1
0
Commit Graph

1944 Commits

Author SHA1 Message Date
Thorin-Oakenpants
b177c73f0d
typo
technically it's "or" - FPI overrides network partitioning
2021-08-23 09:47:34 +00:00
Thorin-Oakenpants
613e55ae8c
7000s: add MOAR; renumber 0700s, #1235 2021-08-23 09:42:21 +00:00
Thorin-Oakenpants
3697bd8d3a
1603 -> inactive
Yes it's pretty much useless. Yes it's fingerprintable, and what that entropy is, who knows. Since it's sent regardless with ETP, which we enable in all windows, then who cares. And if you don't use ETP in all windows, then I don't care either - just saying
2021-08-23 06:26:45 +00:00
Thorin-Oakenpants
9f08c7c0f4
7000s: referer policy #1235
and re-number 1600s
2021-08-23 06:04:19 +00:00
Thorin-Oakenpants
05b7d61735
7000s: non cross origin referers 2021-08-23 04:54:49 +00:00
Thorin-Oakenpants
e31a6876e6
section 6000 2021-08-23 04:40:29 +00:00
Thorin-Oakenpants
47be7ba42f
1203 is a reset not enforce 2021-08-23 04:08:49 +00:00
Thorin-Oakenpants
033977fe10
move personal to last
probably more professional to keep it at the end since it isn't strictly project related. It also opens up space for `DON'T TOUCH` and `OPTIONAL OPSEC`
2021-08-23 03:39:15 +00:00
Thorin-Oakenpants
ab42deb541
Four more items to 7000s, #1235 2021-08-23 02:55:36 +00:00
icpantsparti
8a22a90804
colon insertion (#1238) 2021-08-22 16:23:51 +00:00
Thorin-Oakenpants
c55e6dcd68
flip order, order within groups
- note: keeping 91 separate for now for the easy info factpr
2021-08-22 08:27:15 +00:00
Thorin-Oakenpants
cf379bcce0
typos 2021-08-22 05:45:08 +00:00
Thorin-Oakenpants
2b26cd4f41
7000s: ciphers, #1235
- merged 3DES cipher to bottom: it is still the same order of [1]
- 3DES pref will be deprecated: pref name changes, and the cipher slated to be unavailable unless you downgrade to < TLS1.2 - see https://bugzilla.mozilla.org/show_bug.cgi?id=1724072
   - FYI: we reset TLS downgrades to session only by resetting the pref currently in 1203
- "Minimal/non-existent threat of downgrade attacks"
   - FYI: these old ciphers are about 1-2% of traffic (from memory) - but that's still significant breakage
   - So the only reason to do this would be to harden against downgrade attacks (and inadvertently use weak sites = breakage): but that doesn't fit most user's threat model: and is probably never going to happen for them. Not sure if I can word that much better and just as succinct
2021-08-22 05:18:54 +00:00
Thorin-Oakenpants
8bfee5b59f
hardware acceleration
see 04d648d55b
2021-08-22 01:55:28 +00:00
Thorin-Oakenpants
04d648d55b
remove 2508
- inactive in user.js since
   - v55: gfx.direct2d.disabled
   - v67: layers.acceleration.disabled
- the way to counter hardware fingerprinting is within each API that may expose it
- this may have made some sense way back in the day, when there were less options/protections, but not any more
- [are we web render yet](https://arewewebrenderyet.com/) - yes, 100% - there is no need to cripple your browser's perf
2021-08-22 01:53:01 +00:00
Thorin-Oakenpants
7cdc76ecf9
dom.vibrator.enabled
see aded0707a4
2021-08-21 04:40:11 +00:00
Thorin-Oakenpants
aded0707a4
misc
- renumber 0200s, 2500s
- remove 2414: doesn't apply to desktop, and I think it has been neutered in android
2021-08-21 04:39:08 +00:00
Thorin-Oakenpants
2a011f1053
media.media-capabilities.enabled
see 213467d91b
2021-08-21 03:23:17 +00:00
Thorin-Oakenpants
213467d91b
remove 2517
- inactive since we added it in v63
- this is not how you defeat fingerprinting (unless done in an enforced set)
- for the record: not even tor browser disable this
- fingerprinting this is not cheap in gecko (for now)
- from [2]
   - decoding/encoding capabilities: "it is expected that the entropy ... isn’t going to be significant"
   - HDR detection: "... has the potential to add significant entropy .. however .. but ... thus minimizing effective entropy" - it is what it is
   - note that RFP has some mitigations in FF82+ 1461454
2021-08-21 03:21:32 +00:00
Thorin-Oakenpants
da0c291127
update to ESR91 2021-08-21 02:26:17 +00:00
Thorin-Oakenpants
27ce48f319
trim fluff 2021-08-21 02:00:43 +00:00
Thorin-Oakenpants
37ded2a519
remove redundant warning 2021-08-20 14:10:09 +00:00
Thorin-Oakenpants
c9bdceb8d6
1244: fix no upgrade test 2021-08-20 13:23:59 +00:00
Thorin-Oakenpants
95136382e1
improve 1244, closes #1047 again 2021-08-20 13:18:43 +00:00
Thorin-Oakenpants
78d953bfda
remove 1032
dead wood: marked as default false since at least v68, inactive since at least v78, and web notifications are controlled in 2300s
2021-08-20 03:16:25 +00:00
Thorin-Oakenpants
2d3d8ae5b0
alerts.showFavicons 2021-08-20 03:12:59 +00:00
Thorin-Oakenpants
cef08b63f1
4520 -> personal 2021-08-20 02:52:55 +00:00
Thorin-Oakenpants
a8e95e7310
dexter would be proud #1235
- just to be clear, this section is not supported: not interested in references or explanations or  FF version numbers or default info etc
- "do more harm than good" - ambiguous, not interested in explaining why exactly: but FYI
  - some leak
  - most break shit
  - almost all are easily fingerprinted and the combo of them would make you really stand out
- removed the duplicate `ui.prefersReducedMotion` - this should move to personal as well
- moved `ui.systemUsesDarkTheme` to personal
2021-08-20 02:13:53 +00:00
Thorin-Oakenpants
5ab3c47b6b
7001: tweak
F11 has nothing to do with the API or why
2021-08-19 15:26:22 +00:00
Thorin-Oakenpants
45c52b6620
start section 7000s 2021-08-19 14:44:06 +00:00
Thorin-Oakenpants
93f6aea06a
1605: change to active enforced 2021-08-19 13:17:07 +00:00
Thorin-Oakenpants
00fa8f1b50
general.warnOnAboutConfig
ac84da2af4
2021-08-19 02:14:23 +00:00
Thorin-Oakenpants
ac84da2af4
remove XHTML config warning
dead weight: ESR users will already be aware of and ticked the warning box by now
2021-08-19 02:07:03 +00:00
Thorin-Oakenpants
f19d850845
tidy #1235
8000s (was 4600s)
- move below personal, so user-relevant part is shorter
- swap out font vis with document fonts + font whitelist
   - font vis still has usability/visual purposes: it just won't really help much with fingerprinting
   - ESR78 users (who can't use font vis), sorry, but we made doc fonts inactive for a while now, and now recommend you don't use it anyway
2021-08-19 01:46:47 +00:00
Thorin-Oakenpants
7264271063
rusty-snake improvements, #1235 2021-08-19 00:15:30 +00:00
Thorin-Oakenpants
dc63a752a5
tidy 0300 + 0301 2021-08-18 13:55:41 +00:00
Thorin-Oakenpants
a70c312938
goodbye battery
- dead weight since 2017-06-13 when ESR45 reached EOL .. good riddance
- if someone does use it, it's not going to do any harm, so no need to carry it for prefsCleaner
2021-08-18 12:46:24 +00:00
Thorin-Oakenpants
2ce269362e
dom.battery.enabled 2021-08-18 12:40:27 +00:00
Thorin-Oakenpants
29ad768a22
RFP tweak
letterboxing is not part of RFP, it is a separate pref: bugzilla and FF version info is in 4504
2021-08-18 09:08:36 +00:00
Thorin-Oakenpants
679648b33e
RFP info tweak 2021-08-18 09:03:16 +00:00
Thorin-Oakenpants
783786290d
tidy
- geo -> warning
- merge container prefs
- remove redundant "see"s
- remove corresponding 4600's item number in RFP mitigations
   - it's pretty clear by the preference names in 4600
   - could be misconstrued that the 4600 pref is the same result
- RFP's language prompt only checks for en*, not en-US (so en-GB, en-CA etc do not get prompted)
   - https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPHelper.jsm#196
2021-08-18 08:24:44 +00:00
Thorin-Oakenpants
e7e6cfffe8
0503: tidy 2021-08-18 07:30:55 +00:00
Thorin-Oakenpants
08e9fb35fd
update some references 2021-08-18 07:16:19 +00:00
Thorin-Oakenpants
fdc9376c69
tidy
- 0105*: merge into a single block
- 1220: make values more readable with spaces, like 2701 (no need for value 2), add default, update advise (get a new AV, SHA1 is dead baby)
- 2619: remove fluff
2021-08-18 01:50:09 +00:00
Thorin-Oakenpants
41c3c0ec26
tweak 2522: webgl
- we already disable webgl, that's enough
- the other two prefs are not going to provide much protection if a user decides they want webgl
- "disable-fail-if-major-performance-caveat" only applies to ESR78 and will removed in the future
- one (or two) less pref(2) for users to troubleshoot/flip
2021-08-17 03:47:33 +00:00
Thorin-Oakenpants
d7208ccf34
tidy 2021-08-17 03:41:56 +00:00
Thorin-Oakenpants
77410bf86d
musical chairs part 2
merge plugins with webrtc (camera + mic) and "media"
2021-08-17 03:08:48 +00:00
Thorin-Oakenpants
1d63e836ee
musical chairs part 1
- move 2200s into respective sections
- move FPing items into 2500s
2021-08-17 02:52:19 +00:00
Thorin-Oakenpants
668e843fce
misc
- remove 2720
   - this is a very old pref, been inactive since at least our first github release: v51
   - disabling the API is not how you control client side state: you do that by blocking cookies which also controls other state such as IDB etc
- 2700 section header
  - history/downloads is redundant
  - Offline Website Data info -> relevant item number with Active Logins info
  - ^ technically it still includes appCache for ESR78 users, but that will be moot in less than three months
- tidy RFP
  - update to FF91 userAgent spoofing: there is no Android ESR so we don't need to mention "Android 9"
  - we don't need to say if the API is enabled for mediaDevices
2021-08-16 15:34:57 +00:00
Thorin-Oakenpants
51e388ae86
dom.storage.enabled 2021-08-16 15:06:06 +00:00