Problem =========================== Firefox can leak various IDs from a profile to websites, so different sessions can be correlated across different qubes, including DispVMs. See e.g. [this bug](https://bugzilla.mozilla.org/show_bug.cgi?id=1372288) and possibly many other bugs.
(Partial) solution =========================== On every DispVM startup, we start without a Firefox profile, so a fresh one with random ID is created. However, the default settings are not very privacy friendly (and annoying), so we need to change some and we also need to auto install some extensions. (e.g. ad blocker) We do this by deploying a Firefox `policies.json` file into `/usr/lib/firefox-esr/distribution/policies.json` _before_ FF starts, so it pulls these settings onto itself at startup. We use the Qubes `/rw/config/rc.local` script to deploy the FF policy, as it runs immediately after VM startup. Limitations =========================== There are still plenty opportunities to fingerprint the firefox+OS+HW combo, e.g. the classic [EFF panopticlick](https://panopticlick.eff.org/) (see fingerprint section after test) or the more advanced leak tests at [browserleaks](https://browserleaks.com). For a whole list of leak test sites check this GitHub page of [ghacks-user.js](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-A---Test-Sites) No bookmarks (perhaps also deployable by script), no history. Qubes setup =========================== Docs for the setup: - [mozilla/policy-templates](https://github.com/mozilla/policy-templates/blob/master/README.md) - [Qubes: running script on VM startup](https://www.qubes-os.org/doc/config-files/) In a TemplateVM of DispVMs (DVM Template) put your settings in `/rw/config/firefox_policies.json`, e.g.: ``` $ cat <<EOF | sudo tee /rw/config/firefox_policies.json { "policies": { "DisablePocket": true, "DisableFirefoxAccounts": true, "DisableFirefoxStudies": true, "DisableTelemetry": true, "OverrideFirstRunPage": "", "OfferToSaveLogins": false, "Extensions": { "Install": ["https://addons.mozilla.org/firefox/downloads/latest/ublock-origin";] }, "SearchEngines": { "Default": "DuckDuckGo", "Remove": ["Google", "Twitter", "Bing", "Amazon.com"] }, "Homepage": { "StartPage": "none" }, "Permissions": { "Location": { "BlockNewRequests": true } } } } EOF ``` and set up `/rw/config/rc.local` to deploy the policy at VM startup: ``` $ cat <<EOF | sudo tee --append /rw/config/rc.local # Deploy Firefox policies cp /rw/config/firefox_policies.json /usr/lib/firefox-esr/distribution/policies.json EOF ``` Further ideas, TODO =========================== - Install more extensions: NoScript or uMatrix, etc. - How to setup extensions, e.g. add a list to uBlock? - Perhaps use Debian central `user.js`: `/etc/firefox-esr/firefox-esr.js` fill it with `https://github.com/ghacksuserjs/ghacks-user.js` or `https://github.com/pyllyukko/user.js` -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3HygtPJhYSqaCxSBbPXlku3Rnua0PyDl82HLaNSbuqbK9payrHNhXInscu7ElteW-BLqZs9cAd8UFhY3fcCpJfzzM6-IO7xi_3cnxFKavdM%3D%40protonmail.com.
signature.asc
Description: OpenPGP digital signature
