I don't understand mozilla: on one hand, they decide to include anti-privacy
and annoying features like adds included inside the browser and third party
cookies enabled by default and on the other hand they are dropping http in
favor of the more secure https.
If you see the scripts Mr. Rodrigez uses to build abrowser you will
appreciate how large the configuration modifier is to make the browser more
secure; let me share some examples:
// Disable third party cookies
pref("network.cookie.cookieBehavior", 1);
// Privacy & Freedom Issues
//
https://webdevelopmentaid.wordpress.com/2013/10/21/customize-privacy-settings-in-mozilla-firefox-part-1-aboutconfig/
// https://panopticlick.eff.org
// https://wiki.mozilla.org/Fingerprinting
pref("privacy.donottrackheader.enabled", true);
pref("privacy.donottrackheader.value", 1);
pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
pref("browser.safebrowsing.enabled", false);
pref("browser.safebrowsing.malware.enabled", false);
pref("services.sync.privacyURL", "http://trisquel.info/en/legal";);
pref("social.enabled", false);
pref("social.remote-install.enabled", false);
pref("datareporting.healthreport.uploadEnabled", false);
pref("social.toast-notifications.enabled", false);
pref("datareporting.healthreport.uploadEnabled", false);
pref("datareporting.healthreport.service.enabled", false);
pref("browser.slowStartup.notificationDisabled", true);
pref("network.http.sendRefererHeader", 2);
//Disable heartbeat
pref("browser.selfsupport.url", "");
// Disable plugin installer
pref("plugins.hide_infobar_for_missing_plugin", true);
pref("plugins.hide_infobar_for_outdated_plugin", true);
pref("plugins.notifyMissingFlash", false);
And that is just a sample.
I don't know what is happening in Mozilla but does not seem good
