• Activity
  • Votes
  • Comments
  • New
  • All activity
  • Showing only topics in ~comp with the tag "firefox". Back to normal view / Search all groups
    1. Relative installed shady browser extension

      [Possibly solved, please look at comments] Hey, so recently a family member accidentally downloaded a shady browser extension called: "Easy Print" on Firefox. 30k downloads, no ratings, weird...

      [Possibly solved, please look at comments]

      Hey,

      so recently a family member accidentally downloaded a shady browser extension called: "Easy Print" on Firefox. 30k downloads, no ratings, weird "offical" website and installed accidentally trying to buy tickets. I assume it showed something along the lines of: "Buy ticket now" and they just clicked on it (being overall inexperieced with security). Only extension installed was uBlock until then.

      I won't post a link just in case, but you can easily find it by googling: "Easy Print Firefox" or "Easy Print App" for their website.

      What makes this weirder is that they change the default search engine to Yahoo, which for me was always a red flag for a hijacked browser.

      I uninstalled it, but am concerned that they installed something like a keylogger along with it.

      Can anyone help me what this is and, especially, how I can properly teach them the basics of internet safety? Not the first time their PC/browser was filled with unwanted stuff...

      Thank you and best regards!

      15 votes
    2. [SOLVED] Looking for help getting my VPN to work with Firefox privacy settings

      I recently moved to a new place with a new ISP, and my Mullvad VPN isn't playing nicely with Firefox like it used to. Can any of you networking gurus please help me troubleshoot? When the VPN is...

      I recently moved to a new place with a new ISP, and my Mullvad VPN isn't playing nicely with Firefox like it used to. Can any of you networking gurus please help me troubleshoot?

      When the VPN is enabled, most requests from the browser fail immediately. If I pull up the dev tools Network tab, I can see that these requests fail with an NS_ERROR_FAILURE message before any data is transferred.

      I have Firefox configured to use "strict" Enhanced Tracking Protection. When I reduce it to "standard" my requests go through.

      I'm also trying to use DNS over HTTPS with a custom provider (Mullvad, via https://dns.mullvad.net/dns-query). I'm configuring this in Firefox, using the "Increased Protection" DoH setting. When I do that, Firefox reports the DoH status as "Status: Not active (NS_ERROR_FAILURE)". This happens even when Enhanced Tracking Protection is set to "standard" — in other words, that reduced setting fixed the NS_ERROR_FAILURE for HTTP requests, but not for DoH.

      So how do I fix this so Strict Enhanced Tracking Protection, DNS over HTTPS, and Mullvad all work together? I never had this problem with my old ISP, so I suspect something's being blocked at the WAN level that I need to circumvent.

      • OS: macOS Sonoma 14.5
      • VPN protocol: WireGuard
      • ISP: AT&T Fiber

      I'm just using the official Mullvad client app with mostly default settings. The fiber gateway modem/router came with some default packet filtering firewall rules but I disabled everything in the admin panel. Weirdly, rebooting my machine fixed this temporarily, but the next time I disconnected/reconnected the VPN it broke again. Other browsers (with default settings and no DoH) are working fine when the VPN is connected.

      Edit: Solved! Solution here.

      6 votes
    3. Android Mozilla browsers with access to about:config

      Hi Android Mozilla browsers with access to about:config. Examples are... Firefox Beta and Firefox Nightly Back in the day there were lots of config tweaks for PC Firefox. But there's not much...

      Hi
      Android Mozilla browsers with access to about:config.
      Examples are...
      Firefox Beta
      and
      Firefox Nightly

      Back in the day there were lots of config tweaks for PC Firefox.
      But there's not much config information about Android Firefox.

      I found these two posts on Reddit.
      https://www.reddit.com/r/firefox/comments/11shvus/fixing_performance_problems_in_firefox_on_android/

      https://www.reddit.com/r/browsers/comments/1278zp5/improving_performance_in_firefox_android_part_ii/

      Does anybody here have other about:config suggestions?

      11 votes
    4. Firefox refuses to use fonts in ~user/.config/fontconfig/fonts.conf

      I have the following on my fonts.conf <?xml version="1.0"?> <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> <fontconfig> <alias> <family>system-ui</family> <prefer> <family>FreeSans</family> </prefer>...

      I have the following on my fonts.conf

      <?xml version="1.0"?>
      <!DOCTYPE fontconfig SYSTEM "fonts.dtd">
      <fontconfig>
        <alias>
          <family>system-ui</family>
          <prefer>
            <family>FreeSans</family>
          </prefer>
        </alias>
      </fontconfig>
      

      But when websites use font-family: system-ui firefox just ignores this and uses Cantarell anyway, which I don't even know where it is getting it from. (Not Firefox font preferences).

      Any idea how to make firefox respect my fonts.conf?

      This is Linux with i3.

      11 votes
    5. Is Firefox still a good (enough) browser for privacy?

      Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my...

      Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my background), Firefox has been my go-to browser for awhile, although I’m being made aware of the flaws of Firefox (most of which go over my head) and behavior of Mozilla. What can be done to fix this, especially considering that Firefox is the only FOSS browser with a significant user base?

      22 votes
    6. Ultra-minimalist "one line" Firefox

      I mainly use my keyboard to navigate around in Firefox so decided to edit UserChrome.css to create a custom, ultra-minimalist "one line" UI for myself and also maximize my screen real-estate by...

      I mainly use my keyboard to navigate around in Firefox so decided to edit UserChrome.css to create a custom, ultra-minimalist "one line" UI for myself and also maximize my screen real-estate by removing the window Titlebar and Tab Bar (using Tree Tabs sidebar extension instead). I also dislike how cluttered the Firefox interface is with unneeded options scattered everywhere, and how much redundancy there is with many options showing up in multiple places for no good reason, so I removed most of that as well. Here is the results:

      Main UI (Navigation and "Hamburger" toolbar buttons removed)
      Tree Tabs sidebar & More Tools both open
      "Find in page" moved to the top, with Menu bar also toggled on
      New Tab Page (my Bookmark Toolbar auto-unhides itself only on this page)
      My Home Page, set to the FF Library "popout" page (chrome://browser/content/places/places.xul)

      Context Menus (with lots of redundant and unused options removed):
      Address bar dropdown
      Page context menu
      Image context menu
      Link context menu


      If anyone is interested in trying it out themselves, here is the UserChrome.css (which needs to go in the /chrome directory of your Firefox profile).

      And if enough people are interested in learning Firefox UserChrome.css customization using the Browser Toolbox with remote debugging, I can always write up a tutorial at some point. There are some decent resources already available over at userchrome.org and reddit.com/r/FirefoxCSS/ too.

      26 votes
    7. Firefox 62 Nightlies: Improving DNS Privacy in Firefox

      Firefox recently introduced DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR) in nightly builds for Firefox 62. DoH and TRR are intended to help mitigate these potential privacy and...

      Firefox recently introduced DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR) in nightly builds for Firefox 62.

      DoH and TRR are intended to help mitigate these potential privacy and security concerns:

      1. Untrustworthy DNS resolvers tracking your requests, or tampering with responses from DNS servers.
      2. On-path routers tracking or tampering in the same way.
      3. DNS servers tracking your DNS requests.

      DNS over HTTPs (DoH) encrypts DNS requests and responses, protecting against on-path eavesdropping, tracking, and response tampering.

      Trusted Recursive Resolver (TRR) allows Firefox to use a DNS resolver that's different from your machines network settings. You can use any recursive resolver that is compatible with DoH, but it should be a trusted resolver (one that won't sell users’ data or trick users with spoofed DNS). Mozilla is partnering with Cloudflare (but not using the 1.1.1.1 address) as the initial default TRR, however it's possible to use another 3rd party TRR or run your own.

      Cloudflare is providing a recursive resolution service with a pro-user privacy policy. They have committed to throwing away all personally identifiable data after 24 hours, and to never pass that data along to third-parties. And there will be regular audits to ensure that data is being cleared as expected.

      Additionally, Cloudflare will be doing QNAME minimization where the DNS resolver no longer sends the full original QNAME (foo.bar.baz.example.com) to the upstream name server. Instead it will only include the label for the zone it's trying to resolve.

      For example, let's assume the DNS resolver is trying to find foo.bar.baz.example.com, and already knows that ns1.nic.example.com is authoritative for .example.com, but does not know a more specific authoritative name server.

      1. It will send the query for just baz.example.com to ns1.nic.example.com which returns the authoritative name server for baz.example.com.
      2. The resolver then sends a query for bar.baz.example.com to the nameserver for baz.example.com, and gets a response with the authoritative nameserver for bar.baz.example.com
      3. Finally the resolver sends the query for foo.bar.baz.example.com to bar.baz.example.com's nameserver.
        In doing this the full queried name (foo.bar.baz.example.com) is not exposed to intermediate name servers (bar.baz.example.com, baz.example.com, example.com, or even the .com root nameservers)

      Collectively DNS over HTTPs (DoH), Trusted Recursive Resolver (TRR), and QNAME Minimization are a step in the right direction, this does not fix DNS related data leaks entirely:

      After you do the DNS lookup to find the IP address, you still need to connect to the web server at that address. To do this, you send an initial request. This request includes a server name indication, which says which site on the server you want to connect to. And this request is unencrypted.
      That means that your ISP can still figure out which sites you’re visiting, because it’s right there in the server name indication. Plus, the routers that pass that initial request from your browser to the web server can see that info too.

      So How do I enable it?
      DoH and TRR can be enabled in Firefox 62 or newer by going to about:config:

      • Set network.trr.mode to 2
        • Here's the possible network.trr.mode settings:
          • 0 - Off (default): Use standard native resolving only (don't use TRR at all)
          • 1 - Race: Native vs. TRR. Do them both in parallel and go with the one that returns a result first.
          • 2 - First: Use TRR first, and only if the name resolve fails use the native resolver as a fallback.
          • 3 - Only: Only use TRR. Never use the native (after the initial setup).
          • 4 - Shadow: Runs the TRR resolves in parallel with the native for timing and measurements but uses only the native resolver results.
          • 5 - Off by choice: This is the same as 0 but marks it as done by choice and not done by default.
      • Set network.trr.uri to your DoH Server:
      • The DNS Tab on about:networking will show which names were resolved using TRR via DoH.

      Links:
      A cartoon intro to DNS over HTTPS
      Improving DNS Privacy in Firefox
      DNS Query Name Minimization to Improve Privacy
      TRR Preferences

      I'm not affiliated with Mozilla or Firefox, I just thought ~ would find this interesting.

      13 votes