Firefox 80

Mozilla’s work to make Firefox (license MPL) robust and fast with all their efforts in Electrolysis, Quantum and Rust created many improvements for every user. With Rust they created a new programming language with multi-treading and security in mind. Milestones:

  • Firefox 65 offers AV1 video support by default and WebP image support
  • Wayland can be enabled with an environment variable
    • VA-API video acceleration is supported on Wayland
    • WebGL is supported on Wayland
  • Touchscreen works on Wayland
  • Hardware acceleration can be enabled

Stable channel

sudo pacman -Sy firefox

The developer edition is like the beta version plus several useful development tools integrated into the browser.

sudo pacman -Sy firefox-developer-edition

The Firefox release schedule can be found here https://wiki.mozilla.org/Release_Management/Calendar.

If you are curios about new features and you want to support Firefox testing then you can run the Firefox-Nightly. From my experience it is quite stable, never had real issues running at least in the default configuration, enabling test features will show from time to time some bugs. Firefox-Nightly is always 2 version in front of the stable release and every crash will be reported straight to the developers (if not disabled by the user).

yay firefox-nightly

The key can be added with the following command, if it is unknown and verified.

gpg --recv-keys KEYVALUE

It is recommended to set some environment variables directly by editing the following file:

sudo nano /etc/environment
# Enable Wayland
export MOZ_DBUS_REMOTE=1
export MOZ_ENABLE_WAYLAND=1
# For Plasma integration
export GTK_USE_PORTAL=1

Firefox Nightly works quite well nowaday on Plasma 5.19 as the subsurface issues have been mostly fixed.

Tor-Browser

Tor-Browser is based on the Firefox extended support release branch and provides you an easy access to Tor and the Onion network.

yay tor-browser

Setup:

  • Set to secure mode – java script is always blocked
  • Remove unfree search engines like Google, Twitter, Yahoo
  • Install addon “I don care about cookies”
  • Install addon “uBlock origin”

Bugs

  • Wayland support (https://bugzilla.mozilla.org/show_bug.cgi?id=635134). Firefox on Wayland works quite well, input works, browsing websites works well, rendering is fine, resizing the window works FF76, mouse cursor is too small with scaling enabled, scaling is not considered and copy & paste is not working at least in KDE.
  • Hardware accelerated rendering is still deactivated on Linux, even for Mesa drivers where issues could be fixed quite fast. Bug https://bugzilla.mozilla.org/show_bug.cgi?id=1280523
  • Native Qt build/better KDE integration – There has been an effort to build Firefox instead with Gtk3 with Qt, but it discontinued. The KDE team started a new approach to better integrate Firefox and to provide native notification and save dialog, but you should install the Plasma extension.
  • Dark Theme Firefox issues on Linux. To make the dark theme work as well in Firefox you need to find a fix for yourself at the moment. It seems to be a common issue with dark GTK themes. Firefox shows dark input fields with dark text (e.g. Google) or white input fields with white texts (e.g. Youtube). This is annoying. To fix this there is a workaround… but sadly not the one from Mozilla:
    1. Go to the folder /home/USERNAME/.mozilla/firefox/PROFILEID.default
    2. Create a folder “chrome” (Firefox is case sensitive)
    3. Create a text file with called “userContent.css” (Firefox is case sensitive)
    4. Insert the following content, save, close Firefox and reopen it:

textarea, input, select {
   background-color: white !important;
   color: black !important;
  -moz-appearance: none !important;
 }

Extensions

Make sure to install in Firefox only free and open source software addons. Review your existing addons and get rid of non-free software.

  • If you use Firefox on KDE Plasma 5.13 or newer, install the extension Plasma Integration (license GPLv3) in Firefox https://addons.mozilla.org/en-US/firefox/addon/plasma-integration/?src=search. Make sure, that you have the package “plasma-browser-integration” installed as well in your Linux distribution. Starting with Firefox 64 you should run Firefox with desktop integration for KDE, run it with e.g. the following command “GTK_USE_PORTAL=1 firefox-nightly”.

Privacy Extensions

After enabling a new exentions, check as well which one you need in the Private Mode as it is not enabled by default!

  • HTTPS Everywhere (license GPLv2+) – If the site is known to work with HTTPS, Firefox will automatically create an encrypted connection to the server and the certificate is cross checked with the EFF database.
    • Enable Encrypt All Sites Eligible
  • uBlock Origin (license GPLv3) – Block advertising and tracking.
    • Enable cloud storage support (to sync settings with Firefox sync)
    • Enable Prevent WebRTC from leaking local IP address
    • Block CSP reports
    • Block remote fonts
    • 3rd-party filter: activate whatever sounds reasonable and interesting
  • uMatrix (license GPLv3)- Block scripts and content from third party domains
    • Enable cloud storage support (to sync settings with Firefox sync)
    • Delete blocked cookies
    • Delete local storage content set by blocked hostnames
    • Spoof HTTP referrer string of third-party requests
    • Block all hyperlink auditing attempts
  • Decentraleyes (license MPL2.0) will block content delivery networks (CDN) and emulate it locally.
  • Privacy Badger (license GPLv3) counts the times 3rd party websites tracks you across the web and block them if they do not obey the non tracking policy after 3 attempts.
  • Password Hasher Plus (license GPLv2) – With this I don’t need to remember any password anymore and even if there is one bad website developer cracking one of your password he will only see a hash. Basically you can define a Key plus a password to create a unique password based on the website name. At the moment the translation of the password to the hash value is done in the password field and theoretically a bad site could leak the original password, this security issue is investigated, but for now I don’t think it is critical as I’m entering my password only on trusted sites and as without this add-on I would enter anyway my real password and I would even send it to the website.
  • History Cleaner (license MIT/X11) will delete browsing history older than X days – Set it to e.g. 7 days.
  • Cookie AutoDelete (license MIT) will automatically delete cookies and locar storage when closing a tab.
    • Set Enable Automatic Cleaning? Delay Before Cleaning: 15 second(s)
    • Set LocalStorage Cleanup (Firefox 58+)
  • User Agent Switcher – Change to a commonly used User Agent to reduce the tracking identification, helpful if using the Nightly/Developer edition and then you can claim to use the latest Firefox release instead.
  • NoScript (license GPLv3) can block all java script code
    • Set all pre-installed trusted sites as untrusted. The best is to only allow them case by base when visiting a website!
    • Alternative for NoScript could be GNU LibreJS (license GPLv3) – It only allows free software java script. Block all other java script and then only whitelist sites that you trust. LibreJS doesn’t work well and is a nightmare to maintain, it often doesn’t even recognize the license of free software java script. Better use NoScript and block all java script by default and then allow only trusted sites.
  • Multi-Account Containers (license MPLv2) and Temporary Containers (license MIT/X11) allow you to manage and run every website in own and trusted or temporary containers. Temporary Containers offer a automatic mode to first open all new tabs directly as a temporary container.

Comfort Extensions:

  • Buster (license GPLv3) Captcha Solver for Humans

Privacy Settings

  • Preferences / General
    • Restore previous session – enabled, only recommended in user controlled and non privacy concerned environment
    • Disable Play DRM-controlled Content (digital restriction management, remote media control, runs non-free code on your system)
    • Disable Recommend extensions as you browse
    • Disable Recommend features as you browse
  • Preferences / Home
    • Disable Recommended by Pocket
    • Disable HighlightsPages Saved to Pocket
    • Disable Snippets
  • Preferences / Search
    • Remove privacy violating and data collecting search engines, only keep privacy respecting engines like DuckDuckGo, Ecosia and Wikipedia.
  • Preferences / Privacy & Security
    • Block all 3rd party site cookies or at least set Cookies from not visited sites
    • Block as well Cryptominers and Fingerprinting (available in Firefox 67+)
    • Block Tracking Contents – in all windows
    • Set Do Not Track to always
    • History
      • Clear History when Nightly closes
        • History: Browsing and Download History – unchecked to keep the history
        • History:Active Logins – leave unchecked, if you want to keep your logins available for the next Firefox session
        • History: Forms and Search History – leave it unchecked if you need prefilled forms (it would be nice if Mozilla would allow to delete at least the Search History without loosing the forms data)
        • History: Cookies – leave unchecked, if you want to keep your logins available for the next Firefox session
        • History: Cache – Enabled for deletion
        • Data: Site Preferences – Unchecked to keep Firefox settings per website like notifications
        • Data: Offline Website Data – Enabled for deletion
    • Set Prevent accessibility services from accessing your browse to disallow e.g. virus scanners to inspect Firefox with external plugins, helpful on Windows to prevent negative impact of proprietary tools.
    • Disable telemetry report (to avoid sending this data to Mozilla and unkown third parties!)
    • Disable Firefox to install and run studies
    • Disable sending backlogged crash reports on your behalf automatically (Mozilla)
  • Preferences / Sync
    • Use Firefox Sync only for non-critical data like (Bookmarks, Add-ons, Preferences). I don’t like to sync open tabs as I have a work and private profile. Sync the History is from my point of view not required. Passwords are really critical and shouldn’t be stored anywhere, I recommend tools like Password Hasher Plus where you generate (but not store) a password for every site.

Customizing Firefox

  • Hardware accelerated rendering is deactivated in Linux, it can be activated by setting in about:config the key layers.acceleration.force-enabled to true. On Wayland this will enable as well EGL and dmabuf (zero copy to compositor rendering) instead of the legacy GLX. After restarting Firefox on the page about:support the Compositing should be something like OpenGL.
    • Firefox 57+ Performance Tuning. With the new Firefox Quantum (57) release, Servo is now enabled by default.
      • gfx.webrender.enabled = true (default, this is the new Quantum render back-end based on Rust). For more details read https://mozillagfx.wordpress.com/2017/11/27/webrender-newsletter-10
      • gfx.webrender.blob-images = true (default Firefox 69)
      • gfx.webrender.all = true, set to enable all new Webrender functions automatically
      • image.mem.shared = true (default Firefox 69)
      • layout.display-list.retain.chrome = true (default), for details read https://mozillagfx.wordpress.com/2018/01/09/retained-display-lists)
      • widget.wayland-dmabuf-webgl.enabled = true, required to enable WebGL on Wayland
      • widget.wayland-dmabuf-vaapi.enabled = true required to enable VA-API video acceleration on Wayland
      • widget.wayland-dmabuf-textures.enabled = true (rendering of the scroll bar on amdgpu is broken)
      • media.ffmpeg.vaapi.enabled = true
      • media.ffmpeg.dmabuf-textures.enabled = true
      • media.hardware-video-decoding.enabled = true (default)
      • media.hardware-video-decoding.force-enabled
      • widget.wayland-use-opague-region.enabled = false
      • widget.wayland-smooth-rendering = true works
      • widget.wayland_vsync.enabled = true (rendering didn’t work well on amdgpu, extreme stuttering 2020-04-04)
  • Disable in Options /  General / Use recommended performance settings and enable there use hardware acceleration when available. Here you can increase the threads from 4 to 7 if you have plenty of RAM (key dom.ipc.processCount). You can force enable multi treading (e10s electrolysis) via about:config by setting/creating the key browser.tabs.remote.force-enable to the boolean value true.
  • SSL
    • security.ssl3.rsa_des_ede3_sha = false (it is weak according to http://www.ssllabs.com)
    • security.tls.version.min = 3 (soon Firefox-nightly will disable TLS 1.0 and 1.1), (1=TLS1.0, 2=TLS1.1, 3=TLS1.2, 4=TLS1.3)
    • security*_sha => Disable SHA1 that are not required anymore, e.g. DHE
    • Make sure that security.enterprise_roots.enabled is set to false to avoid mand in the middle (MITM) attacks from corporate firewalls as for security there shouldn’t be anybody listening especially not with the possibility of modifying data.
  • Firefox 62+ offers a new mode to do DNS over https, to enable the test with one DNS over https provider, change the network.trr.mode = 2, network.trr.uri = https://mozilla.cloudflare-dns.com/dns-query and network.trr.bootstrapAddress = 1.1.1.1. https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox. In about:networking in DNS you can review if TRR is used for the DNS requests.
  • Conveniency
    • browser.tabs.closeTabByDblclick = true, to close tabs with a double click
    • browser.urlbar.clickSelectsAll = true (default?)
  • Privacy
    • Set toolkit.telemetry.unified = False, toolkit.telemetry.archive.enabled = False and set toolkit.telemetry.server = “” to block Mozilla telemetry collection
    • Disable more of the telemetry pings
    • extensions.pocket.enabled = FALSE – Mozilla enforces the user to enable Pocket, only possible to disable it from about:config
    • geo.enabled = FALSE
    • media.peerconnection.enabled = FALSE (It would forward the real IP even if connected via VPN)

Improve privacy settings (ideas):

  • SessionStorage: How to delete the session storage? Bug https://bugzilla.mozilla.org/show_bug.cgi?id=527667
  • Block/delete LSO cookies
  • dom.storage.enabled = FALSE
  • Disconnect (Compatible with Firefox 57+, Webextension) – Block third party content like tracking pictures, enhanced function of the Firefox integrated Tracking Protection.
  • An add-on with a white list for cookies might be helpful, so all cookies that are not whitelisted will be removed when closing Firefox.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.