Advanced Security Timothytimes' Security Config 2022

Last updated
Jun 24, 2022
About
Personal and shared with family members
Additional PC users
3 additional users
Desktop OS
Windows 11
OS edition
Pro
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
None or Don't know
Real-time protection
F-Secure SAFE 18.3
Malwarebytes Windows Firewall Control
Software firewall
Provided by a third-party security vendor. Refer to 'Real-time protection' for details.
Custom RTP, Firewall and OS settings
O&O ShutUp10++: almost all the recommended settings
Simple Windows Hardening: basic recommended settings
Malware testing
No malware samples
Periodic security scanners
Emsisoft Emergency Kit, Adwcleaner, HitmanPro, Norton Power Eraser
Secure DNS
Comss.one DNS (system-wide)
VPN
Windscribe or Bitdefender VPN (when it's necessary)
Password manager
Bitwarden (desktop application and browser extension) and KeepassXC (for backups)
Browsers, Search and Addons
Librewolf 100.0.2-1
Extensions: Bitwarden, Browsing Protection by F-Secure, Netcraft, Feedbro, Tampermonkey (AdGuard Extra), Translate Web Pages, uBlock Origin (filters, medium mode), AnonAddy
Search engine: Startpage
Maintenance and Cleaning
Reg Organizer 8.91, Revo Uninstaller Pro 5.0.1, SUMo
Personal Files & Photos backup
iCloud; MEGA
Personal backup routine
Manual (maintained by self)
Device recovery & backup
-
Device backup routine
None
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Browsing to unknown sites. 
  4. Emails. 
  5. Shopping. 
  6. Banking. 
  7. Downloading software. 
  8. File sharing and torrents. 
  9. PC and cloud gaming. 
  10. Multimedia. 
Computer specs
i3 7100, GTX 1050Ti, 8Gb DDR4, 1Tb HDD.
Personal changelog
01.01.2022 - the post was created;
02.01.2022 - deleted Privacy Badger, DDG Privacy Essentials, LocalCDN and ClearURLs; enabled medium blocking mode in uBo and strict tracking protection in Firefox;
04.02.2022 - switched from FS Protection and Simplewall to Kaspersky Standard;
18.02.2022 - deleted Avast AntiTrack;
23.02.2022 - switched from Kaspersky Standard to FS Protection and Simplewall.
20.03.2022 - switched from Firefox to librewolf
25.05.2022 - added Simple Windows Hardening
Feedback Response

General feedback

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,833
It's my security config for 2022. In 2021 I used the similar one (without Avast AntiTrack and Simplewall).
To me it seems like you are trying to set your focus mainly on privacy according to all the privacy extensions you are using. The problem is that more privacy extensions do not actually improve, but lower your privacy and security on the web.

Some articles about this topic:
1. How anti-fingerprinting extensions tend to make fingerprinting easier
2. Why you should be careful with browser extensions
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,833
What addons do you think I ought to remove?
Thats up to you. I personally would remove all extensions that provide some kind of tracking protection (CleanURLs, PrivacyBadger, DuckDuckGo Privacy Essentials and LocalCDN if you have Strict tracking protection enabled in Firefox. Firefox has solid integrated tracking protections that cover quite a lot of tacking mechanisms and uBlock Origin would be a good and simple addition.
Consider setting up one of those modes for uBlock Origin for enhanced security: Blocking mode · gorhill/uBlock Wiki
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14
Thats up to you. I personally would remove all extensions that provide some kind of tracking protection (CleanURLs, PrivacyBadger, DuckDuckGo Privacy Essentials and LocalCDN if you have Strict tracking protection enabled in Firefox. Firefox has solid integrated tracking protections that cover quite a lot of tacking mechanisms and uBlock Origin would be a good and simple addition.
Consider setting up one of those modes for uBlock Origin for enhanced security: Blocking mode · gorhill/uBlock Wiki
Thanks! I've removed Privacy Badger and DDG Privacy Essentials, and medium blocking mode has been enabled in uBo
 
Last edited:

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,833
Thanks! I've removed Privacy Badger and DDG Privacy Essentials, and medium blocking mode has been enabled in uBo
Great! I personally also used LocalCDN for a long time but found out that it is not really needed if you have First Party Isolation (FPI) or Total Cookie Protection / Dynamic First Party Isolation (dFPI) enabled.
Total Cookie Protection or dFPI will automatically be enabled when you choose to set Firefox's Enhanced Tracking Protection to Strict --> Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
If you don't want to do that you can still enable FPI in about:config by setting the value of privacy.firstparty.isolate to true.

Here a Reddit thread about all this: https://www.reddit.com/r/PrivacyGuides/comments/qmxy31
Hope it's not too confusing. :)
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14
Great! I personally also used LocalCDN for a long time but found out that it is not really needed if you have First Party Isolation (FPI) or Total Cookie Protection / Dynamic First Party Isolation (dFPI) enabled.
Total Cookie Protection or dFPI will automatically be enabled when you choose to set Firefox's Enhanced Tracking Protection to Strict --> Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
If you don't want to do that you can still enable FPI in about:config by setting the value of privacy.firstparty.isolate to true.

Here a Reddit thread about all this: https://www.reddit.com/r/PrivacyGuides/comments/qmxy31
Hope it's not too confusing. :)
Great! I appreciate your kindness and efforts to make my config better. I've just deleted LocalCDN and set my tracking protection to scrict. Also, I've enabled FPI, but it might be unnecessarily
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14
I agree with @SecureKongo. What do AdGuard Extra do for you? Are you using it as a script built in Tampermonkey?

I'm using 'Legitimate URL Shortener' filter instead of ClearURLs.
I use Adguard Extra script which I added in Tampermonkey. In my opinion, Adguard Extra is a good decision to block YandexDirect (and not only this) advertisements where it won't delete by DNS and uBo filters.
 

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,833
I agree with @SecureKongo. What do AdGuard Extra do for you? Are you using it as a script built in Tampermonkey?

I'm using 'Legitimate URL Shortener' filter instead of ClearURLs.
Nice recommendation. The filters "Legitimate URL Shortener" and "AdGuard URL Tracking Protection" in uBlock Origin are basically doing the same as ClearURLs @timothytimes
 

plat1098

Level 27
Verified
Top poster
Well-known
Sep 13, 2018
1,653
If you have set the tracking protection to "Strict" you should disable FPI as it can conflict with dFPI.
I use the Custom setting in Firefox. This is what it looks like. So far, no problems--since about 4-5 months. I still get "breakthrough" cookie notices occasionally so the Element Picker comes in handy rather than scrounging around for more lists.


ffcus.PNG
 

SecureKongo

Level 29
Verified
Top poster
Well-known
Feb 25, 2017
1,833
I use the Custom setting in Firefox. This is what it looks like. So far, no problems--since about 4-5 months. I still get "breakthrough" cookie notices occasionally so the Element Picker comes in handy rather than scrounging around for more lists.


I am not quite sure about that but I think that setting tracking protection to custom might not trigger the dFPI feature of Firefox. At least they are only stating that "Strict" will enable it on their site: Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
 

oldschool

Level 67
Verified
Top poster
Well-known
Mar 29, 2018
5,643
I am not quite sure about that but I think that setting tracking protection to custom might not trigger the dFPI feature of Firefox. At least they are only stating that "Strict" will enable it on their site: Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
I'm not either but I found this on Reddit https://www.reddit.com/r/firefox/comments/rp8fk7/_/hq2zdy2 Who knows what to believe on R when there are no references/documentation.

I believe if you select "Custom", Cookies -> "All 3rd party cookies" and Tracking content -> "In all windows" it is at least as strong if not more so. Website breakage could occur but I've never encountered any while blocking 3rd party cookies.

In the end I think it's 6 of one, 1/2 dozen of the other. FF strict is very good protection with recent developments.
 
Last edited:

oldschool

Level 67
Verified
Top poster
Well-known
Mar 29, 2018
5,643