Additional about:config tweaks for Firefox

Hi. I just wanted to make a suggestion about adding some additional Firefox about:config tweaks into the Firefox tweak section. I wanted to give credit to a YouTuber named Tom, who does a channel called Switched to Linux. He recently did a Firefox hardening video that I was actually quite impressed with some of the about:config tweaks that he showcased in his video. I feel that this would complement the already excellent existing tweaks listed in that section as well. Some of the tweaks includes additional disabling of Firefox telemetry, disabling something called 3DES cipher, increasing the TLS version requirements,requiring safe negotiation, and a few more things. Here is the link to the source that I got this from: https://www.youtube.com/watch?v=FYj_r5b4WJY
These are the additional tweaks:

  1. security.ssl3.rsa_des_ede3_sha = False (Disables 3DES Ciphering- An older more insecure protocol)
  2. security.ssl.require_safe_negotiation = True (Enables the Requirement of safe negotiation)
  3. security.tls.version.min = 3 (Prevents the use of older versions of TLS such as 1.0 and 1.1)
  4. browser.formfill.enable = False (Disables auto fill)
  5. geo.enabled = False (Disables IP-Based geolocation identification)
  6. Additional Telemetry Disabling- Turn all to false (all under toolkit.telemetry):
    browser.newtabpage.activity-stream.feeds.telemetry browser.newtabpage.activity-stream.telemetry
    browser.pingcentre.telemetry
    devtools.onboarding.telemetry-logged
    toolkit.telemetry.archive.enabled
    toolkit.telemetry.bhrping.enabled
    toolkit.telemetry.firstshutdownping.enabled
    toolkit.telemetry.hybridcontent.enabled
    toolkit.telemetry.newprofileping.enabled
    toolkit.telemetry.unified
    toolkit.telemetry.updateping.enabled
    toolkit.telemetry.shutdownpingsender.enabled
  7. network.dns.disableprefetch = true (Disables DNS Prefetching)
  8. network.prefetch-next = false
  9. dom.webnotifications.enabled = False (Disables Web Notifications)
    These are the tweaks that I recommend. These would make firefox even more secure and hardened. That would be awesome if you guys could add this in.
    Thanks and have a good one,
    PoweredbyThanos
2 Likes

Also exists Librefox, a special tuned firefox:

Keep in mind Librefox has been deprecated and efforts shifted to LibreWolf.

2 Likes

Thanks for the suggestions; we do list ghacks-user.js which does an excellent job of going through all about:config adjustments. The author has also been helping us determine the best tweaks to list directly on PrivacyTools: https://github.com/privacytoolsIO/privacytools.io/issues/1430

You forgot a very major setting.

Beacon.enabled - set to False!!