HarborFront

Level 52
Verified
Content Creator
uBlock Origin
CanvasBlocker
Cookie Auto Delete
Clear Url's
Can they prevent

- browser fingerprinting e.g. mouse wheel/speed etc Also, cross-browser fingerprinting for hardware e.g. screen resolution/GPU/CPU/RAM/audio context, ultrasound cross-device tracking (uXDT) XXX
- social widgets
- microphone hijack
- unwanted cookies [e.g. cookieless cookie (aka Etags, supercookies, evercookies, zombie cookie), super HSTS cookies, HTTPS cookie etc]
- clickbait links
- clickjacking
- browser hijackers
- browser lockers
- PUPs, toolbars
- CSS (Cascading Style Sheets)
- CDNs (Content Delivery Networks)
- redirects
- clear history on exit
- spoofing/randomizing user agent/ timezone
- ultrasonic tracking
- browser-based rootkits and browser-based botnets XXX
- DNS rebinding attacks
- JavaScript-based side-channel attacks against leaks from CPU/RAM XXX
- unwanted fonts

Based on count your 4 addons account for 13/32 items that can be cleared off the list I posted. FF accounts for some as well eg WebGL. And for fingerprints there are more of what CanvasBlocker can prevent like those from Trace and ScriptSafe

Some of the above (with XXX) I still have not found way(s) to prevent with FF. The others require additional extensions which may not justify using them and other compatibility issues
 
Last edited:
You are asking too much for a system with windows installed that is connected to the internet, is your system holding top secret documents?

You are more likely to get hit by a bus than a "JavaScript-based side-channel attacks against leaks from CPU/RAM ". Those exploits are only used very very rarely by nation states against foreign government systems. There are easier ways to exploit systems that's why those attacks are theoretical and not really practical. Why hack a cpu or flip some bits in ram when you can hack the router and control where the packets go. Personally I wouldn't worry about the more exotic attacks and if you need to worry about those attacks I would probably stop using electronics all together and go live in a mud hut in the middle of Africa.
 

HarborFront

Level 52
Verified
Content Creator
You are asking too much for a system with windows installed that is connected to the internet, is your system holding top secret documents?

You are more likely to get hit by a bus than a "JavaScript-based side-channel attacks against leaks from CPU/RAM ". Those exploits are only used very very rarely by nation states against foreign government systems. There are easier ways to exploit systems that's why those attacks are theoretical and not really practical. Why hack a cpu or flip some bits in ram when you can hack the router and control where the packets go. Personally I wouldn't worry about the more exotic attacks and if you need to worry about those attacks I would probably stop using electronics all together and go live in a mud hut in the middle of Africa.
Well you have your needs and I have mine
 

Gangelo

Level 3
Verified
I really mean no offence here but I also think you are overthinking it.
Trying to protect yourself from all possible attack vendors with that many security solutions without breaking your system is a lost cause.
If you believe that you need to be protected to that extend perhaps you should consider a non-Windows OS, preferably Linux.

Having said that, I would only use KIS, Adguard Premium (or Ublock origin addon), perhaps SysHardener, a Password Manager and a VPN.
 

Andy Ful

Level 58
Verified
Trusted
Content Creator
Well you have your needs and I have mine
I know that is hard to go back from the way of installing many web browser extensions. But, if you think that Firefox requires so many extensions, then maybe it is time to change it to something like Brave? You have to also decide what is more important for you: convenience, security or privacy. Installing many extensions decreases your security, for sure.

For now, you act like a man who decided to travel from the Far East to South Africa by car, because he does not like planes. Then he has to take a lot of vaccines to avoid all tropical diseases. This can have some unexpected consequences. The better plan would be flying by plane anyway, and take only some essential vaccines. :)(y)

Edit.
Did you compare the chances of hacking your Internet provider to the chances of using your privacy traces?
 
Last edited:

HarborFront

Level 52
Verified
Content Creator
I know that is hard to go back from the way of installing many web browser extensions. But, if you think that Firefox requires so many extensions, then maybe it is time to change it to something like Brave? You have to also decide what is more important for you: convenience, security or privacy. Installing many extensions decreases your security, for sure.

For now, you act like a man who decided to travel from the Far East to South Africa by car, because he does not like planes. Then he has to take a lot of vaccines to avoid all tropical diseases. This can have some unexpected consequences. The better plan would be flying by plane anyway, and take only some essential vaccines. :)(y)
The topic of discussion has deviated a bit to hardening of the browser. I don't mind since I started the thread.

Hardening FF includes setting the flags for security and privacy and the use of extensions. Of course the most paranoid approach is to use the user.js file

FI, I disabled FF's Enhanced Protection feature and uses extensions to cover them which I believe gives better privacy and protection.. Brave's privacy is great provided one uses its default settings. The question is how many users will do that and without adding extensions? If I'll to use Brave (which I might try in my VM later) I'll still disable its default protections and use extensions to cover them, if possible.
 

HarborFront

Level 52
Verified
Content Creator
... which is only belief. Who convinced you that it is a true fact?
I'm not a malware tester so can't verify whether FF's Enhanced Protection is stronger or using extensions with filters say in the testing of malware/scam/phishing/ransomware/crypto/fingerprint etc. If you are really interested you can make a request and I believe some people will carry out the comparison test.

As for privacy disabling a FF feature with its associated flags means less chance of FF sending its telemetry info back which I like too

This is my system and my set up and so far it pose no serious issues whatsoever.
 
Last edited:

Andy Ful

Level 58
Verified
Trusted
Content Creator
...
This is my system and my set up and so far it pose no serious issues whatsoever.
In my opinion, your web browser config is not bad, but not optimal. You can use it if you have to.
There is no proof that using many extensions is better or worse. Just consider from time to time if your beliefs about security are supported by facts and not by fear. For now, you believe that a web browser with many extensions is like a great sea with many battleships. That is not supported by tests & facts. There are some reasons to believe that this picture can be not real, and in fact, you have a small kitchen with several cooks. The more cooks, the more chances for security accidents. The situation is kinda similar to using Windows with many security solutions.
Be safe.:)(y)
 

HarborFront

Level 52
Verified
Content Creator
Updated my FF extensions

uBO with filters in Hard Mode
ABP
BTL
CanvasBlocker
ClearURLs
Cookie AutoDelete
I don't care About Cookies
CSS Exfil Protection
Decentraleyes
ETag Stopper
IDN Safe
Keyboard Privacy
Privacy-Oriented Origin Policy
Smart HTTPS
StoragErazor
ScriptSafe
Trace
User-Agent Switcher and Manager
Anti-Adblock Blocker
Skip Redirect
Multi-Accounts Container
Temporary Containers

Edit

Removed History AutoDelete. Added Multi-Account Containers and Temporary Containers
 
Last edited:

SeriousHoax

Level 27
Verified
Malware Tester
Updated my FF extensions

uBO with filters in Hard Mode
ABP
BTL
CanvasBlocker
ClearURLs
Cookie AutoDelete
I don't care About Cookies
CSS Exfil Protection
Decentraleyes
ETag Stopper
IDN Safe
Keyboard Privacy
Privacy-Oriented Origin Policy
Smart HTTPS
StoragErazor
ScriptSafe
Trace
User-Agent Switcher and Manager
Anti-Adblock Blocker
Skip Redirect
Multi-Accounts Container
Temporary Containers

Edit

Removed History AutoDelete. Added Multi-Account Containers and Temporary Containers
Let me suggest some things for you.
Why do you have "ABP" when you already have "uBlock Origin!" ABP is redundant here.
You don't need "Skip redirect" when you have "ClearUrls". It does the same and more.
You can get rid of "I don't care about cookies" by subscribing to the filter list with the same name.
"Privacy-Oriented Origin Policy" can be get rid off by modifying some about:config values.
I also think you don't need "StoragErazor" because "Cookie AutoDelete" has this feature.
"ScriptSafe" also seems unnecessary while you're using "uBlock Origin in Hard mode".
"Anti-Adblock Blocker" is not necessary if you use Nano Defender following this guide: Nano Defender
"Trace" is not necessary for Firefox when you have "Canvas Blocker" and other things that it does can be done by modifying about:config.
 
Top