Viewing a single comment thread. View all comments


invertedparrot wrote

I find using Tor Browser on I2P is viable. You just need to swap out the network proxy in the settings page from tor proxy port to i2p proxy port after every launch, and it works (not sure how to launch Tor Browser without having tor run in background as well, but it doesn't matter). There are so many privacy/anti-fingerprinting mods added to Tor Browser all the time that it is too laborious to keep up with including them all manually.

If you do want to wrangle with vanilla firefox, just make sure to create a separate i2p-only profile, so it's at least somewhat isolated from the main browsing profile, in case you miss something. There are sporadic guides online about various privacy-related about:config settings. Try finding which settings Tor Browser has changed away from default and emulate those. Do check out "privacy.resistFingerprinting" setting, which has been backported from Tor Browser into mainline firefox.

The problem I've had was tracking down all the ways that vanilla firefox tries to "phone home". This is less important for an i2p-only profile, since firefox would not be able to reach mozilla servers (unless you configure an i2p-clearnet proxy), but I feel "radio silence" it is still a good aim for a browser config. It's like playing wack-a-mole, Mozilla is pushing out new trackers faster than I can shut them down. At least Mozilla still leaves us the option through about:config to turn them off, which is more than other browsers do... Here are some of them:

app.shield.optoutstudies.enabled -> false
beacon.enabled -> false
browser.cache.disk.enable -> false # do not store temporary internet files on hard drive
browser.newtabpage.enabled -> false # do not send frequently-visited URLs to mozilla
browser.newtabpage.enhanced -> false
browser.onboarding.shieldstudy.enabled -> false
browser.safebrowsing.blockedURIs.enabled -> false # sends some URLs of visited websites to google
browser.safebrowsing.enabled -> false
browser.safebrowsing.downloads.enabled -> false
browser.safebrowsing.downloads.remote.enabled -> false # sends filenames/hashes of all downloads to google
browser.safebrowsing.downloads.remote.url -> ""
browser.safebrowsing.malware.enabled -> false
browser.safebrowsing.phishing.enabled -> false -> "" # phones home -> false # do not search-as-you-type
browser.selfsupport.url -> "" # do not send heartbeat to mozilla
datareporting.healthreport.uploadEnabled -> false
datareporting.healthreport.service.enabled -> false
dom.indexedDB.enabled -> false # supercookies used to be not cleared by "delete history"
extensions.getAddons.cache.enabled -> false
extensions.update.enabled -> false # update your addons manually, don't send out a personally-identifiable list of addon versions every hour
extensions.shield-recipe-client.enabled -> false # do not allow mozilla to stealthily push arbitrary addons/settings to your browser
extensions.shield-recipe-client.api_url -> ""
keyword.enabled -> false # do not search from address bar
media.eme.enabled -> false
media.peerconnection.enabled -> false # leaks local network configuration/IP
network.http.sendRefererHeader -> 0 # do not send referrer
network.IDN_show_punycode -> true
privacy.donottrackheader.enabled -> true # might as well...
privacy.trackingprotection.pbmode.enabled -> false
privacy.trackingprotection.enabled -> false # sends some URLs of visited websites to mozilla
services.settings.server -> "" # phones home
services.sync.enabled -> false

Also set all "getHashURL"/"reportURL"/"updateURL" and all other "URL" about:config settings that look like a google/mozilla server API address to an empty string, since firefox periodically contacts some of these servers even if the controlling service is set to disabled.