├── .gitattributes ├── .github └── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── Files ├── browser │ └── defaults │ │ └── preferences │ │ └── autoconfig.js ├── distribution │ ├── extensions │ │ ├── canvasblocker-1.9.xpi │ │ ├── clearurls-1.26.1.xpi │ │ ├── cookie_autodelete-3.8.2.xpi │ │ ├── css_exfil_protection-1.1.0.xpi │ │ ├── decentraleyes-2.0.17.xpi │ │ ├── disable_webrtc-0.3.xpi │ │ ├── history_autodelete-2.0.2.xpi │ │ ├── multi_account_containers-8.1.2.xpi │ │ ├── privacy_badger17-2023.6.23.xpi │ │ ├── privacy_oriented_origin_policy-1.4.2.xpi │ │ ├── temporary_containers-1.9.2.xpi │ │ ├── ublock_origin-1.51.0.xpi │ │ └── umatrix-1.4.4.xpi │ ├── org.mozilla.firefox.plist │ └── policies.json └── mozilla.cfg ├── LICENSE ├── README.md ├── sos-build-macos-plist.sh ├── sos-firefoxprivacy.ps1 └── sos-firefoxprivacy.sh /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Screenshots** 24 | If applicable, add screenshots to help explain your problem. 25 | 26 | **Desktop (please complete the following information):** 27 | - OS: [e.g. iOS] 28 | - Browser [e.g. chrome, safari] 29 | - Version [e.g. 22] 30 | 31 | **Smartphone (please complete the following information):** 32 | - Device: [e.g. iPhone6] 33 | - OS: [e.g. iOS8.1] 34 | - Browser [e.g. stock browser, safari] 35 | - Version [e.g. 22] 36 | 37 | **Additional context** 38 | Add any other context about the problem here. 39 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /Files/browser/defaults/preferences/autoconfig.js: -------------------------------------------------------------------------------- 1 | pref("general.config.filename", "mozilla.cfg"); 2 | pref("general.config.obscure_value", 0); 3 | -------------------------------------------------------------------------------- /Files/distribution/extensions/canvasblocker-1.9.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/canvasblocker-1.9.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/clearurls-1.26.1.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/clearurls-1.26.1.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/cookie_autodelete-3.8.2.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/cookie_autodelete-3.8.2.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/css_exfil_protection-1.1.0.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/css_exfil_protection-1.1.0.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/decentraleyes-2.0.17.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/decentraleyes-2.0.17.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/disable_webrtc-0.3.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/disable_webrtc-0.3.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/history_autodelete-2.0.2.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/history_autodelete-2.0.2.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/multi_account_containers-8.1.2.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/multi_account_containers-8.1.2.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/privacy_badger17-2023.6.23.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/privacy_badger17-2023.6.23.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/privacy_oriented_origin_policy-1.4.2.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/privacy_oriented_origin_policy-1.4.2.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/temporary_containers-1.9.2.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/temporary_containers-1.9.2.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/ublock_origin-1.51.0.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/ublock_origin-1.51.0.xpi -------------------------------------------------------------------------------- /Files/distribution/extensions/umatrix-1.4.4.xpi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/simeononsecurity/FireFox-Privacy-Script/6a32d8af512d4c9bd9b7408a47c376e32d1a9640/Files/distribution/extensions/umatrix-1.4.4.xpi -------------------------------------------------------------------------------- /Files/distribution/org.mozilla.firefox.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CaptivePortal 6 | 7 | DNSOverHTTPS 8 | 9 | Enabled 10 | 11 | 12 | DisableAppUpdate 13 | 14 | DisableBuiltinPDFViewer 15 | 16 | DisableFirefoxAccounts 17 | 18 | DisableFirefoxStudies 19 | 20 | DisableFormHistory 21 | 22 | DisablePocket 23 | 24 | DisableTelemetry 25 | 26 | EnterprisePoliciesEnabled 27 | 28 | ExtensionSettings 29 | 30 | CanvasBlocker@kkapsner.net 31 | 32 | install_url 33 | https://addons.mozilla.org/firefox/downloads/latest/canvasblocker/latest.xpi 34 | installation_mode 35 | normal_installed 36 | 37 | ClearURLs@kevinr 38 | 39 | install_url 40 | https://addons.mozilla.org/firefox/downloads/latest/clearurls/latest.xpi 41 | installation_mode 42 | normal_installed 43 | 44 | CookieAutoDelete@kennydo.com 45 | 46 | install_url 47 | https://addons.mozilla.org/firefox/downloads/latest/cookie-autodelete/latest.xpi 48 | installation_mode 49 | normal_installed 50 | 51 | Decentraleyes@ThomasRientjes 52 | 53 | install_url 54 | https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi 55 | installation_mode 56 | normal_installed 57 | 58 | FirefoxMulti-AccountContainers@mozilla.org 59 | 60 | install_url 61 | https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi 62 | installation_mode 63 | normal_installed 64 | 65 | TemporaryContainers@stoically 66 | 67 | install_url 68 | https://addons.mozilla.org/firefox/downloads/latest/temporary-containers/latest.xpi 69 | installation_mode 70 | normal_installed 71 | 72 | jid1-MnnxcxisBPnSXQ@jetpack 73 | 74 | install_url 75 | https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi 76 | installation_mode 77 | normal_installed 78 | 79 | uBlock0@raymondhill.net 80 | 81 | install_url 82 | https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi 83 | installation_mode 84 | normal_installed 85 | 86 | uMatrix@raymondhill.net 87 | 88 | install_url 89 | https://addons.mozilla.org/firefox/downloads/latest/umatrix/latest.xpi 90 | installation_mode 91 | normal_installed 92 | 93 | 94 | NetworkPrediction 95 | 96 | 97 | 98 | -------------------------------------------------------------------------------- /Files/distribution/policies.json: -------------------------------------------------------------------------------- 1 | { 2 | "policies": { 3 | "DisableFormHistory": true, 4 | "DisableFirefoxAccounts": true, 5 | "ExtensionSettings": { 6 | "uBlock0@raymondhill.net": { 7 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi", 8 | "installation_mode": "normal_installed" 9 | }, 10 | "jid1-MnnxcxisBPnSXQ@jetpack": { 11 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi", 12 | "installation_mode": "normal_installed" 13 | }, 14 | "CanvasBlocker@kkapsner.net": { 15 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/canvasblocker/latest.xpi", 16 | "installation_mode": "normal_installed" 17 | }, 18 | "FirefoxMulti-AccountContainers@mozilla.org": { 19 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi", 20 | "installation_mode": "normal_installed" 21 | }, 22 | "CookieAutoDelete@kennydo.com": { 23 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/cookie-autodelete/latest.xpi", 24 | "installation_mode": "normal_installed" 25 | }, 26 | "ClearURLs@kevinr": { 27 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/clearurls/latest.xpi", 28 | "installation_mode": "normal_installed" 29 | }, 30 | "uMatrix@raymondhill.net": { 31 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/umatrix/latest.xpi", 32 | "installation_mode": "normal_installed" 33 | }, 34 | "TemporaryContainers@stoically": { 35 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/temporary-containers/latest.xpi", 36 | "installation_mode": "normal_installed" 37 | }, 38 | "Decentraleyes@ThomasRientjes": { 39 | "install_url": "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi", 40 | "installation_mode": "normal_installed" 41 | } 42 | }, 43 | "DisableAppUpdate": true, 44 | "NetworkPrediction": false, 45 | "CaptivePortal": false, 46 | "DNSOverHTTPS": { 47 | "Enabled": false 48 | }, 49 | "DisableFirefoxStudies": true, 50 | "DisableTelemetry": true, 51 | "DisablePocket": true, 52 | "DisableBuiltinPDFViewer": true 53 | }, 54 | "Permissions": { 55 | "Autoplay": { 56 | "Default": "block-audio-video" 57 | } 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /Files/mozilla.cfg: -------------------------------------------------------------------------------- 1 | // IMPORTANT: Start your code on the 2nd line 2 | // Normandy API URL 3 | pref("app.normandy.api_url", ""); 4 | // Disable Normandy 5 | pref("app.normandy.enabled", false); 6 | // Disable Shield Studies opt-out 7 | pref("app.shield.optoutstudies.enabled", false); 8 | // Automatically check for application updates 9 | pref("app.update.auto", true); 10 | // Disable Beacon API 11 | pref("beacon.enabled", false); 12 | // Breakpad crash reporting 13 | pref("breakpad.reportURL", ""); 14 | // Disable about:config warning 15 | pref("browser.aboutConfig.showWarning", false); 16 | // Disable offline cache 17 | pref("browser.cache.offline.enable", false); 18 | // Disable crash report auto-submission 19 | pref("browser.crashReports.unsubmittedCheck.autoSubmit", false); 20 | // Disable additional crash report auto-submission 21 | pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); 22 | // Disable crash report checks 23 | pref("browser.crashReports.unsubmittedCheck.enabled", false); 24 | // Disable reset prompt 25 | pref("browser.disableResetPrompt", true); 26 | // Disable domain guessing 27 | pref("browser.fixup.alternate.enabled", false); 28 | // Disable new tab preload 29 | pref("browser.newtab.preload", false); 30 | // Disable Pocket integration in new tab 31 | pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); 32 | // Disable new tab page 33 | pref("browser.newtabpage.enabled", false); 34 | // Disable enhanced new tab page 35 | pref("browser.newtabpage.enhanced", false); 36 | // New tab page intro has been shown 37 | pref("browser.newtabpage.introShown", true); 38 | // Safe Browsing Application Reputation URL 39 | pref("browser.safebrowsing.appRepURL", ""); 40 | // Disable blocked URIs in Safe Browsing 41 | pref("browser.safebrowsing.blockedURIs.enabled", false); 42 | // Disable Safe Browsing for downloads 43 | pref("browser.safebrowsing.downloads.enabled", false); 44 | // Disable remote Safe Browsing for downloads 45 | pref("browser.safebrowsing.downloads.remote.enabled", false); 46 | // Safe Browsing remote URL 47 | pref("browser.safebrowsing.downloads.remote.url", ""); 48 | // Disable Safe Browsing 49 | pref("browser.safebrowsing.enabled", false); 50 | // Disable Safe Browsing for malware 51 | pref("browser.safebrowsing.malware.enabled", false); 52 | // Disable Safe Browsing for phishing 53 | pref("browser.safebrowsing.phishing.enabled", false); 54 | // Disable search suggestions 55 | pref("browser.search.suggest.enabled", false); 56 | // Self-support URL 57 | pref("browser.selfsupport.url", ""); 58 | // Sessionstore privacy level 59 | pref("browser.sessionstore.privacy_level", 2); 60 | // Disable checking for the default browser 61 | pref("browser.shell.checkDefaultBrowser", false); 62 | // Ignore milestone updates 63 | pref("browser.startup.homepage_override.mstone", "ignore"); 64 | // Disable crash reporting for tabs 65 | pref("browser.tabs.crashReporting.sendReport", false); 66 | // Disable group labels in the URL bar 67 | pref("browser.urlbar.groupLabels.enabled", false); 68 | // Disable quick suggestions in the URL bar 69 | pref("browser.urlbar.quicksuggest.enabled", false); 70 | // Disable speculative connect in the URL bar 71 | pref("browser.urlbar.speculativeConnect.enabled", false); 72 | // Disable trimming URLs in the URL bar 73 | pref("browser.urlbar.trimURLs", false); 74 | // Disable Firefox Health Report service 75 | pref("datareporting.healthreport.service.enabled", false); 76 | // Disable data upload for Firefox Health Report 77 | pref("datareporting.healthreport.uploadEnabled", false); 78 | // Disable data submission for experiments 79 | pref("datareporting.policy.dataSubmissionEnabled", false); 80 | // Disable ambient light sensor 81 | pref("device.sensors.ambientLight.enabled", false); 82 | // Disable all sensors 83 | pref("device.sensors.enabled", false); 84 | // Disable motion sensor 85 | pref("device.sensors.motion.enabled", false); 86 | // Disable orientation sensor 87 | pref("device.sensors.orientation.enabled", false); 88 | // Disable proximity sensor 89 | pref("device.sensors.proximity.enabled", false); 90 | // Disable battery status API 91 | pref("dom.battery.enabled", false); 92 | // Disable clipboard events in DOM 93 | pref("dom.event.clipboardevents.enabled", false); 94 | // Disable Web Audio API 95 | pref("dom.webaudio.enabled", false); 96 | // Disable active experiments 97 | pref("experiments.activeExperiment", false); 98 | // Disable experiments 99 | pref("experiments.enabled", false); 100 | // Experiment manifest URI 101 | pref("experiments.manifest.uri", ""); 102 | // Supported experiments 103 | pref("experiments.supported", false); 104 | // Whitelist for the CanvasBlocker extension 105 | pref("extensions.CanvasBlocker@kkapsner.de.whiteList", ""); 106 | // Whitelist for the ClearURLs extension 107 | pref("extensions.ClearURLs@kevinr.whiteList", ""); 108 | // Whitelist for the Firefox Multi-Account Containers extension 109 | pref("extensions.FirefoxMulti-AccountContainers@mozilla.whiteList", ""); 110 | // Whitelist for the Temporary Containers extension 111 | pref("extensions.TemporaryContainers@stoically.whiteList", ""); 112 | // Scope for auto-disabling extensions 113 | pref("extensions.autoDisableScopes", 14); 114 | // Enable caching for Firefox Add-ons 115 | pref("extensions.getAddons.cache.enabled", false); 116 | // Show the Add-ons pane 117 | pref("extensions.getAddons.showPane", false); 118 | // Opt-in status for Greasemonkey statistics 119 | pref("extensions.greasemonkey.stats.optedin", false); 120 | // URL for Greasemonkey statistics 121 | pref("extensions.greasemonkey.stats.url", ""); 122 | // Enable or disable the Pocket extension 123 | pref("extensions.pocket.enabled", false); 124 | // Disable uploading of screenshots 125 | pref("extensions.screenshots.upload-disabled", true); 126 | // API URL for the Shield Recipe Client extension 127 | pref("extensions.shield-recipe-client.api_url", ""); 128 | // Enable or disable the Shield Recipe Client extension 129 | pref("extensions.shield-recipe-client.enabled", false); 130 | // Discover URL for webservice 131 | pref("extensions.webservice.discoverURL", ""); 132 | // Disable the warning prompt for about:config 133 | pref("general.warnOnAboutConfig", false); 134 | // Enable keyword enabled 135 | pref("keyword.enabled", true); 136 | // Set the default behavior for media autoplay 137 | pref("media.autoplay.default", 1); 138 | // Disable media autoplay 139 | pref("media.autoplay.enabled", false); 140 | // Disable Encrypted Media Extensions (EME) 141 | pref("media.eme.enabled", false); 142 | // Disable GMP Widevine CDM (Content Decryption Module) 143 | pref("media.gmp-widevinecdm.enabled", false); 144 | // Disable media navigator 145 | pref("media.navigator.enabled", false); 146 | // Disable WebRTC peerconnection 147 | pref("media.peerconnection.enabled", false); 148 | // Disable media video stats 149 | pref("media.video_stats.enabled", false); 150 | // Show punycode in the address bar for internationalized domain names (IDN) 151 | pref("network.IDN_show_punycode", true); 152 | // Disable experiments in network requests 153 | pref("network.allow-experiments", false); 154 | // Disable captive portal detection service 155 | pref("network.captive-portal-service.enabled", false); 156 | // Set cookie behavior to block all third-party cookies 157 | pref("network.cookie.cookieBehavior", 1); 158 | // Disable DNS prefetching 159 | pref("network.dns.disablePrefetch", true); 160 | // Disable DNS prefetching from HTTPS pages 161 | pref("network.dns.disablePrefetchFromHTTPS", true); 162 | // Set referer XOriginPolicy to strict-origin-when-cross-origin 163 | pref("network.http.referer.XOriginPolicy", 2); 164 | // Set referer XOriginTrimmingPolicy to strict-origin-when-cross-origin 165 | pref("network.http.referer.XOriginTrimmingPolicy", 2); 166 | // Spoof the referer source 167 | pref("network.http.referer.spoofSource", true); 168 | // Disable speculative parallel connections 169 | pref("network.http.speculative-parallel-limit", 0); 170 | // Disable predictor prefetching 171 | pref("network.predictor.enable-prefetch", false); 172 | // Disable autofill for forms 173 | pref("signon.autofillForms", false); 174 | // Disable telemetry data archiving 175 | pref("toolkit.telemetry.archive.enabled", false); 176 | // Disable Background Hang Reporter (BHR) pings 177 | pref("toolkit.telemetry.bhrPing.enabled", false); 178 | // Clear the cached Client ID used for telemetry 179 | pref("toolkit.telemetry.cachedClientID", ""); 180 | // Disable general telemetry data collection 181 | pref("toolkit.telemetry.enabled", false); 182 | // Disable telemetry ping on the first shutdown of Firefox 183 | pref("toolkit.telemetry.firstShutdownPing.enabled", false); 184 | // Disable hybrid content telemetry 185 | pref("toolkit.telemetry.hybridContent.enabled", false); 186 | // Disable telemetry ping when a new profile is created 187 | pref("toolkit.telemetry.newProfilePing.enabled", false); 188 | // Set telemetry prompted value to 2 (2 means the user was prompted to enable telemetry) 189 | pref("toolkit.telemetry.prompted", 2); 190 | // Reject telemetry data reporting 191 | pref("toolkit.telemetry.rejected", true); 192 | // Disable telemetry data reporting policy on first run 193 | pref("toolkit.telemetry.reportingpolicy.firstRun", false); 194 | // Set the telemetry server to an empty string (disabling telemetry server) 195 | pref("toolkit.telemetry.server", ""); 196 | // Disable the telemetry shutdown ping sender 197 | pref("toolkit.telemetry.shutdownPingSender.enabled", false); 198 | // Disable unified telemetry data collection 199 | pref("toolkit.telemetry.unified", false); 200 | // Disable unified telemetry opt-in 201 | pref("toolkit.telemetry.unifiedIsOptIn", false); 202 | // Disable update-related telemetry pings 203 | pref("toolkit.telemetry.updatePing.enabled", false); 204 | // Disable WebGL (Web Graphics Library) in Firefox 205 | pref("webgl.disabled", true); 206 | // Override the WebGL renderer string with an empty string 207 | pref("webgl.renderer-string-override", " "); 208 | // Override the WebGL vendor string with an empty string 209 | pref("webgl.vendor-string-override", " "); 210 | // Enable HTTPS-Only Mode 211 | pref("dom.security.https_only_mode", true); 212 | // Disable Default Browser Agent 213 | pref("default-browser-agent.enabled", false); 214 | // Disable telemetry for New Tab pages activity stream feeds 215 | pref("browser.newtabpage.activity-stream.feeds.telemetry", false); 216 | // Disable telemetry for New Tab pages activity stream 217 | pref("browser.newtabpage.activity-stream.telemetry", false); 218 | // Disable telemetry ping center 219 | pref("browser.ping-centre.telemetry", false); 220 | // Disable Firefox Health Report service 221 | pref("datareporting.healthreport.service.enabled", false); 222 | // Disable telemetry logging for Developer Tools onboarding 223 | pref("devtools.onboarding.telemetry.logged", false); 224 | // Dont allow websites to prevent use of right-click, or otherwise messing with the context menu. 225 | pref("dom.event.contextmenu.enabled", false); 226 | // Dont allow websites to prevent copy and paste. 227 | pref("dom.event.clipboardevents.enabled", false); 228 | // Disable some animations 229 | pref("browser.tabs.animate", false); 230 | pref("browser.download.animateNotifications", false); 231 | // Reduce memory usage when minimized (Windows only) 232 | pref("config.trim_on_minimize", true); 233 | // Disable site reading installed plugins 234 | pref("plugins.enumerable_names", ""); 235 | // Telling websites where you came from. Disabling may break some sites. 236 | // 0 = Disable referrer headers 237 | pref("network.http.sendRefererHeader", 0); 238 | // Disable referrer headers between https websites 239 | pref("network.http.sendSecureXSiteReferrer", false); 240 | // Disables geolocation and Firefox logging geolocation requests 241 | pref("geo.enabled", false); 242 | pref("geo.wifi.uri", ""); 243 | pref("browser.search.geoip.url", ""); 244 | // Disable Google Safe Browsing and malware and phishing protection. 245 | // Stop sending links and downloading lists from Google. 246 | // Security risk, but privacy improvement. 247 | // Note: this list may be incomplete as Firefox updates. Be sure to search for browser.safebrowsing.provider.google* 248 | // Also, simply setting safebrowsing.*.enabled to false should make setting the URLs to blank redundant, but better to be safe. 249 | // If you see anything pointing to Google, probably best to remove it. 250 | pref("browser.safebrowsing.provider.google4.updateURL", ""); 251 | pref("browser.safebrowsing.provider.google4.reportURL", ""); 252 | pref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); 253 | pref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", ""); 254 | pref("browser.safebrowsing.provider.google4.lists", ""); 255 | pref("browser.safebrowsing.provider.google4.gethashURL", ""); 256 | pref("browser.safebrowsing.provider.google4.dataSharingURL", ""); 257 | pref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); 258 | pref("browser.safebrowsing.provider.google4.advisoryURL", ""); 259 | pref("browser.safebrowsing.provider.google4.advisoryName", ""); 260 | pref("browser.safebrowsing.provider.google.updateURL", ""); 261 | pref("browser.safebrowsing.provider.google.reportURL", ""); 262 | pref("browser.safebrowsing.provider.google.reportPhishMistakeURL", ""); 263 | pref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", ""); 264 | pref("browser.safebrowsing.provider.google.pver", ""); 265 | pref("browser.safebrowsing.provider.google.lists", ""); 266 | pref("browser.safebrowsing.provider.google.gethashURL", ""); 267 | pref("browser.safebrowsing.provider.google.advisoryURL", ""); 268 | pref("browser.safebrowsing.downloads.remote.url", ""); 269 | // Can call home every time Firefox is started or homepage is visited. 270 | // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections 271 | // http://kb.mozillazine.org/Connections_established_on_startup_-_Firefox 272 | pref("browser.aboutHomeSnippets.updateUrL", ""); 273 | pref("browser.startup.homepage_override.buildID", ""); 274 | pref("startup.homepage_welcome_url", ""); 275 | pref("startup.homepage_welcome_url.additional", ""); 276 | pref("startup.homepage_override_url", ""); 277 | // Disable website tracking clicks. 278 | pref("browser.send_pings", false); 279 | // Only send pings if send and receiving host match (same website). 280 | pref("browser.send_pings.require_same_host", true); 281 | // Disable website reading how much battery your mobile device or laptop has. 282 | pref("dom.battery.enabled", false); 283 | // Number of cached DNS entries. Lower number = More requests but less data stored. 284 | pref("network.dnsCacheEntries", 100); 285 | // Time DNS entries are cached in seconds. 286 | pref("network.dnsCacheExpiration", 60); 287 | // Disables recording of visited websites. 288 | pref("places.history.enabled", false); 289 | // Disables saving of form data. 290 | pref("browser.formfill.enable", false); 291 | // Disables caching on the hard drive. 292 | pref("browser.cache.disk.enable", false); 293 | // Disables caching for SSL connections. 294 | pref("browser.cache.disk_cache_ssl", false); 295 | // Disables caching in memory. 296 | pref("browser.cache.memory.enable", false); 297 | // Disable IPv6 if your OS or ISP does not support it. 298 | pref("network.dns.disableIPv6", true); 299 | // Link prefetching is disabled. 300 | pref("network.predictor.enabled", false); 301 | pref("network.prefetch-next", false); 302 | // Disable WebSockets. 303 | pref("network.websocket.enabled", false); 304 | // Disable 3rd party closed-source Hello integration. 305 | // Note: Only affects older versions of Firefox as "Hello" has been discontinued in favor of WebRTC. 306 | pref("loop.enabled", false); 307 | // Disable 3rd party closed-source Pocket integration. 308 | // Note: In older versions of Firefox, this is browser.pocket.enabled. 309 | pref("extensions.pocket.enabled", false); 310 | pref("extensions.pocket.site", ""); 311 | pref("extensions.pocket.oAuthConsumerKey", ""); 312 | pref("extensions.pocket.api", ""); 313 | // Increases animation speed. May mitigate choppy scrolling. 314 | pref("layout.frame_rate.precise", true); 315 | // Disable WASM 316 | pref("javascript.options.wasm", false); 317 | // Disable JIT 318 | // Breaks too many sites, use umatrix instead 319 | // pref("javascript.options.ion", false); 320 | // pref("javascript.options.baselinejit", false); 321 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 fT5SgrjXeV8khTNVgQmD 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # FireFox Privacy Script 2 | 3 | [![Sponsor](https://img.shields.io/badge/Sponsor-Click%20Here-ff69b4)](https://github.com/sponsors/simeononsecurity) 4 | 5 | Organizations like [PrivacyTools.io](https://www.privacytools.io/browsers/#about_config) and [ffprofile](https://ffprofile.com/) have suggested changes to make FireFox more secure and private. 6 | These changes cover suggested browser extensions, blocking telemetry, disabling 3rd-party cookies, disabling trackers, etc. 7 | 8 | This script will take the pregenerated FireFox configuration files and install them in the proper directories on either Windows or Linux systems. 9 | 10 | ## Download the required files 11 | 12 | Download the required files from the [GitHub Repository](https://github.com/simeononsecurity/FireFox-Privacy-Script) 13 | 14 | ## How to run the script 15 | 16 | **The script may be launched from the extracted [GitHub download](https://github.com/simeononsecurity/FireFox-Privacy-Script/archive/master.zip) like this:** 17 | 18 | ### Windows PowerShell: 19 | ```powershell 20 | Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force 21 | powershell -ExecutionPolicy Bypass -File "C:\Path\To\Your\sos-firefoxprivacy.ps1" 22 | ``` 23 | 24 | #### Additional Flags for Windows: 25 | 26 | - **Force Install:** To overwrite existing configuration files without prompting, use the `--force` flag: 27 | ```powershell 28 | powershell -ExecutionPolicy Bypass -File "C:\Path\To\Your\sos-firefoxprivacy.ps1" --force 29 | ``` 30 | 31 | - **Uninstall:** To remove all changes made by the script, use the `--uninstall` flag: 32 | ```powershell 33 | powershell -ExecutionPolicy Bypass -File "C:\Path\To\Your\sos-firefoxprivacy.ps1" --uninstall 34 | ``` 35 | 36 | ### Linux and MacOS: 37 | ```bash 38 | sudo chmod +x ./sos-firefoxprivacy.sh 39 | sudo bash ./sos-firefoxprivacy.sh 40 | ``` 41 | 42 | #### Additional Flags for Linux and MacOS: 43 | 44 | - **Force Install:** To overwrite existing configuration files without prompting, use the `--force` flag: 45 | ```bash 46 | sudo bash ./sos-firefoxprivacy.sh --force 47 | ``` 48 | 49 | - **Uninstall:** To remove all changes made by the script, use the `--uninstall` flag: 50 | ```bash 51 | sudo bash ./sos-firefoxprivacy.sh --uninstall 52 | ``` 53 | -------------------------------------------------------------------------------- /sos-build-macos-plist.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [ "`whereis plistconvert`" = "" ] ; then 4 | sudo curl -sL https://phimage.github.io/plistconvert/install.sh | bash 5 | fi 6 | 7 | jq ".policies|.EnterprisePoliciesEnabled=true" < ./Files/distribution/policies.json > /tmp/policies.json 8 | plistconvert -o Files/distribution/org.mozilla.firefox.plist --convert plist /tmp/policies.json 9 | -------------------------------------------------------------------------------- /sos-firefoxprivacy.ps1: -------------------------------------------------------------------------------- 1 | # SimeonOnSecurity - https://simeononsecurity.ch 2 | # https://github.com/simeononsecurity/FireFox-Privacy-Script/ 3 | # https://www.itsupportguides.com/knowledge-base/tech-tips-tricks/how-to-customise-firefox-installs-using-mozilla-cfg/ 4 | 5 | # Continue on error 6 | $ErrorActionPreference = 'silentlycontinue' 7 | 8 | # Require elevation for script run 9 | # Requires -RunAsAdministrator 10 | 11 | # Set Directory to PSScriptRoot 12 | if ((Get-Location).Path -NE $PSScriptRoot) { Set-Location $PSScriptRoot } 13 | 14 | $firefox64 = "C:\Program Files\Mozilla Firefox" 15 | $firefox32 = "C:\Program Files (x86)\Mozilla Firefox" 16 | $installLog = "$PSScriptRoot\install_log.txt" 17 | $force = $false 18 | $uninstall = $false 19 | 20 | # Check if --force or --uninstall is applied 21 | if ($args -contains '--force') { 22 | $force = $true 23 | } 24 | if ($args -contains '--uninstall') { 25 | $uninstall = $true 26 | } 27 | 28 | # Function to copy files with user confirmation 29 | function Copy-FilesWithConfirmation { 30 | param ( 31 | [string]$sourcePath, 32 | [string]$destinationPath 33 | ) 34 | $files = Get-ChildItem -Path $sourcePath 35 | foreach ($file in $files) { 36 | $destinationFile = Join-Path $destinationPath $file.Name 37 | if (Test-Path $destinationFile) { 38 | if ($force -eq $false) { 39 | $userInput = Read-Host "File $($file.Name) already exists. Do you want to replace it? (y/n)" 40 | if ($userInput -eq 'y') { 41 | Remove-Item $destinationFile -Force 42 | Copy-Item -Path $file.FullName -Destination $destinationFile 43 | Add-Content -Path $installLog -Value $destinationFile 44 | } else { 45 | Write-Host "Skipped $($file.Name)" 46 | } 47 | } else { 48 | # If force is enabled, override without prompting 49 | Remove-Item $destinationFile -Force 50 | Copy-Item -Path $file.FullName -Destination $destinationFile 51 | Add-Content -Path $installLog -Value $destinationFile 52 | } 53 | } else { 54 | Copy-Item -Path $file.FullName -Destination $destinationFile 55 | Add-Content -Path $installLog -Value $destinationFile 56 | } 57 | } 58 | } 59 | 60 | # Function to uninstall files using the install log 61 | function Uninstall-Files { 62 | if (Test-Path $installLog) { 63 | $filesToRemove = Get-Content -Path $installLog 64 | foreach ($file in $filesToRemove) { 65 | if (Test-Path $file) { 66 | Remove-Item $file -Force 67 | Write-Host "Removed $file" 68 | } else { 69 | Write-Host "File $file not found, skipping." 70 | } 71 | } 72 | Remove-Item $installLog -Force 73 | Write-Host "Uninstallation complete. Install log removed." 74 | } else { 75 | Write-Host "No installation log found. Nothing to uninstall." 76 | } 77 | } 78 | 79 | # Main logic 80 | if ($uninstall) { 81 | Write-Output "Uninstalling Firefox Configurations - Please Wait." 82 | Uninstall-Files 83 | } else { 84 | Write-Output "Installing Firefox Configurations - Please Wait." 85 | Write-Output "Window will close after install is complete" 86 | 87 | If ((Test-Path -Path $firefox64) -eq $true) { 88 | Copy-FilesWithConfirmation -sourcePath ".\Files" -destinationPath $firefox64 89 | Write-Host "Firefox 64-Bit Configurations Installed" 90 | } Else { 91 | Write-Host "FireFox 64-Bit Is Not Installed" 92 | } 93 | 94 | If ((Test-Path -Path $firefox32) -eq $true) { 95 | Copy-FilesWithConfirmation -sourcePath ".\Files" -destinationPath $firefox32 96 | Write-Host "Firefox 32-Bit Configurations Installed" 97 | } Else { 98 | Write-Host "FireFox 32-Bit Is Not Installed" 99 | } 100 | } 101 | -------------------------------------------------------------------------------- /sos-firefoxprivacy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Function to display messages in red and exit 4 | die() { 5 | echo -e "\033[91m$1\033[0m" >&2 6 | exit 1 7 | } 8 | 9 | # Function to display information messages in green 10 | info() { 11 | echo -e "\033[92m$1\033[0m" 12 | } 13 | 14 | # Testing if root... 15 | testRoot() { 16 | if [ "$UID" -ne 0 ] ; then 17 | die "You must run this script as root" 18 | fi 19 | } 20 | 21 | # Check if config_dir exists 22 | checkInstall() { 23 | if [ ! -d "$config_dir" ]; then 24 | die "The specified Firefox directory does not exist. Firefox may not be installed or not in the default directory." 25 | fi 26 | } 27 | 28 | # Uninstall function to remove changes 29 | uninstall() { 30 | if [ -f "$config_dir/mozilla.cfg" ]; then 31 | rm -f "$config_dir/mozilla.cfg" 32 | info "Removed $config_dir/mozilla.cfg" 33 | fi 34 | if [ -d "$preferences_dir" ]; then 35 | rm -rf "$preferences_dir"/* 36 | info "Removed all files from $preferences_dir" 37 | fi 38 | if [ -d "$extensions_dir" ]; then 39 | rm -rf "$extensions_dir"/* 40 | info "Removed all files from $extensions_dir" 41 | fi 42 | if [ -f "$distribution_dir/policies.json" ]; then 43 | rm -f "$distribution_dir/policies.json" 44 | info "Removed $distribution_dir/policies.json" 45 | fi 46 | info "Uninstallation complete." 47 | } 48 | 49 | # Check for flags 50 | FORCE=false 51 | UNINSTALL=false 52 | 53 | for arg in "$@"; do 54 | case $arg in 55 | --force) 56 | FORCE=true 57 | shift 58 | ;; 59 | --uninstall) 60 | UNINSTALL=true 61 | shift 62 | ;; 63 | esac 64 | done 65 | 66 | # Test if running as root 67 | testRoot 68 | 69 | # Define the directories 70 | if [ "$(uname -s)" = "Darwin" ] ; then 71 | # For macOS - Firefox 124.0.2 72 | preferences_dir="/Applications/Firefox.app/Contents/Resources/defaults/pref/" 73 | extensions_dir="/Applications/Firefox.app/Contents/Resources/browser/features/" 74 | config_dir="/Applications/Firefox.app/Contents/Resources/" 75 | distribution_dir="/Applications/Firefox.app/Contents/Resources/distribution/" 76 | 77 | checkInstall 78 | 79 | if [ "$UNINSTALL" = true ]; then 80 | uninstall 81 | exit 0 82 | fi 83 | 84 | rm -f /Library/Preferences/org.mozilla.firefox.plist 85 | defaults import /Library/Preferences/org.mozilla.firefox ./Files/distribution/org.mozilla.firefox.plist 86 | 87 | else 88 | # For Linux - check for directories in order of preference 89 | for dir in "/usr/lib64/firefox" "/usr/lib/firefox" "/lib64/firefox" "/lib/firefox" "/usr/lib64/firefox-esr" "/usr/lib/firefox-esr" "/lib64/firefox-esr" "/lib/firefox-esr"; do 90 | if [ -d "$dir" ]; then 91 | base_dir="$dir" 92 | break 93 | fi 94 | done 95 | 96 | # Exit if no valid Firefox directory was found 97 | if [ -z "$base_dir" ]; then 98 | echo "Firefox directory not found in /usr/lib64, /usr/lib, /lib64, or /lib." 99 | exit 1 100 | fi 101 | 102 | config_dir="$base_dir/" 103 | preferences_dir="$base_dir/browser/defaults/preferences/" 104 | extensions_dir="$base_dir/distribution/extensions/" 105 | distribution_dir="$base_dir/distribution/" 106 | 107 | checkInstall 108 | 109 | if [ "$UNINSTALL" = true ]; then 110 | uninstall 111 | exit 0 112 | fi 113 | 114 | mkdir -p "$distribution_dir" 115 | cp ./Files/distribution/policies.json "$distribution_dir" 116 | fi 117 | 118 | # Create directories if they don't exist 119 | mkdir -p "$preferences_dir" 120 | mkdir -p "$extensions_dir" 121 | 122 | # Copy files to the directories with overwrite prompt if not forced 123 | copyFile() { 124 | local sourceFile="$1" 125 | local destFile="$2" 126 | if [ -f "$destFile" ] && [ "$FORCE" = false ]; then 127 | read -p "File $destFile already exists. Do you want to replace it? (y/n) " choice 128 | if [ "$choice" != "y" ]; then 129 | echo "Skipped $destFile" 130 | return 131 | fi 132 | fi 133 | cp "$sourceFile" "$destFile" 134 | echo "Copied $sourceFile to $destFile" 135 | } 136 | 137 | # Perform the copy operations 138 | copyFile "./Files/mozilla.cfg" "$config_dir/mozilla.cfg" 139 | cp -r ./Files/browser/defaults/preferences/* "$preferences_dir" 140 | cp -r ./Files/distribution/extensions/* "$extensions_dir" 141 | 142 | info "Firefox configurations installed successfully." 143 | --------------------------------------------------------------------------------