Hardening the Firefox browser Preventing unwanted background traffic - - PowerPoint PPT Presentation

hardening the firefox browser
SMART_READER_LITE
LIVE PREVIEW

Hardening the Firefox browser Preventing unwanted background traffic - - PowerPoint PPT Presentation

Jan 02, 2024 327 likes •471 views

Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden telemetry to Mozilla Per Foyer per@foyer.se 10 10 Cryptoparty 201911-R1 Hardening Firefox: Method To harden Firefox we need to: 1. Adjust

slide-1
SLIDE 1

10

Hardening the Firefox browser

Preventing unwanted background traffic to Google, Pocket and hidden telemetry to Mozilla

Per Foyer

per@foyer.se

10 Cryptoparty 201911-R1

slide-2
SLIDE 2

Hardening Firefox: Method

To harden Firefox we need to: 1. Adjust visible configurations in Options / Preferences 2. Do a fair amount of changes to parameters hidden in the about:config settings (behind the scene):

  • Disabling Pocket
  • Disabling WebRTC (notorious for leaking)
  • Disabling sending of crash dumps
  • Combat telemetry settings
  • Remove all references to Google

First, let’s have a look what’s going on the network interface when using a stock installation of Firefox…

11 per@foyer.se Cryptoparty 201911-R1

slide-3
SLIDE 3

Firefox - stock install (1)

12

Firefox started… Not touching the browser!

Cryptoparty 201911-R1

Wireshark monitoring host’s NIC (outgoing traffic)

Per@Foyer.se

slide-4
SLIDE 4

Firefox - stock install (2)

13

Not touching the browser! Massive amounts of requests being done…

Cryptoparty 201911-R1 per@foyer.se

slide-5
SLIDE 5

Firefox - stock install (3)

14

Not touching the browser! Say hello to Google…

Cryptoparty 201911-R1 per@foyer.se

slide-6
SLIDE 6

Firefox - stock install (4)

15

Still not touching the browser! Probable telemetry sent to Mozilla

Cryptoparty 201911-R1 per@foyer.se

slide-7
SLIDE 7

Firefox – Hardened!

16

Just started A short initial burst of (unknown) connections to one single Akamai server Then, silence…

Cryptoparty 201911-R1 per@foyer.se

slide-8
SLIDE 8

Hardening Firefox: Step 1

17

Visible settings (Follow me)

Cryptoparty 201911-R1 per@foyer.se

Step 0: Backup your bookmarks!!!

slide-9
SLIDE 9

Hardening Firefox: Step 2

18

about:config: Pocket

Cryptoparty 201911-R1 per@foyer.se

(Follow me)

slide-10
SLIDE 10

Hardening Firefox: Step 3

19

about:config: WebRTC

Cryptoparty 201911-R1 per@foyer.se

(Follow me)

slide-11
SLIDE 11

Hardening Firefox: Step 4

20

about:config: Crash dumps

Cryptoparty 201911-R1 per@foyer.se

(Follow me)

slide-12
SLIDE 12

Hardening Firefox: Step 5

21

about:config: Telemetry

Cryptoparty 201911-R1 per@foyer.se

(Follow me)

slide-13
SLIDE 13

Hardening Firefox: Step 6

22

about:config: Google… (Done!)

Cryptoparty 201911-R1 per@foyer.se

slide-14
SLIDE 14

Finito!

23 Cryptoparty 201911-R1 per@foyer.se