How to tame Mozilla Firefox
This article is a follow up to the author's 2016 article titled ‘Firefox: Its past, present and … future?’ The Google Chrome invasion is now almost complete. Firefox is used only by a band of die-hard enthusiasts. Are you one of them? In this article, you can learn how to overcome the most frustrating and annoying non-features in the browser.
Firefox developers take no pride in their work. After Chrome showed up, cowardly Mozilla gave Google the mantle for browser development. Since then, Mozilla has routinely imitated Google rather than doing its own thing. With every new release, it introduced breaking changes that alienated vast swathes of its user base. It removed useful features such as RSS support. Worst of all, it abandoned its XUL add-ons architecture in favour of WebExtensions created by Google. Firfox developers has also imported Chrome developers' attitude of treating users as morons. You cannot change settings. With every update, more and more settings become useless. It only allows settings changes only in corporate environments. This article shows how you can take advantage of this decision and force Firefox into respecting your settings decisions.
What? Firefox is not dead yet? No, there still are users who are faithful to Mozilla's original promise to take back the web. Mozilla may have lost sight of that goal but we have not. Microsoft Internet Explorer has gone to RIP. Opera and Edge have become Chrome clones. Firefox is the only other browser that has a non-Chrome HTML-rendering engine. However, in other aspects, Mozilla is making Firefox more and more dependent on the Google universe. In this article, I document how you can avoid that while continuing to use Firefox. I know it is a losing battle but for now…
about:config changes are not effective
Around the same time that Chrome was mopping up the browser market share, Firefox started annoying its users by disabling add-ons and breaking/disappearing functionality with every newly released version. Some users would modify the browser's internal settings in the about:config page to make Firefox function like it used to. For example, you could disable automatic updates by changing the app.update.enabled setting to false. Eventually, Mozilla wisened up to these tricks and made the changes ineffective.
policies.json is the new alternative
In corporate computer networks, end-user software applications are installed and controlled by system administrators. Application settings are also controlled by the administrators. Most end-users or desktop users are given lesser privileges. They cannot to install software on their own. They may not even be able to customize the software.
To enable administrators with the ability to control Firefox installations, Mozilla has created support for a global configuration file named policies.json. This file is usually installed in a privileged location such as /etc/firefox/policies/policies.json. Someone with desktop-user privileges will not be able to modify this file.
While Firefox may ignore your changes to about:config settings, but it will honour directives in the policies.json file. If you are the administrator of your computer, you can lock down Firefox and make it behave in the way that you want it to. You need to create a customized version of this policies.json file in the /etc/firefox/policies directory. Firefox will then think that you are in a corporate environment and be tricked into the implementing the setting changes.
The policies.json file is written like the value of a Javascript variable (with a JSON structure).
{ "policies": {
"blah": "blah",
"blah blah": 1,
"blah blah blah": false
}
}The settings that you can use in the policies.json file are described at
https://github.com/mozilla/policy-templates/
The customized policies.json file that I use is available at:
https://gist.github.com/vsubhash/
{
"policies": {
"Cookies": {
"ExpireAtSessionEnd": true,
"Behavior": "reject-foreign",
"BehaviorPrivateBrowsing": "reject-foreign"
},
"DisableAppUpdate": true,
"DisableBuiltinPDFViewer": true,
"DisableFeedbackCommands": true,
"DisableFirefoxAccounts": true,
"DisableFirefoxStudies": true,
"FirefoxHome": {
"Search": false,
"TopSites": false,
"Highlights": false,
"Pocket": false,
"Snippets": false,
"Locked": true
},
"DisablePocket": true,
"DisableTelemetry": true,
"DisplayMenuBar": "always",
"DisableProfileRefresh": false,
"DNSOverHTTPS": {
"Enabled": false
},
"DontCheckDefaultBrowser": true,
"FirefoxHome": {
"Search": false,
"TopSites": false,
"SponsoredTopSites": false,
"Highlights": false,
"Pocket": false,
"SponsoredPocket": false,
"Snippets": false,
"Locked": false
},
"Homepage": {
"URL": "about:blank",
"StartPage": "none",
"Locked": true
},
"ManualAppUpdateOnly": true,
"NetworkPrediction": false,
"NewTabPage": false,
"NoDefaultBookmarks": true,
"OverrideFirstRunPage": "",
"OverridePostUpdatePage": "",
"PDFjs": { "Enabled": false },
"Permissions": {
"Camera": { "BlockNewRequests": true, "Locked": true },
"Microphone": { "BlockNewRequests": true, "Locked": true },
"Location": { "BlockNewRequests": true, "Locked": true },
"Notifications": { "BlockNewRequests": true, "Locked": true },
"VirtualReality": { "BlockNewRequests": true, "Locked": true },
"Autoplay": { "Default": "block-audio-video", "Locked": true }
},
"Preferences": {
"browser.safebrowsing.phishing.enabled": {
"Value": false,
"Status": "locked"
},
"browser.safebrowsing.malware.enabled": {
"Value": false,
"Status": "locked"
},
"browser.search.suggest.enabled": {
"Value": false,
"Status": "locked"
},
"browser.sessionstore.resume_from_crash": {
"Value": false,
"Status": "locked"
},
"browser.tabs.closeWindowWithLastTab": {
"Value": false,
"Status": "locked"
},
"dom.event.clipboardevents.enabled": {
"Value": false,
"Status": "locked"
},
"dom.event.contextmenu.enabled": {
"Value": false,
"Status": "locked"
},
"extensions.htmlaboutaddons.recommendations.enabled": {
"Value": false,
"Status": "locked"
},
"media.mediasource.enabled": {
"Value": false,
"Status": "locked"
}
},
"SanitizeOnShutdown": {
"Cache": true,
"Cookies": true,
"Downloads": true,
"FormData": true,
"History": true,
"Sessions": true,
"SiteSettings": true,
"OfflineApps": true,
"Locked": false
},
"SearchBar": "separate",
"SearchEngines": {
"PreventInstalls": false,
"Add": [
{ "Name": "Bing",
"URLTemplate": "https://www.bing.com/search?q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.bing.com/favicon.ico",
"Alias": "bi",
"Description": "Bing search engine"
},
{ "Name": "DuckDuckGo HTML",
"URLTemplate": "https://html.duckduckgo.com/html/",
"Method": "POST",
"IconURL": "https://duckduckgo.com/favicon.ico",
"Alias": "dh",
"Description": "DuckDuckGo HTML search engine",
"PostData":"q={searchTerms}"
},
{ "Name": "DuckDuckGo Plain",
"URLTemplate": "https://duckduckgo.com/?q={searchTerms}",
"Method": "GET",
"IconURL": "https://duckduckgo.com/favicon.ico",
"Alias": "dd",
"Description": "DuckDuckGo ordinary search engine"
},
{ "Name": "Flipkart",
"URLTemplate": "https://www.flipkart.com/search?q={searchTerms}",
"Method": "GET",
"IconURL": "https://static-assets-web.flixcart.com/www/promos/new/20150528-140547-favicon-retina.ico",
"Alias": "fk",
"Description": "Flipkart product search"
},
{ "Name": "Amazon",
"URLTemplate": "https://www.amazon.com/s?k={searchTerms}",
"Method": "GET",
"IconURL": "https://www.amazon.com/favicon.ico",
"Alias": "am",
"Description": "Amazon product search"
},
{ "Name": "Amazon India",
"URLTemplate": "https://www.amazon.in/s?k={searchTerms}",
"Method": "GET",
"IconURL": "https://www.amazon.com/favicon.ico",
"Alias": "ai",
"Description": "Amazon India product search"
},
{ "Name": "Internet Archive",
"URLTemplate": "https://web.archive.org/web/*/{searchTerms}",
"Method": "GET",
"IconURL": "https://archive.org/favicon.ico",
"Alias": "ia",
"Description": "Web archive search"
},
{ "Name": "Ogle",
"URLTemplate": "https://www.google.com/search?q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.google.com/favicon.ico",
"Alias": "o",
"Description": "Ogle search"
},
{ "Name": "Ogle Images",
"URLTemplate": "https://www.google.com/search?tbm=isch&q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.google.com/favicon.ico",
"Alias": "oi",
"Description": "Ogle image search"
},
{ "Name": "Ogle NUSa",
"URLTemplate": "https://www.google.com/search?hl=en-US&gl=US&tbm=nws&tbs=sbd:1&q={searchTerms}",
"Method": "GET",
"IconURL": "https://ssl.gstatic.com/gnews/logo/google_news_192.png",
"Alias": "on",
"Description": "Ogle news search"
},
{ "Name": "IMDB",
"URLTemplate": "https://www.imdb.com/find?q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.imdb.com/favicon.ico",
"Alias": "im",
"Description": "Internet Movie Database search"
},
{ "Name": "Youtube",
"URLTemplate": "https://www.youtube.com/results?search_query={searchTerms}&sp=CAI%253D&persist_gl=1&gl=US",
"Method": "GET",
"IconURL": "https://www.youtube.com/favicon.ico",
"Alias": "yt",
"Description": "Youtube search"
}
]
},
"SearchSuggestEnabled": false,
"StartDownloadsInTempDirectory": false,
"UserMessaging": {
"WhatsNew": false,
"ExtensionRecommendations": false,
"FeatureRecommendations": false,
"UrlbarInterventions": false,
"SkipOnboarding": false,
"MoreFromMozilla": false
},
"comments": {
"c":" ╒═════════════════════════════════════════════════════════════╕",
"o":" | Name: Firefox Annoyances Reduction policies.json file |",
"m":" | Version: 2023.03.31 |",
"m":" | Usage: Copy this policies.json file to |",
"e":" | /etc/firefox/policies directory and then create |",
"n":" | your Firefox installations and profiles |",
"t":" ╞═════════════════════════════════════════════════════════════╡",
"s":" | Website: http://www.VSubhash.in |",
"e":" ╘═════════════════════════════════════════════════════════════╛"
}
}
}policies.json in detail
-
Cookies: Cookies are text files that are created by websites that you visit and stored by the browser in your profile directory. They exist even after you close the browser. When you visit the site again, the browser will let the site can read its cookie. Websites typically store your login details or your site preferences in the cookies. Cookies are not a problem if they were created by a site that you visited. When cookies are created by an advertising company like Google or Facebook, they can track your browsing habits. How does this happen? The sites that you visit are likely to run ads from Google, Facebook and other advertising companies. Thus, this cookie from the advertising company is a third-party cookie. It serves no purpose other than to track you.A knee-jerk response from a lot of people is that they are not criminals and they do not care if some tech company or a government tracks them. Some joggers in America who went past crime scenes were not so lucky. An all-powerful ‘AI’ software peddled to a police department at a high cost point flagged them as suspects. (Tracking Phones, Google Is a Dragnet for the Police; New York Times; 2019) A policeman would rather sit next to a computer and look at Facebook rather than go out and do some actual detective work. He would rather use your Google Watch to send you to jail rather than stake out real criminals. If you think that is wrong, then how will police departments modernize?
Marketers will also take away your money. Some years ago, I met a guy who worked for an American company that supplied pinball machines to casinos. I asked him what a pinball machine manufacturer had to do with software. He said that his job was to look at online profiles of casino visitors and determine how much free alcohol had to be provided for customers so they gamble everything away. The Cambridge Analytica scandal may have raised some eyebrows but advertising companies continue to sell user data to surveillance capitalists. This kind of social credit systems and CCTV networks have been paired up to great success in creating an Orwellian society in Communist China. Western countries have shown great interest in implementing the same for their citizenry. Several towns and cities have already implemented it. In some places, there have been bad publicity but in other places it goes on. India will also follow suit. If you think that is not good, then how will Indian government become smart?
After the passage of the USA Patriot Act in the aftermath of the 9/11 WTC attacks, ISPs and tech companies like Yahoo and Microsoft have been forced to sell user data to governments.
The Indian government does not pay for anything. They take everything for free. That is why foreign tech companies are very upset. In the US, the tech companies say freedom of speech is enabling hate speech. In India, they are condoning hate speech claiming it is freedom of speech. Everyone has a price.
You can block third-party cookies without losing any functionality. To be even more safe, you can make Firefox to clear all cookies when you close the browser. You may have to login again when you visit a secure site but for that you can use the browser's built-in password manager. Firefox allows you to save your usernames and passwords and will also autofill the login fields. Thus, the cookies functionality is required only for the session when you are logged in, not afterwards.
ExpireAtSessionEnd: Set this option totrueto make Firefox clear the cookies when you close the browser.Behavior: Set this toreject-foreignto block third-party cookies.BehaviorPrivateBrowsing: Set this toreject-foreignto block third-party cookies in private-browsing tabs and windows.
-
DisableAppUpdate: Set this totrue. Unlike in old versions, Firefox updates on its own and breaks a lot of add-ons and features with every new release. By changing the setting to false, you can decide when to update Firefox. Will you not be attacked by hackers who exploit bugs and zero-day vulnerabilities? No. You are suffering from a mild delusion about browser updates. Your browser is sitting on a stack of unfixed bugs and zero-day vulnerabilities that is as long as the distance between Earth and the Moon. Browser makers fix only those bugs that they think are urgent and whatever catches their whim or fancy.What you should do is create two Firefox installations and two Firefox profiles. You should update the first installation regularly and the second one rarely. Place your add-ons in the second and use it only for casual browsing such as reading news or consuming RSS feeds. Use the first one for financial transactions or sites that require you to log in. No, you do not have to log in to your Google account to perform your search or watch a video. Google will show numerous popups telling you how jolly it is to log in. Ignore them. Nothing adverse will happen. You do not have to log in to Facebook or Twitter either. Delete your social media accounts if you can. Get yourself away from its toxicity.
- Create a casual-browsing profile for the old browser. Give the profile a name such as 'ole'.
/opt/firefox-old/firefox --ProfileManager - Create a launcher with this command so that you can run the rarely updated Firefox installation with the casual-browsing profile ('ole').
/opt/firefox-old/firefox -P ole - Create a secure-browsing profile for the new browser. Give the profile a name such as 'nuovo'.
/opt/firefox-new/firefox --ProfileManager - Create a launcher with this command so that you can run the regularly updated Firefox installation with the secure-browsing profile ('nuovo').
/opt/firefox-new/firefox -P nuovoDo not install any add-ons in this profile. Every add-on that you install is another pair of eyes on your data.
The
/optdirectory belongs toroot. If you extract Firefox download file to your home directory and then copy it to/opt, then the Firefox directory will have your user permissions. That would mean Firefox will be able to update itself when you run it. Setrootpermissions on these Firefox installation directories.sudo chmod -R root /opt/firefox*These Firefoxes will run from the read-only
/optdirectory but will be able to create their profile directories in your home directory — the writeable~/.mozilladirectory.Remember that you must first create the
policies.jsonin its proper location and then create the profiles and installations. - Create a casual-browsing profile for the old browser. Give the profile a name such as 'ole'.
DisableBuiltinPDFViewer: When you click on a PDF document link, the document opens like a web page and disappears when you close the browser! Set this option totrueif you want the document saved to the hard disk and then open in Evince or whichever PDF reader you have installed.DisableFirefoxStudies: Set this option totrue. No amount of 'studying' seems to be helping Mozilla. I would not have written this article if it did. Unless you are a beta tester, Firefox does not have to study anything.FirefoxHome:Search: Set this option tofalse. The search URL has some tracking information. You also do not want to notify Google every time you start your browsing.TopSites: Set this option tofalse. If the browser is listing your top sites, then that means Firefox is monitoring your browser activity.Highlights: Same ole… same ole.Pocket: Set this option tofalse. Requires you to create an account with Mozilla so they can track you better.Snippets: Ditto.Locked: Set this option totrue. To prevent yourself from mistakenly changing any of the settings.
DisableFirefoxAccounts: Set this option totrue. Do not create any Firefox accounts. Mozilla says it does not have money to develop the Thunderbird email client but they have money for creating accounts for millions of users? They seem to have misplaced priorities.DisablePocket: 🙄 ⇑ 🙄 ⇑ 🙄 ⇑DisableFirefoxStudies: Ye, beta tester! Not one? Set this option totrue.DisableTelemetry: ⇑ 🙄 ⇑ 🙄 ⇑ 🙄DisplayMenuBar: Firefox developers stole this ‘innovation’ from Chrome. Options means decisions. Decisions means thinking. Chrome users do not think. Google thinks for them. If you are the scary type that thinks, set this option totrue.-
DNSOverHTTPS: SetEnabledto false because this is an excuse to send data to Cloudflare (a.k.a. Amazon). You do not trust your ISP but you trust Amazon? Who is paranoid now?When internet commerce was taking off, web programmers everywhere were developing their own undocumented secure login systems. The US government was taking forever to break these independent encryption layers. So, https was created. With this protocol, a secure tunnel was created between the browser and the web server. Web programmers were encouraged to just buy an SSL certificate and stop writing their own security protocols. Now, all that the US government needs to do is cite national security and obtain a copy of the private key of the SSL certificate from the Certificate Authority (CA). Then, they can spoof the website or intercept its communications. In 2017, Wikileaks claimed that the US government had tried to impersonate Kaspersky Labs (of Russia) by somehow obtaining the SSL keys from Thawte (a CA started by the Ubuntu founder but now owned by Symantec). Did they steal the keys or did they ask for it with a national security letter (NSL)? The American Civil Liberties Union (ACLU) has this to say about NSLs:
The National Security Letter provision of the Patriot Act radically expanded the FBI's authority to demand personal customer records from Internet Service Providers, financial institutions and credit companies without prior court approval.
Through NSLs the FBI can compile vast dossiers about innocent people and obtain sensitive information such as the web sites a person visits, a list of e-mail addresses with which a person has corresponded, or even unmask the identity of a person who has posted anonymous speech on a political website. The provision also allows the FBI to forbid or "gag" anyone who receives an NSL from telling anyone about the record demand. Since the Patriot Act was authorized in 2001, further relaxing restrictions on the FBI's use of the power, the number of NSLs issued has seen an astronomical increase. The Justice Department's Inspector General has reported that between 2003 and 2006, the FBI issued nearly 200,000 NSLs. The Inspector General has also found serious FBI abuses of the NSL power.
…
This was eons ago. Wonder what they have been doing since then.
DontCheckDefaultBrowser: Set this option totrue. If you are running multiple browsers or profiles, YOU should manually set the default browser.Homepage:URL: Set this to an empty string. No home page means faster loads.Locked: Set this option totrue. Don't let a browser update to mess with these settings.StartPage: Set this tonone. No distractions. No tracking. No delays.
ManualAppUpdateOnly: Set this option totrueto prevent Firefox from checking or downloading updates.NetworkPrediction: Set this option tofalseto prevent Firefox from making unnecessary queries.NoDefaultBookmarks: Set this option totrue. Less clutter.OverrideFirstRunPage: Set this to an empty string. First thing that it does after installation is phone home. 😉OverridePostUpdatePage: Set this to an empty string. We are not going to the doctor so no need to send us a bill.PDFjs: How many avtars does it have? SetEnabledtofalse.Permissions: Browsers can now access your microphone and web camera. The latter has an indicator that lights up when it is being accessed. The microphone has nothing. Block everything, unless you need to do teleconferencing. If you are not recording anything, put some black tape on the web cam. In your computer's audio configuration settings, enable only the output devices. That will disable the microphone (an input device) at the OS level.Camera: SetBlockNewRequestsandLockedto true.Microphone: Ditto.Location: Ditto.Notifications: Ditto.VirtualReality: Ditto.Autoplay: Prevent videos in unopened tabs from playing automatically. If you open multiple tabs, the videos can lock up your bandwidth and also kill your browser/tab process. SetDefaulttoblock-audio-videoandLockedtotrue.
-
Preferences: These areabout:configsettings that you could automatically set from this json file.browser.safebrowsing.*.enabled: Set these options tofalse. No need to verify every requested domain or file with Google for a malware check. Do not visit bad sites and do not click on bad downloads. You are on your own now.browser.sessionstore.resume_from_crash: Set this option tofalse. You do not want a banking website to reload after a crash.browser.tabs.closeWindowWithLastTab: I wonder if Chrome kills itself when you close the last tab. I bet it stays on till kingdom come. Firefox just uses any excuse to quit on you. What if you wanted to open new tabs from a clean slate? Set this option tofalse.dom.event.clipboardevents.enabled: This setting is useful on sites that let you copy URLs or some other important text with just a click instead of aCtrl+Con a text selection. Some other sites take this opportunity to add unwanted text such as their site name and URL into the copied text. Set this option tofalseif you get annoyed by the spammers.dom.event.contextmenu.enabled: Some sites, such as those run by particularly Indian banks, block the right-click menu. Set this option totrueif you want the menu.browser.search.suggest.enabled: Just as you do not want search engines from tracking your searches, you should not know what others have been searching. It can get very disgusting, particularly with Google. Set this option tofalse.media.mediasource.enabled: Even though I now have high-speed Internet, I cannot reliably stream videos. My video player box hangs in the middle of things. Instead of getting annoyed, I just go to a video channel, mass-download all interesting videos and then see them offline. I have a Greasemonkey script for this. It does not work if this setting is set totrue. There are add-ons that can download mediasource videos too but I prefer to do my own thing.
On my computer, I used my nuovo Firefox installation to see Amazon Prime videos. I had to enable DRM in the settings. After binge-watching a few TV sitcoms that I failed to complete a decade ago, I stopped using it. All new movies and TV sitcoms seem stupid. I now exclusively watch 80s movies and TV sitcoms from the 60s, 70s, 80s and 90s. The new millennium is dead to me. TubiTV has a huge library of old and new movies and TV serials. It is ad-supported but the ads are few and far between.
If you want to break out of the browser, then you can run the entertainment software Kodi, which in turn supports streaming services such as TubiTV and Plex. My recent LinuxMint installation offered another alternative — Hypnotix.
NewTabPage: No, you do not need that. What you need isabout:blank. Set this option tofalse.SanitizeOnShutdown: Make Firefox to automatically delete cookies, cache files, downloads list, history log, sessions and offline app data (an extended version of cookies) when it is closed.SearchBar: Set this option toseparate. Otherwise, you will end up searching everything with just one search engine.SearchSuggestEnabled: Search engines store everything you search, even your corrections. Set this option tofalse.UserMessaging: You be the judge. You decide. Do not outsource your decision-making to marketers. SetWhatsNew,ExtensionRecommendations,FeatureRecommendations,UrlbarInterventions,SkipOnboarding,MoreFromMozillatofalse.
ESR-only policies.json options
Some policies.json options are only supported in Firefox ESR (Extended Support Release) versions. These versions are much less frequently updated than ordinary Firefox versions. The ability to automatically add new search engines and remove built-in search engines is available only in ESR. (Mozilla has stopped support for OpenSearch search engine add-ons.)I use these additional options in my policies.json file.
"SearchEngines": {
"PreventInstalls": false,
"Add": [
{ "Name": "Bing",
"URLTemplate": "https://www.bing.com/search?q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.bing.com/favicon.ico",
"Alias": "bi",
"Description": "Bing search engine"
},
{ "Name": "DuckDuckGo HTML",
"URLTemplate": "https://html.duckduckgo.com/html/",
"Method": "POST",
"IconURL": "https://duckduckgo.com/favicon.ico",
"Alias": "dh",
"Description": "DuckDuckGo HTML search engine",
"PostData":"q={searchTerms}"
},
{ "Name": "DuckDuckGo Plain",
"URLTemplate": "https://duckduckgo.com/?q={searchTerms}",
"Method": "GET",
"IconURL": "https://duckduckgo.com/favicon.ico",
"Alias": "dd",
"Description": "DuckDuckGo ordinary search engine"
},
{ "Name": "Flipkart",
"URLTemplate": "https://www.flipkart.com/search?q={searchTerms}",
"Method": "GET",
"IconURL": "https://static-assets-web.flixcart.com/www/promos/new/20150528-140547-favicon-retina.ico",
"Alias": "fk",
"Description": "Flipkart product search"
},
{ "Name": "Amazon",
"URLTemplate": "https://www.amazon.com/s?k={searchTerms}",
"Method": "GET",
"IconURL": "https://www.amazon.com/favicon.ico",
"Alias": "am",
"Description": "Amazon product search"
},
{ "Name": "Amazon India",
"URLTemplate": "https://www.amazon.in/s?k={searchTerms}",
"Method": "GET",
"IconURL": "https://www.amazon.com/favicon.ico",
"Alias": "ai",
"Description": "Amazon India product search"
},
{ "Name": "Internet Archive",
"URLTemplate": "https://web.archive.org/web/*/{searchTerms}",
"Method": "GET",
"IconURL": "https://archive.org/favicon.ico",
"Alias": "ia",
"Description": "Web archive search"
},
{ "Name": "Ogle",
"URLTemplate": "https://www.google.com/search?q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.google.com/favicon.ico",
"Alias": "o",
"Description": "Ogle search"
},
{ "Name": "Ogle Images",
"URLTemplate": "https://www.google.com/search?tbm=isch&q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.google.com/favicon.ico",
"Alias": "oi",
"Description": "Ogle image search"
},
{ "Name": "Ogle NUSa",
"URLTemplate": "https://www.google.com/search?hl=en-US&gl=US&tbm=nws&tbs=sbd:1&q={searchTerms}",
"Method": "GET",
"IconURL": "https://ssl.gstatic.com/gnews/logo/google_news_192.png",
"Alias": "on",
"Description": "Ogle news search"
},
{ "Name": "IMDB",
"URLTemplate": "https://www.imdb.com/find?q={searchTerms}",
"Method": "GET",
"IconURL": "https://www.imdb.com/favicon.ico",
"Alias": "im",
"Description": "Internet Movie Database search"
},
{ "Name": "Youtube",
"URLTemplate": "https://www.youtube.com/results?search_query={searchTerms}&sp=CAI%253D&persist_gl=1&gl=US",
"Method": "GET",
"IconURL": "https://www.youtube.com/favicon.ico",
"Alias": "yt",
"Description": "Youtube search"
}
]
},Go to this URL and download a Firefox version marked as ESR for your OS.
The TheyTube search by default uses the ‘relevance’ filter. By this, they refer to spammy irrelevant mainstream media videos that have been artificially boosted to the top. The custom search engine added by my policies.json uses the ‘upload date’ filter. This will bring in most recent results by independent Youtubers. If you do the same search from the search box in the Youtube web page, the results will default to their hated ‘relevance’ filter. Another thing that the option does is change the location to the US. I hate it when videos from Hindi news channels come up in the first page when I am looking for videos in English.
Pale Moon
One of the great features of the old Opera and Firefox was their support for user styles (see my article The Utility of User Scripts (JS) and User Styles (CSS) from 2016). Some of us who can write CSS styles would customize web pages (from any website) with user styles. These styles were placed in the userContent.css file in the chrome directory of the current Firefox profile. Mozilla has removed this functionality. Now, the user styles functionality can only be used using an add-on. I used to use the add-on Stylus but now I have switched to a different browser.
I have switched to a Gecko-based fork of the Firefox browser called Pale Moon. It does not support the latest CSS styles but it gets security updates. The project says that it is built for new processors. On my decade-old laptop, it struggles to load script-heavy sites like Youtube. On other sites, it seems fine. Pale Moon supports userContent.css, RSS, XUL/XPCOM add-ons and themes, customizable toolbars and all the fun good stuff that Mozilla removed from its browser. Pale Moon also has support for NPAPI plugins (Adobe Flash, Java,…) but this is available only when you manually install the plugins so no worries. Best of all, Pale Moon has no telemetry and other 'studying' stuff. It even supports my OpenSearch XML-based custom search engine add-ons that I created to remove tracking parameters from search URLs.
I still use Firefox for banking and other secure activities. Rest of my browsing is in Pale Moon. With Pale Moon, I am able to use the old DownThemAll download manager and the Bamboo RSS reader. If you do not visit questionable websites and do not mindlessly click on every prompt, you should be fine too.
Mojeek and Ecosia
Pale Moon introduced me to two new search engines. Both say they will not track you, something DuckDuckGo promised and then reneged. (DuckDuckGo recently revealed that they do not block Bing trackers and have been censoring the news a.k.a. Russia Today.) Ecosia is based on the Bing search engine. It says 100% of its profits will go for climate action with 80% going to tree-planting. (Somebody should tell them that more trees means more CO2 at night.) Mojeek seems to have their own independent search engine.
HOSTS file
Having a 'blocking' hosts file is the most effective way to reduce the environmental footprint of your browsing activity. Javascript and fonts from Google and social media sites are the #1 reason for the slowness of the Web. Their Javascript blocks the rendering of web pages and cumulatively contribute to your electricity and internet consumption bills. And, if you believe in Global Warming, then that too. (You are killing those poor polar bears with your social media posts!) When you use a blocking hosts files, the included domains are pointed back to your computer. Your computer just says 'not found' and the browser abandons those requests.
I use a hosts file from this project:
It provides several combination of domains serving ads, social media, ʇ-n-ɯ-s, and malware. After replacing your /etc/hosts file with a blocking hosts file, web pages will load faster. You will not see any ads. You may see some blank boxes in webpages where the ads were supposed to load but otherwise there will be no problem. Some websites will detect this and prompt you to disable your ad-blocker. Just refresh the page when this happens.
Disable Javascript
You can disable ads, popups, and notifications in one fell swoop by disabling Javascript. I use a Firefox add-on called 'Javascript Toggle On and Off' for this. It is great for reading news sites. You would not believe how many prominent Indian and international news sites have implemented their paywall using CSS or Javascript. It is ridiculous. When you disable Javascript, you will not be able to log in to secure sites but on other sites it really smoothens the browsing experience. There are lots of ‘framework-heavy’ sites that rely on Javascript for everything and cannot display even a comma without Javascript. These sites are not search-engine-friendly or accessibility-friendly. Avoid them.
DNS
Do not set the DNS servers in your modem configuration to 8.8.8.8 or 8.8.4.4 (both from Google) or 1.1.1.1 (from Cloudflare ~ Amazon). Instead, use the DNS provided by your ISP or from other free DNS services such as Comodo (8.26.56.26 and 8.20.247.20) or OpenDNS (208.67.222.123 and 208.67.220.123). Spread your Internet footprint across several providers and make it thin out. Do note that these alternative DNS servers provide family-safe filtered results.
Wired connections
Wired LAN connections provide the best speed and security. Having a wireless router is an invitation to hackers, criminals and terrorists. Even the Bluetooth chip in a phone is a vulnerability beacon. If you go to a crowded place and do a scan of Bluetooth devices, you will be surprised how many phones have their Bluetooth connections turned on. Most phone owners do not even know what Bluetooth is. They just go on with their lives none the wiser. With so much e-commerce being done on mobile phones, Bluetooth and Wi-Fi connections pose a serious security threat. Even non-tech-savvy citizens are being forced to use mobile phones for availing various government services. They are the most vulnerable. Wired internet and mobile internet should be the first choice. When one of these is available, Wi-Fi and Bluetooth connections should be disabled.
Tor browser
IMHO, Tor is a honeypot project like crypto mining. In the last few years, several mainstream investors had piled into the crypto hole and lost hundreds of billions of dollars. Similarly, Tor has received a lot of hype and fans claim that it will definitely make you anonymous. It is open source, they say. Even TrueCrypt was open source. After the developers suddenly quit in 2014, suspicion arose whether the software was another honeypot. OpenBSD is also open source. In 2010, there was a controversy about FBI contractors placing a backdoor in it.
In 2013, the owner of a small Utah-based ISP revealed that when the NSA wants to monitor someone they place a black box in the telecom equipment and all Internet traffic to and from the customer is routed through it. The US government does not even bother with a court warrant. They just write a ‘national security letter’ and ISPs are constrained from disputing it or revealing its existence in a court. But, when the customer uses Tor, they do not bother with all that hassle. They have other means to monitor Tor users! (When the feds come knocking: The tale of a Utah ISP, a secret court order, and a little black box; ZD Net; 2013)
Tor may make you anonymous to websites but it will not make you invisible to governments and infosec professionals. Like VPN, there is a Tor service provider to whom traffic is routed. It is a mater of time before a government or a court contacts the service provider and seamlessly replaces the Tor service with an imitation. After that, it is self-incrimination time.
Chrome alternatives
Sure, there are Chrome alternatives like Opera, Edge, Brave and Vivaldi. When Microsoft Edge made the switch to Chromium engine, they revealed that they had replaced several Google-related dependencies from the open-source code. It was quite a long list. (Microsoft reveals all the Google things it removed in its Chromium Edge browser; The Verge; 2019) Microsoft had their own proprietary replacements. How much did the other Chrome alternatives remove?
Summary
- If you want to be anonymous, do not use mobile phones or the Internet.
- If you want to protect yourself from hackers, do not use Wi-Fi or Bluetooth.
- If you want to be anonymous to marketers, use the HOSTS blocking file and modify your Firefox settings.