Jump to content


Photo

Firefox Unified Browser Profile.

Firefox Profile Browser Extensions Anonymity

  • Please log in to reply
8 replies to this topic

#1 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 277 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 25 August 2015 - 02:21 AM

Hello. The purpose of this thread is to allow everyone to make themselves less visible on the Internet by having the same exact set of extensions and addons that help form the browser fingerprint as recognized by Panopticlick.

https://panopticlick.eff.org/

So first we should look at what Panopticlick finds.
Disregard the "number of bits" and instead look at "one in x browsers have this value" and then find the biggest numbers. Usually the "Browser Plugin Details" and "Fonts" are the largest by far.

So since there is nothing that can be done to fix the Fonts problem without messing up the entire system, let's instead focus on the Browser Plugin Details.

https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/
https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
https://addons.mozilla.org/en-US/firefox/addon/classicthemerestorer/
https://addons.mozilla.org/en-US/firefox/addon/disconnect/
https://addons.mozilla.org/en-US/firefox/addon/form-history-control/
https://addons.mozilla.org/en-US/firefox/addon/ghostery/
https://code.google.com/p/https-finder/downloads/detail?name=httpsfinder_0.91b.xpi
https://www.eff.org/https-everywhere
https://addons.mozilla.org/en-US/firefox/addon/no-google-analytics/
https://www.eff.org/privacybadger
https://addons.mozilla.org/en-US/firefox/addon/requestpolicy/
https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/
https://addons.mozilla.org/en-us/firefox/addon/ssleuth/
https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
https://secure.informaction.com/download/releases/noscript-2.6.9.32.xpi
https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/

(The last one is not needed, but it is nice not to have to change the resolution every single time you play a video from Youtube. And getting rid of annotations forever is worth it by itself.)

Now. That is the list of extensions I have for this profile. Plugins are still a problem.

For plugins Firefox 40+ comes with two that probably should never be disabled. I suggest adding Flash, Silverlight, Unity and VLC Web player. (You get the last by installing Videolan and choosing the option.)

All plugins that can be set to "Ask to Activate" should be.

Any suggestions to make this more useful and private?

 

(And just to clarify, this thread is identical to another I made on the PIA forums a while back. I still think people should make a unified browser profile to combat malicious sites finding what type of system we use. And I welcome input.)


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#2 pr1v

pr1v

    Advanced Member

  • Members
  • PipPipPip
  • 239 posts

Posted 25 August 2015 - 07:26 AM

Maybe this could help: http://unspyable.com/browser_spying.htm

#3 rickjames

rickjames

    Advanced Member

  • Members
  • PipPipPip
  • 358 posts

Posted 26 August 2015 - 03:15 AM

Or just spoof all the details to something that's widely used.



#4 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 277 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 26 August 2015 - 03:35 AM

Or just spoof all the details to something that's widely used.

If you have a suggestion as to how to achieve this, I and many others are greatly interested. I am aware of the Random Agent Spoofer extension, but that will not work for anything beyond a surface examination of the browser.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#5 pr1v

pr1v

    Advanced Member

  • Members
  • PipPipPip
  • 239 posts

Posted 26 August 2015 - 05:36 AM

In the article I posted you can read in the last words: User Agent Switcher.

 

But, anyway, if you are so worried, why don´t you use Tails live cd, or Tor over VPN?.



#6 OmniNegro

OmniNegro

    Advanced Member

  • Members
  • PipPipPip
  • 277 posts
  • LocationThe Fiery Pits of Texas, USA.

Posted 26 August 2015 - 08:35 PM

In the article I posted you can read in the last words: User Agent Switcher.

 

But, anyway, if you are so worried, why don´t you use Tails live cd, or Tor over VPN?.

I am not worried. And neither Tails nor Tor will make you look alike to every other browser profiles. The point here is to blend in. Those options differentiate you more than anything else you could do. (Tails and Tor, that is. The link you posted has solid suggestions for helping.)


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.


#7 rickjames

rickjames

    Advanced Member

  • Members
  • PipPipPip
  • 358 posts

Posted 26 August 2015 - 09:14 PM

Or just spoof all the details to something that's widely used.

If you have a suggestion as to how to achieve this, I and many others are greatly interested. I am aware of the Random Agent Spoofer extension, but that will not work for anything beyond a surface examination of the browser.

 

Go here https://www.browserleaks.com/javascript

Allow it with noScript if you run it.

Take note of all the details. User agent, operating system ect.

 

Below are "Strings" that need to be created via about:config

So in firefox go to about:config - right click and choose create new string.

String name: general.appname.override
Setting: Netscape

String name: general.appversion.override
Setting: 5.0 (Windows)

String name: general.buildID.override
Setting: 0

String name: general.productSub.override
Setting: 20100101

String name: general.useragent.vendor
Setting: Leave Empty and hit Enter

String name: general.useragent.vendorSub
Setting: Leave Empty and hit Enter

String name: general.useragent.override
Setting: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0

String name: general.platform.override
Setting: Win32

String name: general.oscpu.override
Setting: Windows NT 6.1

 

 

 

Then go back to https://www.browserleaks.com/javascript

Check the settings again. They should be different

 

The settings above are just generalized. If anyone has the time to figure out what the most widely used settings are feel free to post them. Or if anyone has windows 10 and is running a stock firefox 40 I would love to see the results from browserleaks.

 

Most people I know doing this are on bsd or linux because those fingerprints stick out like a sore thumb.

 

Screen resolution is the only option I haven't found a reliable way to change. All the methods I've seen require injection which isn't clean imo. Random Agent Spoofer does it via injection :(

And a quick warning about Random Agent Spoofer is if you uninstall it all the settings it changes get reset to stock firefox settings.



#8 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2214 posts

Posted 27 August 2015 - 01:16 AM

The safest way for beginners would be taking the latest alpha Tor Browser Bundle for your favorite OS, then removing manually all the Torish

components like TorButton and TorLauncher.

 

Then all you are left to do is installing a Random Agent Spoofer extension from Github (and I mean the latest source) since the pre-build .xpi's

lack so many profiles and settings, like the full Firefox 40 clone.

 

That's basically it, you should be up and running a pretty safe, hardened version of Firefox with Windows 7 (most common desktop OS on the internet)

in about, 15 minutes.

If you want to go even further you can clone the TBB git, find the function for the screen resolution and hard code it to another most common desktop OS one.

Don't forget to harden your favorite script blocker on top of that when you are done.

 

Plugin detection using javascript arrays was patched by Mozilla for quite a lot of releases back, so anything from 30 and above should be fine in this case.

I'm mentioning it because the OP suggestion of adding plugins like VLC, Silverlight, or the Flash (aka the cross platform browser exploit compatibility layer)

will do things completely opposite of what you are trying to achieve, in the long term. Even native Firefox plugins like PDF.js should be click2played or better

disabled explicitely via about:config. Last month there was a 0day bug in it which allowed file stealing.

 

The rest is left as an exercise for the reader.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#9 rickjames

rickjames

    Advanced Member

  • Members
  • PipPipPip
  • 358 posts

Posted 27 August 2015 - 03:14 AM

 

If you want to go even further you can clone the TBB git, find the function for the screen resolution and hard code it to another most common desktop OS one.

This ^ is something I would like to find. Gonna have to look for it.

RaS is nice, I used the git version for a while. But less is more imo but its definitely the fastest and easiest route.
I've been tempted to write a tiny clean addon just for this. Just too busy atm :(





Also tagged with one or more of these keywords: Firefox, Profile, Browser, Extensions, Anonymity

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 14421 - BW: 46558 Mbit/sYour IP: 54.166.130.157Guest Access.