rilla
/
nix-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nix-config/home/browsers/firefox/arkenfox/2500.nix

40 lines
2.5 KiB
Nix
Raw Blame History

{
/*** [SECTION 2500]: HARDWARE FINGERPRINTING ***/
/* 2502: disable Battery Status API
* Initially a Linux issue (high precision readout) that was fixed.
* However, it is still another metric for fingerprinting, used to raise entropy.
* e.g. do you have a battery or not, current charging status, charge level, times remaining etc
* [NOTE] From FF52+ Battery Status API is only available in chrome/privileged code [1]
* [1] https://bugzilla.mozilla.org/1313580 ***/
# // user_pref("dom.battery.enabled", false);
/* 2508: disable hardware acceleration to reduce graphics fingerprinting [SETUP-HARDEN]
* [WARNING] Affects text rendering (fonts will look different), impacts video performance,
* and parts of Quantum that utilize the GPU will also be affected as they are rolled out
* [SETTING] General>Performance>Custom>Use hardware acceleration when available
* [1] https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration ***/
# // user_pref("gfx.direct2d.disabled", true); // [WINDOWS]
# // user_pref("layers.acceleration.disabled", true);
/* 2517: disable Media Capabilities API [FF63+]
* [WARNING] This *may* affect media performance if disabled, no one is sure
* [1] https://github.com/WICG/media-capabilities
* [2] https://wicg.github.io/media-capabilities/#security-privacy-considerations ***/
# // user_pref("media.media-capabilities.enabled", false);
/* 2520: disable virtual reality devices
* Optional protection depending on your connected devices
* [1] https://developer.mozilla.org/docs/Web/API/WebVR_API ***/
# // user_pref("dom.vr.enabled", false);
/* 2521: set a default permission for Virtual Reality (see 2520) [FF73+]
* 0=always ask (default), 1=allow, 2=block
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Access Virtual Reality Devices
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Virtual Reality>Settings ***/
# // user_pref("permissions.default.xr", 2);
/* 2522: disable/limit WebGL (Web Graphics Library)
* [SETUP-WEB] When disabled, will break some websites. When enabled, provides high entropy,
* especially with readPixels(). Some of the other entropy is lessened with RFP (see 4501)
* [1] https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/
* [2] https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern ***/
"webgl.disabled" = true;
"webgl.enable-webgl2" = false;
"webgl.disable-fail-if-major-performance-caveat" = true; # [DEFAULT: true FF86+]
}
Reference in New Issue View Git Blame Copy Permalink