Advanced Security Timothytimes' Security Config 2023

Last updated
Jul 23, 2023
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
N/A
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Disabled
Real-time security
F-Secure SAFE 19.1
Malwarebytes Windows Firewall Control
Firewall security
About custom security
O&O ShutUp10++: almost all the recommended settings
Simple Windows Hardening: basic recommended settings
Periodic malware scanners
Emsisoft Emergency Kit, Adwcleaner, HitmanPro, Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
-
Browser(s) and extensions
Librewolf 115.0.2-2
Extensions: Bitwarden, uBlock Origin (filters, medium mode), AnonAddy
Search engine: Startpage
Secure DNS
Comss.one DNS (system-wide)
Desktop VPN
IVPN
Password manager
Bitwarden (desktop application and browser extension) and KeePass 2 (for backups)
Maintenance tools
Reg Organizer 9.11, Revo Uninstaller Pro 5.1.7, SUMo
File and Photo backup
MEGA
System recovery
-
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Downloading software and files from unknown / untrusted / shady sites
    • Sharing and receiving files and torrents
    • Gaming
    • Gaming with third-party mods
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
i3 7100, GTX 1050Ti, 8Gb DDR4, 1Tb HDD.
Notable changes
01.01.2022 - the post was created;
02.01.2022 - deleted Privacy Badger, DDG Privacy Essentials, LocalCDN and ClearURLs; enabled medium blocking mode in uBo and strict tracking protection in Firefox;
04.02.2022 - switched from FS Protection and Simplewall to Kaspersky Standard;
18.02.2022 - deleted Avast AntiTrack;
23.02.2022 - switched from Kaspersky Standard to FS Protection and Simplewall.
20.03.2022 - switched from Firefox to librewolf
25.05.2022 - added Simple Windows Hardening
What I'm looking for?

Looking for medium feedback.

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
It's my security config for 2022. In 2021 I used the similar one (without Avast AntiTrack and Simplewall).
To me it seems like you are trying to set your focus mainly on privacy according to all the privacy extensions you are using. The problem is that more privacy extensions do not actually improve, but lower your privacy and security on the web.

Some articles about this topic:
1. How anti-fingerprinting extensions tend to make fingerprinting easier
2. Why you should be careful with browser extensions
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
What addons do you think I ought to remove?
Thats up to you. I personally would remove all extensions that provide some kind of tracking protection (CleanURLs, PrivacyBadger, DuckDuckGo Privacy Essentials and LocalCDN if you have Strict tracking protection enabled in Firefox. Firefox has solid integrated tracking protections that cover quite a lot of tacking mechanisms and uBlock Origin would be a good and simple addition.
Consider setting up one of those modes for uBlock Origin for enhanced security: Blocking mode · gorhill/uBlock Wiki
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14
Thats up to you. I personally would remove all extensions that provide some kind of tracking protection (CleanURLs, PrivacyBadger, DuckDuckGo Privacy Essentials and LocalCDN if you have Strict tracking protection enabled in Firefox. Firefox has solid integrated tracking protections that cover quite a lot of tacking mechanisms and uBlock Origin would be a good and simple addition.
Consider setting up one of those modes for uBlock Origin for enhanced security: Blocking mode · gorhill/uBlock Wiki
Thanks! I've removed Privacy Badger and DDG Privacy Essentials, and medium blocking mode has been enabled in uBo
 
Last edited:

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Thanks! I've removed Privacy Badger and DDG Privacy Essentials, and medium blocking mode has been enabled in uBo
Great! I personally also used LocalCDN for a long time but found out that it is not really needed if you have First Party Isolation (FPI) or Total Cookie Protection / Dynamic First Party Isolation (dFPI) enabled.
Total Cookie Protection or dFPI will automatically be enabled when you choose to set Firefox's Enhanced Tracking Protection to Strict --> Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
If you don't want to do that you can still enable FPI in about:config by setting the value of privacy.firstparty.isolate to true.

Here a Reddit thread about all this:

Hope it's not too confusing. :)
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14
Great! I personally also used LocalCDN for a long time but found out that it is not really needed if you have First Party Isolation (FPI) or Total Cookie Protection / Dynamic First Party Isolation (dFPI) enabled.
Total Cookie Protection or dFPI will automatically be enabled when you choose to set Firefox's Enhanced Tracking Protection to Strict --> Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
If you don't want to do that you can still enable FPI in about:config by setting the value of privacy.firstparty.isolate to true.

Here a Reddit thread about all this:

Hope it's not too confusing. :)

Great! I appreciate your kindness and efforts to make my config better. I've just deleted LocalCDN and set my tracking protection to scrict. Also, I've enabled FPI, but it might be unnecessarily
 

timothytimes

Level 1
Thread author
Aug 1, 2021
14
I agree with @SecureKongo. What do AdGuard Extra do for you? Are you using it as a script built in Tampermonkey?

I'm using 'Legitimate URL Shortener' filter instead of ClearURLs.
I use Adguard Extra script which I added in Tampermonkey. In my opinion, Adguard Extra is a good decision to block YandexDirect (and not only this) advertisements where it won't delete by DNS and uBo filters.
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
I agree with @SecureKongo. What do AdGuard Extra do for you? Are you using it as a script built in Tampermonkey?

I'm using 'Legitimate URL Shortener' filter instead of ClearURLs.
Nice recommendation. The filters "Legitimate URL Shortener" and "AdGuard URL Tracking Protection" in uBlock Origin are basically doing the same as ClearURLs @timothytimes
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793
If you have set the tracking protection to "Strict" you should disable FPI as it can conflict with dFPI.
I use the Custom setting in Firefox. This is what it looks like. So far, no problems--since about 4-5 months. I still get "breakthrough" cookie notices occasionally so the Element Picker comes in handy rather than scrounging around for more lists.


ffcus.PNG
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
I use the Custom setting in Firefox. This is what it looks like. So far, no problems--since about 4-5 months. I still get "breakthrough" cookie notices occasionally so the Element Picker comes in handy rather than scrounging around for more lists.


I am not quite sure about that but I think that setting tracking protection to custom might not trigger the dFPI feature of Firefox. At least they are only stating that "Strict" will enable it on their site: Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
 

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,596
I am not quite sure about that but I think that setting tracking protection to custom might not trigger the dFPI feature of Firefox. At least they are only stating that "Strict" will enable it on their site: Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
I'm not either but I found this on Reddit Who knows what to believe on R when there are no references/documentation.

I believe if you select "Custom", Cookies -> "All 3rd party cookies" and Tracking content -> "In all windows" it is at least as strong if not more so. Website breakage could occur but I've never encountered any while blocking 3rd party cookies.

In the end I think it's 6 of one, 1/2 dozen of the other. FF strict is very good protection with recent developments.
 
Last edited:

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,596

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top