How effective is it for online privacy? I have been using it for some time and it tends to break some sites like banking websites and twitch. I haven’t messed around a lot with the config except allowing DRM and setting up a start page.
I am wondering if using arkenfox/user.js is making my browsing fingerprint unique and whether there are better alternatives for privacy focused browsers.
I use ArkenFox as a base for a hardened version of FF. It’s not really designed to be used verbatim as that would leave the web in a fairly unusable state, at least for most users. I use a fair few overrides because on my daily browser I want it to be able to use DRM content, be able to login to my bank, etc. For me I see it as a really solid foundation, after which I can intentionally pick and choose what functionality to enable at my own risk rather than have bad defaults thrust upon me by the browser vendor.
I personally don’t concern myself that heavily with attempting to defend my daily browser’s fingerprint. With the default ArkenFox implementation, ResistFingerprinting in FF is enabled and that’s the best you can do, but it also breaks a few things on purpose which impacts functionality. I personally have RF off and use the CanvasBlocker extension to defend against naïve fingerprinting scripts, but that’s a choice users have to make.
If I were that concerned about being fingerprinted by advanced scripts, I’d be using the Mullvad Browser or TOR. Those are really the only effective way to “blend in” to a crowd. Most any browsers people use as their one for daily use that aren’t either of those will be fingerprintable and identifiable by an adversary determined enough, so investing too much time in worrying about a daily browser’s fingerprint beyond defending against naïve scripts isn’t worth that much time investment, imo.
I have kept the ResistFingerprinting enabled for now. It doesn’t impact 90% of my browsing experience.
Do you need to regularly check for updates on the GitHub for the user.js or should I not bother once I have configured it to my liking?
I appreciate the info. Thanks!
In the ArkenFox zip there’s a
updater.bat
(Windows) orupdater.sh
(Linux) script which will pull the latest user.js. I do run this periodically as FF settings will for sure evolve over time with new versions, absolutely.You could probably schedule these with a task scheduler/cron if you wanted.
I prefer librewolf
Removed by mod
I haven’t heard of that, I’ll have to check it out
Removed by mod
Here is an alternative Piped link(s): https://piped.video/Fr8UFJzpNls
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
Removed by mod
I was using librewolf prior to arkenfox but found it tedious. The updates are always lagging behind the official releases which makes it inherently less secure. You also need to manually check for updates and reinstall the browser every time.
Interesting and good points.
The main reason I librewolf is there are a lot of settings in arkenfox that are unprivate in my opinion, and some things are blocked that don’t need to be, and the .js file makes it hard to edit settings.
That said arkenfox is still far superior to Firefox or any chromium derivative, and probably a better option for the average user than librewolf
Oh and there is a librewolf auto update extension if folks are interested
I’ve used arkenfox’s firefox user profile for a good amount of time now and you’re right to have some doubts about it.
No mitigation measures are foolproof and in actuality may result in you becoming more identifiable if you apply it improperly. The irony is that you’re less likely to be identifiable using default settings on a default firefox instance than say enabling fingerprint resisting + ublock etc.
Privacy in the context of online browsing is achieved through obscurity. It uses techniques applied by browsers like TOR to become effective. In the case of TOR a wide adoption and it’s careful implementation has made it one if not the only browser I would say offers decent privacy by default. In our case this template’s usage is just a pretty insignificant fraction of the internet.
Browser fingerprinting technology is constantly evolving and uses many metrics that you may be unable to address if you’re one to seek privacy. Just take it with a grain of salt. Although things may not look good for browsers nowadays. I’d say some privacy is better than no privacy at all.