some important updates

This commit is contained in:
Emma Tebibyte 2023-01-23 02:11:17 -05:00
parent 2a5ba3b416
commit d935a0f7f9
5 changed files with 619 additions and 1031 deletions

View File

@ -1,52 +0,0 @@
// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
KEY = "e8e3775fe9544e2ca72eec7575e2e09e"
username = "emmatebibyte"
url = "https://ws.audioscrobbler.com/2.0/?method=user.getrecenttracks&format=json&api_key=" + KEY + "&limit=1&user=" + username
function httpGet(url) {
var xmlHttp = new XMLHttpRequest();
xmlHttp.open("GET", url, false);
xmlHttp.send(null);
return xmlHttp.responseText;
}
var json = JSON.parse(httpGet(url))
var last_track = json.recenttracks.track[0]
var track = last_track.name
var trackLink = last_track.url
var artist = last_track.artist['#text']
var now_playing = (last_track["@attr"] == undefined) ? false : true
var imageLink = last_track.image[1]["#text"]
trackElem = document.getElementById('track')
artistElem = document.getElementById('artist')
dateElem = document.getElementById('date')
nowplayingElem = document.getElementById('now-playing')
albumcoverElem = document.getElementById('album-cover')
trackLinkElem = document.createElement('a')
trackLinkElem.id = "track"
trackLinkElem.href = trackLink
trackLinkElem.target = "_blank"
trackLinkElem.textContent = track
userLinkElem = document.createElement('a')
userLinkElem.href = "https://www.last.fm/user/vojoh"
userLinkElem.target = "_blank"
userLinkElem.textContent = (relative_time != null) ? relative_time : "Now playing..."
trackElem.appendChild(trackLinkElem)
artistElem.textContent = artist
dateElem.appendChild(userLinkElem)
albumcoverElem.src = imageLink
console.log(
"Artist: " + artist + "\n" +
"Track: " + track + "\n" +
"Date: " + relative_time + "\n" +
"Now playing: " + now_playing)
// @license-end

View File

@ -1,958 +1,22 @@
<!DOCTYPE html>
<html>
<!-- Copyright (c) 2023 Emma Tebibyte
SPDX-License-Identifier: CC0 -->
<html lang="en-US">
<head>
<title>Recommended Firefox Modifications</title>
<link rel="stylesheet" href="../assets/style.css">
<title>Emma Tebibyte @ Tebibyte Media</title>
<link rel="stylesheet" href="assets/style.css">
<link rel="icon" href="/favicon.ico" type="image/x-icon" />
<meta charset="UTF-8">
<meta content="Emma Tebibyte" name="author" />
<meta content="Emma Tebibyte's personal web page." name="description" />
<meta content="Emma Tebibytes personal web page." name="description" />
<meta content="width=device-width, initial-scale=1" name="viewport" />
<meta content="interest-cohort=()" http-equiv="Permissions-Policy" /> <!-- FUCK GOOGLE -->
<script>
// @license magnet:?xt=urn:btih:90dc5c0be029de84e523b9b3922520e79e0e6f08&dn=cc0.txt CC0
window.location.href = '../web';
// @license-end
</script>
</head>
<body>
<div class="back">
<h5 class="pill"><a href="../">Return to my page</a></h5>
</div>
<main>
<section class="intro">
<h1>
A Guide to Bettering Firefox
</h1>
<p>
Web browsers are kind of awful. They do too much
(<a href="https://web.archive.org/web/20220609080931/https://homepage.cs.uri.edu/~thenry/resources/unix_art/ch01s06.html">why
would I want an application to be an image viewer, pdf reader, media
player, <i>and</i> html renderer?</a>), and as a result,
<a href="https://today.uic.edu/bloated-browser-functionality-presents-unnecessary-security-privacy-risks/">
they are bloated beyond belief</a>. They strain developer resources,
require sandboxing because of the insane default that JavaScript is
arbitrarily executed, and yet, they're the most prolific method of
application distribution in the modern day. Web browsers have become the
most convenient place for many to do their computing, so, with this
page, I'm trying to define a more sane functionality for the browser I
use—Firefox.
</p>
<h2>
Why Firefox?
</h2>
<p>
I use Firefox because it is the best web browser for the kinds of
modifications I need. It is also the last major browser standing against
<a href="https://wikipedia.org/wiki/Usage_share_of_web_browsers">
Chromium domination
</a>
(even if Mozilla
<a href="https://www.pcmag.com/news/mozilla-signs-lucrative-3-year-google-search-deal-for-firefox">
takes money from Google
</a>). If there were a web browser that had sane defaults and all of the
features I need
(<a href="https://git.tebibyte.media/emma/browser/">
and I <i>do</i> plan on creating my own that does
</a>), I would
immediately switch to it; however, until there is a satisfactory
browser, which can do what I want from Firefox, I will stick either with
it or a fork of it like
<a href="https://librewolf.net/">
LibreWolf
</a>. If you don't want to use Firefox, then at least
<a href="https://www.unixsheikh.com/articles/choose-your-browser-carefully.html">
choose your browser carefully
</a>.
</p>
<p>
In addition to the modifications and extensions listed here, my
script,
<a href="https://git.tebibyte.media/emma/xdg-sanity">
<code>xdg-sanity</code>
</a>, can be used to prevent your web browser from being used to open
remote content that has a MIME type other than <code>text/html</code>.
</p>
</section>
<section>
<hgroup>
<h2 id="about-config">
<a href="#about-config">
Modifications to <code class="header">about:config</code>
</a>
</h2>
<aside>
Read more about <code>about:config</code>
<a href="https://support.mozilla.org/en-US/kb/about-config-editor-firefox">
here
</a>.
</aside>
</hgroup>
<p>
These settings are advanced user settings, and I'm not responsible for
misconfigured browsers, broken web pages, or thermonuclear war.
</p>
<p>
Make any entries that do not have anything written for their values
blank.
</p>
<h3 id="performance">
<a href="#performance">Performance</a>
</h3>
<ul>
<li><code>gfx.webrender.all = true</code></li>
</ul>
<h3 id="features">
<a href="#features">Disable or Enable Features</a>
</h3>
<ul>
<li><code>widget.use-xdg-desktop-portal = true</code></li>
<p>Allows Firefox to use KDE Plasma filechooser on GNU/Linux.</p>
<li><code>dom.event.contextmenu.enabled = false</code></li>
<p>Prevents site from blocking the context menu from being opened.</p>
<li><code>extensions.screenshots.disabled = true</code></li>
<p>Disables redundant in-app screenshots.</p>
<li><code>browser.quitShortcut.disabled = true</code></li>
<p>Disables ctrl+q quit shortcut.</p>
<li><code>reader.parse-on-load.enabled = false</code></li>
<p>Disables reader mode.</p>
<li>
<code>
services.sync.prefs.sync.extensions.activeThemeID =
false
</code>
</li>
<p>Prevents automatic application of themes on new
devices.</p>
</ul>
<h3 id="drm">
<a href="#drm">Disable Digital Rights Management</a>
</h3>
<p>
<a href="https://wikipedia.org/wiki/Digital_rights_management">
What is DRM</a> and
<a href="https://www.gnu.org/philosophy/opposing-drm.html">
why would I want to disable it?</a>
</p>
<ul>
<li>
<code>media.gmp-widevinecdm.enabled = false</code>
</li>
<li>
<code>media.gmp-widevinecdm.visible = false</code>
</li>
</ul>
<h3 id="pocket">
<a href="#pocket">Disable Pocket</a>
</h3>
<p>
<a href="https://www.ghacks.net/2015/06/23/pro-and-con-of-mozillas-pocket-integration-in-firefox/">
What is Pocket and why would I want to disable it?
</a>
<p>
<ul>
<li>
<code>
browser.newtabpage.activity-stream.section.highlights.includePocket
= false
</code>
</li>
<li>
<code>extensions.pocket.enabled = false</code>
</li>
<li><code>extensions.pocket.site</code></li>
<li>
<code>extensions.pocket.oAuthConsumerKey</code>
</li>
<li><code>extensions.pocket.api</code></li>
<li>
<code>
services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includePocket
= false
</code>
</li>
</ul>
<h2 id="privacy">
<a href="#privacy">Privacy</a>
</h2>
<ul>
<li><code>privacy.resistFingerprinting = true</code></li>
<div class="warn">
<img class="sym" src="../assets/img/warn.svg" />
<p>
Disables quality-of-life features such as automatic site
dark mode detection.
</p>
</div>
<li><code>privacy.firstparty.isolate = true</code></li>
<p>Restricts cache, storage, and cookies to the domain that
issued the data in them.</p>
<li><code>media.navigator.enabled = false</code></li>
<li><code>geo.enabled = false</code></li>
<div class="warn">
<img class="sym" src="../assets/img/warn.svg" />
<p>
Disables location tracking.
</p>
</div>
<li><code>browser.send_pings = false</code></li>
<p>Disables browsers sending POST requests when you click a
link.</p>
<li><code>dom.netinfo.enabled = false</code></li>
<li><code>beacon.enabled = false</code></li>
<li><code>dom.enable_resource_timing = false</code></li>
<li>
<code>dom.event.clipboardevents.enabled = false</code>
</li>
<p>Prevents sites from being able to see what text you
copied or cut and when you did it.</p>
</ul>
<h3 id="peripherals">
<a href="#peripherals">Peripherals</a>
</h3>
<ul>
<li>
<code>
camera.control.face_detection.enabled = false
</code>
</li>
<li>
<code>
camera.control.face_detection.enabled = false
</code>
</li>
<li>
<code>dom.battery.enabled = false</code>
</li>
</ul>
<h3 id="caching">
<a href="#caching">Webpage Prefetching &amp; Caching</a>
</h3>
<ul>
<li>
<code>
browser.urlbar.speculativeConnect.enabled = false
</code>
</li>
<li>
<code>browser.cache.offline.enable = false</code>
</li>
<li><code>network.prefetch-next = false</code></li>
<li>
<code>browser.cache.check_doc_frequency = 0</code>
</li>
</ul>
<h3 id="telemetry">
<a href="#telemetry">Mozilla Telemetry</a>
</h3>
<ul>
<li>
<code>toolkit.telemetry.cachedClientID</code>
</li>
<li>
<code>browser.aboutHomeSnippets.updateUrL</code>
</li>
<li>
<code>
browser.startup.homepage_override.mstone = ignore
</code>
</li>
<li>
<code>
browser.startup.homepage_override.buildID
</code>
</li>
<li>
<code>startup.homepage_welcome_url</code>
</li>
<li>
<code>startup.homepage_welcome_url.additional</code>
</li>
<li><code>startup.homepage_override_url</code></li>
</ul>
<h3 id="ua-spoofing">
<a href="#ua-spoofing">User-Agent Spoofing</a>
</h3>
<ul>
<li><code>general.platform.override = Win32</code></li>
<p>
Returns <code>Win32</code> when the
<a href="https://developer.mozilla.org/en-US/docs/Web/API/Navigator/platform">
<code>navigator.platform</code> object </a> is utilized
in JavaScript.
</p>
<li>
<code>
general.useragent.override = &quot;&quot;
</code>
</li>
<p>
Set this equal to the
<a href="https://jnrbsn.github.io/user-agents/user-agents.json">
latest Chrome user-agent string</a>.
</p>
</ul>
<h3 id="doh">
<a href="#doh">
DNS over HTTPS
</a>
</h3>
<p>
Read about DOH
<a href="https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs">
here</a>.
</p>
<ul>
<li>
<code>network.trr.uri = &quot;&quot;</code>
</li>
<p>
Select a DNS-over-HTTPS server to use—I use the
<a href="https://dnswarden.com#doh">dnswarden adblocking
one</a>, but if your polity censors your internet
access, you should use the uncensored one. There is a
list of alternatives available
<a href="https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-servers">
on GitHub</a>.
</p>
<li><code>network.trr.mode = 2</code></li>
<p>This sets HTTPS over DNS to be on unless the DNS
server cannot be reached.</p>
</ul>
<h3 id="header-sanitize">
<a href="#header-sanitize">
Header Sanitization
</a>
</h3>
<ul>
<li>
<code>network.http.referer.spoofSource = true</code>
</li>
<li>
<code>
network.http.referer.hideOnionSource = true
</code>
</li>
</ul>
<h3 id="safe-browsing">
<a href="#safe-browsing">Disable Google Safe Browsing</a>
</h3>
<p>
This is an exhaustive list of all the settings you need to
change. Typing only <code>browser.safebrowsing</code> into the
<code>about:config</code> search box will return all of them,
but make sure to apply the correct value to each.
</p>
<ul>
<li>
<code>browser.safebrowsing.allowOverride = true</code>
</li>
<li>
<code>
browser.safebrowsing.malware.enabled = false
</code>
</li>
<li>
<code>
browser.safebrowsing.phishing.enabled = false
</code>
</li>
<li>
<code>
browser.safebrowsing.downloads.enabled = false
</code>
</li>
<li>
<code>
browser.safebrowsing.blockedURIs.enabled = false
</code>
</li>
<li>
<code>
browser.safebrowsing.downloads.remote.block_dangerous_host = false
</code>
</li>
<li>
<code>
browser.safebrowsing.downloads.remote.block_dangerous = false
</code>
</li>
<li>
<code>
browser.safebrowsing.downloads.remote.block_potentially_unwanted
= false
</code>
</li>
<li>
<code>
browser.safebrowsing.downloads.remote.enabled = false
</code>
</li>
<li>
<code>browser.safebrowsing.downloads.remote.url</code>
</li>
<li><code>browser.safebrowsing.id</code></li>
<li>
<code>
browser.safebrowsing.provider.google4.updateURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.reportURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.reportPhishMistakeURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.reportMalwareMistakeURL
</code>
</li>
<li>
<code>browser.safebrowsing.provider.google4.lists</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.gethashURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.dataSharingURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.dataSharing.enabled = false
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.advisoryURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.advisoryName
</code>
</li>
<li>
<code>browser.safebrowsing.provider.google4.pver</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.lastupdatetime
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google4.nextupdatetime
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.advisoryName
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.advisoryURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.updateURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.reportURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.gethashURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.reportPhishMistakeURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.google.reportMalwareMistakeURL
</code>
</li>
<li>
<code>browser.safebrowsing.provider.google.pver</code>
</li>
<li>
<code>browser.safebrowsing.provider.google.lists</code>
</li>
<li>
<code>
browser.safebrowsing.provider.mozilla.gethashURL
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.mozilla.lastupdatetime
</code>
</li>
<li>
<code>browser.safebrowsing.provider.mozilla.pver</code>
</li>
<li>
<code>
browser.safebrowsing.provider.mozilla.updateURL
</code>
</li>
<li>
<code>browser.safebrowsing.provider.mozilla.lists</code>
</li>
<li>
<code>
browser.safebrowsing.provider.mozilla.lists.base
</code>
</li>
<li>
<code>
browser.safebrowsing.provider.mozilla.lists.content
</code>
</li>
</ul>
</section>
<section class="full"></section>
<section>
<h2 id="extensions">
<a href="#extensions">Extensions</a>
</h2>
<p>
When it comes to extensions, fewer is better, so try to limit
your extensions to the minimum you need to browse the web. This
helps reduce the performance impact and fingerprintability of
your browser. The following are a list of extensions you can
give the boot:
<ul>
<li>
For many use cases, containerization extensions like Facebook
Container or Google Container are redundant with
<a href="https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/">
Total Cookie Protection
</a> and
<a href="https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/">
Enhanced Cookie Clearing</a>.
</li>
<li>
The
<a href="https://addons.mozilla.org/en-US/firefox/addon/i-dont-care-about-cookies/">
I don't care about cookies</a> extension has been
<a href="https://www.i-dont-care-about-cookies.eu/whats-new/acquisition/">
acquired by Avast
</a>, and the extension itself is superfluous with the
recommended uBlock Origin filter lists below.
</li>
<li>
Privacy Badger
<a href="https://desuarchive.org/g/thread/83169287/#83170117">
has multiple issues</a>, including its lack of fingerprinting
protection, its connection to Fastly CDN, and its redundancy with
uBlock Origin.
</li>
</ul>
</p>
<p>
If there is any extension you feel is missing from this list,
feel free to <a href="https://git-send-email.io/">send me a git
patch through e-mail</a> adding it along with a description as
to why you believe it should be included. Before
<a href="../#contact">contacting me</a>, please read through the
whole list and the
<a href="https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-dont-bother">
DON'T BOTHER</a> section of arkenfox's extensions page.
</p>
<h3 id="privacy-extensions">
<a href="#privacy-extensions">Standard Privacy Extensions</a>
</h3>
<ul>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/privacy-pass">
Privacy Pass
</a> Stores tokens to bypass captchas.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/ublock-origin">
uBlock Origin
</a> Ad blocking, cosmetic filtering, malicious script
protection, and tracker blocking; all in one package.
Here is a list of useful blocklists:
<ul>
<li>
<a href="https://filterlists.com/lists/actually-legitimate-url-shortener-tool">
ClearURLs functionality
</a>
(<a href="https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam">
read more</a>)
<a href="https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt">
[TXT]
</a>
</li>
<li>
To replace I don't care about coookies'
functionality, enable the EasyList Cookie list
and manually add the officially-provided
blocklist.
<a href="https://www.i-dont-care-about-cookies.eu/abp/">
[TXT]
</a>
</li>
<li>
<a href="https://github.com/yourduskquibbles/webannoyances">
Other annoyances
</a>
</li>
</ul>
You can find more blocklists on
<a href="https://filterlists.com/">FilterLists</a>.
</p>
</li>
</ul>
<h3 id="advanced-extensions">
<a href="#advanced-extensions">
Advanced Privacy Extensions
</a>
</h3>
<div class="warn">
<img class="sym" src="../assets/img/warn.svg" />
<p>
These extensions may hinder or break certain functionality on
websites using heavy amounts of JavaScript.
</p>
</div>
<ul>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/canvasblocker">
CanvasBlocker
</a>
Fakes fingerprint readout for some JavaScript APIs
(blocking the canvas can break some functions of image
rendering).
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/librejs">
GNU LibreJS
</a>
Extension that blocks all but
<a href="https://www.gnu.org/philosophy/javascript-trap.html">
freely licensed JavaScript</a>.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/javascript-restrictor">
JShelter
</a> Restricts access to JavaScript APIs to prevent
fingerprinting.
</p>
</li>
</ul>
<h3 id="tools-extensions">
<a href="tools-extensions">Tools</a>
</h3>
<ul>
<li>
<p>
<a href="https://github.com/iamadamdev/bypass-paywalls-chrome">
Bypass Paywalls
</a> Bypasses paywalls for some sites.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-CA/firefox/addon/firemonkey/">
FireMonkey
</a> Lightweight user script and style manager
utilizing native Firefox APIs to support userscripts
from sources like <a href="https://greasyfork.org/">
GreasyFork</a> and
<a href="https://openuserjs.org/">OpenUserJS</a> as well
as Stylish themes from
<a href="https://userstyles.org/">
Userstyles</a>.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/flagfox">
Flagfox
</a> Displays information about a website's physical
location and IP address in the address bar.
</p>
</li>
<li>
<p>
FoxyProxy
<a href="https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/">
Standard
</a>/
<a href="https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-basic/">
Basic
</a> Advanced proxy manager which replaces Firefox's
lacking settings.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/libredirect/">
LibRedirect
</a> Redirects services like Twitter and YouTube to
their privacy-respecting front-ends or alternatives.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/new-tab-suspender/">
New Tab Suspender
</a> Tab management extension that puts tabs to sleep
after a set amount of time using the native Firefox
<a href="https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/tabs/discard">
discard API</a>.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/view-page-archive/">
Web Archives
</a> Allows you to easily open web pages at various
archive sources such as the
<a href="https://web.archive.org/">Wayback Machine</a>.
</p>
</li>
</ul>
</section>
<section class="full"></section>
<section>
<h2 id="reading">
<a href="#reading">Further Reading</a>
</h2>
<p>
<ul>
<li>
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1495192">
Add a pref to disable Do Not Track in Firefox
</a>
</li>
<li>
<a href="https://github.com/arkenfox/user.js/wiki">
arkenfox/user.js Wiki
</a>
</li>
<li>
<a href="https://jshelter.org/farbling/">
Farbling-based wrappers to hinder browser fingerprinting
</a>
</li>
<li>
<a href="https://spyware.neocities.org/articles/firefox.html">
Firefox — Spyware Watchdog
</a>
</li>
<li>
<a href="https://privacytests.org/">
PrivacyTests.org
</a>
</li>
<li>
<a href="https://scotthelme.co.uk/revocation-is-broken">
Revocation is Broken
</a>
</li>
<li>
<a href="https://support.mozilla.org/en-US/kb/sync-custom-preferences#w_sync-custom-preferences">
Sync custom preferences
</a>
</li>
<li>
<a href="https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/18097">
Tor font fingerprinting defenses roadmap
</a>
</li>
<li>
<a href="https://trinity.moe#extensions">
Trinity's browser extensions
</a>
</li>
</ul>
</p>
<h3 id="fingerprinting">
<a href="#fingerprinting">Fingerprinting Tests</a>
</h3>
<p>
<ul>
<li>
<a href="https://amiunique.org/fp">
AmIUnique
</a>
</li>
<li>
<a href="https://browserleaks.com">
BrowserLeaks
</a>
</li>
<li>
<a href="https://arkenfox.github.io/TZP/tests/canvasrfp.html">
canvas rfp
</a>
</li>
<li>
<a href="https://abrahamjuliot.github.io/creepjs">
CreepJS
</a>
</li>
<li>
<a href="https://coveryourtracks.eff.org">
Cover Your Tracks
</a>
</li>
<li>
<a href="https://canvasblocker.kkapsner.de/test">
Test pages for CanvasBlocker
</a>
</li>
</ul>
</p>
</section>
</main>
<footer>
<div class="copyleft">
<p>
This site's HTML is licensed under the
<a href="agpl-3.0.txt">
AGPLv3
</a>
or later. Its content is covered under the
<a href="legalcode.txt">
CC BY-NC-SA
</a>
license.
</p>
</div>
</footer>
</body>
</html>

View File

@ -1,4 +1,20 @@
<!DOCTYPE html>
<!-- Copyright (c) 20222023 Emma Tebibyte
SPDX-License-Identifier: AGPL-3.0-or-later AND CC-BY-NC-SA-4.0
This website is free software: you can redistribute it and/or modify it under
the terms of the GNU Affero General Public License as published by the Free
Software Foundation, either version 3 of the License, or (at your option) any
later version.
This website is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along
with this website. If not, see https://www.gnu.org/licenses/. -->
<html lang="en-US">
<head>
<title>Emma Tebibyte @ Tebibyte Media</title>
@ -6,7 +22,7 @@
<link rel="icon" href="/favicon.ico" type="image/x-icon" />
<meta charset="UTF-8">
<meta content="Emma Tebibyte" name="author" />
<meta content="Emma Tebibyte's personal web page." name="description" />
<meta content="Emma Tebibytes personal web page." name="description" />
<meta content="width=device-width, initial-scale=1" name="viewport" />
<meta content="interest-cohort=()" http-equiv="Permissions-Policy" /> <!-- FUCK GOOGLE -->
</head>
@ -21,7 +37,8 @@
Hi! Im Emma Tebibyte.
</h1>
<p id="pronouns">
(<a href="https://pronoun.is/fae" title="my pronouns">fae/faer</a>)
(<a href="https://pronouns.within.lgbt/fae"
title="my pronouns">fae/faer</a>)
</p>
</hgroup>
<p>
@ -38,27 +55,6 @@
Media.
</p>
</section>
<section class="full">
<h2>Webrings</h2>
<p>
The main Tebibyte Media page is a member of Yesterweb, but my page is
only a member of these rings:
</p>
<menu id="cornring">
<li>
<a href="https://cornring.netlify.app/emmatebibyte/previous">
<<</a>
</li>
<li>
<a href="https://cornring.netlify.app/">Cornring</a>
</li>
<li>
<a href="https://cornring.netlify.app/emmatebibyte/next">>></a>
</li>
</menu>
</section>
<section>
<h2 class="full" id="contact">
<a href="#contact">Contact</a>
@ -143,8 +139,8 @@
</li>
<li>
<a href="firefox">
My recommended Firefox configuration
<a href="web">
My guide on how to browse the web
</a>
</li>
@ -167,7 +163,7 @@
<a href="#reviews">Reviews</a>
</h2>
<p>
Idea stolen from <a href="https://trinity.moe#praise">Trinity's
Idea stolen from <a href="https://trinity.moe#praise">Trinitys
page</a>.
</p>
</hgroup>
@ -244,17 +240,33 @@
</a>
<a href="https://thenostomodernreview.substack.com/">
<img class="favicon" src="https://thenostomodernreview.substack.com/favicon.ico" />
The Nostomodern Review by classic5000
The Nostomodern Review
</a>
</div>
</section>
<section class="full">
<menu id="cornring">
<li>
<a href="https://cornring.netlify.app/emmatebibyte/previous">
<<</a>
</li>
<li>
<a href="https://cornring.netlify.app/">Cornring</a>
</li>
<li>
<a href="https://cornring.netlify.app/emmatebibyte/next">>></a>
</li>
</menu>
</section>
</main>
<footer>
<section class="full">
<small>
This site's HTML is licensed under the
<a href="agpl-3.0.txt">AGPLv3</a> or later and its content under the
<a href="legalcode.txt">CC BY-NC-SA</a> license.
This sites HTML is licensed under the
<a href="COPYING">AGPLv3</a> or later and its content under the
<a href="legalcode.txt">CC BY-NC-SA 4.0</a> license.
</small>
</section>
</footer>

564
web/index.html Normal file
View File

@ -0,0 +1,564 @@
<!DOCTYPE html>
<!-- Copyright (c) 20222023 Emma Tebibyte
SPDX-License-Identifier: AGPL-3.0-or-later AND CC-BY-NC-SA-4.0
This website is free software: you can redistribute it and/or modify it under
the terms of the GNU Affero General Public License as published by the Free
Software Foundation, either version 3 of the License, or (at your option) any
later version.
This website is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along
with this website. If not, see https://www.gnu.org/licenses/. -->
<html>
<head>
<title>Web Browsing in the Hellscape of Tomorrow</title>
<link rel="stylesheet" href="../assets/style.css">
<link rel="icon" href="/favicon.ico" type="image/x-icon" />
<meta charset="UTF-8">
<meta content="Emma Tebibyte" name="author" />
<meta content="Emma Tebibytes personal web page." name="description" />
<meta content="width=device-width, initial-scale=1" name="viewport" />
<meta content="interest-cohort=()" http-equiv="Permissions-Policy" /> <!-- FUCK GOOGLE -->
</head>
<body>
<div class="back">
<h5 class="pill"><a href="../">Return to my page</a></h5>
</div>
<main>
<section class="intro">
<h1>
Web Browsing: From My Paranoid Transgender Brain to Yours
</h1>
<p>
Web browsers are kind of awful.
<a href="http://www.catb.org/esr/writings/taoup/html/ch01s06.html">
They do too much</a>; why would I want an application to be an image
viewer, pdf reader, media player, <i>and</i> HTML renderer? As a result
of this massive scope,
<a href="https://today.uic.edu/bloated-browser-functionality-presents-unnecessary-security-privacy-risks/">
they are bloated beyond belief</a>. They strain developer resources,
require sandboxing because of the insane default that JavaScript is
arbitrarily executed, and yet, they're the most prolific method of
application distribution in the modern day.
</p>
<p>
Unfortunately, web browsers have become the most convenient place for
many to do their computing, so, with this page, Im trying to define a
more sane functionality for the browser I use—LibreWolf.
</p>
<h2>
Why LibreWolf?
</h2>
<p>
LibreWolf is a fork of Firefox, the last browser standing against the
<a href="https://wikipedia.org/wiki/Usage_share_of_web_browsers">
Chromium hegemony</a>. Firefox itself has issues with
telemetry and sanity—for information on this topic and the changes made
in LibreWolf, see
<a href="https://github.com/arkenfox/user.js/wiki">here</a>.
If youre not going to use Librewolf, at least
<a href="https://www.unixsheikh.com/articles/choose-your-browser-carefully.html">
choose your browser carefully</a>.
</p>
<p>
In addition to the modifications and extensions listed here, my
script,
<a href="https://git.tebibyte.media/emma/xdg-sanity">
<code>xdg-sanity</code></a>, can be used to prevent your web browser
from being used to open remote content that has a MIME type other than
<code>text/html</code>.
</p>
</section>
<section>
<hgroup>
<h2 id="about-config">
<a href="#about-config">
Modifications to <code class="header">about:config</code>
</a>
</h2>
<aside>
Read more about <code>about:config</code>
<a href="https://support.mozilla.org/en-US/kb/about-config-editor-firefox">
here</a>.
</aside>
</hgroup>
<p>
These settings are advanced user settings, and Im not responsible for
misconfigured browsers, broken web pages, or thermonuclear war.
</p>
<h3 id="features">
<a href="#features">Disable or Enable Features</a>
</h3>
<ul>
<li><code>browser.urlbar.trimURLs = false</code></li>
<p>Disables the automatic trimming of the URL scheme from the URL
bar.</p>
<li><code>image.jxl.enabled = true</code></li>
<p>Enables <a href="https://jpegxl.info/">JPEG XL</a> support in
LibreWolf.</p>
<li><code>widget.use-xdg-desktop-portal = true</code></li>
<p>Allows Firefox to use KDE Plasma filechooser on GNU/Linux.</p>
<li><code>dom.event.contextmenu.enabled = false</code></li>
<p>Prevents site from blocking the context menu from being opened.</p>
<li><code>extensions.screenshots.disabled = true</code></li>
<p>Disables redundant in-app screenshots.</p>
<li><code>browser.quitShortcut.disabled = true</code></li>
<p>Disables ctrl+q quit shortcut.</p>
<li><code>reader.parse-on-load.enabled = false</code></li>
<p>Disables reader mode.</p>
<li>
<code>
services.sync.prefs.sync.extensions.activeThemeID =
false
</code>
</li>
<p>Prevents automatic application of themes on new
devices.</p>
</ul>
<h3 id="drm">
<a href="#drm">Disable Digital Rights Management</a>
</h3>
<p>
<a href="https://wikipedia.org/wiki/Digital_rights_management">
What is DRM</a> and
<a href="https://www.gnu.org/philosophy/opposing-drm.html">
why would I want to disable it?</a>
</p>
<ul>
<li>
<code>media.gmp-widevinecdm.enabled = false</code>
</li>
<li>
<code>media.gmp-widevinecdm.visible = false</code>
</li>
</ul>
<h2 id="privacy">
<a href="#privacy">Privacy</a>
</h2>
<ul>
<li><code>geo.enabled = false</code></li>
<div class="warn">
<img class="sym" src="../assets/img/warn.svg" />
<p>
Disables location tracking.
</p>
</div>
<li><code>beacon.enabled = false</code></li>
<li><code>dom.enable_resource_timing = false</code></li>
<li>
<code>dom.event.clipboardevents.enabled = false</code>
</li>
<p>Prevents sites from being able to see what text you
copied or cut and when you did it.</p>
<li>
<code>dom.battery.enabled = false</code>
</li>
<li><code>network.prefetch-next = false</code></li>
<li>
<code>browser.cache.check_doc_frequency = 0</code>
</li>
</ul>
<h3 id="doh">
<a href="#doh">
DNS over HTTPS
</a>
</h3>
<p>
Read about DOH
<a href="https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs">
here</a>.
</p>
<ul>
<li>
<code>network.trr.uri = &quot;&quot;</code>
</li>
<p>
Select a DNS-over-HTTPS server to use—I use the
<a href="https://dnswarden.com#doh">dnswarden adblocking
one</a>, but if your polity censors your internet
access, you should use the uncensored one. There is a
list of alternatives available
<a href="https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-servers">
on GitHub</a>.
</p>
<li><code>network.trr.mode = 2</code></li>
<p>This sets HTTPS over DNS to be on unless the DNS
server cannot be reached.</p>
</ul>
<h3 id="header-sanitize">
<a href="#header-sanitize">
Header Sanitization
</a>
</h3>
<ul>
<li>
<code>network.http.referer.spoofSource = true</code>
</li>
<li>
<code>
network.http.referer.hideOnionSource = true
</code>
</li>
</ul>
</section>
<section class="full"></section>
<section>
<h2 id="extensions">
<a href="#extensions">Extensions</a>
</h2>
<p>
When it comes to extensions, fewer is better, so try to limit
your extensions to the minimum you need to browse the web. This
helps reduce the performance impact and fingerprintability of
your browser. The following are a list of extensions you can
give the boot:
<ul>
<li>
For many use cases, containerization extensions like Facebook
Container or Google Container are redundant with
<a href="https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/">
Total Cookie Protection
</a> and
<a href="https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/">
Enhanced Cookie Clearing</a>.
</li>
<li>
The
<a href="https://addons.mozilla.org/en-US/firefox/addon/i-dont-care-about-cookies/">
I don't care about cookies</a> extension has been
<a href="https://www.i-dont-care-about-cookies.eu/whats-new/acquisition/">
acquired by Avast
</a>, and the extension itself is superfluous with the
recommended uBlock Origin filter lists below.
</li>
<li>
Privacy Badger
<a href="https://desuarchive.org/g/thread/83169287/#83170117">
has multiple issues</a>, including its lack of fingerprinting
protection, its connection to Fastly CDN, and its redundancy with
uBlock Origin.
</li>
</ul>
</p>
<p>
If there is any extension you feel is missing from this list,
feel free to <a href="https://git-send-email.io/">send me a git
patch through e-mail</a> adding it along with a description as
to why you believe it should be included. Before
<a href="../#contact">contacting me</a>, please read through the
whole list and the
<a href="https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-dont-bother">
DON'T BOTHER</a> section of arkenfoxs extensions page.
</p>
<h3 id="privacy-extensions">
<a href="#privacy-extensions">Standard Privacy Extensions</a>
</h3>
<ul>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/privacy-pass">
Privacy Pass
</a> Stores tokens to bypass captchas.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/ublock-origin">
uBlock Origin
</a> Ad blocking, cosmetic filtering, malicious script
protection, and tracker blocking; all in one package.
Here is a list of useful blocklists:
<ul>
<li>
<a href="https://filterlists.com/lists/actually-legitimate-url-shortener-tool">
ClearURLs functionality
</a>
(<a href="https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam">
read more</a>)
<a href="https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt">
[TXT]
</a>
</li>
<li>
To replace I don't care about coookies'
functionality, enable the EasyList Cookie list
and manually add the officially-provided
blocklist.
<a href="https://www.i-dont-care-about-cookies.eu/abp/">
[TXT]
</a>
</li>
<li>
<a href="https://github.com/yourduskquibbles/webannoyances">
Other annoyances
</a>
</li>
</ul>
You can find more blocklists on
<a href="https://filterlists.com/">FilterLists</a>.
</p>
</li>
</ul>
<h3 id="advanced-extensions">
<a href="#advanced-extensions">
Advanced Privacy Extensions
</a>
</h3>
<ul>
</ul>
<h3 id="tools-extensions">
<a href="tools-extensions">Tools</a>
</h3>
<ul>
<li>
<p>
<a href="https://github.com/iamadamdev/bypass-paywalls-chrome">
Bypass Paywalls
</a> Bypasses paywalls for some sites.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-CA/firefox/addon/firemonkey/">
FireMonkey
</a> Lightweight user script and style manager
utilizing native Firefox APIs to support userscripts
from sources like <a href="https://greasyfork.org/">
GreasyFork</a> and
<a href="https://openuserjs.org/">OpenUserJS</a> as well
as Stylish themes from
<a href="https://userstyles.org/">
Userstyles</a>.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/flagfox">
Flagfox
</a> Displays information about a websites physical
location and IP address in the address bar.
</p>
</li>
<li>
<p>
FoxyProxy
<a href="https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/">
Standard
</a>/
<a href="https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-basic/">
Basic
</a> Advanced proxy manager which replaces Firefoxs
lacking settings.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/libredirect/">
LibRedirect
</a> Redirects services like Twitter and YouTube to
their privacy-respecting front-ends or alternatives.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/librejs">
GNU LibreJS
</a>
Extension that blocks all but
<a href="https://www.gnu.org/philosophy/javascript-trap.html">
freely licensed JavaScript</a>.
</p>
</li>
<div class="warn">
<img class="sym" src="../assets/img/warn.svg" />
<p>
LibreJS will prevent a large amount of many websites JavaScript
from loading.
</p>
</div>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/new-tab-suspender/">
New Tab Suspender
</a> Tab management extension that puts tabs to sleep
after a set amount of time using the native Firefox
<a href="https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/tabs/discard">
discard API</a>.
</p>
</li>
<li>
<p>
<a href="https://addons.mozilla.org/en-US/firefox/addon/view-page-archive/">
Web Archives
</a> Allows you to easily open web pages at various
archive sources such as the
<a href="https://web.archive.org/">Wayback Machine</a>.
</p>
</li>
</ul>
</section>
<section class="full"></section>
<section>
<h2 id="reading">
<a href="#reading">Further Reading</a>
</h2>
<p>
<ul>
<li>
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1495192">
Add a pref to disable Do Not Track in Firefox
</a>
</li>
<li>
<a href="https://github.com/arkenfox/user.js/wiki">
arkenfox/user.js Wiki
</a>
</li>
<li>
<a href="https://jshelter.org/farbling/">
Farbling-based wrappers to hinder browser fingerprinting
</a>
</li>
<li>
<a href="https://spyware.neocities.org/articles/firefox.html">
Firefox — Spyware Watchdog
</a>
</li>
<li>
<a href="https://privacytests.org/">
PrivacyTests.org
</a>
</li>
<li>
<a href="https://scotthelme.co.uk/revocation-is-broken">
Revocation is Broken
</a>
</li>
<li>
<a href="https://support.mozilla.org/en-US/kb/sync-custom-preferences#w_sync-custom-preferences">
Sync custom preferences
</a>
</li>
<li>
<a href="https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/18097">
Tor font fingerprinting defenses roadmap
</a>
</li>
<li>
<a href="https://trinity.moe#extensions">
Trinitys browser extensions
</a>
</li>
</ul>
</p>
<h3 id="fingerprinting">
<a href="#fingerprinting">Fingerprinting Tests</a>
</h3>
<p>
<ul>
<li>
<a href="https://amiunique.org/fp">
AmIUnique
</a>
</li>
<li>
<a href="https://browserleaks.com">
BrowserLeaks
</a>
</li>
<li>
<a href="https://arkenfox.github.io/TZP/tests/canvasrfp.html">
canvas rfp
</a>
</li>
<li>
<a href="https://abrahamjuliot.github.io/creepjs">
CreepJS
</a>
</li>
<li>
<a href="https://coveryourtracks.eff.org">
Cover Your Tracks
</a>
</li>
<li>
<a href="https://canvasblocker.kkapsner.de/test">
Test pages for CanvasBlocker
</a>
</li>
</ul>
</p>
</section>
</main>
<footer>
<div class="copyleft">
<p>
This sites HTML & CSS is licensed under the
<a href="COPYING">
AGPLv3
</a>
or later. Its content is covered under the
<a href="legalcode.txt">
CC BY-NC-SA 4.0
</a>
license.
</p>
</div>
</footer>
</body>
</html>