this post was submitted on 05 Jul 2023

8 points (100.0% liked)

Privacy

31195 readers

935 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

Does anyone have experience with arkenfox/user.js? (github.com)

submitted 1 year ago by br3ad@infosec.pub to c/privacy@lemmy.ml

17 comments fedilink hide all child comments

How effective is it for online privacy? I have been using it for some time and it tends to break some sites like banking websites and twitch. I haven't messed around a lot with the config except allowing DRM and setting up a start page.

I am wondering if using arkenfox/user.js is making my browsing fingerprint unique and whether there are better alternatives for privacy focused browsers.

top 12 comments

sorted by: hot top controversial new old

[–] Tiffany@lemm.ee 4 points 1 year ago* (last edited 1 year ago) (1 children)

I use ArkenFox as a base for a hardened version of FF. It's not really designed to be used verbatim as that would leave the web in a fairly unusable state, at least for most users. I use a fair few overrides because on my daily browser I want it to be able to use DRM content, be able to login to my bank, etc. For me I see it as a really solid foundation, after which I can intentionally pick and choose what functionality to enable at my own risk rather than have bad defaults thrust upon me by the browser vendor.

I personally don't concern myself that heavily with attempting to defend my daily browser's fingerprint. With the default ArkenFox implementation, ResistFingerprinting in FF is enabled and that's the best you can do, but it also breaks a few things on purpose which impacts functionality. I personally have RF off and use the CanvasBlocker extension to defend against naïve fingerprinting scripts, but that's a choice users have to make.

If I were that concerned about being fingerprinted by advanced scripts, I'd be using the Mullvad Browser or TOR. Those are really the only effective way to "blend in" to a crowd. Most any browsers people use as their one for daily use that aren't either of those will be fingerprintable and identifiable by an adversary determined enough, so investing too much time in worrying about a daily browser's fingerprint beyond defending against naïve scripts isn't worth that much time investment, imo.

[–] br3ad@infosec.pub 3 points 1 year ago (1 children)

I have kept the ResistFingerprinting enabled for now. It doesn't impact 90% of my browsing experience.

Do you need to regularly check for updates on the GitHub for the user.js or should I not bother once I have configured it to my liking?

I appreciate the info. Thanks!

[–] Tiffany@lemm.ee 2 points 1 year ago* (last edited 1 year ago)

In the ArkenFox zip there's a updater.bat (Windows) or updater.sh (Linux) script which will pull the latest user.js. I do run this periodically as FF settings will for sure evolve over time with new versions, absolutely.

You could probably schedule these with a task scheduler/cron if you wanted.

[–] Lamy@lemmy.fmhy.ml 2 points 1 year ago (2 children)

I prefer librewolf

[–] br3ad@infosec.pub 1 points 1 year ago (1 children)

I was using librewolf prior to arkenfox but found it tedious. The updates are always lagging behind the official releases which makes it inherently less secure. You also need to manually check for updates and reinstall the browser every time.

[–] Lamy@lemmy.fmhy.ml 2 points 1 year ago

Interesting and good points.

The main reason I librewolf is there are a lot of settings in arkenfox that are unprivate in my opinion, and some things are blocked that don’t need to be, and the .js file makes it hard to edit settings.

That said arkenfox is still far superior to Firefox or any chromium derivative, and probably a better option for the average user than librewolf

Oh and there is a librewolf auto update extension if folks are interested

[–] FarLine99@lemm.ee 1 points 1 year ago (1 children)

I prefer BetterFox user.js Requiees less tweaking, better defaults for everyday use.

[–] Lamy@lemmy.fmhy.ml 1 points 1 year ago (1 children)

I haven’t heard of that, I’ll have to check it out

[–] FarLine99@lemm.ee 2 points 1 year ago (1 children)

This video is source for this information. Check it out. Awesome guide. And channel 🙂

[–] PipedLinkBot@feddit.rocks 2 points 1 year ago (1 children)

Here is an alternative Piped link(s): https://piped.video/Fr8UFJzpNls

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source, check me out at GitHub.

[–] FarLine99@lemm.ee 1 points 1 year ago

wow, piped bot. something new and interesting 🤔🙂

[–] BigRedSparrow@lemmygrad.ml 2 points 1 year ago

I've used arkenfox's firefox user profile for a good amount of time now and you're right to have some doubts about it.

No mitigation measures are foolproof and in actuality may result in you becoming more identifiable if you apply it improperly. The irony is that you're less likely to be identifiable using default settings on a default firefox instance than say enabling fingerprint resisting + ublock etc.

Privacy in the context of online browsing is achieved through obscurity. It uses techniques applied by browsers like TOR to become effective. In the case of TOR a wide adoption and it's careful implementation has made it one if not the only browser I would say offers decent privacy by default. In our case this template's usage is just a pretty insignificant fraction of the internet.

Browser fingerprinting technology is constantly evolving and uses many metrics that you may be unable to address if you're one to seek privacy. Just take it with a grain of salt. Although things may not look good for browsers nowadays. I'd say some privacy is better than no privacy at all.

load more comments