Improve Firefox's privacy settings with these 6 tweaks
Mozilla's Firefox is more private than Chrome, but it only takes a few changes to boost your privacy even more.
Firefox is one of the best mainstream browsers for protecting your online privacy. The browser's parent company, Mozilla, is well-known for taking a principled stance to protect their users, and regularly launches features and campaigns aimed at minimizing tracking.
Despite this, there are some elements of the Firefox web browser that leak some of your private data. So much of the internet is built around tracking and data collection, that to remove it entirely may cause some websites and apps to break.
However, if you are comfortable with some of the risks, you can improve Firefox's privacy settings with some of these improvements and tweaks.
Why should you use Firefox?
Firefox is one of the leading alternatives to Google Chrome. While there are a lot of browsers out there, many of them are based on Chromium, the open-source edition of Chrome. This is still heavily integrated with Google servers and services. Because of this, it is not recommended to use any Chromium-based browser.
Mozilla's Firefox web browser has long been favored by privacy advocates and those who believe in the open foundations of the internet. Mozilla's browser is open-source and takes a hard-line approach to security and privacy. Unlike the Chrome Webstore, where anyone can upload extensions, applications featured in the Firefox Add-Ons library must be signed by Mozilla.
The browser also blocks third-party cookies by default, enables you to choose whether to share your browser fingerprint with a specific site, and gives you granular control over your browser's privacy settings. On top of this, Mozilla is outspoken in its support for internet freedoms, your right to privacy, and appropriate internet regulation.
While these are all commendable features and policies, Firefox isn't entirely private by default. As the internet has evolved, some web technologies need data from the browser to function properly. Not every site needs this, though, but in the interests of creating a user-friendly experience, there have to be compromises.
However, you can use some of the following tweaks to make Firefox even more secure and private.
- Change your Firefox settings
For the privacy-minded, your first port of call should be the browser's main settings menu. This can be accessed by opening the hamburger menu on the top right of the browser, and selecting Preferences.
There's a good chance that you would rather Google wasn't your default search engine on Firefox. On the left-hand panel, select Search. Under Default Search Engine, you can then decide on your preferred search provider. One of the most common choices is the privacy-focused DuckDuckGo.
The most important area of Preferences is Privacy & Security. The first choice is your level of Enhanced Tracking Protection. As previously mentioned, Firefox blocks some elements of tracking by default, but you can strengthen this. You can opt into blocking some or all cookies, tracking content, cryptominers, and brower fingerprinters.
A warning, though: adjusting these settings may cause websites to break. If this does happen when visiting a site, navigate to the left of the address bar and click the shield logo. You can then disable tracking protection for the site.
2. Adjust Firefox permissions
It's also possible to instruct Firefox to send a Do Not Track signal to every website you visit. This is worth enabling, but most sites ignore this request. There's also the tried-and-tested history, cookie, site data, and saved passwords settings. As you browse the internet, you download and save data to your device. These settings allow you to prevent this and clear any existing data.
Websites may also request access to your device's sensors and information. There are five permission categories; Location, Camera, Microphone, Notifications, and Autoplay. You can adjust all of these permissions to your desired level. When you visit a website that requires one or more, a small pop-up will appear asking you to approve this use temporarily, permanently, or deny the request.
3. Modify Firefox security settings
By default, Firefox collects data about you and your browsing. This is used to improve the browser and to bolster your online security. On the whole, this is a good thing, allowing you to securely browse the internet with little guidance. However, to do so, Firefox sends some of this data to third-party services.
Navigate to Preferences > Privacy & Security > Firefox Data Collection and Use. This is where you can opt in or out of Firefox's data gathering. You can choose whether to send technical and interaction data to Mozilla, opt in to Firefox Studies, and allow the browser to send backlogged crash reports.
Under Security > Deceptive Content and Dangerous Software Protection there is an option to block dangerous and deceptive content. Although there to protect you, these are among the browser's most privacy-invading features. Websites you visit are checked against a known blacklist of malicious sites. Downloaded files are compared against a similar list, but this is provided by Google's Safe Browsing service.
While disabling these services may improve your privacy, they will decrease your online security. If you choose to disable them, then it is a good idea to strengthen your other digital security techniques, especially on your local device.
4. Strengthen Firefox privacy settings
Although the Firefox settings menu gives you a range of features to adjust, there are far more powerful options to be found on the about:config page. To access this hidden list, you'll need to type about:config into the web address bar of your browser. A warning will appear with the heading 'Here Be Dragons'.
This warning is a signal to those who are curious that changing these settings can have unexpected consequences on your browsing experience. It's important to note this, as any changes made here could result in errors, data loss, and browser crashes. However, if you are willing to accept the risk, there are plenty of ways to customize your Firefox installation.
- browser.send_pings: Set this preference to 'false' to prevent websites tracking your clicks on a page.
- browser.sessionstore.max_tabs_undo: You can disable the tracking of your browsing history, but Firefox still captures some browsing data. This is used to provide the Undo Close Tab function. Set this preference to '0' to prevent data collection.
- browser.sessionstore.privacy_level: During your browsing session, Firefox stores some data temporarily, like form content, scrollbar location, and some cookies . Set to '0' to store all data, '1' to store data for non-HTTPS sites, and '2' to never store this data.
- browser.urlbar.speculativeConnect.enabled: Firefox can autocomplete URLs to make web navigation quicker and easier. However, this means sending some data to third-parties. Change this preference to 'false' to disable autocomplete.
- dom.event.clipboardevents.enabled: This preference can be used to tell websites when and what you have copied and pasted from a site. Set this to 'false' to disable this function, but note that some sites, like the WordPress editor, won't work correctly.
- media.navigator.enabled: Set this preference to 'false' to prevent websites tracking the status of your camera and microphone.
- plugin.scan.plid.all: Set this preference to 'false' to prevent plugins from viewing a list of your installed plugins and extensions.
During your session, Firefox will download data from around the internet and sites you visit and temporarily store it in the cache. If you want Firefox to disable cache, ensure the value is set to 'false' for the following preferences:
- browser.cache.disk.enable
- browser.cache.disk_cache_ssl
- browser.cache.memory.enable
- browser.cache.offline.enable
- browser.cache.insecure.enable
Additionally, there are a number of preferences that are used to store and send telemetry data to Mozilla. Use the search bar in about:config to locate all preferences that include the word 'telemetry.' Each of these performs a different function, so check their utility using MozillaZine's About:Config Entries directory.
5. Install privacy-focused Add-Ons
While there are a lot of opportunites to customize the browser, sometimes the best solution is to install a privacy-focused add-on.
- CanvasBlocker: Firefox is now able to block browser fingerprinting, but this add-on had been providing the service for many years before Mozilla enabled the feature. There have been over 700,000 installs of CanvasBlocker to date. To put your mind at ease, their privacy policy simply states "CanvasBlocker does not collect any data."
- Privacy Badger for Firefox: This add-on is developed by the EFF, one of the internet's leading privacy advocacy groups. Privacy Badger doesn't operate a blocklist, instead choosing to analyze traffic in real-time. The extension looks for any third-party site that requests tracking information after it has recieved your Do Not Track request. Privacy Badger will then block sites participating in this behavior.
- uBlock Origin: There are many blocklists and filters available to download and utilize from a wide variety of sources. To make the most of these lists, you should install uBlock Origin. The add-on allows you to import these lists and makes it easy to mange them, too. uBlock Origin is open-source and collects no data.
6. Disable WebRTC in Firefox
Many of us now use VPNs to protect our privacy and hide our browsing from prying eyes. However, your true IP address may still be leaking due to a protocol called WebRTC. This protocol enables real-time communications across the web. While it is a useful feature, the implementation of it causes privacy issues.
Even with tracking protection turned on alongside your VPN, websites may still be able to view your real IP address. This leak massively compromises your privacy, and undermines much of the effort you've already put in to strengthen your privacy. However, it is possible to disable WebRTC.
To disable WebRTC in Firefox, navigate to about:config, search for media.peerconnection.enabled, and set this attribute to 'false'. To verify if your IP address is still leaking, use a site like IPLeak.net. If this service returns anything other than your VPN provider's IP address, then WebRTC may still be leaking your data.
In this case, head back to about:config and ensure these attributes are set as follows:
- media.peerconnection.turn.disable = true
- media.peerconnection.use_document_iceservers = false
- media.peerconnection.video.enabled = false
- media.peerconnection.identity.timeout = 1
Is Firefox safe?
Mozilla's Firefox web browser is one of the most privacy-friendly and secure web browsers available today. Unlike some of its competitors, Firefox is not based on Google's Chromium project, and renders content with the Gecko engine instead.
Mozilla is well known for its principled stand on user privacy, too. The tweaks we've discussed here help strengthen the browser's privacy credentials, so long as you don't mind some trade-offs.
If you prefer the Chrome experience, but you're looking to ditch Google's tracking, the Brave Browser is an excellent alternative. It's Chromium-based, so all your extensions will work, and it uses the Basic Attention Token to pay you for watching privacy-friendly ads.