nix-config/home/browsers/firefox/arkenfox/0400.nix

{
  /*** [SECTION 0400]: BLOCKLISTS / SAFE BROWSING (SB) ***/
  /** BLOCKLISTS ***/
  /* 0401: enforce Firefox blocklist
   * [NOTE] It includes updates for "revoked certificates"
   * [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ ***/
  "extensions.blocklist.enabled" = true;  # [DEFAULT: true]

  /** SAFE BROWSING (SB)
      Safe Browsing has taken many steps to preserve privacy. *IF* required, a full url is never
      sent to Google, only a PART-hash of the prefix, and this is hidden with noise of other real
      PART-hashes. Google also swear it is anonymized and only used to flag malicious sites.
      Firefox also takes measures such as striping out identifying parameters and since SBv4 (FF57+)
      doesn't even use cookies. (#Turn on browser.safebrowsing.debug to monitor this activity)

      [1] https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/
      [2] https://wiki.mozilla.org/Security/Safe_Browsing
      [3] https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work
  ***/
  /* 0410: disable SB (Safe Browsing)
   * [WARNING] Do this at your own risk! These are the master switches.
   * [SETTING] Privacy & Security>Security>... "Block dangerous and deceptive content" ***/
   #  // user_pref("browser.safebrowsing.malware.enabled", false);
   #  // user_pref("browser.safebrowsing.phishing.enabled", false);
  /* 0411: disable SB checks for downloads (both local lookups + remote)
   * This is the master switch for the safebrowsing.downloads* prefs (0412, 0413)
   * [SETTING] Privacy & Security>Security>... "Block dangerous downloads" ***/
  #  // user_pref("browser.safebrowsing.downloads.enabled", false);
  /* 0412: disable SB checks for downloads (remote)
   * To verify the safety of certain executable files, Firefox may submit some information about the
   * file, including the name, origin, size and a cryptographic hash of the contents, to the Google
   * Safe Browsing service which helps Firefox determine whether or not the file should be blocked
   * [SETUP-SECURITY] If you do not understand this, or you want this protection, then override it ***/
  "browser.safebrowsing.downloads.remote.enabled" = false;
  "browser.safebrowsing.downloads.remote.url" = "";
  /* 0413: disable SB checks for unwanted software
   * [SETTING] Privacy & Security>Security>... "Warn you about unwanted and uncommon software" ***/
  #   // user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
  #   // user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
  /* 0419: disable 'ignore this warning' on SB warnings [FF45+]
   * If clicked, it bypasses the block for that session. This is a means for admins to enforce SB
   * [TEST] see github wiki APPENDIX A: Test Sites: Section 5
   * [1] https://bugzilla.mozilla.org/1226490 ***/
  #   // user_pref("browser.safebrowsing.allowOverride", false);
}
initial commit 2022-01-18 09:32:55 +01:00			`{`
			`/* [SECTION 0400]: BLOCKLISTS / SAFE BROWSING (SB) */`
			`/ BLOCKLISTS */`
			`/* 0401: enforce Firefox blocklist`
			`* [NOTE] It includes updates for "revoked certificates"`
			`* [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ ***/`
			`"extensions.blocklist.enabled" = true; # [DEFAULT: true]`

			`/** SAFE BROWSING (SB)`
			`Safe Browsing has taken many steps to preserve privacy. IF required, a full url is never`
			`sent to Google, only a PART-hash of the prefix, and this is hidden with noise of other real`
			`PART-hashes. Google also swear it is anonymized and only used to flag malicious sites.`
			`Firefox also takes measures such as striping out identifying parameters and since SBv4 (FF57+)`
			`doesn't even use cookies. (#Turn on browser.safebrowsing.debug to monitor this activity)`

			`[1] https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/`
			`[2] https://wiki.mozilla.org/Security/Safe_Browsing`
			`[3] https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work`
			`***/`
			`/* 0410: disable SB (Safe Browsing)`
			`* [WARNING] Do this at your own risk! These are the master switches.`
			`* [SETTING] Privacy & Security>Security>... "Block dangerous and deceptive content" ***/`
			`# // user_pref("browser.safebrowsing.malware.enabled", false);`
			`# // user_pref("browser.safebrowsing.phishing.enabled", false);`
			`/* 0411: disable SB checks for downloads (both local lookups + remote)`
			`* This is the master switch for the safebrowsing.downloads* prefs (0412, 0413)`
			`* [SETTING] Privacy & Security>Security>... "Block dangerous downloads" ***/`
			`# // user_pref("browser.safebrowsing.downloads.enabled", false);`
			`/* 0412: disable SB checks for downloads (remote)`
			`* To verify the safety of certain executable files, Firefox may submit some information about the`
			`* file, including the name, origin, size and a cryptographic hash of the contents, to the Google`
			`* Safe Browsing service which helps Firefox determine whether or not the file should be blocked`
			`* [SETUP-SECURITY] If you do not understand this, or you want this protection, then override it ***/`
			`"browser.safebrowsing.downloads.remote.enabled" = false;`
			`"browser.safebrowsing.downloads.remote.url" = "";`
			`/* 0413: disable SB checks for unwanted software`
			`* [SETTING] Privacy & Security>Security>... "Warn you about unwanted and uncommon software" ***/`
			`# // user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);`
			`# // user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);`
			`/* 0419: disable 'ignore this warning' on SB warnings [FF45+]`
			`* If clicked, it bypasses the block for that session. This is a means for admins to enforce SB`
			`* [TEST] see github wiki APPENDIX A: Test Sites: Section 5`
			`* [1] https://bugzilla.mozilla.org/1226490 ***/`
			`# // user_pref("browser.safebrowsing.allowOverride", false);`
			`}`