Check browser anonymity/secuity with TorZillaPrint and Browser Leaks.
Tor Browser
Leave all site settings permissions at ask to allow. It’s fingerprintable otherwise.
On Android, disable automatic font sizing (because it messes up RFP if your font/display size isn’t “normal”). Settings → Accessibility → Automatic font scaling ☐ (leave at 100%).
LibreWolf
Add Arkenfox’s user.js with
Luke Smith’s overrides
(both append it to Arkenfox & save it as user-overrides.js). Make a new
browser profile. about:profiles → Create a New Profile. Then put both
.js files in the new profile (root directory). Put updater.sh and
prefsCleaner.sh in there too, and run both every once in a while to
update Arkenfox. Alternatively, there’s
an AUR package.
Fennec F-Droid
Enable ETP. Settings → Enhanced Tracking Protection → Enhanced Tracking Protection → ☑ Strict, → ☑ Tell websites not to share & sell data. Also disable automatic font sizing (because it messes up RFP if your font/display size isn’t “normal”). Settings → Accessibility → Automatic font scaling ☐ (leave at 100%).
Add Arkenfox’s user.js
(requires root). Move the user.js file to
/data/data/org.mozilla.fennec_fdroid/files/mozilla/XXXXXXXX.default/
and change its owner and group to Fennec’s user id. To enable
installing extensions as normal, add an override at the end of the
user.js:
user_pref("privacy.resistFingerprinting.block_mozAddonManager", "false")
Extensions
Use for ad/script blocking. In filter lists, enable AdGuard URL Tracking Protection and import Actually Legitimate URL Shortener Tool (both of these are pre-enabled on desktop). In general, domain blocking can be fingerprintable, so disable as needed.
Set to medium mode, and disable remote fonts and JavaScript by default.
On mobile, fix WebRTC leak: → ☑ Prevent WebRTC from leaking local IP addresses.
Local emulation of Content Delivery Networks. Can be fingerprintable, so disable as needed.
Removes annoying cookie banners. Can be fingerprintable, so disable as needed.
Use to redirect to (better/onion/eep) frontends. See some hosts here. This isn’t really fingerprintable. There’s also Redirector, but it’s no longer maintained.
DoH
Enable DoH if not using Tor/I2P. Settings → Privacy & Security → DNS over HTTPS → ☑ Max Protection → Choose provider: Mullvad (No Filtering).
For Fennec, the relevant about:config values:
"network.trr.uri" "DoH address" // Set these to the DoH address, e.g.:
"network.trr.custom_uri" "DoH address" // https://dns.mullvad.net/dns-query
"network.trr.mode" "3" // 0 = disabled, 3 = DoH only
Tor/I2P
Official Firefox config for I2P.
The relevant about:config values are:
"network.proxy.socks" "localhost"
"network.proxy.socks_port" "4444" // 4447 for I2Pd, 9050 for Tor
"network.proxy.type" "1" // 1 = enable, 5 = use system proxy
Remember to set this!
"network.dns.disabled" "true"
Otherwise, if the proxy isn’t running or connected, .onion and .i2p links will be sent to your VPN or ISP.