Privacy-Fighter: A Browser Setup For Increased Privacy And Security
Project description
Privacy-Fighter
Easy to setup, fully transparent, online privacy protection browser setup. A collection of browser configurations and extensions to help you fight for your online privacy.
The deeper you dig, more you find that we're loosing privacy from corporations. You might even start to believe that there's nothing you can do about it. You can!. With the right information, tools and dedication, you can do a lot to protect your privacy and stand up for your basic human right. There are brilliant, hard working people who spend countless hours to make these privacy protecting tools. This project is a collection and setup of the best privacy protecting browser tools that exist today. (if you have any suggestions, please create a github 'issue')
Table of Contents
- Project Goals
- Why Firefox?
- Disclaimer
- Installed/Configured Tools and Their Benefits
- Security Improvements
- Installation
- Post Installation
- Known Inconveniences
- Troubleshooting
1.0 Project Goals
The goals of this project are following:
- To create the best privacy protecting browser setup for average internet users, that doesn't break much functionality and doesn't require much user intervention. "The best" is highly subjective, it is a battle between, functionality vs privacy, for better privacy we have to disable/work around many functionalities. The project aims for a sweet spot to minimise breakage of sites while retaining good privacy level.
- The project aims to protect users from hidden background tracking mechanisms and the "filter bubbles" that most don't even know exist. While using this setup every new tab is a completely new session. If you don't log in on a website you should see the results without any personalization thus escaping the filter bubbles. (Note: It can't protect your identity or privacy when you use a service (e.g Youtube/Facebook) while you are logged in.)
- Everyone is uniquely identifiable on the web, even if you use privacy protecting extensions/configurations. (see section: []). The project aims to create a single configuration set that minimises entropy (uniquely identifiable information). When same setup is used by many, it would make our digital fingerprints less unique. This is the only way to effectively combat fingerprinting.
- To Create a simple Installation method that takes just a few minutes to setup and requires minimal intervention. So that average internet user can install and benefit from it. (something that took me dozens of hours research, tinkering with configs/tools)
- The goal is not to blindly gather extensions (addons) or disable as many browser functionalities (using Firefox preferences) as possible. Neither it is to spoof as many browser values as possible, as doing that in some cases (user agent, OS, screen size) increases entropy (uniquely identifiable information). In this project I aim to research about, evaluate, test configuration sets and compatibility among the extensions and configurations that can help protect our privacy while browsing the web. Suggestions, corrections from all are welcome.
2.0 Why Firefox?
Requirement: Latest stable version of Firefox: 67
If you are using Chrome (even Chromium) or Edge with default settings, not only they don't provide any privacy protection from third parties on the web. These browsers themselves collect detailed stats about your online behaviour, including every single webpage you have ever visited, every single search query you have ever made. The predominant browser Chrome tracks every webpage visit and periodically sends user location coordinates to Google. It also collects personal information(e.g. when a user completes online forms) and sends it to Google as part of the data synchronisation process. c page 5, Google Data Collection Paper When you are logged into Chrome, all your browsing activity is without question linked to you. Even if you haven't logged in Chrome, Google still knows who you are with an extremely high precision.
Firefox on the other hand is developed by the non profit organisation Mozilla. It is the only viable fully open source competitor of Chrome (by Google). Mozilla being a non profit organisation has a fundamentally different business model than Google, which is a company built on profiling users and monetising that information.
3.0 Disclaimer
This project is a collection of configurations to setup firefox' preferences and to setup and install third party extensions/addons. These extensions have been carefully chosen. They are downloaded straight from the "Firefox Add-ons store". Each addon is fully open source and anyone can view the code. Each of the addon's developer has high reputation and multi thousand downloads in the addons store. Because these addons are not developed by me, use them at your own risk.
4.0 Installed/Configured Tools and Their Benefits
This script installs and configures the following tools. A huge thanks to all the brilliant people behind these tools that have spent so much time and energy into making the world a better place.
-
Mozilla Firefox: Nothing like this would be possible without Firefox. "Firefox Containers" (Heavily utilised in this setup) is Mozilla's revolutionary approach to isolate online identities by containing cookies and local storage in multiple separate containers, allowing us to use the web with multiple identities or accounts simultaneously.
-
ghacks-user.js is used to modify more than a hundred Firefox preferences in order to improve privacy protection and reduce fingerprintablity. A notable preference being "privacy.resistFingerprinting", from the Tor Uplift project, which is bringing Tor's fingerprint resisting techniques into Firefox.
Configuration: To minimise breakage, a custom user-overrides.js is used to relax the non critical preferences
-
Canvas Blocker: Aims to prevent websites from using the some Javascript APIs to fingerprint users. resistFingerprinting takes preference to this, CanvasBlocker works as fallback for canvas fingerprinting. It also protects form fingerprinting the following APIs (by faking the values): canvas 2d, webGL, audio, history, DOMRect [https://github.com/kkapsner/CanvasBlocker]
Configuration: disabled
Misc > Block data URL pages
-
uBlock Origin: An efficient "wide-spectrum blocker", it blocks, ads, trackers and malware sites. [https://github.com/gorhill/uBlock]
Configuration: Enabled "Fanboy's Cookie List" and "AdGuard Spyware filter". Expanded "requests blocked" pane.
-
Cookie AutoDelete: When a tab closes, it automatically deletes any cookies that not being used. This prevents tracking by cookies, which is the primary method of tracking users. [https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/]
Configuration: Cookies are set to be deleted automatically after tab close. Enabled Support for Container Tabs
-
Temporary containers: Temporary Containers takes "Firefox Containers" to whole new level by making every new tab a different container. you may have heard of the advise to use multiple browsers[]. This pretty much makes every new tab a different, isolated (cookies, localstorage) browser, which gets deleted after it is closed. Eliminates long term tracking done using, cookies, storage caches, Etags.[https://github.com/stoically/temporary-containers]
Configuration: Automatic mode enabled (every new tab becomes a new isolated container). Containers colour is set to purple. Middle mouse click opens links in new isolated containers.
-
decentraleyes: Protects you against tracking through "free", centralized, Content Delivery Networks, by locally storing libraries instead of fetching them from the tracking CDNs.
-
clear_urls: Protects your privacy by removing the tracking fields in URLs.[https://gitlab.com/KevinRoebert/ClearUrls/]
-
Terms of Service; Didn't Read: Provides rating and extracts key points of the lengthy Terms and Conditions no one reads.[https://tosdr.org/]
5.0 Security Improvements
Online ad networks are known to spread malware (malicious software: viruses, etc) [https://en.wikipedia.org/w/index.php?title=Ad_blocking§ion=5#Security]. Effective Adblocking alone is a huge security improvement. There are other security benefits of this setup. HttpsEveryware: for example ensures secure connections to well known websites. Leaving no persistent cache/cookies and making every new tab an isolated container, protects against several attack vectors.
6.0 Installation
The installation procedure.
- If you don't have Firefox installed, Fist download and install Firefox.
Advance Options (For advance users only) If you have Firefox installed and wish to setup PF in another profile. You can create a new profile. Provide this name during the installation process.
- Open Firefox, visit link
about:profiles
. ClickCreate New Profile
, name italternative
. This profile will be used as an alternative to the main (much more secure and private) profile.
6.1 Further Installation Steps on Windows
- Close Firefox then download and run Privacy Fighter.exe.
- Now visit section "Post Installation".
6.2 Further Installation Steps on GNU/Linux or MacOS
- If you have python3 with pip, The best option is to install it using pip.
python3 -m pip install --user privacyfighter --upgrade
- Close Firefox then run
privacyfighter -m -a
or~/.local/bin/privacyfighter -m -a
Alternatively - Run while providing a specific profile name (by default the
default
firefox profile will be modified)~/.local/bin/privacyfighter -m -a -p your-new-profile-name
7.0 Post Installation
- After installation is done, open Firefox then "addons" (Ctr+Shift+A) and enable and allow all of them in private windows.
- Open a new tab > Clink on Import Now to import your bookmarks and history from an existing browser.
- I recommend changing the default search engine from Google to DuckDuckGo or Startpage. (Menu > Preferences > Search > Default Search Engine > DuckDuckGo)
- Remember Middle Mouse Click opens link in a new isolated container, get in the habit of using it. If you need to open a page in new tab that requires to you stay logged in. Use (right click > "Open in new tmp(number) Tab" instead.
8.0 Known Inconveniences
"I never said it would be easy". ok I said the installation is easy.
- Firefox's internal window is smaller than usual. This is due to "privacy.resistFingerprinting" (RPF) protecting screen size (with letterboxing) in very clever way. It provides protections against screen size fingerprinting.
- You would have to fill google reCAPTCHA multiple times to confirm you are not robot. Have you noticed that these days you only have to check the reCAPTCHA box (reCAPTCHA v2) and don't need to fill any reCAPTCHA. And now v3 doesn't need any user interaction at all and you don't even know it's there. This works because Google already knows exactly who you are (on an average browser setup). Google reCAPTCHA has become harsh to privacy aware users, you will have to fill it multiple times (3-8 times) and image squares will load very slowly. Google is abusing it's powerful position to deter users from using privacy protections source discussion. I guess their approach is working when people start believing the problem is with the protection (privacy.resistFingerprinting) and the solution is to not use it source.
- The reported time zone is set to UTC by RPF. All webapps (e.g your email site) would report UTC time.
These are the prices we have to pay, if we choose to fight for our privacy.
9.0 Troubleshooting
Breakage on some pages may (hopefully very rarely) happen. You can just open the sites that break in the 'alternative' Firefox profile. That profile is setup to get around any site issues without needing any other browser.
To open it, visit link about:profiles
in Firefox. Under Profile: alternative
, click Launch Profile In New Browser
Or you can try troubleshooting the issue.
The steps to troubleshooting are
- Disable UblockOrigin on that particular site (by clicking on it's icon then the blue power button) then reload the website and try again.
- Temporarily disable ClearUrls (in Addons, Ctr+Shif+A) then reload the website and try again.
- Please report any breakage bugs by filing an issue.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.