From eaaecd128c4d646e54027712eb325e3a7d488504 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Thu, 11 May 2017 17:13:23 +1200 Subject: [PATCH] SB prefs=>inactive i.e js will NOT disable SB #103 Exceptions: real time binary checks not in local lists are still blocked. Reporting URLs still blocked. --- user.js | 57 +++++++++++++++++++++++++-------------------------------- 1 file changed, 25 insertions(+), 32 deletions(-) diff --git a/user.js b/user.js index f2369d5..4fac129 100644 --- a/user.js +++ b/user.js @@ -21,8 +21,6 @@ * IF YOU USE SECTION 0400, YOU MUST HAVE uBLOCK ORIGIN INSTALLED 3. If you skipped steps 1 and 2 above (shame on you), then here is the absolute minimum - * The settings below will turn off Tracking Protection, Safe Browsing and Auto Updates - You need to read, understand, and decide about these. Don't leave yourself less secure * Some user data is erased (section 2800), namely history (browsing, form, download) * Site breakage WILL happen - There are often trade-offs and conflicts between Security vs Privacy vs Anti-Fingerprinting @@ -216,21 +214,15 @@ user_pref("social.enabled", false); // (hidden pref) * [2] http://www.ghacks.net/2016/07/26/firefox-flyweb/ ***/ user_pref("dom.flyweb.enabled", false); -/*** 0400: QUIET FOX [PART 2] [WARNING] [SETUP] - This section has security & tracking protection implications vs privacy concerns vs effectiveness. - These settings, WITH EXTENSIONS, are geared up to make Firefox "quiet", private and effective. - We DO NOT advocate no protection, SECTION 0400 REQUIRES YOU HAVE uBLOCK ORIGIN INSTALLED. +/*** 0400: QUIET FOX [PART 2] [WARNING] + This section has security & tracking protection implications vs privacy concerns vs effectiveness + vs 3rd party 'censorship'. We DO NOT advocate no protection. If you disable Tracking Protection (TP) + and/or Safe Browsing (SB), then SECTION 0400 REQUIRES YOU HAVE uBLOCK ORIGIN INSTALLED. - This entire section is rather contentious. Safebrowsing (SB) is designed to protect - users from malicious sites. Tracking protection (TP) is designed to lessen the impact of third - parties on websites to reduce tracking and to speed up your browsing experience. These are - both very good features provided by Mozilla. They do rely on third parties: Google for - safebrowsing and Disconnect for tracking protection (someone has to provide the information). - Additionally, SSL Error Reporting helps makes the internet more secure for everyone. - - If you do not understand the ramifications of disabling SB and TP, then it is advised that - you enable them by commenting out the preferences and saving the changes, and then in - about:config find each entry and right-click and reset the preference's value. + Safe Browsing is designed to protect users from malicious sites. Tracking Protection is designed to + lessen the impact of third parties on websites to reduce tracking and to speed up your browsing. They + do rely on 3rd parties: Google for safe browsing and Disconnect for tracking protection. but many steps, + continually being improved, have been taken to preserve privacy. Disable at your own risk. ***/ user_pref("ghacks_user.js.parrot", "0400 syntax error: the parrot's passed on!"); /* 0401: DON'T disable extension blocklist, but sanitize blocklist url @@ -252,9 +244,10 @@ user_pref("services.blocklist.plugins.collection", "plugins"); // if you have no user_pref("services.blocklist.gfx.collection", "gfx"); // if gfx hw acceleration is disabled /* 0410: disable Safe Browsing (SB) * This sub-section has been redesigned to differentiate between "real-time"/"user initiated" - * data being sent to Google from all other settings such as using local blocklists/whitelists - * and updating those lists. There SHOULD be NO privacy issues here. Even *IF* an URL was sent - * to Google, they swear it is anonymized and only used to flag malicious sites/activity. Firefox + * data being sent to Google from all other settings such as using local blocklists/whitelists and + * updating those lists. There are NO privacy issues here. *IF* required, a full url is never sent + * to Google, only PART-hash of the prefix, and this is hidden in the noise of other real PART-hashes. + * Google also swear it is anonymized and only used to flag malicious sites/activity. Firefox * also takes measures such as striping out identifying parameters and storing safe browsing * cookies in a separate jar. (#Turn on browser.safebrowsing.debug to monitor this activity) * To use safebrowsing but not "leak" binary download info to Google, only use 0410e and 0410f @@ -263,26 +256,26 @@ user_pref("services.blocklist.gfx.collection", "gfx"); // if gfx hw acceleration /* 0410a: disable "Block dangerous and deceptive content" (under Options>Security) * Until FF48 this was titled "Block reported web forgeries" * It covers deceptive sites such as phishing and social engineering ***/ -user_pref("browser.safebrowsing.malware.enabled", false); -user_pref("browser.safebrowsing.phishing.enabled", false); // (FF50+) + // user_pref("browser.safebrowsing.malware.enabled", false); + // user_pref("browser.safebrowsing.phishing.enabled", false); // (FF50+) /* 0410b: disable "Block dangerous downloads" (under Options>Security) * Until FF48 this was titled "Block reported attack sites" * It covers malware and PUPs (potentially unwanted programs) ***/ -user_pref("browser.safebrowsing.downloads.enabled", false); + // user_pref("browser.safebrowsing.downloads.enabled", false); /* 0410b: disable "Warn me about unwanted and uncommon software" (under Options>Security) (FF48+) ***/ -user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); -user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); -user_pref("browser.safebrowsing.downloads.remote.block_dangerous", false); // (FF49+) -user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); // (FF49+) + // user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); + // user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); + // user_pref("browser.safebrowsing.downloads.remote.block_dangerous", false); // (FF49+) + // user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); // (FF49+) /* 0410c: disable Google safebrowsing downloads, updates ***/ -user_pref("browser.safebrowsing.provider.google.updateURL", ""); // update google lists -user_pref("browser.safebrowsing.provider.google.gethashURL", ""); // list hash check -user_pref("browser.safebrowsing.provider.google4.updateURL", ""); // (FF50+) -user_pref("browser.safebrowsing.provider.google4.gethashURL", ""); // (FF50+) + // user_pref("browser.safebrowsing.provider.google.updateURL", ""); // update google lists + // user_pref("browser.safebrowsing.provider.google.gethashURL", ""); // list hash check + // user_pref("browser.safebrowsing.provider.google4.updateURL", ""); // (FF50+) + // user_pref("browser.safebrowsing.provider.google4.gethashURL", ""); // (FF50+) /* 0410d: disable Mozilla safebrowsing downloads, updates * [NOTE] These two prefs are also used for Tracking Protection (see 0420) ***/ -user_pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); // resolves hash conflicts -user_pref("browser.safebrowsing.provider.mozilla.updateURL", ""); // update FF lists + // user_pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); // resolves hash conflicts + // user_pref("browser.safebrowsing.provider.mozilla.updateURL", ""); // update FF lists /* 0410e: disable binaries NOT in local lists being checked by Google (real-time checking) ***/ user_pref("browser.safebrowsing.downloads.remote.enabled", false); user_pref("browser.safebrowsing.downloads.remote.url", "");