So it’s easier to make an account on facebook using tor than on Github, that’s why I’m posting this one here.
It’s about: https://github.com/privacytools/privacytools.io/issues/1430
I just wanted to mention the tweaks I personally don’t use and what exactly do they break (and thus applying them is not an option for me):
network.http.referer.XOriginPolicy = 1 (or 2)
Many facebook videos won’t be played when doing this. I leave it at 0 (and I’m not sure because that was a long time ago, but when it was on =2 I wasn’t able to play videos on my google drive)
browser.send_pings = false
tbh I don’t know what it broke, I could activate it again to check what exactly it did.
dom.event.clipboardevents.enabled = false
this was mentioned there, but another reason is: When you copy a picture and you want to paste it in your browser (let’s say on web.whatsapp.com in my case) it just doesn’t work.
browser.safebrowsing.downloads.remote.enabled = false
I know this will prevent from sending the things you download to google servers, however: isn’t this anonymized from mozilla so that google won’t exactly know from who this was sent? and tbh I think Security is more important than privacy so I didn’t do it.
And much more important things I personally do:
1- One can simply activate:
dom.security.https_only_mode = true
and you won’t need HTTPS Everywhere (less attack surface and less fingerprinting)
2- most people will use the built-in password manager anyways. Securing it with a master password is very important, so that RATs and tools that hackers use to expose passwords won’t work (I tested it myself), in case the machine got compromised.
3- regarding uBlock Origin: I highly recommend mentioning the tutorial that the hated one did on Youtube. I personally learnt from it and can’t think of anyone else explaining it better.