Complete Guide to Firefox Privacy in 2024

Shanika W.

By Shanika W. . 3 July 2024

Cybersecurity Analyst

Miklos Zoltan

Fact-Checked this

1 Comments

When browsing the internet, privacy remains a concern among many users. Out of all the browsers out there, users and experts consider Firefox as the privacy-friendly browser among the mainstream browsers.

The privacy-friendliness of Firefox is due to several factors, including:

  • Firefox is open source
  • A large number of add-ons that enhance the security
  • You can access its configuration settings to tweak its privacy and security parameters

Now you might be thinking, “Wow! Firefox is my ultimate browser for safety.”

However, it’s essential to familiarize yourself with the default configurations and settings, and learn how to adjust them to ensure Firefox is secure.

These principles apply even if you’re using a VPN to access the internet via Firefox. This article will guide you through the necessary steps.

But first, let’s understand the fundamental concepts of browser privacy before we start tweaking its configurations.

What are the Key Points to Know before moving into Firefox Privacy?

Browser Fingerprinting

Fingerprinting is an online tracking mechanism where the websites you visits or the remote services create a unique profile about your computer’s Operating System information, fonts you’ve installed, the add-ons, and your choice of web browser and screen.

No two fingerprints are identical; thus, the more distinctive your fonts and add-ons are it’s easier to create a unique fingerprint of you.

Sounds scary, isn’t it? However, in the latest firefox browsers, it blocks fingerprinting. You’ll discover more about this in upcoming sections.

DNS over HTTPs

When you type a web address on the browser’s address bar, it converts to an IP address using a DNS lookup. However, this process is not encrypted, as it’s in the form of plain text. Recently, Firefox turned the DNS over HTTPS (DoH) on by default for US audiences.

In contrast, with a DoH connection, the DNS traffic is encrypted, which implies that ISP providers and other third parties will find it hard to spy on what websites you visit and even block them as the ISP providers do.

Although this is a good move for your privacy, the DNS server still knows the website you’re visiting. Therefore Mozil provides two trusted DNS providers, Cloudflare and NextDNS.

Web Extensions

Mozilla Engineers have transformed most of the add-ons we have listed below into web extensions. Last year Web Extensions replaced Firefox’s previous add-ons framework.

Therefore, from the Firefox version quantum 57 upwards, the add-ons are available as web extensions.

These web extensions enhance your experience and security with the Firefox browser.

Default Ad Blocking

Tech giants such as Facebook and Google offer heaps of tracking options to track their visitors, claiming to provide a better-personalized experience.

However, some users find this act annoying and an invasion of privacy. As a result, from June 2019 onwards, Firefox introduced a robust tracking protection mechanism which by default is part of Firefox’s settings.

Previously this feature was solely available for Beta and nightly versions, and now it’s a standard feature in all its current versions.

It operates by blocking pervasive cookies that ad trackers utilize to expose you online. Thus the advertisers, crypto miners, and trackers have no power over the users who use this browser.

Things you should do when you install Firefox

Now you’ve heads-up of the fundamental aspects before making Firefox secure. So, let’s dive into what you need to do from the initial stages, such as from the time of its installation, to make it more secure.

Disabling Firefox Default Data Collection

Firefox has a feature called telemetry, which collects data on performance, usage, hardware, and customization data to assist Firefox in serving you better the next time you use the browser.

By all means, these data are harmless and don’t go to the hands outside of Firefox. However, disabling them is a good idea if you’re concerned about privacy.

Here’s how you do it:

  1. Click on the application menu on the top right.
  2. Then select Settings from the drop-down menu that appears.
  3. After that, select the Privacy & Security panel.
  4. Then scroll down until you find Firefox Data Collection and Use. Uncheck all the boxed that have already been checked.

Image of FirexFox privacy settings page

That’s it for desktops or laptops. Here’s how you do it for Firefox that you’ve installed on mobile devices:

  1. Go to the menu in Firefox.
  2. Then select Options, followed by Privacy.
  3. Select Data Choices.
  4. Then uncheck all three boxes: Telemetry, Crash Reporter, and Mozilla Location Service.

Default Search Engine to a Privacy-Friendly Search Engine

To everyone’s astonishment, Firefox did make Google their default search engine, primarily for financial gains.

However, you all know that using Google as your default search engine keeps track of all your search activity and tracks you from multiple angles.

Therefore, from your privacy perspective, it’s ideal to select a search engine that cares for your privacy.

So, firstly you need to change Firefox’s default browser as follows:

  1. Click on the Application Menu
  2. Then select settings
  3. Click Search from the Panel
  4. Then from the drop-down under Default search engine, select the search engine of your choice

Firefox Settings page

Firefox provides you with a few options in the above drop-down. To get more options, scroll down till you find One-Click Search Engines and select the one from the list.

Turning On the Enhanced Tracking Option

From Firefox 57+ onwards, it brought global tracking protection to the main interface, which blocks the sites you visit, tracking you and creating user profiles for their target marketing.

When you visit the Privacy & Security tab under Enhanced Tracking Protection, you “ll see three options: standard, strict, and custom.

By default, the custom mode will appear, and it’ll block the following:

  1. Cross-site cookies in all windows
  2. Tracking codes in a private way (incognito window)
  3. Fingerprinters
  4. Cryptominers
  5. Social media trackers

The strict mode may cause some websites to break, so you’ll not get the correct user experience. In custom mode, you can select what to track and what not to follow.

Although you can change the mode by going to Menu > Settings > Privacy & Security > Enhanced Tracking Protection, the standard mode will provide you with the best balance.

Firefox privacy settings page with "Standard" protection option selected

The “Do Not Track” Option

The next option after the modes is equally essential, which asks when you want to send the “Do Not Track Signal. Again, by default, Firefox enables it for those browsing in private mode. So to allow it, You need to follow these steps:

Go to Menu > Settings > Privacy & Security > Enhanced Tracking Protection; then, in the options box, select the ‘always’ option, as shown below.

Firefox "Do not track" privacy settings page

What are the Firefox About:: Config settings that you can Tweak?

So far, you’ve learned about changing the privacy settings by altering different options in the Privacy & Security panel and the search panel. In this section, you’ll learn about changing the privacy settings using about::config.

To access the about configurations settings, type about::config in your Firefox browser. Then before reaching the destination page, you”ll get a warning page as below:

Accessing a HTTP website on Firefox gives a security warning

Just click “Accept the Risk and continue.” Then it’ll take you to the page with preferences which firefox lists in alphabetical order, followed by their value and the option for changing them.

Accessing unencrypted sites on Firefox

Resisting Fingerprinting

To alter a boolean value of a preference, you have to hit the toggle button, and it”ll change from true to false and vice versa. For others, you just hit the Pencil icon and then type the value you need to change in the textbox.

Also, another point worth mentioning is that some of the changes you carried out in the previous section are already updated in this preference list.

So, let’s begin by changing the default value of resist fingerprinting to true. Its value is stored in privacy. resistFingerprinting property whose default value is false. Let’s change it to true.

  1. First, search the string privacy. resistFingerprinting at the search box at the top. as shown below.
  2. Then, when you hit enter, you”ll see that this property has a false value.
  3. You can easily change it by hitting the toggle button on the right, which changes its value to true.

What it does is it makes the websites that you visit through Firefox more resistant to Fingerprinting.

Disabling WebRTC

Web Real-Time Communication lets you enjoy features like voice calling, video chat, and P2P file sharing via your browser.

However, a significant risk of this feature is that it can expose your actual IP address even if you’re hiding behind a good VPN. This risk is called a WebRTC leak which exposes your IP address through STUN requests of a browser.

Thus, to disable this feature, type media.peerconnection.enabled and search for it. By default, it should have a true value, and you can change it to false by clicking the toggle icon.

media.peerconnection.enabled on Firefox

When you disable WebRTC, Google Meet, and Whereby services do not function.

Blocking of Crypto Miners

Similarly, you can also block crypto miners using the below line. This command is only applicable to Firefox versions above 67+.

privacy.trackingprotection.cryptomining.enabled=false

Disabling Geolocation services

Specific websites that you visit require your geolocation. By default, geo.enables is set to true, in which case Firefox can send the following details to Google:

  1. Your IP address
  2. Nearby wireless access points
  3. A random client identifier that Google sends is only valid for two weeks

Regardless of whether you’ve disabled the geolocation property before you send the above information to Google, you first get a request from the site you’re visiting. Thus you have control over enabling and disabling geolocation.

geo.enabled = false

You can get more information about geolocation in Firefox here.

Cookie Behavior

The preference network.cookie.cookieBehavior determines whether to accept all or some cookies depending on the value you set to this preference. It receives an integer value between 0 and 4 in which:

0 =>By default, it accepts all the cookies.
1`=> Only accepts cookies from the originating site and doesn’t allow any 3rd party cookies.
2=> Blocks all the cookies
3=> Block cookies from sites that you’ve never visited before.
4=> indicates a new cookie jar policy that doesn’t allow the trackers to access the storage.

Out of any of these numbers, from 1 to 4 enhances privacy. Value 4 offers optimum privacy, which may cause certain websites to break.

Cookie Lifetime Options

This preference network.cookie.lifetimePolicy determines when Firefox deletes the cookies. It will also accept integer values from 0-3 as below:

  1. 0=> Server supplies the Cookie names
  2. 1=> The user will be prompted for cookies lifetime
  3. 2=> Cookies expire at the end of a session, and that is when a browser window closes
  4. 3=> The cookie lasts for the number of days mentioned in the network.cookie.lifetime.day property

As a best practice, it’s ideal to use the value of 2 so that the cookies will also end when a session terminates.

Are Add-ons a good choice for securing Privacy?

So far, you’ve learned how to achieve privacy in Firefox. Firstly tweaking settings and then adjusting the default values in about::config preferences. There are more methods, such as Add-ons. Let’s talk about if add-ons are a good choice.

First of all, too many add-ons can slow down your Firefox browser. Secondly, the more add-ons you have, the fingerprint the 3rd party generates will produce a more distinct user that would stand out from the crowd.

Therefore before adding add-ons, it’s vital to consider disabling fingerprinting ways through the browser. There are some valuable add-ons, such as:

  • HTTPS Only: Forces Firefox to use HTTPS when transferring data to and from the browser.
  • uBlock Origin: Takeaway pop-ups, ads, trackers, and coin-miners.
  • Cookie AutoDelete: This add-on deletes the cookies every time you close the browser tab.

Conclusion

Up to this point, you’ve learned several key strategies for enhancing privacy in Firefox.

However, there are always more methods to explore as technology evolves. It’s important to regularly test different privacy settings to find the ones that best suit your needs. Keep experimenting until you discover the perfect solution for you.

Remember, Firefox is renowned for its strong commitment to user privacy, making it the most privacy-conscious choice among mainstream browsers.

1 Comment

  • Anonymous

    May 30, 2024 7:22 pm

    Blocking of Crypto Miners

    Similarly, you can also block crypto miners using the below line. This command is only applicable to Firefox versions above 67+.

    privacy.trackingprotection.cryptomining.enabled=true

Leave a Comment