[HN Gopher] Betterfox: User.js to harden Firefox and optimize pr...
___________________________________________________________________
Betterfox: User.js to harden Firefox and optimize privacy,
security, and speed
Author : legrande
Score : 70 points
Date : 2023-07-18 16:24 UTC (6 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| getcrunk wrote:
| Does this turn off dns leaking in ff when it doesn't find a
| domain.
|
| And does this turn off wasm or web gpu?
| kevingadd wrote:
| For turning off wasm you're probably better off with something
| like noscript or umatrix, turning it off globally will cause
| mysterious problems with an increasing number of websites
| hdjjhhvvhga wrote:
| This is probably what I would want - I'd prefer to know them
| and never visit them again except for a chosen few. (Wasm has
| many legitimate uses and I'm happy it exists but being old
| enough to see the evolution of the web I'm 100% sure it will
| be abused also in the ways we have no idea about yet.)
| Jaxkr wrote:
| Meanwhile I modify my Firefox to be less secure (allow unsigned
| extensions) so I can continue using my beloved TabMixPlus. Once
| you taste multiple rows of tabs you'll never go back.
| Capricorn2481 wrote:
| What about Arkenfox?
| Liquix wrote:
| Arkenfox can be both heavy-handed (disables search from URL
| bar, restore tabs from previous session, etc) and hard to
| digest (1200 lines). By comparison, Betterfox is 250 lines and
| looks to be more "sane" out of the box.
| DerekBickerton wrote:
| > disables search from URL bar
|
| Set keyword searches to true:
| user_pref("keyword.enabled", true);
|
| That way it uses your default search engine when searching
| from the address bar.
| Nezteb wrote:
| How does this differ from LibreWolf? https://librewolf.net
| ygjb wrote:
| There is a crucial difference between a config file that
| changes options within Firefox, and something that adds new
| code.
|
| Unless something has changed dramatically, the Firefox team
| (and other teams) test and fuzz Firefox extensively - obviously
| default prefs and features will get more coverage.
|
| An actual fork like LibreWolf that adds or removes code and
| ships a different build fundamentally changes how the software
| is built and invalidates a significant portion of the security
| work that has been done by the Firefox security team.
|
| I am not arguing that Librewolf or any of the other forks of
| Firefox[1] are necessarily worse for security, just that
| browsers are ridiculously complex pieces of software and making
| claims about security requires more than just gutting or adding
| features.
|
| [1] other than Palemoon, because screw those guys; when I
| challenged them on the security program for Palemoon, their
| loopy leader tried to harass me and other former Mozilla folks.
| Given their propensity for instability I wouldn't trust them at
| all.
| Nezteb wrote:
| That's a good point, thanks!
|
| I should have rephrased my question to: "How do the levels of
| privacy/security/speed differ between Firefox+Betterfox and
| LibreWolf?"
|
| I'm sure both have their tradeoffs, but I was just curious if
| anyone has tried and extensively compared both.
| tmottabr wrote:
| libre wolf is an fork of firefox..
|
| this is a set of parameters you adjust in firefox..
| rovr138 wrote:
| It's a fork of Firefox around privacy and security.
|
| So, the question is about comparing the settings on both.
|
| Settings for libre wolf are here,
| https://gitlab.com/librewolf-community/settings
| robin_reala wrote:
| ...assuming you don't use assistive technology:
| https://github.com/yokoffing/Betterfox/blob/443710b0738ebc8f...
| apazzy wrote:
| I mean yeah it says that: Assumptions
| Apply preferences from the common overrides sticky if you want
| to revert the following behavior: - Firefox
| Accessibility Service is disabled to improve resource
| utilization and security. Override this if you use assistive
| software.
| rattlesnakedave wrote:
| I'm always incredibly skeptical of any set of tweaks that is
| supposed to take off-the-shelf software and make it more private
| (how?) or secure (from what?). I'm sure some of these tweaks do
| that, but can't help but think they increase your attack surface
| over all (unless you have the time to read and think carefully
| about each settings change- in which case, you probably could
| have just changed the settings yourself).
| lillywastaken wrote:
| This is generally the case imo. Installing hardening
| tweaks/extensions/... to make yourself "more secure" and "more
| private" often just ends in increasing the viable attack
| surface and making yourself more identifiable (because such
| extensions/settings are very uncommon)
| belinder wrote:
| Another way to look at it is, you may not be aware of all the
| settings out there, and a set like this will help you discover
| them
| ygjb wrote:
| They do modify the attack surface, but since these prefs cover
| code that ships in the release version of Firefox, they
| _should_ be reasonably well tested.
|
| Most of the preferences in this will actually reduce the
| target-able attack surface, and disable some features that
| could be footguns, but at the same time disable some
| optimizations that aim to reduce cognitive load on users (which
| in turns reduces the likelihood that mistakes will be made).
| bzmrgonz wrote:
| Additionally, do keep in mind that browser dev's, in addition
| to their ulterior harvesting agenda, have the burden of
| universal appeal/usability, which makes niche installs
| impossible. If this is a NixOS-type of configure-your-own-
| browser, I'm all for it. This is the reason why Consumer
| wireless-Router configuration sucks, because manufacturers
| are trying to appeal to the masses and don't want to generate
| a call-for-support nightmare. So yeah, if we can *nixify(I'm
| claiming coinage here) all things produced in bulk and for
| the masses, by all means!!!
| altairprime wrote:
| For specific example, this particular one disables the
| bookmarks toolbar, reader mode, Firefox Sync, and screen reader
| accessibility. Opinionated does not imply "Better", even if the
| name claims otherwise.
___________________________________________________________________
(page generated 2023-07-18 23:01 UTC)