Skip to content

Instantly share code, notes, and snippets.

@Blkzer0

Blkzer0/config.md

Forked from 0xDE57/config.md
Created October 11, 2018 21:50
Show Gist options
  • Save Blkzer0/b327f8c7b55c2aa6530e00c6a4f750f6 to your computer and use it in GitHub Desktop.
Save Blkzer0/b327f8c7b55c2aa6530e00c6a4f750f6 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @0xDE57 0xDE57 revised this gist Jun 4, 2018. 1 changed file with 29 additions and 14 deletions.
    43 changes: 29 additions & 14 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -13,6 +13,7 @@ Note: some keys may not be listed and must be added manually, or they are no lon

    Note: you can check current connections via: about:networking


    # CONTROL & MISC
    ```
    dom.event.contextmenu.enabled = false
    @@ -54,6 +55,7 @@ privacy.trackingprotection.enabled = true
    geo.enabled = false
    geo.wifi.uri = blank
    browser.search.geoip.url = blank
    Disables geolocation and firefox logging geolocation requests.
    @@ -88,8 +90,20 @@ browser.safebrowsing.downloads.remote.url = blank
    Also simply setting safebrowsing.*.enabled to false should make setting the URL's to blank redundant, but better to be safe.
    If you see anything pointing google, probably best to nuke it.
    browser.selfsupport.url = blank
    Calls home to every time firefox is started.
    browser.aboutHomeSnippets.updateUrL = blank
    browser.startup.homepage_override.mstone = ignore
    browser.startup.homepage_override.buildID = blank
    startup.homepage_welcome_url = blank
    startup.homepage_welcome_url.additional = blank
    startup.homepage_override_url = blank
    Can call home to every time firefox is started or home page is visited.
    https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
    http://kb.mozillazine.org/Connections_established_on_startup_-_Firefox
    toolkit.telemetry.cachedClientID = blank
    browser.send_pings = false
    Prevent website tracking clicks.
    @@ -103,21 +117,19 @@ dom.battery.enabled = false
    network.cookie.alwaysAcceptSessionCookies = false
    Disables acceptance of session cookies.
    network.cookie.cookieBehavior = 2
    network.cookie.cookieBehavior
    Disable cookies.
    0 = accept all cookies by default
    1 = only accept from the originating site (block third party cookies)
    2 = block all cookies by default
    network.cookie.lifetimePolicy = 2
    0 = All cookies are allowed. (Default)
    1 = Only cookies from the originating server are allowed. (block third party cookies)
    2 = No cookies are allowed.
    3 = Third-party cookies are allowed only if that site has stored cookies already from a previous visit
    network.cookie.lifetimePolicy
    cookies are deleted at the end of the session
    0 = Accept cookies normally
    1 = Prompt for each cookie
    2 = Accept for current session only
    3 = Accept for N days
    network.http.speculative-parallel-limit = 0
    Disable prefetch link on hover.
    0 = The cookie's lifetime is supplied by the server. (Default)
    1 = The user is prompted for the cookie's lifetime.
    2 = The cookie expires at the end of the session (when the browser closes).
    3 = The cookie lasts for the number of days specified by network.cookie.lifetime.days.
    network.dnsCacheEntries = 100
    Number of cached DNS entries. Lower number = More requests but less data stored.
    @@ -152,6 +164,9 @@ network.prefetch-next = false
    Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited,
    so the browser downloads them immediately so they can be displayed immediately when the user requests it.
    network.http.speculative-parallel-limit = 0
    Disable prefetch link on hover.
    media.peerconnection.enabled = false
    network.websocket.enabled = false
    WebSockets is a technology that makes it possible to open an interactive communication
  2. @0xDE57 0xDE57 revised this gist Jun 4, 2018. 1 changed file with 21 additions and 22 deletions.
    43 changes: 21 additions & 22 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -9,7 +9,7 @@ rendering normally. Some settings may also make firefox unstable.
    Not all these changes are necessary and will be dependent upon your usage and hardware. Do some research on settings if you don't understand what they do. These settings are best combined with your standard privacy extensions
    (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".

    Note: some keys may not be listed and must be added manually, or they are no longer relavent and firefox changes.
    Note: some keys may not be listed and must be added manually, or they are no longer relavent as firefox changes.

    Note: you can check current connections via: about:networking

    @@ -54,34 +54,33 @@ privacy.trackingprotection.enabled = true
    geo.enabled = false
    geo.wifi.uri = blank
    geo.wifi.logging.enabled = false
    Disables geolocation and firefox logging geolocation requests.
    browser.safebrowsing.enabled = false
    browser.safebrowsing.phishing.enabled = false
    browser.safebrowsing.malware.enabled = false
    browser.safebrowsing.downloads.enabled = false
    browser.safebrowsing.provider.google4.dataSharing.enabled
    browser.safebrowsing.provider.google4.updateURL
    browser.safebrowsing.provider.google4.reportURL
    browser.safebrowsing.provider.google4.reportPhishMistakeURL
    browser.safebrowsing.provider.google4.reportMalwareMistakeURL
    browser.safebrowsing.provider.google4.lists
    browser.safebrowsing.provider.google4.gethashURL
    browser.safebrowsing.provider.google4.dataSharingURL
    browser.safebrowsing.provider.google4.dataSharing.enabled
    browser.safebrowsing.provider.google4.advisoryURL
    browser.safebrowsing.provider.google4.advisoryName
    browser.safebrowsing.provider.google.updateURL
    browser.safebrowsing.provider.google.reportURL
    browser.safebrowsing.provider.google.reportPhishMistakeURL
    browser.safebrowsing.provider.google.reportMalwareMistakeURL
    browser.safebrowsing.provider.google.pver
    browser.safebrowsing.provider.google.lists
    browser.safebrowsing.provider.google.gethashURL
    browser.safebrowsing.provider.google.advisoryURL
    browser.safebrowsing.downloads.remote.url
    browser.safebrowsing.provider.google4.dataSharing.enabled = blank
    browser.safebrowsing.provider.google4.updateURL = blank
    browser.safebrowsing.provider.google4.reportURL = blank
    browser.safebrowsing.provider.google4.reportPhishMistakeURL = blank
    browser.safebrowsing.provider.google4.reportMalwareMistakeURL = blank
    browser.safebrowsing.provider.google4.lists = blank
    browser.safebrowsing.provider.google4.gethashURL = blank
    browser.safebrowsing.provider.google4.dataSharingURL = blank
    browser.safebrowsing.provider.google4.dataSharing.enabled = false
    browser.safebrowsing.provider.google4.advisoryURL = blank
    browser.safebrowsing.provider.google4.advisoryName = blank
    browser.safebrowsing.provider.google.updateURL = blank
    browser.safebrowsing.provider.google.reportURL = blank
    browser.safebrowsing.provider.google.reportPhishMistakeURL = blank
    browser.safebrowsing.provider.google.reportMalwareMistakeURL = blank
    browser.safebrowsing.provider.google.pver = blank
    browser.safebrowsing.provider.google.lists = blank
    browser.safebrowsing.provider.google.gethashURL = blank
    browser.safebrowsing.provider.google.advisoryURL = blank
    browser.safebrowsing.downloads.remote.url = blank
    Disable Google Safe Browsing and malware and phishing protection.
    Stop sending links and downloading lists from google.
    Security risk, but privacy improvement.
  3. @0xDE57 0xDE57 revised this gist Jun 4, 2018. 1 changed file with 2 additions and 6 deletions.
    8 changes: 2 additions & 6 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -2,15 +2,11 @@

    about:config settings to harden the Firefox browser. Privacy and performance enhancements.</br>
    To change these settings type 'about:config' in the url bar.
    Then search the setting you would like to change and modify the value.</br>
    Some settings may break certain websites from functioning and
    Then search the setting you would like to change and modify the value. Some settings may break certain websites from functioning and
    rendering normally. Some settings may also make firefox unstable.
    ### I am not liable for any damages/loss of data.

    Not all these changes are necessary and will be dependent upon your usage and hardware.
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions
    Not all these changes are necessary and will be dependent upon your usage and hardware. Do some research on settings if you don't understand what they do. These settings are best combined with your standard privacy extensions
    (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".

    Note: some keys may not be listed and must be added manually, or they are no longer relavent and firefox changes.
  4. @0xDE57 0xDE57 revised this gist Jun 4, 2018. 1 changed file with 44 additions and 21 deletions.
    65 changes: 44 additions & 21 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,18 +1,21 @@
    # ABOUT

    about:config settings to harden the Firefox browser. Privacy and performance enhancments.</br>
    about:config settings to harden the Firefox browser. Privacy and performance enhancements.</br>
    To change these settings type 'about:config' in the url bar.
    Then search the setting you would like to change and modify the value.</br>
    WARNING: Changing these settings may break certian websites from functioning and
    rendering normally. Some settings may also make firefox unstable/crash.
    Some settings may break certain websites from functioning and
    rendering normally. Some settings may also make firefox unstable.
    ### I am not liable for any damages/loss of data.

    Not all these changes are neccesary and will be dependent upon your usage and hardware.
    Not all these changes are necessary and will be dependent upon your usage and hardware.
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions
    (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".

    Note: some keys may not be listed and must be added manually, or they are no longer relavent and firefox changes.

    Note: you can check current connections via: about:networking

    # CONTROL & MISC
    ```
    @@ -58,25 +61,40 @@ geo.wifi.uri = blank
    geo.wifi.logging.enabled = false
    Disables geolocation and firefox logging geolocation requests.
    browser.safebrowsing.enabled = false
    browser.safebrowsing.phishing.enabled = false
    browser.safebrowsing.malware.enabled = false
    browser.safebrowsing.updateURL = blank
    browser.safebrowsing.appRepURL = blank
    browser.safebrowsing.gethashURL = blank
    browser.safebrowsing.reportURL = blank
    browser.safebrowsing.reportPhishURL = blank
    browser.safebrowsing.reportMalwareURL = blank
    browser.safebrowsing.reportMalwareErrorURL = blank
    browser.safebrowsing.reportGenericURL = blank
    browser.safebrowsing.reportErrorURL = blank
    browser.safebrowsing.malware.reportURL = blank
    browser.safebrowsing.id = blank
    browser.safebrowsing.downloads.enabled = false
    browser.safebrowsing.provider.google4.dataSharing.enabled
    browser.safebrowsing.provider.google4.updateURL
    browser.safebrowsing.provider.google4.reportURL
    browser.safebrowsing.provider.google4.reportPhishMistakeURL
    browser.safebrowsing.provider.google4.reportMalwareMistakeURL
    browser.safebrowsing.provider.google4.lists
    browser.safebrowsing.provider.google4.gethashURL
    browser.safebrowsing.provider.google4.dataSharingURL
    browser.safebrowsing.provider.google4.dataSharing.enabled
    browser.safebrowsing.provider.google4.advisoryURL
    browser.safebrowsing.provider.google4.advisoryName
    browser.safebrowsing.provider.google.updateURL
    browser.safebrowsing.provider.google.reportURL
    browser.safebrowsing.provider.google.reportPhishMistakeURL
    browser.safebrowsing.provider.google.reportMalwareMistakeURL
    browser.safebrowsing.provider.google.pver
    browser.safebrowsing.provider.google.lists
    browser.safebrowsing.provider.google.gethashURL
    browser.safebrowsing.provider.google.advisoryURL
    browser.safebrowsing.downloads.remote.url
    Disable Google Safe Browsing and malware and phishing protection.
    Stop sending links and downloading lists from google.
    Security risk, but privacy improvement.
    Note: this list may be incomplete as firefox updates, be sure to search for browser.safebrowsing.provider.google*
    Also simply setting safebrowsing.*.enabled to false should make setting the URL's to blank redundant, but better to be safe.
    If you see anything pointing google, probably best to nuke it.
    browser.selfsupport.url = blank
    Calls home to everytime firefox is started.
    Calls home to every time firefox is started.
    browser.send_pings = false
    Prevent website tracking clicks.
    @@ -116,7 +134,7 @@ places.history.enabled = false
    Disables recording of visited websites.
    browser.formfill.enable = false
    Disables saving of formdata.
    Disables saving of form data.
    browser.cache.disk.enable = false
    Disables caching on hardrive.
    @@ -146,16 +164,21 @@ network.websocket.enabled = false
    loop.enabled = false
    Disable 3rd party closed-source Hello integration.
    Note: only affects older versions of firefox as "Hello" has been discontinued as in favor of webrtc: https://support.mozilla.org/en-US/kb/hello-status
    browser.pocket.enabled = false
    extensions.pocket.enabled = false
    extensions.pocket.site = blank
    extensions.pocket.oAuthConsumerKey = blank
    extensions.pocket.api = blank
    Disable 3rd party closed-source Pocket integration.
    Note, this is browser.pocket.enabled for older versions of firefox
    ```


    # PERFORMANCE
    ```
    layout.frame_rate.precise = true
    Increases animation speed. May elliminate choppy scrolling.
    Increases animation speed. May mitigate choppy scrolling.
    webgl.force-enabled = true
    layers.acceleration.force-enabled = true
    @@ -193,7 +216,7 @@ image.mem.max_decoded_image_kb = xx
    Higher value = improve speed at the expense of increased memory usage.
    javascript.options.mem.max == xx
    Limit ammount of memory javasctipt may consume.
    Limit amount of memory javascript may consume.
    -1 = Automatic
    javascript.options.mem.high_water_mark == xx
    @@ -226,5 +249,5 @@ DisableDeviceFontEnumeration = 1
    </br>
    ___
    </br>
    **I do my best to keep this list up to date. Additions and corrections are grately appreciated.**
    **I do my best to keep this list up to date. Additions and corrections are greatly appreciated.**

  5. @0xDE57 0xDE57 revised this gist Jun 4, 2018. 1 changed file with 3 additions and 8 deletions.
    11 changes: 3 additions & 8 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -21,7 +21,9 @@ dom.event.contextmenu.enabled = false
    or otherwise messing with the context menu.
    dom.event.clipboardevents.enabled = false
    Don't allow websites to prevent copy and paste
    Don't allow websites to prevent copy and paste.
    Disable notifications of copy, paste, or cut functions.
    Stop webpage knowing which part of the page had been selected.
    network.IDN_show_punycode = true
    Show punycode. Help protect from character 'spoofing' eg:
    @@ -81,13 +83,6 @@ browser.send_pings = false
    browser.send_pings.require_same_host = true
    Only send pings if send and receiving host match (same website).
    dom.event.clipboardevents.enabled = false
    Disable notifications of copy, paste, or cut functions.
    Stop web page knowing which part of the page had been selected.
    dom.event.contextmenu.enabled = false
    Disables website control over rightclick context menu.
    dom.battery.enabled = false
    Disable website reading how much battery your mobile device or laptop has.
  6. @0xDE57 0xDE57 revised this gist Jun 4, 2018. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -7,7 +7,7 @@ WARNING: Changing these settings may break certian websites from functioning and
    rendering normally. Some settings may also make firefox unstable/crash.
    ### I am not liable for any damages/loss of data.

    Not all these changes are neccesary and will be dependend upon your usage and hardware.
    Not all these changes are neccesary and will be dependent upon your usage and hardware.
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions
  7. @0xDE57 0xDE57 revised this gist Feb 12, 2018. 1 changed file with 3 additions and 2 deletions.
    5 changes: 3 additions & 2 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -229,6 +229,7 @@ DisableDeviceFontEnumeration = 1
    **Better yet, simply uninstall flash. Flash is garbage...**

    </br>
    ----
    #### I do my best to keep this list up to date. Additions and corrections are grately appreciated.
    ___
    </br>
    **I do my best to keep this list up to date. Additions and corrections are grately appreciated.**

  8. @0xDE57 0xDE57 revised this gist Feb 12, 2018. 1 changed file with 12 additions and 6 deletions.
    18 changes: 12 additions & 6 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,8 +1,8 @@
    # ABOUT

    about:config settings to harden the Firefox browser. Privacy and performance enhancments.
    about:config settings to harden the Firefox browser. Privacy and performance enhancments.</br>
    To change these settings type 'about:config' in the url bar.
    Then search the setting you would like to change and modify the value.
    Then search the setting you would like to change and modify the value.</br>
    WARNING: Changing these settings may break certian websites from functioning and
    rendering normally. Some settings may also make firefox unstable/crash.
    ### I am not liable for any damages/loss of data.
    @@ -69,7 +69,7 @@ browser.safebrowsing.reportGenericURL = blank
    browser.safebrowsing.reportErrorURL = blank
    browser.safebrowsing.malware.reportURL = blank
    browser.safebrowsing.id = blank
    Disable Google Safe Browsing and malware and phishing protection.
    Disable Google Safe Browsing and malware and phishing protection.
    Stop sending links and downloading lists from google.
    Security risk, but privacy improvement.
    @@ -80,7 +80,7 @@ browser.send_pings = false
    Prevent website tracking clicks.
    browser.send_pings.require_same_host = true
    Only send pings if send and receiving host math (same website).
    Only send pings if send and receiving host match (same website).
    dom.event.clipboardevents.enabled = false
    Disable notifications of copy, paste, or cut functions.
    @@ -90,7 +90,7 @@ dom.event.contextmenu.enabled = false
    Disables website control over rightclick context menu.
    dom.battery.enabled = false
    Disable website reading how much battery your mobile device has.
    Disable website reading how much battery your mobile device or laptop has.
    network.cookie.alwaysAcceptSessionCookies = false
    Disables acceptance of session cookies.
    @@ -141,7 +141,8 @@ network.dns.disableIPv6 = true
    network.predictor.enabled = false
    network.dns.disablePrefetch = true
    network.prefetch-next = false
    Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user requests it.
    Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited,
    so the browser downloads them immediately so they can be displayed immediately when the user requests it.
    media.peerconnection.enabled = false
    network.websocket.enabled = false
    @@ -225,4 +226,9 @@ Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
    ```
    **Better yet, simply uninstall flash. Flash is garbage...**

    </br>
    ----
    #### I do my best to keep this list up to date. Additions and corrections are grately appreciated.

  9. @0xDE57 0xDE57 revised this gist Jan 28, 2018. 1 changed file with 5 additions and 2 deletions.
    7 changes: 5 additions & 2 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -14,12 +14,15 @@ These settings are best combined with your standard privacy extensions
    (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".


    # MISC
    # CONTROL & MISC
    ```
    dom.event.clipboardevents.enabled = false
    dom.event.contextmenu.enabled = false
    Don't allow websites to prevent use of right-click,
    or otherwise messing with the context menu.
    dom.event.clipboardevents.enabled = false
    Don't allow websites to prevent copy and paste
    network.IDN_show_punycode = true
    Show punycode. Help protect from character 'spoofing' eg:
    xn--80ak6aa92e.com -> аррӏе.com
  10. @0xDE57 0xDE57 revised this gist Jan 28, 2018. 1 changed file with 5 additions and 1 deletion.
    6 changes: 5 additions & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -16,11 +16,15 @@ These settings are best combined with your standard privacy extensions

    # MISC
    ```
    dom.event.clipboardevents.enabled = false
    Don't allow websites to prevent use of right-click,
    or otherwise messing with the context menu.
    network.IDN_show_punycode = true
    Show punycode. Help protect from character 'spoofing' eg:
    xn--80ak6aa92e.com -> аррӏе.com
    [IDN homograph attacks](https://www.xudongz.com/blog/2017/idn-phishing/)
    ```

    # PRIVACY SETTINGS
  11. @0xDE57 0xDE57 revised this gist Apr 26, 2017. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -11,7 +11,7 @@ Not all these changes are neccesary and will be dependend upon your usage and ha
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions
    (NoScript, uBlock, agent spoofing, etc), your plugins (Flash) set to "Ask To Activate" and Common Sense 2017.
    (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".


    # MISC
  12. @0xDE57 0xDE57 revised this gist Apr 25, 2017. 1 changed file with 8 additions and 7 deletions.
    15 changes: 8 additions & 7 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -201,12 +201,7 @@ javascript.options.mem.high_water_mark == xx
    # Flash Font Enumeration
    This one is not for firefox, but for Flash if you have it installed.
    Font Enumeration allows a site to read which fonts you have installed
    which can be used to identiy users.

    Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
    ```
    which can be used to identify users.

    Default Location:
    ```
    @@ -217,4 +212,10 @@ Linux:
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg
    ```
    ```

    Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
    ```

  13. @0xDE57 0xDE57 revised this gist Apr 25, 2017. 1 changed file with 10 additions and 3 deletions.
    13 changes: 10 additions & 3 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -11,10 +11,17 @@ Not all these changes are neccesary and will be dependend upon your usage and ha
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions
    (NoScript, uBlock, agent spoofing, etc), your plugins (Flash)
    set to "Ask To Activate" and Common Sense 2015.
    (NoScript, uBlock, agent spoofing, etc), your plugins (Flash) set to "Ask To Activate" and Common Sense 2017.


    # MISC
    ```
    network.IDN_show_punycode = true
    Show punycode. Help protect from character 'spoofing' eg:
    xn--80ak6aa92e.com -> аррӏе.com
    [IDN homograph attacks](https://www.xudongz.com/blog/2017/idn-phishing/)
    ```

    # PRIVACY SETTINGS

    @@ -201,7 +208,7 @@ Add this line to the mms.cfg file:
    DisableDeviceFontEnumeration = 1
    ```

    Location:
    Default Location:
    ```
    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
  14. @0xDE57 0xDE57 revised this gist Sep 26, 2015. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -205,7 +205,7 @@ Location:
    ```
    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    C:\Windows\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/mms.cfg
    OSX:
  15. @0xDE57 0xDE57 revised this gist Sep 26, 2015. 1 changed file with 20 additions and 18 deletions.
    38 changes: 20 additions & 18 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -189,23 +189,25 @@ javascript.options.mem.max == xx
    javascript.options.mem.high_water_mark == xx
    Tell garbage collector to start running when javascript is using xx MB of memory.
    Garbage collection releases memory back to the system.
    ```
    ```

    # Flash Font Enumeration
    This one is not for firefox, but for Flash if you have it installed.
    Font Enumeration allows a site to read which fonts you have installed
    which can be used to identiy users.

    This one is not for firefox, but for Flash if you have it installed.
    Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
    ```
    Font Enumeration allows a site to read which fonts you have installed
    which can be used to identiy users.
    ```
    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg
    ```

    Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
    ```

    Location:
    ```
    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg
    ```
  16. @0xDE57 0xDE57 revised this gist Sep 26, 2015. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -192,7 +192,7 @@ javascript.options.mem.high_water_mark == xx
    ```
    # Flash Font Enumeration

    This one is not for firefox, but for Flash is you have it installed.
    This one is not for firefox, but for Flash if you have it installed.
    Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
  17. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -39,7 +39,7 @@ privacy.trackingprotection.enabled = true
    geo.enabled = false
    geo.wifi.uri = blank
    geo.wifi.logging.enabled = false1
    geo.wifi.logging.enabled = false
    Disables geolocation and firefox logging geolocation requests.
    browser.safebrowsing.enabled = false
  18. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 2 additions and 1 deletion.
    3 changes: 2 additions & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -69,7 +69,8 @@ browser.send_pings.require_same_host = true
    Only send pings if send and receiving host math (same website).
    dom.event.clipboardevents.enabled = false
    Disable notifications of copy, paste, or cut functions. Lets web page know which part of the page had been selected.
    Disable notifications of copy, paste, or cut functions.
    Stop web page knowing which part of the page had been selected.
    dom.event.contextmenu.enabled = false
    Disables website control over rightclick context menu.
  19. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 10 additions and 10 deletions.
    20 changes: 10 additions & 10 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,17 +1,17 @@
    # ABOUT

    about:config settings to harden the Firefox browser. Privacy and performance enhancments.
    To change these settings type 'about:config' in the url bar.
    Then search the setting you would like to change and modify the value.
    WARNING: Changing these settings may break certian websites from functioning and
    rendering normally. Some settings may also make firefox unstable/crash.
    ### I am not liable for any damages/loss of data.
    about:config settings to harden the Firefox browser. Privacy and performance enhancments.
    To change these settings type 'about:config' in the url bar.
    Then search the setting you would like to change and modify the value.
    WARNING: Changing these settings may break certian websites from functioning and
    rendering normally. Some settings may also make firefox unstable/crash.
    ### I am not liable for any damages/loss of data.

    Not all these changes are neccesary and will be dependend upon your usage and hardware.
    Do some research on settings if you don't understand what they do.
    Not all these changes are neccesary and will be dependend upon your usage and hardware.
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions
    (NoScript, uBlock, agent spoofing, etc), your plugins (Flash)
    These settings are best combined with your standard privacy extensions
    (NoScript, uBlock, agent spoofing, etc), your plugins (Flash)
    set to "Ask To Activate" and Common Sense 2015.


  20. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 3 additions and 3 deletions.
    6 changes: 3 additions & 3 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -3,9 +3,9 @@
    about:config settings to harden the Firefox browser. Privacy and performance enhancments.
    To change these settings type 'about:config' in the url bar.
    Then search the setting you would like to change and modify the value.
    WARNING: Changing these settings may break certian websites from functioning and rendering normally.
    Some settings may also make firefox unstable/crash. Change settings as desired.
    I am not liable for any damages/loss of data.
    WARNING: Changing these settings may break certian websites from functioning and
    rendering normally. Some settings may also make firefox unstable/crash.
    ### I am not liable for any damages/loss of data.

    Not all these changes are neccesary and will be dependend upon your usage and hardware.
    Do some research on settings if you don't understand what they do.
  21. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 3 additions and 2 deletions.
    5 changes: 3 additions & 2 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -10,8 +10,9 @@
    Not all these changes are neccesary and will be dependend upon your usage and hardware.
    Do some research on settings if you don't understand what they do.

    These settings are best combined with your standard privacy extensions (NoScript, uBlock, agent spoofing, etc),
    your plugins (Flash) set to "Ask To Activate" and Common Sense 2015.
    These settings are best combined with your standard privacy extensions
    (NoScript, uBlock, agent spoofing, etc), your plugins (Flash)
    set to "Ask To Activate" and Common Sense 2015.



  22. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 2 additions and 1 deletion.
    3 changes: 2 additions & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -149,7 +149,8 @@ webgl.force-enabled = true
    layers.acceleration.force-enabled = true
    layers.offmainthreadcomposition.enabled = true
    layers.offmainthreadcomposition.async-animations = true
    layers.async-video.enabled
    layers.async-video.enabled = true
    html5.offmainthread = true
    Enable Hardware Acceleration and Off Main Thread Compositing (OMTC).
    It's likely your browser is already set to use these features.
    May introduce instability on some hardware.
  23. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 2 additions and 1 deletion.
    3 changes: 2 additions & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -154,10 +154,11 @@ layers.async-video.enabled
    It's likely your browser is already set to use these features.
    May introduce instability on some hardware.
    ```

    # MEMORY REDUCTION

    ```
    browser.cache.memory.capacity = xx
    Limit memory cache size. (xx = value in MB)
  24. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 9 additions and 5 deletions.
    14 changes: 9 additions & 5 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -17,7 +17,7 @@

    # PRIVACY SETTINGS


    ```
    plugins.enumerable_names = blank
    Disable site reading installed plugins.
    @@ -137,11 +137,11 @@ loop.enabled = false
    browser.pocket.enabled = false
    Disable 3rd party closed-source Pocket integration.

    ```


    # PERFORMANCE

    ```
    layout.frame_rate.precise = true
    Increases animation speed. May elliminate choppy scrolling.
    @@ -185,19 +185,23 @@ javascript.options.mem.max == xx
    javascript.options.mem.high_water_mark == xx
    Tell garbage collector to start running when javascript is using xx MB of memory.
    Garbage collection releases memory back to the system.

    ```
    # Flash Font Enumeration

    This one is not for firefox, but for Flash is you have it installed.
    Add this line to the mms.cfg file:
    ```
    DisableDeviceFontEnumeration = 1
    ```
    Font Enumeration allows a site to read which fonts you have installed
    which can be used to identiy users.

    ```
    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg
    ```

  25. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 17 additions and 16 deletions.
    33 changes: 17 additions & 16 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -13,21 +13,6 @@
    These settings are best combined with your standard privacy extensions (NoScript, uBlock, agent spoofing, etc),
    your plugins (Flash) set to "Ask To Activate" and Common Sense 2015.


    This one is not for firefox, but for Flash is you have it installed.
    Add this line to the mms.cfg file:
    DisableDeviceFontEnumeration = 1
    Font Enumeration allows a site to read which fonts you have installed
    which can be used to identiy users.

    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg



    # PRIVACY SETTINGS
    @@ -199,4 +184,20 @@ javascript.options.mem.max == xx

    javascript.options.mem.high_water_mark == xx
    Tell garbage collector to start running when javascript is using xx MB of memory.
    Garbage collection releases memory back to the system.
    Garbage collection releases memory back to the system.

    # Flash Font Enumeration
    This one is not for firefox, but for Flash is you have it installed.
    Add this line to the mms.cfg file:
    DisableDeviceFontEnumeration = 1
    Font Enumeration allows a site to read which fonts you have installed
    which can be used to identiy users.

    Windows:
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg

  26. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -24,7 +24,7 @@
    C:\Windows\SysWOW64\Macromed\Flash\mms.cfg
    C:\WINDOWS\system32\Macromed\Flash\mms.cfg
    Linux:
    /etc/adobe/
    /etc/adobe/mms.cfg
    OSX:
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg

  27. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 6 additions and 12 deletions.
    18 changes: 6 additions & 12 deletions config.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,6 +1,4 @@
    ------------------------------
    -------------ABOUT------------
    ------------------------------
    # ABOUT

    about:config settings to harden the Firefox browser. Privacy and performance enhancments.
    To change these settings type 'about:config' in the url bar.
    @@ -31,9 +29,9 @@
    ~/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System/mms.cfg


    ------------------------------
    -------PRIVACY SETTINGS-------
    ------------------------------

    # PRIVACY SETTINGS


    plugins.enumerable_names = blank
    Disable site reading installed plugins.
    @@ -157,9 +155,7 @@ browser.pocket.enabled = false



    ------------------------------
    ---------PERFORMANCE----------
    ------------------------------
    # PERFORMANCE

    layout.frame_rate.precise = true
    Increases animation speed. May elliminate choppy scrolling.
    @@ -175,9 +171,7 @@ layers.async-video.enabled



    ------------------------------
    -------MEMORY REDUCTION-------
    ------------------------------
    # MEMORY REDUCTION

    browser.cache.memory.capacity = xx
    Limit memory cache size. (xx = value in MB)
  28. @0xDE57 0xDE57 renamed this gist Sep 25, 2015. 1 changed file with 0 additions and 0 deletions.
    0 config.txt → config.md
    View file
    File renamed without changes.
  29. @0xDE57 0xDE57 revised this gist Sep 25, 2015. 1 changed file with 9 additions and 7 deletions.
    16 changes: 9 additions & 7 deletions config.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -74,7 +74,10 @@ browser.safebrowsing.id = blank
    Disable Google Safe Browsing and malware and phishing protection.
    Stop sending links and downloading lists from google.
    Security risk, but privacy improvement.


    browser.selfsupport.url = blank
    Calls home to everytime firefox is started.

    browser.send_pings = false
    Prevent website tracking clicks.

    @@ -135,14 +138,13 @@ browser.cache.offline.enable = false

    network.dns.disableIPv6 = true
    If your OS or ISP does not support IPv6, there is no reason to have this preference set to false.

    network.dns.disablePrefetch = true
    If this setting does not show up, you can add it manually and
    set it as a new boolean preference and set the value to true.


    network.predictor.enabled = false
    network.dns.disablePrefetch = true
    network.prefetch-next = false
    Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user requests it.


    media.peerconnection.enabled = false
    network.websocket.enabled = false
    WebSockets is a technology that makes it possible to open an interactive communication
    session between the user's browser and a server. (May leak IP when using proxy/VPN)
  30. @0xDE57 0xDE57 revised this gist Sep 24, 2015. 1 changed file with 5 additions and 2 deletions.
    7 changes: 5 additions & 2 deletions config.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -86,6 +86,9 @@ dom.event.clipboardevents.enabled = false

    dom.event.contextmenu.enabled = false
    Disables website control over rightclick context menu.

    dom.battery.enabled = false
    Disable website reading how much battery your mobile device has.

    network.cookie.alwaysAcceptSessionCookies = false
    Disables acceptance of session cookies.
    @@ -141,8 +144,8 @@ network.prefetch-next = false
    Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user requests it.

    network.websocket.enabled = false
    WebSockets is a technology that makes it possible to open an
    interactive communication session between the user's browser and a server.
    WebSockets is a technology that makes it possible to open an interactive communication
    session between the user's browser and a server. (May leak IP when using proxy/VPN)

    loop.enabled = false
    Disable 3rd party closed-source Hello integration.