How to set up a basic secure Browser

 

As we all should know most websites track or try to track just about everything you do. Some browsers make this easier, some make it harder and some just track you themselves. There are a couple good options to combat this threat. You have the easy ok option for the less tech savvy and the more hands on better option of setting up their own browser for those who are a little more tech savvy. (honestly you type words into a bar and click a button)

The out of the box easy option is called brave browser. It is a free and open-source web browser developed by Brave Software. Brave is based on the Chromium web browser and it blocks ads and trackers. This is good for anyone who doesnt want to mess around in the settings for a little bit and just download and go. However it is not the best set up.

The better set up involves Firefox which a lot of people use already and all you have to do is go tweak a few settings and edit the config file. This involves going down a list and entering text into a search bar and then changing the proper setting that by either entering text or clicking a button. It is really not that difficult provided you have a moderate attention to detail. You will also need to install some additional add ons to make this setup complete but we will cover those in the near future.

Both of these options are not complete and total solutions if you are looking to regain your privacy but they are a good step in the right direction to dam the flood of information that pours out of our systems that everyone it seems is trying to track.

DISCLAIMER: Anything you do with the information in this post is at your own risk, I am not responsible for anything that happens to your computer or browser. As you increase your privacy you also increase the need for your own personal responsibility. I have personally done this multiple times with no issue so as long as you stick to the directions, make sure your changing the right settings and dont mess with anything else you should be fine but again you do this at your own risk. Now that that is out of the way Lets get on with it,

Preparation:

(If you have not downloaded it yet download and install Firefox.)

You will start with the basic settings by going to the preferences section, and changing some or all of the following settings depending on your comfort level, and desire for privacy.

  1. In the general tab scroll down to the browsing section and make sure to UNCHECK Recommend extensions as you browseand recommend features as you browse
  2. In the home options change you home page and new windows and new tabs to blank pagein the drop down menus.
  3. Now in the search options change your default search engine to either duckduckgo or startpage and then remove the others from the options. Then UNCHECK provide search suggestions
  4. Next under the privacy and security options select the strictunder content blocking.
    1. CHECK delete cookies and site data when Firefox is closed
    2. UNCHECK ask to save logins and passwords for websites
    3. Change history settings to Firefox will use custom settings for history
      1. UNCHECK Remember browsing and download history
      2. CHECK Clear history when Firefox closes
      3. DO NOT CHECK the box always use private browsing mode(This will break Firefox containers which we will cover in an article on add ons)
    4. In the Address bar section UNCHECK Browsing History
    5. In the permissions section you will need to click Settingsnext to Location, Camera, Microphone, and Notifications. Inside each you will need to CHECK block new requests
    6. Make sure all boxes under Firefox Data Collection and Useare UNCHECKED.
    7. Under Deceptive Content and Dangerous Software ProtectionUNCHECK all options.
      1. DISCLAIMER: This will leave you more exposed to undesired software attacksbut this stops Firefox from sending your browsing history to third party organizations. This is where another instance where personal responsibility plays a roll. You have to decide what you are comfortable with.

Once that is done you can either stop there of continue on for further privacy and security enhancements.

 

If you wish to continue

  1. Enter “about:config” in the Firefox address bar and press enter. (remove the quotes)
  2. Press the button “Accept the risk and continue”
  3. Follow the instructions below… (keep in mind some may be on the correct setting already but it is good to check each one)

It is not required that you change all of these settings if your particular situation requires any of these settings but the more you change the more secure your browser will be.

Getting started:

  1. privacy.firstparty.isolate = true
    1. isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don’t do this if you are using the Firefox Addon “Cookie AutoDelete”
  2. privacy.resistFingerprinting = true
    1. This preference makes Firefox more resistant to browser fingerprinting.
  3. privacy.trackingprotection.enabled = true
    1. This is Mozillas new built in tracking protection.
  4. browser.cache.offline.enable = false
    1. Disables offline cache.
  5. browser.safebrowsing.malware.enabled = false
    1. Disable Google Safe Browsing malware checks. Security risk, but privacy improvement.
  6. browser.safebrowsing.phishing.enabled = false
    1. Disable Google Safe Browsing and phishing protection. Security risk, but privacy improvement.
  7. browser.send_pings = false
    1. The attribute would be useful for letting websites track visitorsclicks.
  8. browser.sessionstore.max_tabs_undo = 0
    1. Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu -> History -> Recently Closed Tabs. The number is how many tabs it temporarily stores Set this at your own discretion.
  9. browser.urlbar.speculativeConnect.enabled = false
    1. Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect too.
  10. dom.battery.enabled = false
    1. Website owners can track the battery status of your device.
  11. dom.event.clipboardevents.enabled = false
    1. Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
  12. geo.enabled = false
    1. Disables geolocation (in browser only)
  13. media.navigator.enabled = false
    1. Websites can track the microphone and camera status of your device.
  14. network.cookie.cookieBehavior = 1
    1. Disable cookies

0 = Accept all cookies by default

1 = Only accept from the originating site (block third party cookies)

2 = Block all cookies by default

  1. network.cookie.lifetimePolicy = 2
    1. cookies are deleted at the end of the session

0 = Accept cookies normally

1 = Prompt for each cookie

2 = Accept for current session only

3 = Accept for N days

  1. network.http.referer.trimmingPolicy = 2
    1. Send only the scheme, host, and port in the Referrer header

0 = Send the full URL in the Referrer header

1 = Send the URL without its query string in the Referrer header

2 = Send only the scheme, host, and port in the Referrer header

  1. network.http.referer.XOriginPolicy = 2
    1. Only send Referrer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.)

0 = Send Referrer in all cases

1 = Send Referrer to same eTLD sites

2 = Send Referrer only when the full hostnames match

  1. webgl.disabled = true
    1. WebGL is a potential security risk.
  2. browser.sessionstore.privacy_level = 2
    1. This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. more information

0 = Store extra session data for any site. (Default starting with Firefox 4.)

1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before Firefox 4.)

2 = Never store extra session data.

  1. network.IDN_show_punycode = true
    1. Not rendering IDNs as their punycode equivalent leaves you open to phishing attacks that can be very difficult to notice.
  2. Network.trr.mode = 2
    1. This will be used with encrypted DNS
  3. network.security.esni.enabled = True
    1. also for encrypted DNS
  4. extensions.pocket.enabled = False
    1. This disables the proprietary pocket service.

These all have to do with limiting the risk of leaking your IP address

  1. Media.peerconnection.enabled = False
  2. Media.peerconnection.turn.disable = True
  3. Media.peerconnection.use_document_iceservers = False
  4. Media.peerconnection.video.enabled = False

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get  a small commission that helps support the site.

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.