[Bug-gnuzilla] A Message of Great Importance for the GNU community

[awakeyet]

Dear Freedom-est people on the entire internet, (if I may say so myself)

I want to contribute.

I wanted to say that I deeply appreciate your work to make the world a better place in just the way that you are doing it. To a huge amount of people, you are the very last bastion of freedom on the internet and the very last end-all browser option for those who could not and will never accept google chrome, and  for some people who do not even trust "TOR" or are extremely upset with the direction that base firefox has grown into. 

I'm not in any way trying to overinflate anyone's ego but you absolutely must understand that you are the very last and final and only choice for people who want a freedom and privacy loving browser that does one thing and does it good. you are Michael Jackson's "This Is It" and nobody else in the whole entire world is doing what you are doing; You Must understand the importance of what you are doing and how many people love you for it and depend on you. I know, alot of pressure, but it's all okay thanks to you.

We the people, who use GNU icecat are the type of people who operate on the principles of freedom and privacy not because we can or can not; regardless of all limitation, because we should. we are strongly against the saying "if you have done nothing wrong, you have nothing to worry about" and look at how the holocaust turned out. We are common and ordinary people who have become completely sick and tired of being lied to and taken advantage of. we just want to be free now and we want to work together to achieve that.

I have sent this message to the following emails:

address@hidden
address@hidden
address@hidden
address@hidden
address@hidden

Please be careful and do not assume that any or all of the other fsf or gnu emails have successfully recieved or taken a moment to read the email because I fear that it may go completely overlooked. I didn't want to appear as if I was spamming, so I'm being upfront, clear, and honest by emailing you and telling you who I emailed so that you can coordinate properly or show the correct people who are really meant to read this, the relevant information. I'm begging you to please take a moment to really read this. just sit and enjoy an avocado or something that you like and really take this in.

I did a great deal of extensive high effort research and made alot of improvements to my copy of gnu icecat.
I wanted to share with you an extensive list of mostly uncommon about:config modifications that a large majority of the internet simply doesn't know about or barely mentions anywhere.
Please do not that I had to make many of these changes myself because GNU icecat did not come with them built-in by default and that is one of the main reasons why I feel that I must make you aware of them. I chose to make other people aware of this so that GNU icecat could improve and give users an even better experience, rather than lazily keep these to myself after discovering them.

Below this point I have listed a very extensive list of well worth mentioning about:config changes that are not included by default. I have also included some "back story" to explain different things as well as a list of addons that I feel deserve a good mention.

I have been using the latest  https://ftp.gnu.org/gnu/gnuzilla
(please note that I prefer "https")

About Config List:

to protect against SSLv3 exploit you can use the mozilla addon "SSL version control"
or set security.tls.version.min = 1 in about:config for Mozilla Firefox.
To restore change the value back to the security.tls.version.min = 0. That's it.


never use a main  base distribution. the underdogs are your friends.

Also, I know that this seems like alot but if you just try to get through it all its a big relief when you are done overhauling the whole thing.

I also want everyone to understand that almost all of this garbage and bloat has no excuse to be in the browser in the first place and reveals just how far down the slippery slope internet browsers have gone. The fact that users actually need to un-google and un-facebook and security harden their browsers in the first place, even change them from what they originally are from vanilla, is unacceptable.


remember to explore "about:permissions" as well.

remember to search in about config: "handlerservice" "scan" "beacon" "healthreport" "profiler" "profile" "health" "service" "avatar" "handler" "diagnostics" "marketplace" "account" "google" "facebook" "microsoft" "social" "sync" "promo" "ringtone" "ajax" "media" "pocket" "browser.send" "peer" "bing" "yahoo" "datareporting"  "duckduckgo" "loop" "hello" "geo" "geoip" "tool" "toolkit" "statistic" "monitor" "inspector" "warning" "trace" "host" "remote" "wifi" "scan" "forbid" "experiment" (disable all experiments) "error" "reporting" "report" "crash" "cell" "ping" "errorreporting" "share" "exception" "black-box" "learn" "buzz" "privacy" "private" "support" "screenshot" "uitour" "sync"
"telemetry" "screensharing" "broadcast" "logging" "gecko" "log" "server" "status" "app" "sync" (Disable almost everything in sync) "browser.safebrowsing" as they have huge amount of URL to delete or settings to disable. "URL" and "URI" alone has a huge amount of really stupid pointless and useless urls to delete. (set all "autoupdate" "auto" "update" search results to false for more control)


(unless you want update all your addons one by one, don't delete the urls that update your  addons. Don't mess with things that say "" "addon" "extension" "update" "" in the setting or you might not be able to update.)

and don't delete:
extensions.update.url
extensions.update.background.url)


also don't delete your "certs" it will mess up your certificates.


search "disk" and "cache" and "browser.cache" in about:config and don't let cache or disk store anything. also search and stop "dom.storage" also search each and every one of these seperately because not surprisingly, different things come up. also search "dom" and disable most of the things inside.


(search these so they come up)
understand that other results may show up along side the results, may be worth disabling/enabling/deleting the url

services.sync.prefs.sync.browser.search.update FALSE

media.autoplay.enabled FALSE

layout.css.report_errors FALSE

devtools.remote.wifi.scan FALSE

experiments.supported FALSE

dom.mozApps.used FALSE

browser.newtabpage.directory.ping DELETE URL

browser.newtabpage.directory.source DELETE URL

dom.idle-observers-api.enabled FALSE

browser.cache.frecency_experiment    0

extensions.blocklist.url DELETE (its up to you to not install unsafe addons from unsafe places now.)

datareporting.healthreport.nextDataSubmissionTime (delete url)

network.http.pipelining  TRUE

beacon.enabled FALSE

browser.urlbar.trimURLs FALSE (makes the url bar show the true url)

dom.battery.enabled FALSE

browser.safebrowsing.downloads.remote.enabled FALSE

browser.safebrowsing.downloads.enabled FALSE

browser.download.manager.addToRecentDocs FALSE

readinglist.server DELETE URL

gecko.handlerService.allowRegisterFromDifferentHost FALSE

offline-apps.allow_by_default FALSE

app.update.auto FALSE

devtools.webide.monitorWebSocketURL DELETE URL

identity.fxaccounts.auth.uri DELETE URL

browser.search.update FALSE

identity.fxaccounts.settings.uri DELETE URL

security.ssl.errorReporting.enabled FALSE

security.ssl.errorReporting.url DELETE URL

network.http.diagnostics FALSE

network.allow-experiments FALSE

services.sync.tokenServerURI DELETE URL

dom.workers.sharedWorkers.enabled FALSE

browser.tabs.remote.desktopbehavior FALSE

extensions.dta.anticontainer.mergeids DELETE URL

browser.fixup.domainwhitelist.localhost FALSE

network.proxy.autoconfig_url DELETE URL

media.webvtt.enabled FALSE


experiments.manifest.uri (delete url)


browser.search.geoSpecificDefaults FALSE

browser.trackingprotection.updateURL DELETE URL
browser.trackingprotection.gethashURL DELETE URL (yea right, protecting people from tracking by tracking them by having their browser call home to a url?)

privacy.trackingprotection.enabled FALSE

browser.uitour.url DELETE URL

browser.geolocation.warning.infoURL DELETE URL

loop.feedback.baseUrl DELETE URL

loop.feedback.product DELETE URL

loop.contacts.gravatars.promo FALSE

loop.browserSharing.showInfoBar FALSE

loop.CSP DELETE URL

loop.ringtone DELETE URL

loop.server DELETE URL

loop.seenToS DELETE URL

loop.showPartnerLogo FALSE

network.http.pipelining.ssl TRUE

network.http.proxy.pipelining TRUE

media.getusermedia.screensharing.allowed_domains (delete url)

browser.search.order. (delete urls)

browser.search. (check this well)

browser.search.geoip.url (delete url)

media.getusermedia.screensharing.enabled FALSE

network.http.max-persistent-connections-per-proxy Right click, select modify, set it to 15

network.http.max-persistent-connections-per-server set it to 15

network.http.max-connections-per-server set it to 15

network.http.pipelining.maxrequests also set to be 15

network.http.redirection-limit Set to 3

network.dns.disableIPv6 Set to true

network.http.fast-fallback-to-IPv4 Set to false

dom.popup_maximum set to 3

loop.support_url          DELETE URL
loop.legal.privacy_url     DELETE URL
loop.legal.ToS_url         DELETE URL
loop.learnMoreUrl         DELETE URL
loop.gettingStarted.url     DELETE URL

network.prefetch-next FALSE (disables prefetching)

network.dns.disablePrefetch TRUE (extra layer of telling fox to not prefetch)



disable google geolocation and reporting:

dwhelper.social-share.service.google.enabled FALSE

dwhelper.social-share.service.google_buzz.enabled FALSE

geo.enabled FALSE

geo.wifi.logging.enabled FALSE

geo.wifi.uri (delete the value)

browser.safebrowsing.appRepURL (delete the value)

browser.safebrowsing.debug FALSE

browser.safebrowsing.enabled FALSE

browser.safebrowsing.gethashURL (delete the value)

browser.safebrowsing.malware.enabled FALSE

browser.safebrowsing.malware.reportURL (delete the value)

browser.safebrowsing.reportURL (delete the value)

browser.safebrowsing.updateURL (delete the value)

services.sync.prefs.sync.browser.safebrowsing.enabled FALSE

services.sync.prefs.sync.browser.safebrowsing.malware.enabled FALSE


(take a break here and read how to fix the internet for everyone)

- install TOR inspired software on EVERY router, complete unfiltered
- force EVERYONE to use PGP, no exceptions
- forbid non open source software in essential parts of using the internet (webbrowser, mail client...)
- build a company which is only there for pen-testing, if something is found, they have to call/mail the website owner and inform him
- build a company which is completly transparent, the only thing they do is build network hardware, everyone has the right to look into their files/production processes to verify there are no backdoors in the hardware
- same for computer manufacturers
- ISPs are forbidden to give "middle traffic speed", but they have to give you a minimum traffic speed, no throttling.
(break is done, keep on going!)

media.peerconnection.enabled FALSE

browser.search.suggest.enabled DISABLE IT

Turn off the new tab page, and makes it about:blank:
browser.newtab.url ="" about:blank



Increase the amount of connections/requests Firefox will make:
network.http.pipelining.maxrequests => 15
network.http.max-connections => 15      
network.http.max-persistent-connections-per-server => 15

Speed up the security delay when installing add-ons:
security.dialog_enable_delay => 500

changing how your browser stores cache, and uses ram instead (but less ram overall) as a result.


browser.cache.disk.capacity 0
browser.cache.memory.enable FALSE
network.http.use-cache FALSE
browser.cache.memory.max_entry_size 0
browser.cache.memory.disk FALSE
browser.cache.disk.capacity 0
browser.cache.disk.enable FALSE
browser.cache.disk.metadata_memory_limit 1 (just in case 0 might mean unlimited)
browser.cache.disk.smart_size.enabled FALSE
browser.cache.disk.smart_size.first_run FALSE
browser.cache.disk.smart_size.use_old_max FALSE
browser.cache.disk.smart_size_cached_value 0
browser.cache.disk_cache_ssl FALSE
browser.cache.offline.capacity 0
browser.cache.offline.enable FALSE

maybe useful in a tor browser setup, (accidentally clicked bad things never hits your disk):
browser.cache.disk.parent_directory=/tmp/ffcache and put /tmp/ in ram.
(there is no guaranteed way of making this work and often doesn't work for anyone, so its considered broken unless you can figure it out)

dom.storage.default_quota 0 (1kB is ample to track so disabled completely *zero* is better)

dom.storage.enabled FALSE


Disable pings:
browser.send_pings FALSE      
browser.send_pings.max_per_link 0
browser.send_pings.require_same_host TRUE (extra layer of protection)

Disable suggestions on searchbar:
browser.search.suggest.enabled FALSE

Disable keywords:
keyword.enabled FALSE

browser.ssl_override_behavior => 2

Disable DNS proxy bypass:
network.proxy.socks_remote_dns TRUE

true would Have the proxy server perform DNS lookups

false would Perform DNS lookups on the client (this is what you don't want)

http://kb.mozillazine.org/Network.proxy.socks_remote_dns

https://www.browserleaks.com
https://panopticlick.eff.org


ooooooooooooooooooooo

also search through these to delete HUGE amounts of links from.

datareporting
browser.contentHandlers
browser.safebrowsing
browser.search
gecko.handlerService

ooooooooooooooooooo


services.sync.prefs.sync.browser.search.update FALSE

services.sync.prefs.sync.browser.search.selectedEngine FALSE

browser.search.update.interval (set to ZERO )

browser.search.searchEnginesURL ERASE URL



datareporting.healthreport.service.firstRun  DISABLE IT
datareporting.sessions.current.clean   DISABLE IT
toolkit.telemetry.enabled  DISABLE IT


browser.search.suggest.enabled DISABLE IT
media.peerconnection.enabled DISABLE IT
geo.enabled DISABLE IT
toolkit.telemetry.infoURL (delete url)
toolkit.telemetry.server (delete url)


network.websocket.enabled FALSE

network.http.sendSecureXSiteReferrer FALSE


services.sync.prefs.sync.privacy.trackingprotection.enabled FALSE

dom.event.clipboardevents.enabled FALSE

services.sync.prefs.sync.browser.safebrowsing.enabled FALSE

services.sync.prefs.sync.browser.safebrowsing.malware.enabled FALSE

typing in "safebrowsing" will show many options

media.eme.enabled FALSE
media.gmp-eme-adobe.enabled FALSE
search adobe and disable these, might break flash, but why are you using flash!!!

loop.enabled FALSE

camera.control.face_detection.enabled (VERY CREEPY) FALSE

device.sensors.enabled FALSE

security.tls.unrestricted_rc4_fallback FALSE

security.tls.insecure_fallback_hosts.use_static_list FALSE

pdfjs.disabled TRUE


extensions.blocklist.enabled FALSE 
(delete all these links after searching "extensions.blocklist",
 or firefox sends data without permission, beware: 
its up to you to not install unsafe addons from unsafe places now.)

network.http.speculative-parallel-limit (SET TO ZERO)

disable your live bookmarks and rss feed bookmarks and delete them as well, only use ordinary bookmarks.

browser.aboutHomeSnippets.updateUrl (delete the url)

browser.startup.homepage_override.mstone (set the value to ignore)

extensions.getAddons.cache.enabled FALSE


dom.ipc.plugins.flash.subprocess.crashreporter.enabled FALSE
toolkit.crashreporter.infoURL DELETE URL
breakpad.reportURL    DELETE URL
toolkit.crashreporter.infoURL DELETE UR
browser.pocket.enabled DISABLE




webgl.disabled TRUE

dom.server-events.enabled FALSE

media.peerconnection.enabled FALSE

media.peerconnection.use_document_iceservers FALSE

media.peerconnection.video.enabled FALSE

media.navigator.enabled FALSE

media.navigator.video.enabled FALSE

media.navigator.permission.disabled TRUE

dwhelper.social-share.service.facebook.enabled FALSE

also search "facebook" and delete all the links unless mentioned in an extensions prefs
facebook will be mentioned if you block facebook in noscript.

social.manifest.facebook ERASE and leave blank

social.remote-install.enabled FALSE

social.whitelist ERASE and leave blank

media.autoplay.enabled FALSE

dom.use_watchdog FALSE

dom.workers.websocket.enabled FALSE

media.audio_data.enabled FALSE

browser.selfsupport.url (delete url)


Addon List: (I hope GNU icecat can incorporate some of these, or perhaps some good forks)

I want to thank you for creating "SpyBlock" because it is now the only addblocker left in the entire world that I and many other people trust. we do not trust Ublock.

There was a huge amount of ublock "shilling" taking place on the internet several months back.  Immediately after "adblock edge"; the only viable alternative to "adblock plus" was discontinued, praising ublock in its description. 
https://addons.mozilla.org/en-US/firefox/addon/adblock-edge/?src="">    
"Reason: Discontinued in favor of Ublock Origin, a general purpose blocker, that not only outperforms Adblock Edge but is also available on other browsers and, of course, without "Acceptable Ads Whitelist". This page will be kept for archival purposes. You can still contact me on GitHub or Bitbucket as Adstomper.  http://adstomper.bitbucket.org"
the website jokes: "I can has bribe?" 

Adblock Edge (rest in peace)
Https Everywhere
FlashBlock
Classic Theme Restorer
Canvas Blocker
Noscript
RequestPolicy
BetterPrivacy
Self-Destructing Cookies
Cookies Manager+
Cookie Monster
Disable DHE
SSL version control
RefControl
Video WithOut Flash
Youtube ALL HTML5
Random Agent Spoofer
TrackMeNot
RightToClick
IPFlood
White Noise Generator

p.s. Please include more support for .webm format videos in GNU icecat, as I'm able to watch some .Webm videos, but not others. as an inexperienced .Webm person, this seems fairly random to me.

p.s. Please also consider checking out Devuan.org because they are a group of Linux Wizards such as yourself  *tips fedora* who teamed up to make something along the lines of a debian fork that has no dependencies to the dreaded disease that is SystemD.   I will admit that I have delusiouns of grandure that GNU and FSF will somehow team up with Devuan and help each other even more. you are made for each other, cut from the same cloth.

I would like to say just dev-one more thing:

No matter what you believe in or where you come from or where you are going;  GOD bless you all. may GOD/the force be with you all. Amen.