←back to thread

Hardening Firefox – a checklist for improved browser privacy

(andrewmarder.net)
266 points amarder | 2 comments | 30 Aug 25 11:26 UTC | HN request time: 0.431s | source
Show context
userbinator ◴[30 Aug 25 20:32 UTC] No.45077766[source]
If the first item isn't "whitelist JS", you're doing it wrong. So many problems arise from letting any site run programs on your computer that it's best to reserve the privilege to the most trusted of sites.
replies(3): >>45077846 #>>45078131 #>>45083362 #
stusmall ◴[30 Aug 25 20:43 UTC] No.45077846[source]
Meanwhile if I see that I just move on. It just isn't practical to have a workable browser with JS whitelisting for the general case. I doubt people who do this actually do any kind of thoughtful review before hitting "accept". It just adds manual toil with limited benefit.

If they are doing meaningful review, I question how much they actually get done in life.

replies(4): >>45078402 #>>45078915 #>>45079253 #>>45080838 #
Sophira ◴[31 Aug 25 06:25 UTC] No.45080838[source]
When it was developed, uMatrix was a brilliant method of being cautious about what runs, and it had a logger so you could easily see what domains you should enable the current domain to have access to.

I still use it honestly, but I'll need to move on at some point - not just because it's MV2-only, but also I've found a way in which uMatrix can be bypassed if a website were to specifically target it. (It doesn't affect uBlock Origin, although I haven't tested the Lite MV3 version.)

replies(3): >>45083029 #>>45083670 #>>45085884 #
1. SahAssar ◴[31 Aug 25 13:30 UTC] No.45083029[source]
> I've found a way in which uMatrix can be bypassed if a website were to specifically target it

Please do tell.

replies(1): >>45085530 #
2. Sophira ◴[31 Aug 25 18:19 UTC] No.45085530[source]
I've been a bit wary of giving details due to it not getting updated. See my other comment: https://news.ycombinator.com/item?id=45085342