Can someone post the definitive about:config tweaks on github for quantum?
Can someone post the definitive about:config tweaks on github for quantum?
Adrian Ward
Leo Fisher
You should look on spyware.neocities
Sebastian Long
there's no definitive. some are way too aggressive and make basic web browsing fucking annoying. some don't do enough.
it's all about finding a happy medium. here's mine:user_pref("app.normandy.enabled", false);
user_pref("beacon.enabled", false);
user_pref("browser.chrome.errorReporter.enabled", false);
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit", false);
user_pref("browser.crashReports.unsubmittedCheck.enabled", false);
user_pref("browser.library.activity-stream.enabled", false);
user_pref("browser.ping-centre.telemetry", false);
user_pref("browser.polaris.enabled", true);
user_pref("browser.safebrowsing.downloads.enabled", false);
user_pref("browser.safebrowsing.downloads.remote.block_dangerous", false);
user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.tabs.crashReporting.sendReport", false);
user_pref("dom.push.connection.enabled", false);
user_pref("dom.push.enabled", false);
user_pref("geo.enabled", false);
user_pref("network.http.spdy.allow-push", false);
user_pref("network.security.esni.enabled", false);
user_pref("network.trr.mode", 5);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("social.remote-install.enabled", false);
user_pref("toolkit.telemetry.enabled", false);
user_pref("toolkit.telemetry.unified", false);
user_pref("xpinstall.signatures.required", false);
user_pref("xpinstall.whitelist.required", false);
of-course my user.js has a ton more shit in it, but these are all the security-related entries.
Colton Wood
>("network.trr.mode", 5)
What does this do?
Also, thanks.
Isaac Moore
until trusted recursive resolvers obey hosts files (including hosts allow and hosts deny on lignux), they're a clear security issue. so this explicitly disables the use of those resolvers. maybe 0.1% of FF users would ever use the feature anyway, so whatever. just wanted to be safe.
Asher Morris
Does it have any network performance impact?
Wyatt Bennett
zero. it only disables the use of trusted recursive resolvers. this is a feature that is not on by default. the value of 5 simply removes the option to enable it.
Dylan Rivera
dnssec, dns over https, encrypted sni
Ryder Garcia
>dnssec
not a firefox feature. jesus christ.
>dns over https, encrypted sni
great things in general, but firefox's implementation of esni is not mature and has security issues like the one i mentioned here (iESNI relies on TRRs if you were not aware): most people should just be using DoT or DNSCrypt on their routers anyway.
Robert Young
I see that's awesome I've applied your tweaks and a couple others like dom.enable_resource_timing and dom.battery.enabled to false. Do you use any tweaks that make firefox faster? Like disabled cosmetic and video fullscreen animations?