Browser Privacy

Your browser is your window to the internet. It’s also the primary tool corporations use to track you.

Every website you visit is watching:

  • What pages you view and for how long
  • What you click on and where your mouse moves
  • Your screen size, fonts, and timezone
  • Your browsing history through tracking cookies
  • Your real IP address and approximate location

This isn’t paranoia. This is how the modern web works. Websites embed tracking code from Google, Facebook, Amazon, and hundreds of data brokers. A single webpage can contact 50+ tracking domains before you see any content.

This week, you’ll harden Firefox to block this surveillance while keeping websites functional.

Why Firefox?

Linux Mint comes with Firefox pre-installed. We’re using Firefox because:

  • Open source — You can audit the code
  • Privacy-focused — Mozilla’s stated mission includes privacy
  • Highly configurable — You can modify behavior through about:config
  • Extension ecosystem — Best privacy extensions available
  • Multi-platform — Same setup works on Linux, Windows, macOS

Chrome and Edge are surveillance tools for Google and Microsoft. They collect your browsing data by design. Brave is better but has cryptocurrency baggage and a smaller extension ecosystem. Firefox strikes the right balance.

Understanding Browser Tracking

Before we block trackers, understand how they work:

Cookies and Third-Party Tracking

When you visit news-site.com, it loads:

  • Content from news-site.com (first-party)
  • Ads from google-ads.com (third-party)
  • Analytics from google-analytics.com (third-party)
  • Social widgets from facebook.com (third-party)

Each third-party domain sets cookies in your browser. When you visit shopping-site.com later, it also loads google-ads.com and facebook.com. They recognize your cookies and know you were on news-site.com. This builds a profile of everywhere you go.

First-party cookies — Set by the site you’re visiting (necessary for logins, shopping carts) Third-party cookies — Set by tracking companies embedded in websites (almost always tracking)

We’ll block third-party cookies.

Browser Fingerprinting

Even without cookies, websites can identify you through fingerprinting. Your browser reveals:

  • Screen resolution and color depth
  • Installed fonts
  • Timezone and language
  • CPU cores and memory
  • Installed plugins
  • Canvas and WebGL rendering (unique per GPU)
  • Audio API fingerprints

Combined, these create a unique “fingerprint.” A 2020 study found browsers were 99.24% unique and identifiable.

We’ll reduce your fingerprint’s uniqueness.

Tracking Scripts and Beacons

Websites load JavaScript from tracking companies that:

  • Records every click, scroll, and mouse movement
  • Takes screenshots of your session
  • Logs form inputs before you submit
  • Tracks how long you read each section

We’ll block these scripts while keeping sites functional.

Part 1: Firefox Privacy Settings

Let’s start by configuring Firefox’s built-in privacy features.

Open Firefox

In your Linux Mint VM:

  1. Click MenuInternetFirefox Web Browser
  2. Or press Super (Windows key) and type “firefox”

Privacy Settings

  1. Click the hamburger menu (three lines) in top-right
  2. Go to Settings
  3. Click Privacy & Security in the left sidebar

Now configure these settings:

Enhanced Tracking Protection

  • Change from “Standard” to Strict
  • This blocks:
    • Tracking cookies across sites
    • Cryptominers
    • Known fingerprinters
    • Social media trackers

Cookies and Site Data

  • Change to: Delete cookies and site data when Firefox is closed
  • This prevents long-term tracking
  • You’ll need to log in to sites each session (worth it)

Logins and Passwords

  • Uncheck “Ask to save passwords”
  • We’ll use a proper password manager in Week 4
  • Firefox’s password manager is less secure

History

  • Change “Firefox will:” to Use custom settings for history
  • Uncheck “Remember browsing and download history”
  • Check “Always use private browsing mode”
  • Click Restart Now

This makes every session private by default.

Address Bar

  • Uncheck “Shortcuts”
  • Uncheck “Sponsored shortcuts”
  • This stops Firefox from recommending sponsored content

Firefox Data Collection

Scroll to the bottom and uncheck everything:

  • Uncheck “Allow Firefox to send technical and interaction data to Mozilla”
  • Uncheck “Allow Firefox to install and run studies”
  • Uncheck “Allow Firefox to send backlogged crash reports on your behalf”

We support Firefox as a project, but don’t send telemetry.

HTTPS-Only Mode

  • Enable HTTPS-Only Mode in all windows
  • This forces encrypted connections
  • If a site only offers HTTP, you’ll see a warning

Part 2: Essential Privacy Extensions

Extensions add functionality to Firefox. These five are essential.

How to Install Extensions

  1. Click the hamburger menu → Add-ons and themes
  2. Click Extensions in the left sidebar
  3. Search for each extension by name
  4. Click Add to Firefox
  5. Click Add when prompted

Extension 1: uBlock Origin

Purpose: Block ads, trackers, and malware domains

Why: The most effective content blocker. Open source, actively maintained, blocks 90%+ of tracking.

After install:

  1. Click the uBlock Origin icon (red shield) in toolbar
  2. Click the gears icon (settings)
  3. Go to Filter lists tab
  4. Enable these additional lists:
    • ✅ EasyPrivacy
    • ✅ Peter Lowe’s Ad and tracking server list
    • ✅ AdGuard Tracking Protection
  5. Click Apply changes
  6. Click Update now

Extension 2: Privacy Badger

Purpose: Automatically learn and block trackers

Why: Uses algorithmic detection to find trackers that aren’t on block lists. Learns as you browse.

After install:

  • No configuration needed, it works automatically
  • The badger icon shows how many trackers were blocked on each page

Extension 3: ClearURLs

Purpose: Remove tracking parameters from URLs

Why: URLs often contain tracking tokens like ?utm_source=facebook&fbclid=.... ClearURLs strips these automatically.

After install:

  • No configuration needed
  • Works silently in the background

Extension 4: CanvasBlocker

Purpose: Prevent canvas fingerprinting

Why: Websites use the HTML5 Canvas API to generate unique fingerprints. CanvasBlocker adds random noise to make your fingerprint non-unique.

After install:

  1. Click the CanvasBlocker icon
  2. Go to Settings
  3. Enable Stealth mode (harder to detect)
  4. Enable Ask permission for canvas access — deny requests from unknown sites

Extension 5: Decentraleyes

Purpose: Block CDN tracking by serving common libraries locally

Why: Sites load libraries (jQuery, Bootstrap, etc.) from Google/Cloudflare CDNs. This lets CDNs track you. Decentraleyes serves these files locally from your browser instead.

After install:

  • No configuration needed
  • Check the icon to see CDN requests blocked

Part 3: Advanced Firefox Hardening

For maximum privacy, we’ll modify Firefox’s hidden settings through about:config. This disables telemetry and enables additional protections.

Access about:config

  1. Type about:config in the address bar
  2. Press Enter
  3. Click Accept the Risk and Continue

Don’t worry—you can’t break anything. We’ll only change safe settings.

Search and Modify Settings

For each setting below:

  1. Type the setting name in the search box
  2. Click the toggle button (if it’s true/false) or edit icon (if it’s a value)
  3. Change it to the value listed

Telemetry and Data Collection

toolkit.telemetry.enabled → false
toolkit.telemetry.unified → false
toolkit.telemetry.archive.enabled → false
datareporting.healthreport.uploadEnabled → false
datareporting.policy.dataSubmissionEnabled → false
browser.ping-centre.telemetry → false

Disable Pocket (Mozilla’s reading list service)

extensions.pocket.enabled → false

network.prefetch-next → false
network.dns.disablePrefetch → true
network.predictor.enabled → false

WebRTC IP Leak Protection

WebRTC can reveal your real IP even through a VPN:

media.peerconnection.enabled → false

Note: This breaks video calling sites (Zoom, Jitsi, etc.). Re-enable only when needed.

Resist Fingerprinting

privacy.resistFingerprinting → true

Important: This makes all Firefox users look more similar (same timezone, same screen size, same fonts). It may break some sites. If you encounter issues, toggle this off temporarily.

Disable Geolocation

geo.enabled → false

First-Party Isolation

privacy.firstparty.isolate → true

This separates cookies by domain, preventing cross-site tracking.

Referrer Header Control

When you click a link, browsers send a “Referer” header telling the destination where you came from. Limit this:

network.http.referer.XOriginPolicy → 2

2 means only send referrer to same-origin destinations.

Part 4: Testing Your Setup

Let’s verify your privacy configuration is working.

Test 1: Tracker Blocking

  1. Visit https://d3ward.github.io/toolz/adblock.html
  2. Click Start Test
  3. You should see 100% blocked or very close

If anything isn’t blocked, recheck your uBlock Origin filter lists.

Test 2: Browser Fingerprinting

  1. Visit https://coveryourtracks.eff.org/
  2. Click Test Your Browser
  3. Wait for results

What to look for:

  • “Your browser has a randomized fingerprint” (best)
  • “Your browser has a somewhat unique fingerprint” (acceptable)
  • “Your browser has a unique fingerprint” (needs improvement)

Check the detailed results:

  • ✅ “Blocking tracking ads” — should show YES
  • ✅ “Blocking invisible trackers” — should show YES
  • ⚠️ “Fingerprinting protection” — may show PARTIAL (this is hard to fully block)

Test 3: IP and DNS Leaks

  1. Visit https://ipleak.net/
  2. Check the results:
    • Your IP address shows (this is normal without a VPN)
    • DNS addresses should match your ISP or DNS provider
    • WebRTC leak test should show “Not leaking” or “Disabled”

We’ll add VPN protection in Week 6. For now, just verify WebRTC isn’t leaking.

Part 5: Using Your Hardened Browser

Your browser is now significantly more private. Here’s how to use it effectively:

Container Tabs (Built-in Firefox Feature)

Containers isolate websites from each other. Cookies from one container can’t track you in another container.

Enable Multi-Account Containers:

  1. Install the Firefox Multi-Account Containers extension
  2. Click the containers icon in toolbar (looks like boxes)
  3. Create containers for different purposes:
    • 🏠 Personal
    • 💼 Work
    • 🛒 Shopping
    • 🔓 Untrusted Sites

To open a link in a container:

  • Right-click a link → Open Link in New Container Tab

Example use case: Keep social media in a “Social” container so Facebook can’t track your shopping in the “Shopping” container.

Search Engines

Firefox defaults to Google Search. Google tracks every search you make.

Change to a private search engine:

  1. Go to SettingsSearch

  2. Change Default Search Engine to:

    • DuckDuckGo (recommended, US-based)
    • Startpage (uses Google results anonymously)
    • Brave Search (independent index, no Google)

  3. Scroll down and remove Google, Bing, Amazon, eBay

Bookmarks and Sync

Do not enable Firefox Sync unless you absolutely need it. Sync uploads your data to Mozilla’s servers (encrypted, but still leaves metadata).

Instead:

  • Manage bookmarks manually
  • Or export bookmarks to a file (Bookmarks → Manage Bookmarks → Import and Backup → Export)

Privacy Checkpoint

Your browser is now significantly hardened. Here’s what changed:

What you blocked:

  • Third-party tracking cookies
  • Advertising and analytics scripts
  • Fingerprinting attempts
  • Telemetry to Mozilla
  • WebRTC IP leaks

What you gained:

  • Private-by-default browsing
  • Automatic tracker blocking
  • Reduced fingerprint uniqueness
  • Local control of your data

Trade-offs:

  • Some websites may break (usually fixable)
  • You’ll log in to sites every session
  • Video calling sites need WebRTC re-enabled temporarily

Troubleshooting

A website isn’t loading or looks broken

Cause: uBlock Origin or Privacy Badger blocking required scripts.

Fix:

  1. Click the uBlock Origin icon
  2. Click the big power button to disable it for this site
  3. Refresh the page
  4. If it works now, you can selectively re-enable it

Or:

  1. Click the Privacy Badger icon
  2. Move sliders to green for the domain that’s broken
  3. Refresh

Video calls don’t work (Zoom, Meet, Jitsi)

Cause: We disabled WebRTC in about:config.

Fix:

  1. Go to about:config
  2. Search media.peerconnection.enabled
  3. Toggle to true
  4. Use video call
  5. Toggle back to false when done

I can’t log in to a website

Cause: “Delete cookies when Firefox is closed” setting.

Fix for specific sites you trust:

  1. Go to SettingsPrivacy & Security
  2. Under Cookies and Site Data, click Manage Exceptions
  3. Enter the website URL (e.g., https://protonmail.com)
  4. Click Allow
  5. Click Save Changes

Now this site’s cookies persist between sessions.

A site says I’m using an ad blocker

Response options:

  1. Ignore the message — Most sites still work
  2. Support the site directly — Pay for membership instead of viewing ads
  3. Temporarily disable uBlock — Only if you trust the site
  4. Find an alternative source — Many sites have competitors

Never disable your privacy protections permanently for a site demanding it.

Going Further (Optional)

Alternative Browsers

LibreWolf — Firefox fork with privacy hardening built-in

  • Pre-configured with all settings from this lesson
  • No telemetry, no Pocket, no Mozilla services
  • Available from https://librewolf.net/

Mullvad Browser — Built by Mullvad VPN, designed for anonymity

Tor Browser — Maximum anonymity through the Tor network

  • Routes traffic through encrypted relays
  • Hides your IP from websites
  • Very slow compared to normal browsing
  • We’ll cover this in Week 6

User-Agent Switching

Some sites serve different content based on your browser. You can pretend to be a different browser:

Extension: User-Agent Switcher and Manager

  • Lets you impersonate Chrome, Safari, mobile devices
  • Useful when sites claim “Firefox not supported”

Site-Specific Hardening

For high-security sites (banking, email, sensitive accounts):

  1. Use a dedicated container
  2. Manually enable uBlock Origin on hard mode
  3. Disable all non-essential extensions
  4. Use a separate browser profile (see Firefox Profile Manager)

What’s Next

You now have a privacy-hardened browser that blocks most tracking. Next week, we’ll secure your passwords with a password manager—because reusing passwords is the #1 way accounts get compromised.

Week 4 covers password managers, generating strong passwords, and securing your accounts.

Summary

This week you:

  • Configured Firefox’s built-in privacy settings
  • Installed five essential privacy extensions (uBlock Origin, Privacy Badger, ClearURLs, CanvasBlocker, Decentraleyes)
  • Hardened Firefox through about:config modifications
  • Tested your browser’s fingerprint and tracker blocking
  • Learned to use container tabs for isolation

Your browser now protects you from the majority of web tracking. Combined with Linux from Week 2, you’re building a privacy-respecting foundation.

← Back to Week 2: Installing Linux

Continue to Week 4: Password Managers →