Dear Freedom-est people on the entire internet, (if I may say so myself) I want to contribute.
I wanted to say that I deeply appreciate your work to make the world a better place in just the way that you are doing it. To a huge amount of people, you are the very last bastion of freedom on the internet and the very last end-all browser option for those who could not and will never accept google chrome, and for some people who do not even trust "TOR" or are extremely upset with the direction that base firefox has grown into. I'm not in any way trying to overinflate anyone's ego but you absolutely must understand that you are the very last and final and only choice for people who want a freedom and privacy loving browser that does one thing and does it good. you are Michael Jackson's "This Is It" and nobody else in the whole entire world is doing what you are doing; You Must understand the importance of what you are doing and how many people love you for it and depend on you. I know, alot of pressure, but it's all okay thanks to you. We the people, who use GNU icecat are the type of people who operate on the principles of freedom and privacy not because we can or can not; regardless of all limitation, because we should. we are strongly against the saying "if you have done nothing wrong, you have nothing to worry about" and look at how the holocaust turned out. We are common and ordinary people who have become completely sick and tired of being lied to and taken advantage of. we just want to be free now and we want to work together to achieve that. I have sent this message to the following emails: [email protected] [email protected] [email protected] [email protected] [email protected] Please be careful and do not assume that any or all of the other fsf or gnu emails have successfully recieved or taken a moment to read the email because I fear that it may go completely overlooked. I didn't want to appear as if I was spamming, so I'm being upfront, clear, and honest by emailing you and telling you who I emailed so that you can coordinate properly or show the correct people who are really meant to read this, the relevant information. I'm begging you to please take a moment to really read this. just sit and enjoy an avocado or something that you like and really take this in. I did a great deal of extensive high effort research and made alot of improvements to my copy of gnu icecat. I wanted to share with you an extensive list of mostly uncommon about:config modifications that a large majority of the internet simply doesn't know about or barely mentions anywhere. Please do not that I had to make many of these changes myself because GNU icecat did not come with them built-in by default and that is one of the main reasons why I feel that I must make you aware of them. I chose to make other people aware of this so that GNU icecat could improve and give users an even better experience, rather than lazily keep these to myself after discovering them. Below this point I have listed a very extensive list of well worth mentioning about:config changes that are not included by default. I have also included some "back story" to explain different things as well as a list of addons that I feel deserve a good mention. I have been using the latest https://ftp.gnu.org/gnu/gnuzilla (please note that I prefer "https") About Config List: to protect against SSLv3 exploit you can use the mozilla addon "SSL version control" or set security.tls.version.min = 1 in about:config for Mozilla Firefox. To restore change the value back to the security.tls.version.min = 0. That's it. never use a main base distribution. the underdogs are your friends. Also, I know that this seems like alot but if you just try to get through it all its a big relief when you are done overhauling the whole thing. I also want everyone to understand that almost all of this garbage and bloat has no excuse to be in the browser in the first place and reveals just how far down the slippery slope internet browsers have gone. The fact that users actually need to un-google and un-facebook and security harden their browsers in the first place, even change them from what they originally are from vanilla, is unacceptable. remember to explore "about:permissions" as well. remember to search in about config: "handlerservice" "scan" "beacon" "healthreport" "profiler" "profile" "health" "service" "avatar" "handler" "diagnostics" "marketplace" "account" "google" "facebook" "microsoft" "social" "sync" "promo" "ringtone" "ajax" "media" "pocket" "browser.send" "peer" "bing" "yahoo" "datareporting" "duckduckgo" "loop" "hello" "geo" "geoip" "tool" "toolkit" "statistic" "monitor" "inspector" "warning" "trace" "host" "remote" "wifi" "scan" "forbid" "experiment" (disable all experiments) "error" "reporting" "report" "crash" "cell" "ping" "errorreporting" "share" "exception" "black-box" "learn" "buzz" "privacy" "private" "support" "screenshot" "uitour" "sync" "telemetry" "screensharing" "broadcast" "logging" "gecko" "log" "server" "status" "app" "sync" (Disable almost everything in sync) "browser.safebrowsing" as they have huge amount of URL to delete or settings to disable. "URL" and "URI" alone has a huge amount of really stupid pointless and useless urls to delete. (set all "autoupdate" "auto" "update" search results to false for more control) (unless you want update all your addons one by one, don't delete the urls that update your addons. Don't mess with things that say "" "addon" "extension" "update" "" in the setting or you might not be able to update.) and don't delete: extensions.update.url extensions.update.background.url) also don't delete your "certs" it will mess up your certificates. search "disk" and "cache" and "browser.cache" in about:config and don't let cache or disk store anything. also search and stop "dom.storage" also search each and every one of these seperately because not surprisingly, different things come up. also search "dom" and disable most of the things inside. (search these so they come up) understand that other results may show up along side the results, may be worth disabling/enabling/deleting the url services.sync.prefs.sync.browser.search.update FALSE media.autoplay.enabled FALSE layout.css.report_errors FALSE devtools.remote.wifi.scan FALSE experiments.supported FALSE dom.mozApps.used FALSE browser.newtabpage.directory.ping DELETE URL browser.newtabpage.directory.source DELETE URL dom.idle-observers-api.enabled FALSE browser.cache.frecency_experiment 0 extensions.blocklist.url DELETE (its up to you to not install unsafe addons from unsafe places now.) datareporting.healthreport.nextDataSubmissionTime (delete url) network.http.pipelining TRUE beacon.enabled FALSE browser.urlbar.trimURLs FALSE (makes the url bar show the true url) dom.battery.enabled FALSE browser.safebrowsing.downloads.remote.enabled FALSE browser.safebrowsing.downloads.enabled FALSE browser.download.manager.addToRecentDocs FALSE readinglist.server DELETE URL gecko.handlerService.allowRegisterFromDifferentHost FALSE offline-apps.allow_by_default FALSE app.update.auto FALSE devtools.webide.monitorWebSocketURL DELETE URL identity.fxaccounts.auth.uri DELETE URL browser.search.update FALSE identity.fxaccounts.settings.uri DELETE URL security.ssl.errorReporting.enabled FALSE security.ssl.errorReporting.url DELETE URL network.http.diagnostics FALSE network.allow-experiments FALSE services.sync.tokenServerURI DELETE URL dom.workers.sharedWorkers.enabled FALSE browser.tabs.remote.desktopbehavior FALSE extensions.dta.anticontainer.mergeids DELETE URL browser.fixup.domainwhitelist.localhost FALSE network.proxy.autoconfig_url DELETE URL media.webvtt.enabled FALSE experiments.manifest.uri (delete url) browser.search.geoSpecificDefaults FALSE browser.trackingprotection.updateURL DELETE URL browser.trackingprotection.gethashURL DELETE URL (yea right, protecting people from tracking by tracking them by having their browser call home to a url?) privacy.trackingprotection.enabled FALSE browser.uitour.url DELETE URL browser.geolocation.warning.infoURL DELETE URL loop.feedback.baseUrl DELETE URL loop.feedback.product DELETE URL loop.contacts.gravatars.promo FALSE loop.browserSharing.showInfoBar FALSE loop.CSP DELETE URL loop.ringtone DELETE URL loop.server DELETE URL loop.seenToS DELETE URL loop.showPartnerLogo FALSE network.http.pipelining.ssl TRUE network.http.proxy.pipelining TRUE media.getusermedia.screensharing.allowed_domains (delete url) browser.search.order. (delete urls) browser.search. (check this well) browser.search.geoip.url (delete url) media.getusermedia.screensharing.enabled FALSE network.http.max-persistent-connections-per-proxy Right click, select modify, set it to 15 network.http.max-persistent-connections-per-server set it to 15 network.http.max-connections-per-server set it to 15 network.http.pipelining.maxrequests also set to be 15 network.http.redirection-limit Set to 3 network.dns.disableIPv6 Set to true network.http.fast-fallback-to-IPv4 Set to false dom.popup_maximum set to 3 loop.support_url DELETE URL loop.legal.privacy_url DELETE URL loop.legal.ToS_url DELETE URL loop.learnMoreUrl DELETE URL loop.gettingStarted.url DELETE URL network.prefetch-next FALSE (disables prefetching) network.dns.disablePrefetch TRUE (extra layer of telling fox to not prefetch) disable google geolocation and reporting: dwhelper.social-share.service.google.enabled FALSE dwhelper.social-share.service.google_buzz.enabled FALSE geo.enabled FALSE geo.wifi.logging.enabled FALSE geo.wifi.uri (delete the value) browser.safebrowsing.appRepURL (delete the value) browser.safebrowsing.debug FALSE browser.safebrowsing.enabled FALSE browser.safebrowsing.gethashURL (delete the value) browser.safebrowsing.malware.enabled FALSE browser.safebrowsing.malware.reportURL (delete the value) browser.safebrowsing.reportURL (delete the value) browser.safebrowsing.updateURL (delete the value) services.sync.prefs.sync.browser.safebrowsing.enabled FALSE services.sync.prefs.sync.browser.safebrowsing.malware.enabled FALSE (take a break here and read how to fix the internet for everyone) - install TOR inspired software on EVERY router, complete unfiltered - force EVERYONE to use PGP, no exceptions - forbid non open source software in essential parts of using the internet (webbrowser, mail client...) - build a company which is only there for pen-testing, if something is found, they have to call/mail the website owner and inform him - build a company which is completly transparent, the only thing they do is build network hardware, everyone has the right to look into their files/production processes to verify there are no backdoors in the hardware - same for computer manufacturers - ISPs are forbidden to give "middle traffic speed", but they have to give you a minimum traffic speed, no throttling. (break is done, keep on going!) media.peerconnection.enabled FALSE browser.search.suggest.enabled DISABLE IT Turn off the new tab page, and makes it about:blank: browser.newtab.url => about:blank Increase the amount of connections/requests Firefox will make: network.http.pipelining.maxrequests => 15 network.http.max-connections => 15 network.http.max-persistent-connections-per-server => 15 Speed up the security delay when installing add-ons: security.dialog_enable_delay => 500 changing how your browser stores cache, and uses ram instead (but less ram overall) as a result. browser.cache.disk.capacity 0 browser.cache.memory.enable FALSE network.http.use-cache FALSE browser.cache.memory.max_entry_size 0 browser.cache.memory.disk FALSE browser.cache.disk.capacity 0 browser.cache.disk.enable FALSE browser.cache.disk.metadata_memory_limit 1 (just in case 0 might mean unlimited) browser.cache.disk.smart_size.enabled FALSE browser.cache.disk.smart_size.first_run FALSE browser.cache.disk.smart_size.use_old_max FALSE browser.cache.disk.smart_size_cached_value 0 browser.cache.disk_cache_ssl FALSE browser.cache.offline.capacity 0 browser.cache.offline.enable FALSE maybe useful in a tor browser setup, (accidentally clicked bad things never hits your disk): browser.cache.disk.parent_directory=/tmp/ffcache and put /tmp/ in ram. (there is no guaranteed way of making this work and often doesn't work for anyone, so its considered broken unless you can figure it out) dom.storage.default_quota 0 (1kB is ample to track so disabled completely *zero* is better) dom.storage.enabled FALSE Disable pings: browser.send_pings FALSE browser.send_pings.max_per_link 0 browser.send_pings.require_same_host TRUE (extra layer of protection) Disable suggestions on searchbar: browser.search.suggest.enabled FALSE Disable keywords: keyword.enabled FALSE browser.ssl_override_behavior => 2 Disable DNS proxy bypass: network.proxy.socks_remote_dns TRUE true would Have the proxy server perform DNS lookups false would Perform DNS lookups on the client (this is what you don't want) http://kb.mozillazine.org/Network.proxy.socks_remote_dns https://www.browserleaks.com https://panopticlick.eff.org ooooooooooooooooooooo also search through these to delete HUGE amounts of links from. datareporting browser.contentHandlers browser.safebrowsing browser.search gecko.handlerService ooooooooooooooooooo services.sync.prefs.sync.browser.search.update FALSE services.sync.prefs.sync.browser.search.selectedEngine FALSE browser.search.update.interval (set to ZERO ) browser.search.searchEnginesURL ERASE URL datareporting.healthreport.service.firstRun DISABLE IT datareporting.sessions.current.clean DISABLE IT toolkit.telemetry.enabled DISABLE IT browser.search.suggest.enabled DISABLE IT media.peerconnection.enabled DISABLE IT geo.enabled DISABLE IT toolkit.telemetry.infoURL (delete url) toolkit.telemetry.server (delete url) network.websocket.enabled FALSE network.http.sendSecureXSiteReferrer FALSE services.sync.prefs.sync.privacy.trackingprotection.enabled FALSE dom.event.clipboardevents.enabled FALSE services.sync.prefs.sync.browser.safebrowsing.enabled FALSE services.sync.prefs.sync.browser.safebrowsing.malware.enabled FALSE typing in "safebrowsing" will show many options media.eme.enabled FALSE media.gmp-eme-adobe.enabled FALSE search adobe and disable these, might break flash, but why are you using flash!!! loop.enabled FALSE camera.control.face_detection.enabled (VERY CREEPY) FALSE device.sensors.enabled FALSE security.tls.unrestricted_rc4_fallback FALSE security.tls.insecure_fallback_hosts.use_static_list FALSE pdfjs.disabled TRUE extensions.blocklist.enabled FALSE (delete all these links after searching "extensions.blocklist", or firefox sends data without permission, beware: its up to you to not install unsafe addons from unsafe places now.) network.http.speculative-parallel-limit (SET TO ZERO) disable your live bookmarks and rss feed bookmarks and delete them as well, only use ordinary bookmarks. browser.aboutHomeSnippets.updateUrl (delete the url) browser.startup.homepage_override.mstone (set the value to ignore) extensions.getAddons.cache.enabled FALSE dom.ipc.plugins.flash.subprocess.crashreporter.enabled FALSE toolkit.crashreporter.infoURL DELETE URL breakpad.reportURL DELETE URL toolkit.crashreporter.infoURL DELETE UR browser.pocket.enabled DISABLE webgl.disabled TRUE dom.server-events.enabled FALSE media.peerconnection.enabled FALSE media.peerconnection.use_document_iceservers FALSE media.peerconnection.video.enabled FALSE media.navigator.enabled FALSE media.navigator.video.enabled FALSE media.navigator.permission.disabled TRUE dwhelper.social-share.service.facebook.enabled FALSE also search "facebook" and delete all the links unless mentioned in an extensions prefs facebook will be mentioned if you block facebook in noscript. social.manifest.facebook ERASE and leave blank social.remote-install.enabled FALSE social.whitelist ERASE and leave blank media.autoplay.enabled FALSE dom.use_watchdog FALSE dom.workers.websocket.enabled FALSE media.audio_data.enabled FALSE browser.selfsupport.url (delete url) Addon List: (I hope GNU icecat can incorporate some of these, or perhaps some good forks) I want to thank you for creating "SpyBlock" because it is now the only addblocker left in the entire world that I and many other people trust. we do not trust Ublock. There was a huge amount of ublock "shilling" taking place on the internet several months back. Immediately after "adblock edge"; the only viable alternative to "adblock plus" was discontinued, praising ublock in its description. https://addons.mozilla.org/en-US/firefox/addon/adblock-edge/?src=search "Reason: Discontinued in favor of Ublock Origin, a general purpose blocker, that not only outperforms Adblock Edge but is also available on other browsers and, of course, without "Acceptable Ads Whitelist". This page will be kept for archival purposes. You can still contact me on GitHub or Bitbucket as Adstomper. http://adstomper.bitbucket.org"; the website jokes: "I can has bribe?" Adblock Edge (rest in peace) Https Everywhere FlashBlock Classic Theme Restorer Canvas Blocker Noscript RequestPolicy BetterPrivacy Self-Destructing Cookies Cookies Manager+ Cookie Monster Disable DHE SSL version control RefControl Video WithOut Flash Youtube ALL HTML5 Random Agent Spoofer TrackMeNot RightToClick IPFlood White Noise Generator p.s. Please include more support for .webm format videos in GNU icecat, as I'm able to watch some .Webm videos, but not others. as an inexperienced .Webm person, this seems fairly random to me. p.s. Please also consider checking out Devuan.org because they are a group of Linux Wizards such as yourself *tips fedora* who teamed up to make something along the lines of a debian fork that has no dependencies to the dreaded disease that is SystemD. I will admit that I have delusiouns of grandure that GNU and FSF will somehow team up with Devuan and help each other even more. you are made for each other, cut from the same cloth. I would like to say just dev-one more thing: No matter what you believe in or where you come from or where you are going; GOD bless you all. may GOD/the force be with you all. Amen.
-- http://gnuzilla.gnu.org
