have configured my Firefox based on that understanding.
