WarningDisclaimer: Most of the tools we list here we use internally at dctrl, but we don't take any responsibility for any of these solutions. So please check first for comments about them on the net. Second check the team behind and prefer open source solutions. Some of the solutions are easy to setup, others need some kind of technical know-how.
Avoid any service or software from USA (including the Fourteen Eyes: https://www.privacytools.io/providers/#ukusa ), China or Russia wherever possible.
FeedbackDo we missed something? Please send us your feedback and we will try to update this list regularly!
Overview
- Security Configuration
- Anti Virus
- Browser
- Browser Fingerprints
- Browser Plugins
- Chat
- Cloud Storage
- Data Storage/Encryption
- Data Sync
- Domain Name Services
- File Sharing
- Firewall and Network Monitor
- Messangers
- Networks
- Notes
- Operating Systems
- Operating Systems (USB)
- Passwords
- Projectmanagement
- Search Engines
- Videoconferencing
- VPN
- Android
- Windows 10
- Firefox: Privacy Related "about:config" Tweaks
- Related Informations
Security Configuration
Lockdown
https://objective-see.com/products/lockdown.html
[Added January 30, 2020] Lockdown is a lightweight open source app designed to audit and secure configure your MacOSX. It searches all configurations for Mac OSX and reports with the issues require fixing.
Anti Virus
ClamAV
https://www.clamav.net/downloads#collapsemacOS
ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. ClamAV uses multi-thread scanning process through multiple demons to speed up the scanning process. It supports multiple file formats including multiple file compression format as well.
Browser
Tor
Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption, and an advanced proxy.
Epic
Epic is a private and secure web browser that blocks ads, trackers, fingerprinting, cryptomining, ultrasound signaling and more.
Brave
Brave is an open source browser that blocks ads and trackers by default. In addition to protecting the privacy of its users, Brave helps its users to save money by loading sites faster than its competitors. Brave was founded by the inventor of Javascript and co-founder of the Mozilla project, Brendan Eich.
Firefox
Firefox is a free and open-source web browser. The Mozilla organization is very clear about what information they collect about you and their website shows you how to disable this collection if you want to do so.
Don't forget to adjusting the settings in Firefox at these links:
See also privacy related Firefox Tweaks at the end of this article.
Iridium
Iridium is a Chromium-based browser configured for privacy, with the source code published on Github. It might be a good option if you need a Chromium browser (don’t use Chrome).
Browser Fingerprints
Check Fingerprint
Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques. It will also see if your system is uniquely configured—and thus identifiable—even if you are using privacy-protective software.
Check if WebRTC is accessible
https://www.expressvpn.com/webrtc-leak-test
If WebRTC detects your real public IP address when you’re connected to a VPN, as opposed to the VPN server’s, then third parties can still use it to identify you.
Browser Plugins
AdBlock Plus
Chrome: https://chrome.google.com/webstore/detail/adblock-plus/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/
Experience a cleaner, faster web and block annoying ads. Adblock Plus is free and open source.
Privacy Badger
Chrome: https://chrome.google.com/webstore/detail/privacy-badger/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/
Privacy Badger stops non-consensual tracking. If an advertiser or a third-party tracker is tracking your movements online without your permission, Privacy Badger will prevent them from serving content to your browser.
uBlock Origin
Chrome: https://chrome.google.com/webstore/detail/ublock-origin/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
uBlock Origin is more than an ad blocker. It is a wide-spectrum blocker. By default, it blocks ads, trackers, and malware sites. It can also block 3rd party scripts and frames depending on what settings you choose.
uMatrix
Chrome: https://chrome.google.com/webstore/detail/umatrix/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/umatrix/
uMatrix lets you determine exactly which sites your browser can connect to, what type of data your browser can download, and what functions your browser can perform.
Cookie AutoDelete
Chrome: https://chrome.google.com/webstore/detail/cookie-autodelete/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/
When you close a tab, Cookie Delete automatically deletes any cookies that are not in use. This add-on is available for Firefox and Chrome.
HTTPS Everywhere
Chrome: https://chrome.google.com/webstore/detail/https-everywhere/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/
HTTPS encrypts the communication between you and websites that support HTTPS. HTTPS Everywhere is available for Firefox, Firefox for Android, Chrome, and Opera.
Ghostery
Chrome: https://chrome.google.com/webstore/detail/ghostery-%E2%80%93-privacy-ad-blo/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/ghostery/
Ghostery is a powerful privacy extension. Block ads, stop trackers and speed up websites.
Google search link fix
Chrome: https://chrome.google.com/webstore/detail/google-search-link-fix/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/google-search-url-fixup/
An open source addon that prevents Google and Yandex from changing the URLs of your search results when you click them.
User-Agent Switcher
Chrome: https://chrome.google.com/webstore/detail/user-agent-switcher/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/
Switches between different user-agents. Browse with predefined user-agents or add your own user-agents.
Terms of service didn't read
Website: https://tosdr.org/
Chrome: https://chrome.google.com/webstore/detail/
Firefox: https://addons.mozilla.org/en-US/firefox/addon/terms-of-service-didnt-read/
Terms of service are often too long to read, but it's important to understand what's in them. Your rights online depend on them. We hope that their ratings can help you get informed about your rights.
Chat
Adium
For secure messaging on Mac OS X, use Adium with OTR enabled.
Rocket.chat
Rocket.chat is an self-hostable open source platform for team communication.
Keybase
Keybase provides a hosted team chat with end-to-end encryption.
Cloud Storage
Seafile
Seafile is a file storage application that offers built-in file encryption and file syncing.
NextCloud
NextCloud is a suite of client-server software for creating your own file hosting services on a private server you control. Nextcloud is free and open-source, and supports end-to-end encryption with many of its clients. The only limits on storage and bandwidth are the limits on the server provider you choose.
Tahoe-LAFS
Tahoe-LAFS is a free and open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security.
Cryptomator
A simple, free, open source file storage application that enables you to encrypt file content and names with AES
Crypt
All your stuff — photos, documents, notes, and more — are private, safe, up to date, and available on all your devices with their encrypted, zero-knowledge cloud. Crypt provide anonymity, security and ultimate deniability.
Data Storage/Encryption
VeraCrypt
VeraCrypt is a free, open source application for Windows, Mac OSX and Linux, based on TrueCrypt 7.1a. It’s very easy to use and offers the ability to create hidden drives.
axCrypt
Offers a simple yet very secure file encryption system that can be used for both desktop and mobile platforms. Provides additional features to enhance your file security protection.
AES Crypt
AES Crypt is a free open source (FOSS) cross-platform per-file encryption app which secures files using the AES-256 cipher. As a per-file encryption app, it allows you to manual encrypt individual files.
Gnupg
For single file or secret storage.
PeaZip
PeaZip is a free, open source utility for managing files and creating file archives.
MacTomb
https://www.dyne.org/software/mactomb/
[Added January 30, 2020] MacTomp is a free open source software for file encryption using encrypted storage containers. MacTomb is brought to you by Dyne.org an NGO focuses on open-source and uses hdiutil which helps to create and manipulating disk images.
Encrypto
[Added January 30, 2020] Encrypto is a free file encryption solution for MacOSX & Windows. It uses AES-256 encryption to encrypt the file/folders. It offers many options including hiding the original files, tagging the encrypted files, easy search, and secure notes management.
Cryptomator
[Added January 30, 2020] Cryptomator is a free open source client-side file encryption tool. It’s simple to use and does not include ads or backdoors. It also does not require registration or paid subscription.
Data Sync
Sparkle Share
Sparkle Share is a free and open source file syncing application, that creates a special folder on your computer. You can add remotely hosted folders (or "projects") to this folder. These projects will be automatically kept in sync with both the host and all of your peers when someone adds, removes, or edits a file.
Syncthing
Syncthing replaces proprietary file sharing, sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third-party, and how it is transmitted over the internet.
Domain Name Services
Njalla
Njalla only needs your email or XMPP address in order to register a domain name for you. Created by people from The Pirate Bay and IPredator VPN.
DNSCrypt
DNSCrypt is a free and open source domain name protocol that prevents domain name spoofing.
OpenNic
http://www.opennicproject.org/
OpenNic is a user owned alternative to domain name registries like ICANN.
Even when using end-to-end encryption technology like GPG, email is inherently insecure and should not be trusted for sensitive communications. Metadata is always communicated in plaintext, and even when encryption is used correctly it is very easy for either party to accidentally respond to or forward a previously encrypted message in plaintext in many clients. GPG also does not easily support modern crypto functionality such as key rotation and forward secrecy.
Important: For communications that need to be safe and secure, you should use a dedicated instant messaging tool, such as Signal.
Thunderbird
Thunderbird is a free, open source, cross-platform email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client developed by the Thunderbird community, and previously by the Mozilla Foundation.
Important: To receive and send encrypted e-mails that only you and the sender can read, use the Thunderbird e-mail client with the Enigmail plugin (https://www.enigmail.net/ ).
Claws Mail
Claws Mail is a free and open source, GTK-based email and news client. It offers easy configuration and an abundance of features. It is included with Gpg4win, an encryption suite for Windows.
Protonmail
It uses client side encryption, default email encryption between proton mail users, and claims all their code is open source and they do no logging.
Paranoid
Paranoid will store all your emails only OpenPGP-encrypted.
Countermail
CounterMail is a secure and easy to use online email service, designed to provide maximum security and privacy without any unnecessary complexity.
Mailvelope
A browser extension for Chrome and Firefox that enables the user to encrypt email sent through services like Gmail, Yahoo mail, and Outlook. It encrypts messages using OpenPGP.
Email Privacy Tester
https://emailprivacytester.com/
This tool runs several tests to see if your email client is compromising your privacy.
File Sharing
Firefox Send
Send uses end-to-end encryption to keep your data secure from the moment you share to the moment your file is opened.
OnionShare
OnionShare is a free, open source application for sharing files of any size.
Pydio
Pydio is an open source file sharing application for businesses.
Firewall and Network Monitor
LuLu
https://objective-see.com/products/lulu.html
LuLu is the free, open-source macOS firewall that aims to block unknown outgoing connections, unless explicitly approved by the user.
Little Snitch
https://www.obdev.at/products/littlesnitch/index.html
Little Snitch gives you the ability to monitor all connections going through your Firewall. Little Snitch is only available for Mac OS, but it provides many different features and blocking options. It also has a feature to show you the geographic location different apps are connecting to.
Messangers
Ricochet
Ricochet is a free, open source messaging service that operates over the Tor network.
Tox
Tox is easy-to-use software that connects you with friends and family without anyone else listening in. Tox is completely free and comes without advertising — forever.
Signal
Signal is a free and open source mobile app that lets you send group, text, voice, video, document, and picture messages anywhere in the world. All communications are E2EE unless you choose to send as SMS.
Wire
Wire is a messaging app based out of Switzerland. You can use Wire for chat, phone calls, pictures, music, video, and images.
Bitmessage
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities.
Retroshare
Retroshare is free, open source software that allows the user to create your own secure, anonymous, and decentralized network. You can use it to only connect to people you know and trust.
Riot.im
Riot.im is an open-source project that publishes the Matrix open standard for secure, decentralized, real-time communication.
Networks
Tor Network
The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool.
I2P Network
The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses.
Freenet
Freenet is a decentralized, distributed peer-to-peer network for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship.
Retroshare
Retroshare is a free, open source, cross-platform, friend-to-friend, secure, and decentralized communication platform that allows the user to create a secure, anonymous, and decentralized network to send encrypted communications.
GNUnet
GNUnet is a suite of tools and applications for building decentralized applications that provides security and privacy.
Notes
Laverna
Laverna is a free, open source note taking application that offers a markdown editor, a distraction free mode, and the ability to encrypt your notes.
Turtl
Turtl is a free, open source application for taking notes, saving documents, bookmarking sites, keeping photos, and more.
Joplin
Joplin is a free, open source, fully featured note taking and to-do application, which can handle a large number of markdown notes organized into notebooks and tags.
Standard Notes
Standard Notes is a free, open source note taking application designed to be simple and private.
Notable
https://github.com/notable/notable
Notes are written and rendered in Markdown, no WYSIWYG, no proprietary formats, notes support attachments, the app isn't bloated, the app has a pretty interface, tags are indefinitely nestable and can import Evernote notes.
Paperwork
Paperwork - Open source and self-hosted solution. For PHP / MySQL servers.
Operating Systems
Whonix
Whonix is a free operating system based on Tor and Debian GNU/Linux. It was designed for security and privacy and accomplishes this by using the Tor network and an architecture that uses virtual machines.
Qubes
Qubes OS is a free, open-source operating system designed as a secure alternative to other operating systems.
Fedora Workstation
Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.
Debian
Debian is a free, open source operating system created by members of the Debian Project. Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.
Subgraph OS
Subgraph OS – Subgraph was designed to be easy to use but difficult to attack. It comes with a kernel hardened with Grsecurity, it requires users to have encrypted filesystems, it restricts applications so that they only use the Tor network, and it comes with a secure instant messaging and a secure email client.
Elementary
The fast, open, and privacy-respecting replacement for Windows and macOS
Operating Systems (USB)
Tails
Tails is a free Debian GNU/Linux-based live operating system that can run off of a USB stick or a DVD.
Knoppix
http://www.knopper.net/knoppix/
KNOPPIX is a free, open source live operating system based on Debian GNU/Linux.
Puppy Linux
Puppy Linux is a free open-source operating system based on GNU/Linux.
Passwords
1Password
A big name in commercial password managers. We think that the security measures it uses are very robust. A thing to note is that 1Password is a closed source product, so all discussion about privacy the security relies on taking AgileBits at its word.
Dashlane
With Dashlane you'll be able to store, manage, and change passwords all in one place, and automatically fill out forms and payment info with just a click.
LessPass
LessPass is a free and open-source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed.
Master Password
https://masterpasswordapp.com/
Master Password is an open source free software application based on an ingenious password-generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site, and your master password. No syncing, backups, or internet access needed.
Bitwarden
Bitwarden is a free and open-source password manager. It aims to solve password management problems for individuals, teams, and business organizations.
KeePassXC
KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager.
Universal Password Manager
[Added January 30, 2020] UPM (Universal Password Manager), is a lightweight cross-platform password manager. It stores passwords, links, and usernames in an encrypted secure local database, protected by one password.
MacPass
[Added January 30, 2020] MacPass is an open source application for Mac, which makes it competes with many commercial password managers with its features and simplicity.
Projectmanagement
Wickr
Wickr is Your Secure Team Collaboration Space. Fully encrypted. Enterprise-ready. Private. Set up in minutes and you can invite your team to join your private Wickr Network.
Search Engines
DuckDuckGo
DuckDuckGo is a "search engine that doesn't track you" and that uses over four hundred sources to provide you with the best answers to your inquiries. When you search using DuckDuckGo, your personal information is not stored. Some of DuckDuckGo's code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA.
StartPage
StartPage provides search results from Google and protects your privacy at the same time. To protect your privacy they don’t record your IP address, they don’t collect personal information about you, and they don’t place identifying cookies on your browser.
Searx
Searx is an open-source metasearch engine, aggregating the results of other search engines while not storing information about its users. No logs, no ads and no tracking.
Qwant
Qwant is a search engine with its philosophy based on two principles: no user tracking and no filter bubble. Qwant was launched in France in February 2013.
Videoconferencing
Jitsi
A set of free and open source applications made for secure online videoconferencing.
VPN
NordVPN
NordVPN is a robust virtual private network with an excellent collection of features, wrapped in a slick client that secures your online activities.
ExpressVPN
ExpressVPN is a subscription VPN providing deep anonymity in an intuitive, user-friendly package.
ProtonVPN
ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options.
Android
K-9 Mail
https://github.com/k9mail/k-9/releases
An open source email client for Android. It has many features including support for push IMAP, WebDAV, and multiple identities.
OpenKeychain
OpenKeychain together with K-9 Mail provides end-to-end email encryption.
Tor Browser
Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption and an advanced proxy.
Bromite
Bromite is a Chromium-based browser with security enhancement patches from GrapheneOS and other security-focused projects, built-in adblocking, and DNS over HTTPS support.
Secure Calendar
https://securecalendar.online/
Secure, end-to-end encrypted, and privacy respecting calendar
QKSMS
https://play.google.com/store/apps/details?id=com.moez.QKSMS
QKSMS is also completely ad-free and open source, the way your messaging app should be.
OpenTasks
https://play.google.com/store/apps/details?id=org.dmfs.tasks
An Open Source task app in Material Design
Linphone
Linphone is an open source VoIP application.
/e/
https://e.foundation/efoundation/
An open source, privacy-enabled smartphone operating system
LineageOS
LineageOS is a free and open source alternative operating system for smart phones, phablets, and tablets running Android. LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of the Android Open Source Project. It is the continuation of the CyanogenMod project.
SailfishOS
SailfishOS is a mobile operating system designed to be compatible with Android devices and chipsets.
Windows 10
If you want to preserve your privacy, avoid Windows 10 at all costs.
- Windows 10 includes data syncing by default. This includes:
- your browsing history, URLs you have typed, your favorites.
- our app settings
- Wifi hotspot names and your passwords for them.
- Windows 10 tags your device with a unique advertising ID. This setting is on by default.
- The unique ID is used to serve customized advertising to you.
- By default, Cortana, the virtual assistant that comes with Windows 10, is learning about you. It does this by collecting information about you such as:
- your search history
- your mic input
- your calendar entries
- your purchase history
- your credit card data
- your music preferences
- your keyboard stroke patterns
- According to Microsoft’s own privacy statement, the following types of data may be collected when you interact with a Microsoft product:
- your identity
- your passwords
- your demographics
- your interests
- your device and usage data
- your content
- your location
- your contacts and people you are connected to
- Microsoft can share your data with or without your consent.
- When you download Windows 10, you are giving Microsoft permission to share your data with any third party “with your consent or as necessary…”
Firefox: Privacy Related "about:config" Tweaks
This is a collection of privacy-related about:config tweaks. We'll show you how to enhance the privacy of your Firefox browser.
Preparation:- Enter "about:config" in the firefox address bar and press enter.
- Press the button "I'll be careful, I promise!"
- Follow the instructions below...
privacy.firstparty.isolate = trueA result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)
privacy.resistFingerprinting = trueA result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
privacy.trackingprotection.fingerprinting.enabled = true[FF67+] Blocks Fingerprinting
privacy.trackingprotection.cryptomining.enabled = true[FF67+] Blocks CryptoMining
privacy.trackingprotection.enabled = trueThis is Mozilla's new built-in tracking protection. It uses Disconnect.me filter list, which is redundant if you are already using uBlock Origin 3rd party filters, therefore you should set it to false if you are using the add-on functionalities.
browser.send_pings = falseThe attribute would be useful for letting websites track visitors' clicks.
browser.sessionstore.max_tabs_undo = 0Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu -> History -> Recently Closed Tabs.
browser.urlbar.speculativeConnect.enabled = falseDisable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. https://www.ghacks.net/2017/07/24/disable-preloading-firefox-autocomplete-urls/
dom.event.clipboardevents.enabled = falseDisable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
media.eme.enabled = falseDisables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. https://support.mozilla.org/kb/enable-drm#w_opt-out-of-cdm-playback-uninstall-cdms-and-stop-all-cdm-downloads
DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.
media.gmp-widevinecdm.enabled = falseDisables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. https://support.mozilla.org/kb/enable-drm#w_disable-the-google-widevine-cdm-without-uninstalling
media.navigator.enabled = falseWebsites can track the microphone and camera status of your device.
network.cookie.cookieBehavior = 1Disable cookies
- 0 = Accept all cookies by default
- 1 = Only accept from the originating site (block third-party cookies)
- 2 = Block all cookies by default
network.http.referer.XOriginPolicy = 2Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.) https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/
- 0 = Send Referer in all cases
- 1 = Send Referer to same eTLD sites
- 2 = Send Referer only when the full hostnames match
network.http.referer.XOriginTrimmingPolicy = 2When sending Referer across origins, only send scheme, host, and port in the Referer header of cross-origin requests. https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/
- 0 = Send full url in Referer
- 1 = Send url without query string in Referer
- 2 = Only send scheme, host, and port in Referer
They have moved to (https://www.privacytools.io/providers/dns/#icanndns ).
webgl.disabled = trueWebGL is a potential security risk. https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern
browser.sessionstore.privacy_level = 2This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. http://kb.mozillazine.org/Browser.sessionstore.privacy_level
- 0 = Store extra session data for any site. (Default starting with Firefox 4.)
- 1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before Firefox 4.)
- 2 = Never store extra session data.
network.IDN_show_punycode = trueNot rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/#more-42636
Need security/privacy related consulting for your company or security awareness training for your team?
Contact us and discover what we can do for you!
