How To Secure The Firefox Browser 

Thank you, Derek. I had everything already done except for telemetry and Privacy Badger. Just included those while listening. Cheers!

This video should get at least 1M views... Good job DT, as always.

For the advanced user, use NoScript. It requires you whitelist every site you visit that has any kind of active content. After you whitelist the sights that you normally visit, it's not a heavy burden to either allow or temp allow various sights you want to visit. And there's a temporarily allow all on this page if you trust the sight. Small hassle, huge protection.

Your thumbnails rock! Nice work

Great introduction into Firefox hardening! :)

do we need privacy badger when we are already using inbuilt tracking protection and keeping it to strict? i already use some other addons for customisation etc and i dont wanna fill my firefox with extensions

If you run firefox directly, you can have more security by segmenting your profiles for whichever usage, facebook for eexample could run in one of its own "/usr/local/bin/firefox --ProfileManager". I do this for burp suite

I'd appreciate your opinion as I'm stuck on making a tough decision. I'm looking for an optimal web browser set up for maximum online privacy. I'm debating which of these 3 options is best. The first option is using 4 different web browsers, 1 for each (email, banking, shopping and general web browsing). Option 2 is using Firefox exclusively and having 4 different user profiles set up. Option 3 is to use just 1 Firefox user profile and create "containers". I love firefox and really prefer option 3 best then option 2 because it would be great using 1 browser. However, I'm thinking it will not offer the most security against fingerprinting and tracking. I'm new to all this and would greatly appreciate your suggestions!

Running Firefox on Fedora Workstation. Is Firefox Sync secure to use if I am a bit forgetful?

Thank you very much! It's been bugging me out for awhile now. I appreciate you

also multi-account containers is a good suggestion so cookies can not be shared between services and ad services...

I use umatrix for blocking ads and scripts/tracker.

Excellent! I've already implemented all of your suggestions except for Privacy badger. One question: I use Avast Online Security/WebRep extension which blocks trackers; How does it compare to Privacy Badger?

how about the fork "privacy possum"? is it better than" privacy badger"? cant decide ...

Hi Guy! Hope all are good i have one issue and i search ok google and i read many artical at firefox support but i did not get proper solution is my issue so the issue i set it up all setting in browser and also add on many extensions but when i close my firefox one time it will remove my cookies and cache but cache of web content still there showing so anybody tell how i remove that web content cache.

What about HTTPS Everywhere, I use only UBlock Origin and HTTPS Everywhere.

Do you recommend using NoScipt extension? It is maintained by a member of Mozilla Security Group

There are some good about:config's on github that are modified with privacy and security in mind for Firefox. The Ghacks about:config is really good. Adding the Do Not Track header can actually make your fingerprint more unique than having it disabled.

how about the new edge browser that is based on chromium ? i like the browser how it looks and feels, but is it secure as firefox ?

I have just got to say that thumbnail should be a wallpaper...wow thanks

Hello "Distro Tube", how is that you have dark Firefox Preferences' page at 2:46? Wonderful!

These are must have extensions for me 1. uBlock Origin 2. Privacy Badger 3. HTTPS Everywhere 4. Decentraleyes 5. NoScript 6. Cookie AutoDelete

Don't select Strict. It will only block cross site tracking cookies. Hit "Custom" and select "Block all the third party cookies" instead

To be fair to Chrome in the sense of security, Chromium is open source and forms a very large portion of the Chrome codebase. That code is constantly audited by 3rd parties since the code is used on Chrome and so many other web browsers based on Chromium.

I use firejail together with firefox. Firejail is independent of firefox and you can use it with any tool or app you launch to restrict the app or tool to only allow the things it needs to do and nothing else. Please, Derek, have a closer look at Firejail. it is truely a very handy tool to jail about anything. you can also check what is running inside a jail.

I use HTTPS Everywhere, Privacy Badger, and NoScript (the latter which I exclusively use it for websites that have annoying auto-play videos and pop-up ads)

Thank you, Derek.

uBlock Origin and other free extensions are also in Arch repositories.

Hey DT, how did you get your preferences page to have a dark theme?

ffprofile is a good website where you can select some privacy options and it generates a profile that you can import into firefox.

First!!! And i wish more people and goverments use FireFox. Or any other open source applications.

Startpage is very good, it uses Google's search engine, but without Google tracking you. Although not available in Firefox, if you have DuckDuckGo as your default search engine, you can write "!sp" and whatever you want to search for. If you use DuckDuckGo and haven't found what you are looking for, you can use "sp! whatever", and most probably you will find what you are looking for without using Google.

Im using ScriptSafe add-on for Firefox alongside Ublock Origin and Privacy Badger.

if firefox is opensource does it mean hackers can see all the sourcecodes as well? does that make it more vulnerable to hacks? i would like to know. thanks.

No one mentioned "nano adblocker + nano defender" combination... Is there something wrong with that? BTW, Good topic DT!

@DistroTube I'd like to know your opinion on Chromium.

Great video, personally I'd add HTTPS Everywhere to the extension list (also by EFF)

Great video, switch to Brave browser.

How to enable "Do not track" on Firefox for Android?

Just changing the default search to duckduckgo isn't ensuring your privacy in firefox, if you notice that "t=ffab" in duckduckgo when switching the default, that means it's phoning home your search query to firefox from duckduckgo. Instead, add this to your bookmarks ... duckduckgo com/?q=%s then keyword search duck "or anything else" then type duck "search" on the firefox browser. That gets rid of the phone home... Or directly go to www.duckduckgo.com and then search.

You haven’t removed Pocket

I just wanted to add here that blocking all ads should not be the goal, as ads finance many good projects that we would hate to see disappear. The goal is to block personalised ads and however those ads were personalised. Please do not get so paranoid as to block all ads. This can have effects we do not desire.

I use Firefox and Duck Duck Go as my search.

Please make an extension to this video, talking about DNS-over-HTTPS (DoH) and DNS-over-TLS. I would also encourage mention of how Chromium based browsers treat Gnu/Linux as a 3rd class citizen and simply do not make such features available (And although Chrome Canary can do it on Windows, the option never shows up under your regular preferences and you can only do it if you know it is there and you search online on how to find it).

What about "Prevent accessibility services from accessing your browser".

As a contributor on SUMO (Support Mozilla - support forum Firefox browser) I always get angry about all this talk about privacy, not wanting to be tracked etc.. I think it's mass hysteria. What are these people afraid of ? Are they wanted by the police ? I want to be tracked; it gives me adequate search results, the best search results. I have nothing to hide - the only thing I make sure sites can't access is my bank account and PIN The mailman knows my name and address; my bank's personnel, supermarket personnel, all kinds of organizations know my name and address (and way more) - I look at my browser and search engine the same way: they may know everything about me (but my bank account and PIN). I use an adblocker (ABP) because I find these ads annoying, but I "allow acceptable ads" because I feel kinda guilty blocking every ad (hard working people deserve to get paid). I could go on and on, but I'll shut up now, cause I'm sure that hardly anybody here will be on the same page .....

I had to disable Privacy Badger, it was torturing my CPU for some reason.

I also use terms of service didn't read and decentraleye

Derek, excellent video as always. I think you could go even deeper on about:config. Btw, where are the people who loves to say "If you are online or on the internet, there is no privacy" or then the lovely catchphrase "I don't have anything to hide, so why do you?". Or the worse: only "dangerous" people want full privacy to "hide" the bad things they do online. These are: murderers, pedos, psychopaths, zoophiles, hackers/crackers... Or the worse for Firefox... That Google injects money on it, so it cannot be trusted. Also, that Google comes as default search engine on it. People love to use this argument to put Firefox down, but interestingly they tend to recommend Chromium-based browsers. Funny, eh? I'm tired of explaining all that. People keep using these annoying "arguments" to attack privacy or people who really care about it. It's like they feel stricken or attacked by them.

I use Ublock origin, No Script, Badger, Https Everywhere, and Cookie auto delete.

Throwing some shade on Windows... I like it lol. Have one laptop on Linux but my main PC is on Windows until it's 100% alright to run games that use anti-cheat without the risk of getting banned because of false-positive it's from running it on Linux

If you want to get real with it- the most in-depth hardening preferences are in this repo github.com/pyllyukko/user.js

other extensions to consider: Decentraleyes, Disconnect.

Don't forget DNS over HTTPS and Encrypted SNI

Great video. The wallpaper is really nice can you share it?

I think chromium project is as open as Firefox for review, and the security research Microsoft and google put in are dwarfing Mozilla foundation.

Most secure thing to do on firefox: don't connect to the internet

I'm using the DuckDuckGo Privacy Essentials extension. I think is similar to Privacy Badger.

A recent study seriously undermined my trust in Firefox. See e.g. this article in Business Insider: "A new report shows the most popular web browsers in the world are sending companies your history or personal data. Here’s how each browser’s privacy stacks up.": www.businessinsider.de/international/web-browsers-privacy-concerns-chrome-firefox-safari-edge-yandex-2020-2-2/ Quote: "The study found that Firefox tags users‘ data with a unique identifier and sends browsing data back to Mozilla’s servers. Firefox’s push notifications feature also links users‘ browsing sessions to a different unique identifier, enabling more tracking." ===== 4:17: "Firefox does have some built-in telemetry". Some? Please open "about:config" and search "telemetry": there's a screenful of telemetry settings, not just "some"!

Philip K. Dick's - Null0 : (my translation from memory) - perfect paranoid being, devoid of morality, guilt or human feelings, perfectly logical, nothing will stop it from vivisecting poor Firefox innards to feed it's curiosity :)

Privacy Badger, not to be confused with 'Privacy Possum' not the same and yes,,,,,, s there too.

Real Arch user only use lynx to browse the web :)

I totally agree. Windows 10 is most UNSECURE OS ever... 💯💯💯💯💯💯

And the thing which hurts is that the majority of people use google chrome and Windows and see FOSS inferior to their proprietary garbage

Dude. Please go get some sleep. You look way to tired. Stay healthy.

The title is misleading. You are not making Firefox more secure as much as you are making it more privacy focused. In fact, the only security improvement that I think you are doing is blocking trackers; but none of these steps really explain some of the dangers related to browsing the web. Thankfully Firefox is already really good at stopping a lot of those threats, e.g. by setting limitations to what you can do with javascript or containerise the environments each tabs run in. None of the steps you show will prevent e.g. decryption, snooping on a different session or cookie stealing.

Yo where is FireJail?

How do you secure Mozilla Firefox? By installing GNU Icecat of course! (Unless you are a hardcore Free Software activist however disable LibreJS)

Did anybody create firefox account is it safe

Chrome is proprietary, Chromium is not.

https everywhere? facebook container?

I personally use startpage.com as my default search engine

use tor browser

Brave isn't perfect, but I won't use anything else right now.

I have a separate installation of Chromium just for Microsoft Teams. Not only does Teams force third-party cookies down your throat, it's also mandated by my province for literal children.

Could we trust Duckduckgo? I seen DDG advertised as a sponsored on facebook.

Ghostery is also a great extension for anti-tracking and adblocking.

"How to make Firefox HARDER!" - my mind wanders into dirty places. My new daily is Brave, but My Firefox is hard - (pauses mid-action) good lord. In all seriousness: I followed #SwitchedToLinux's video on this subject.

You forgot to untick "block dangerous websites" which is a service provided by google

I can't stand DuckDuckGo lol

apart from these I also check privacytools.io to change some about:config settings... while my browser does seem to be more secure at the same time fucking google still finds ways to annoy me... some websites will ask for recaptcha verification and let me tell you if you're on firefox and harden it for privacy, the verification process will be way more longer... I also have chromium install and I actually compared and they try to annoy you as much as possible when using firefox under the pretext of "we need to verify you're not a machine" fucking piece of shit google and they bullshit captcha system...

You play too much bruh. I'ma come to yo house and steal yo mic bruh. You gotta be disciplined for this monstrousity bro.100, I'm coming. Where yo' Gramma stay? Hoover Deuce!

To secure my Firefox, I simply use google chrome instead.

or just use Brave

if i want to search something but at the same time dont want to find it i always use duckduckgo... it's always a good advice

privacy has nothing to do with security.

Big mistake at the start. Chrome is known to have a very good security behind, way superior than Firefox or Edge.