From 29f09f9b8209ea7621c81090d7eef4891b594bc4 Mon Sep 17 00:00:00 2001 From: pyllyukko Date: Wed, 6 Feb 2019 20:57:19 +0200 Subject: [PATCH] Added notice about RFP breaking some keyboard shortcuts Fixes #443 --- README.md | 3 ++- user.js | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0e761b4..adddb8c 100644 --- a/README.md +++ b/README.md @@ -243,7 +243,7 @@ Disable Firefox integrated metrics/reporting/experiments, disable potentially in * Disable the UITour backend [ [1](https://trac.torproject.org/projects/tor/ticket/19047#comment:3) ] * Enable Firefox Tracking Protection [ [1](https://wiki.mozilla.org/Security/Tracking_protection) [2](https://support.mozilla.org/en-US/kb/tracking-protection-firefox) [3](https://support.mozilla.org/en-US/kb/tracking-protection-pbm) [4](https://kontaxis.github.io/trackingprotectionfirefox/) [5](https://feeding.cloud.geek.nz/posts/how-tracking-protection-works-in-firefox/) ] * Enable contextual identity Containers feature (Firefox >= 52) -* Enable hardening against various fingerprinting vectors (Tor Uplift project) [ [1](https://wiki.mozilla.org/Security/Tor_Uplift/Tracking) [2](https://bugzilla.mozilla.org/show_bug.cgi?id=1333933) ] +* Enable Firefox's anti-fingerprinting mode ("resist fingerprinting" or RFP) (Tor Uplift project) [ [1](https://wiki.mozilla.org/Security/Tor_Uplift/Tracking) [2](https://bugzilla.mozilla.org/show_bug.cgi?id=1333933) [3](https://wiki.mozilla.org/Security/Fingerprinting) ] * Disable the built-in PDF viewer [ [1](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2743) [2](https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/) [3](https://www.mozilla.org/en-US/security/advisories/mfsa2015-69/) ] * Disable collection/sending of the health report (healthreport.sqlite*) [ [1](https://support.mozilla.org/en-US/kb/firefox-health-report-understand-your-browser-perf) [2](https://gecko.readthedocs.org/en/latest/toolkit/components/telemetry/telemetry/preferences.html) ] * Disable Heartbeat (Mozilla user rating telemetry) [ [1](https://wiki.mozilla.org/Advocacy/heartbeat) [2](https://trac.torproject.org/projects/tor/ticket/19047) ] @@ -424,6 +424,7 @@ Hardening your often implies a trade-off with ease-of-use and comes with reduced * Disabling nonessential protocols breaks all interaction with custom protocols such as mailto:, irc:, magnet: ... and breaks opening third-party mail/messaging/torrent/... clients when clicking on links with these protocols * Disabling system add-on updates prevents Mozilla from "hotfixing" your browser to patch critical problems (one possible use case from the documentation) * Containers are not available in Private Browsing mode +* RFP breaks some keyboard shortcuts used in certain websites (see #443) * Fully automatic updates are disabled and left to package management systems on Linux. Windows users may want to change this setting. * Update check page might incorrectly report Firefox ESR as out-of-date * Do No Track must be enabled manually diff --git a/user.js b/user.js index 485a091..1e2a64e 100644 --- a/user.js +++ b/user.js @@ -522,9 +522,11 @@ user_pref("privacy.trackingprotection.pbmode.enabled", true); // https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers user_pref("privacy.userContext.enabled", true); -// PREF: Enable hardening against various fingerprinting vectors (Tor Uplift project) +// PREF: Enable Firefox's anti-fingerprinting mode ("resist fingerprinting" or RFP) (Tor Uplift project) // https://wiki.mozilla.org/Security/Tor_Uplift/Tracking // https://bugzilla.mozilla.org/show_bug.cgi?id=1333933 +// https://wiki.mozilla.org/Security/Fingerprinting +// NOTICE: RFP breaks some keyboard shortcuts used in certain websites (see #443) user_pref("privacy.resistFingerprinting", true); // PREF: Disable the built-in PDF viewer -- 2.11.4.GIT