From 78ed7928f9fef4103652f6b330cfec2a64b871f0 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Fri, 16 Oct 2020 18:13:19 +0000 Subject: [PATCH] earthlng tweaks --- user.js | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/user.js b/user.js index 71f4264..af3cec7 100644 --- a/user.js +++ b/user.js @@ -751,10 +751,6 @@ user_pref("security.mixed_content.block_object_subrequest", true); * [2] https://en.wikipedia.org/wiki/Meet-in-the-middle_attack * [3] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/ // user_pref("security.ssl3.rsa_des_ede3_sha", false); -/* 1263: disable DHE (Diffie-Hellman Key Exchange) - * [1] https://www.eff.org/deeplinks/2015/10/how-to-protect-yourself-from-nsa-attacks-1024-bit-DH ***/ - // user_pref("security.ssl3.dhe_rsa_aes_128_sha", false); // [DEFAULT: false] - // user_pref("security.ssl3.dhe_rsa_aes_256_sha", false); // [DEFAULT: false] /* 1264: disable the remaining non-modern cipher suites as of FF78 (in order of preferred by FF) ***/ // user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); @@ -1247,7 +1243,7 @@ user_pref("security.dialog_enable_delay", 700); user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!"); /* 2701: disable 3rd-party cookies and site-data [SETUP-WEB] * 0=Accept cookies and site data, 1=(Block) All third-party cookies, 2=(Block) All cookies, - * 3=(Block) Cookies from unvisited websites, 4=(Block) Cross-site and social media trackers (FF63+, default FF69+) + * 3=(Block) Cookies from unvisited websites, 4=(Block) Cross-site and social media trackers (default) * [NOTE] You can set exceptions under site permissions or use an extension * [NOTE] Enforcing category to custom ensures ETP related prefs are always honored * [SETTING] Privacy & Security>Enhanced Tracking Protection>Custom>Cookies ***/ @@ -1604,7 +1600,7 @@ user_pref("layout.css.font-visibility.level", 1); - Web extensions also lack APIs to fully protect spoofing ***/ user_pref("_user.js.parrot", "4700 syntax error: the parrot's taken 'is last bow"); -/* 4701: navigator.*.override +/* 4701: navigator DOM object overrides * [WARNING] DO NOT USE ***/ // user_pref("general.appname.override", ""); // [HIDDEN PREF] // user_pref("general.appversion.override", ""); // [HIDDEN PREF]