Nine Essential Privacy Settings and Add-ons for Mozilla Firefox

Mozilla Firefox is one of the most popular web browsers around, and for good reason. It’s fast, secure, open-source, and it’s backed by an organization that actually respects your privacy. That’s why at PrivacyTools we recommend Firefox as a general-purpose browser for most users.

We think Firefox is fantastic out of the box, but where it really shines is customizability. By adjusting Firefox privacy settings and using helpful add-ons, you can increase your privacy and security even further.

1. Change Your Search Engine

This is an easy one if you’re looking for some protection from big advertising networks. In the Search tab of your Firefox Preferences, change your Default Search Engine to something other than Google.

Out of the built-in options, DuckDuckGo is the most privacy respecting service, but there’s a number of search engines we would recommend that can be easily installed as well.

2. Enhanced Tracking Protection

Now we’ll delve into the biggest set of options for people like us, Firefox’s Privacy & Security options section. First up is their Enhanced Tracking Protection. This set of filters is set to Standard by default, but we’ll want to change it to Strict for more comprehensive coverage.

Strict protection takes a stronger stance against third-party trackers and cookies, but in rare situations it can break some websites. However, there’s no need to worry about enabling it here. If you suspect the Strict browsing protection is breaking a website you visit frequently, you can disable it on a site by site basis with the shield icon in the address bar.

Disabling Enhanced Tracking Protection will of course decrease your privacy on that site, so you will have consider whether that’s something you are willing to compromise on, on a site-by-site basis.

Another benefit of Firefox’s Enhanced Tracking Protection is that it can
actually speed up your browsing! Advertising networks and social media
embeds can sometimes make your browser download huge files just to show an ad or a like button, and blocking those out trims the fat, in a sense.

3. Disabling Telemetrics

When you use Firefox, Mozilla collects information about what you do,
what kind of extensions you have installed, and various other aspects of your browser. While they claim to do this in a privacy-respecting way, sending as little data as possible is always preferred from a privacy standpoint, so we would go ahead and uncheck all the boxes under Firefox Data Collection and Use just to be safe.

4. Clearing Cookies Regularly

For more advanced users, Firefox provides the option to delete all your cookies and site data every time Firefox is closed. Cookies and site data are little pieces of information sites store in your browser, and they have a myriad of uses. They are used for things like keeping you logged in and saving your website preferences, but they also can be used to track you across different websites. By deleting your cookies regularly, your browser will appear clean to websites, making you harder to track.

This will likely log you out of websites quite often, so make sure that’s an inconvenience you’re willing to put up with for enhanced tracking protection.

5. Enable DNS over HTTPS

DNS (or the Domain Name System) is what your browser uses to turn domain names like privacytools.io into IP addresses like 145.239.169.56. Because computers can only make connections to IP addresses, it’s necessary to use DNS every time you visit a new domain.

But DNS is unencrypted by default, that means everyone on your network (including your ISP) can view what domains you’re looking up, and in some situations even change the IP answers to redirect you to their own websites! Encrypting your DNS traffic can shield your queries and add some additional protection to your browsing.

Encrypted DNS takes many forms: DNS over HTTPS (DoH), DNS over TLS, DNSCrypt, etc., but they all accomplish the same thing. They keep your DNS queries private from your ISP, and they make sure they aren’t tampered with in transit between your DNS provider.

Fortunately, Firefox recently added native DoH support to the browser. On the General page of your preferences, scroll down to and open Network Settings. At the bottom of the window you will be able to select “Enable DNS over HTTPS” and choose a provider:

Keep in mind that by using DoH you’re sending all your queries to a single provider, probably Cloudflare unless you choose another provider that supports DNS over HTTPS. While it may add some privacy protection from your ISP, you’re only shifting that trust to the DoH provider. Make sure that’s something you want to do.
It should also be noted that even with DoH, your ISP will still be able to see what domain you’re connecting to because of a technology called Server Name Indication (SNI). Until SNI is encrypted as well, there’s no getting around it. Encrypted SNI (eSNI) is in the works — and can actually be enabled on Firefox today — but it only works with a small number of servers, mainly ones operated by Cloudflare, so its use is limited currently.
Therefore, while DoH provides some additional privacy and integrity protections, its use as a privacy tool is limited until other supplemental tools like eSNI and DNSSEC are finalized and implemented.

6. Use an Adblocker

By far, the biggest privacy concern when browsing the web today is third-party tracking networks, like large advertisers and social media companies. Additionally, the use of online advertisements to spread malware and cryptominers (malvertising) has seen a recent upswing in popularity. This is why we recommend all users use a good adblocker on their browser.
We recommend uBlock Origin, an efficient ad- and tracker-blocker that is easy on memory, and yet can load and enforce thousands more filters than competing blockers. We trust it because it is completely open-source, and unlike its competitors, it has no monetization strategy: There’s no “Acceptable” ads program or a similar whitelist like many other adblockers feature.

7. Install “HTTPS Everywhere”

HTTPS is the secure, encrypted version of HTTP. When you see an address starting with https:// along with the padlock in your browser’s address bar, you know that your connection to the website is completely secure. This is of course important when you’re logging into websites and sending your passwords and emails in a form. But it also prevents people on your network and your ISP from snooping in on what you’re reading, or changing the contents of an unencrypted webpage to whatever they want.

Therefore, HTTPS Everywhere is a must-have extension, all it does is upgrade your HTTP connections to HTTPS wherever possible. And because it works silently in the background, you probably will never notice it! We trust HTTPS Everywhere because it is completely open-source, and is developed by the Electronic Frontier Foundation, a non-profit dedicated to promoting private and secure technologies.

Of course, it only works with sites that support HTTPS on the server’s side, so you’ll still need to keep an eye on your address bar to make sure you’re securely connected. But fortunately more and more websites have implemented HTTPS thanks to the advent of free certificates from organizations like Let’s Encrypt.

8. Install “Decentraleyes”

When you connect to many websites, your browser is most likely making connections to a myriad of “Content Delivery Networks” like Google Fonts, Akamai, and Cloudflare, to download fonts and Javascript that make the website run. This generally makes websites look and feel better, but it means you’re constantly making connections to these servers, allowing them to build a fairly accurate tracking profile of you.

Decentraleyes works by impersonating those CDNs locally in your browser. When a website wants to download a program like jQuery, instead of connecting to a remote CDN Decentraleyes will serve the file from its own cache of files. This means that you’ll won’t have to make remote CDN connections for the files that Decentraleyes supports, and therefore the remote CDNs can’t track your browser.

Because everything is stored locally instead of on a far away server, Decentraleyes has the added benefit of speeding up your browsing as well. Everything happens instantly, and you won’t see a difference in the websites you visit.

9. Consider Multi-Account Containers

Mozilla has an in-house add-on called Multi-Account Containers that allows you to isolate websites from each other. For example, you could have Facebook in a container separate from your other browsing. In this situation, Facebook would only be able to set cookies with your profile on sites within the container, keeping your other browsing protected.

A containers setup may be a good alternative to techniques like regularly deleting cookies, but requires a lot of manual intervention to setup and maintain. If you want complete control of what websites can do in your browser, it’s definitely worth looking into, but we wouldn’t call it a necessary addition by any means.

Additional Resources

Web Browsers at PrivacyTools — Our comprehensive set of recommendations for browsers and tweaks you can make to enhance your privacy is a great next step for more advanced users looking to protect their privacy online.
ghacks user.js — For more advanced users, the ghacks user.js is a “configuration file that can control hundreds of Firefox settings […] which aims to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible – while minimizing any loss of functionality and breakage”.
Mozilla’s Privacy Policy — Of course, we always recommend reading through the privacy statement of any organization you deal with, and Mozilla is no exception.

Firefox Privacy Summary

In conclusion, we believe that Firefox is the most promising browser for privacy-conscious individuals. The non-profit behind it seems truly dedicated to promoting user control and privacy, and the good defaults coupled with the sheer customizability of the browser allow you to truly protect your information when you browse the web.

read original article here