>inb4 sry for creating a lame thread
The title explains my question. Currently I am using FF stable release with uBO 3rd party frames disabled and a few hosts and NoScript with scripts globally enabled. I do not really care about privacy much, I'm more paranoid about hitting an exploit or something similar to that. Do you have any better configs for me to try out ?
bump, OP, I'm on win10
is anyone going to help me?
bumping...
>>61834048
sure fâmlayers.acceleration.force-enabled - to true
beacon.enabled to false
media.peerconnection.enabled to false
loop.enabled to false
toolkit.telemetry.archive.enabled to false
toolkit.telemetry.enabled to false
toolkit.telemetry.unified to false
datareporting.healthreport.uploadEnabled to false
datareporting.policy.dataSubmissionEnabled to false
browser.send_pings - false
browser.send_pings.require_same_host - to true
toolkit.telemetry.server - delete
browser.selfsupport.url - delete address or replace with '' "
webgl.disabled* - to true
dom.battery.enabled - to false
network.prefetch-next - false
browser.safebrowsing.downloads.enabled - to false
browser.safebrowsing.downloads.remote.enabled - to false
browser.safebrowsing.enabled - to false
browser.safebrowsing.malware.enabled - to false
Make sure your firefox doesn't send anything out you don't want. First go into settings and change that shit for cookies. Everything shall be deleted when closing firefox. Next thing is type "about:config" and search for "update" and for "http". Empty all the entries. et voila, firefox shuts the fuck up and it all takes just two minutes.
https://pastebin.com/raw/T8TeepZP
>>61834048
How come firefox STILL has memory leaks on macOS?
>>61834048
heres my fairly comprehensive user.js, knock yourself out. https://pastebin.com/DbKtvwug
>worried about exploits
>not running arch gnu/linux for instapatched packages
>not compiling kernel from source with custom .config with the bare minimum necessary for your system
>not compiling firefox from source with -fstack-protector-all -D_FORTIFY_SOURCE=2 -Wl,-z,relro,-z,now,-z,noexecstack
>not adding ac_add_options --enable-pie to your mozconfig
>not running firefox in firejail with a ultra secure profile
>not disabling a lot of useless shit in about:config
>not using several addons to lower risk of malware and botnet
>>>/v/
>>61834620
You make Terry sound sane, whew lad.
thank me later
https://github.com/pyllyukko/user.js/
You're not going to get hit by an 0day, you're irrelevant
Noscript will stop all exploits
>>61835507
Alright, if you think so. So how's security in Chrome when it comes to blocking shit like xss attacks, etc. ? Is my FF (OP) better equipped than chrome with uBO ? I'm currently changing some stuff in FF that other guys have mentioned.
>>61835942
Chrome is better than firefox at blocking xss, it's sandbox is also better at stopping exploits from escaping
>>61834048
Step 1. Install Brave
Thats all.
>>61834048
>the most secure reasonable browser config
Tor Browser. It's Firefox that has been hardened as fuck. To use it without Tor just remove all default addons and change "network.proxy.socks_remote_dns" to false in about:config, then restart. Don't forget to install uBlock Origin and No Script.
>>61836620
Appreciate your advice but just to make it clear - I am looking for a reasonable browser, meaning fast enough and automated (fiddling with scripts in noscript is unacceptable which is why I enabled them). Actually I have Tor but I use it only on "special occasions", like trolling kids (TROLLING kids, not child pornography I'm not sick enough for shit like that lol), and trolling scamfaggots like these guys : pckeeper.com, yoocare.com, etc.
>>61836381
I'll look into it.
>>61837345
What's the point in using NoScript if you're just going to enable scripts globally?
>>61836620
Do not do this, to browser is notoriously easier to exploit than base ff
>>61837483
It has other protections as well, not just script blocking. I know that it kind of loses its point when I disable its main function but it is better to have NS than not, even if I enable scripts, right ?
>>61837708
I won't, besides, when I use Tor I use it in Sandboxie container, I only allow it to update when needed, otherwise it is in a sandbox.
>>61834185
How come firefox STILL has memory leaks on Windows?
I have to kill the process at least one time a day, sometimes even up to four times in a single day.
>>61837872
not him, but no, noscript with scripts allowed globally is about the same as running an antivirus, it only protects against known threats but you are wide open to 0days.
>>61834048
>mfw people edit about:config instead of using the UI toggles found in preferences, which modify the exact same settings.
Some people are just desperate to feel smart
>>61834185
I don't know why but it's really really bad lately.
I can barely even run it without my machine getting so hot that I could fry an egg on the bottom of it.
I really don't want to go back to using Chrome and Safari just doesn't quite have the add-on support or level of customization I need.
>>61834048
https://github.com/pyllyukko/user.js
This is my setup, looking for input.
>>61840687
about:config is 99% settings you can't reach from preferences
>>61834048
http://www.activistpost.com/2017/08/mozilla-joins-george-soross-efforts-launching-strike-fake-news.html
FUCK THAT JEW SHIT BROWSER
>>61840882
uBlock in advanced mode checked, does everything uMatrix does...
Disable global 3rd party stuff, lock it, refresh it.... Boom you got a uMatrix replacement and one less extension to slow down your shitposting
>>61837708
citation or go fuck a cactus
they have the same fucking codebase
tor browser is firefox that has had its surface of vulnerability reduced through various methods (hardening)
>>61844839
it's best to enable scripts globally with noScript and use ublock to disable scripts. it's pretty much an html switch board where you can kill specific kinds of traffic from individual sites with a simple click. the UI is more usable than noScript shit.
>>61840882
Sorry for a late reply, it is a good one I suppose.