project:spyzilla
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
project:spyzilla [2018/12/27 11:47] – mrkva | project:spyzilla [2021/02/11 04:09] – [Thunderbird] format: force more wrap as the page is still broken jenda | ||
---|---|---|---|
Line 16: | Line 16: | ||
- | * Run with parameter -P. Select "Start offline" | + | * Run with parameter -P. Select "Start offline" |
* Visit Preferences. In " | * Visit Preferences. In " | ||
* Uncheck Advanced → Updates | * Uncheck Advanced → Updates | ||
Line 77: | Line 77: | ||
* https:// | * https:// | ||
- | ===== Firefox (v. 64 basic setup) Work in Progress ===== | + | ===== Firefox (v. 64+ basic setup) Work in Progress ===== |
After these changes, firefox should not open any outgoing connections (if autoupdate was disabled by company policy / Linux distribution maintainers) when starting with a blank page, except for checking updates of installed extensions. | After these changes, firefox should not open any outgoing connections (if autoupdate was disabled by company policy / Linux distribution maintainers) when starting with a blank page, except for checking updates of installed extensions. | ||
+ | |||
+ | XXX TODO: How to get rid of: | ||
+ | |||
+ | |||
+ | - POST https:// | ||
+ | - GET https:// | ||
+ | (once a day? with a bunch of similar requests) | ||
+ | - GET https:// | ||
+ | |||
==== Edit -> Preferences ==== | ==== Edit -> Preferences ==== | ||
Line 131: | Line 140: | ||
network.http.referer.hideOnionSource = true | network.http.referer.hideOnionSource = true | ||
+ | |||
+ | # This breaks google docs! | ||
network.http.referer.spoofSource = true | network.http.referer.spoofSource = true | ||
+ | |||
browser.send_pings = false | browser.send_pings = false | ||
Line 143: | Line 155: | ||
media.navigator.enabled = false | media.navigator.enabled = false | ||
+ | |||
+ | # Disable captive portal | ||
network.captive-portal-service.enabled = false | network.captive-portal-service.enabled = false | ||
+ | # The key above seems to be ignored in some versions, so remove the captive portal address | ||
+ | captivedetect.canonicalURL = "" | ||
browser.ping-centre.production.endpoint = "" | browser.ping-centre.production.endpoint = "" | ||
Line 152: | Line 168: | ||
privacy.firstparty.isolate = true | privacy.firstparty.isolate = true | ||
privacy.resistFingerprinting = true | privacy.resistFingerprinting = true | ||
+ | |||
+ | # extension blocklists | ||
+ | extensions.blocklist.enabled = false | ||
+ | |||
+ | # extensions automatic update | ||
+ | extensions.systemAddon.update.enabled = false | ||
+ | |||
+ | # disable requests to search.services.mozilla.com/ | ||
+ | browser.search.geoSpecific.Defaults = false | ||
+ | |||
+ | # https:// | ||
+ | services.settings.server = "" | ||
+ | |||
+ | # some websocket telemetry | ||
+ | dom.push.enabled = false | ||
+ | |||
+ | # ? | ||
+ | app.normandy.enabled = false | ||
+ | |||
+ | # ? investigate GET https:// | ||
+ | # | ||
+ | extensions.systemAddon.update.enabled = false | ||
+ | services.sync.engineStatusChanged.addons = false | ||
</ | </ | ||
Line 161: | Line 200: | ||
New Account setup wizard sends your e-mail domain to Mozilla. To add an account without this feature, select File → Offline → Work offline. | New Account setup wizard sends your e-mail domain to Mozilla. To add an account without this feature, select File → Offline → Work offline. | ||
+ | When you uncheck "Allow Thunderbird to send technical and interaction data to Mozilla", | ||
+ | < | ||
+ | POST / | ||
+ | / | ||
+ | Host: incoming-telemetry.thunderbird.net | ||
+ | User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/ | ||
+ | |||
+ | { | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | }, | ||
+ | " | ||
+ | " | ||
+ | }, | ||
+ | " | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | When you open an attachment (tested with PDF), the following request is sent, leaking username, profile name, attachment filename and attachment SHA-256 hash (as raw binary data in the middle): | ||
+ | |||
+ | < | ||
+ | POST / | ||
+ | Host: sb-ssl.google.com | ||
+ | User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/ | ||
+ | |||
+ | 00000000 | ||
+ | 00000010 | ||
+ | 00000020 | ||
+ | 00000030 | ||
+ | 00000040 | ||
+ | 00000050 | ||
+ | 00000060 | ||
+ | 00000070 | ||
+ | 00000080 | ||
+ | 00000090 | ||
+ | 000000a0 | ||
+ | 000000b0 | ||
+ | 000000c0 | ||
+ | 000000d0 | ||
+ | 000000e0 | ||
+ | 000000f0 | ||
+ | </ | ||
+ | To disable this, remove browser.safebrowsing.downloads.remote.url in about: | ||
===== Firefox for Android ===== | ===== Firefox for Android ===== | ||
project/spyzilla.txt · Last modified: 2022/12/24 16:23 by jenda