Addons - Karegohan-And-Kamehameha/privacyguide GitHub Wiki
This page contains a comprehensive list of addons that are recommended to enhance your privacy whilst browsing the internet. Alternatives for some of the addons are also provided, but for obvious reasons all of them could not be listed. By default the addons are listed for Waterfox with Pale Moon alternatives mentioned where relevant. If alternatives are listed, only use one of the addons mentioned in the section, the recommended addon is the one that starts the section.
A note on e10s: despite the popular belief, e10s is compatible with the vast majority of modern addons, including all of the addons mentioned in this part of the guide. However it is not turned on by default if you have any reasonable amount of extensions active. The reason for that is that the current policy states that it is only to be enabled if all of the active addons have been marked compatible, which is the case for only a small portion of extensions. Apart from the speed and smoothness gained from multiprocess, e10s is also beneficial for security, because it enables sandboxing of websites from the rest of the browser, a feature that is still in active development, but has partially been included in the latest releases. To disable e10s extension compatibility checks, set the extensions.e10sBlocksEnabling preference to false. To forcefully enable e10s despite any other possible incompatibilities, set the browser.tabs.remote.autostart preference to true and browser.tabs.remote.force-enable to true.
uBlock Origin
The most efficient ad blocker and tracker blocker in existence. Be sure to activate all of the lists relevant for your region and check the additional privacy enhancing settings in the dashboard. Also works with Pale Moon.
Alternatives:
Adblock Plus − a less efficient ad blocker that doesn't parse the lists properly before applying filters. The creators also engage in a shady policy of "acceptable ads" which is de facto blackmailing ad companies to pay them money in order to get ads whitelisted.
Adblock Latitude − a fork of Adblock Plus for Pale Moon. Without acceptable ads, but still not efficient.
Ghostery − a tracker blocker made by an ad company, that tracks you. To be avoided.
Disconnect, Privacy Badger, Waterfox built-in tracking protection − these are good tracker blockers, but they are not needed and will only slow down your browser if you are already using uBlock Origin with all of the relevant lists.
uMatrix
A granulated script blocker and content control manager from the authors of uBlock Origin. Probably the most important addon for security and privacy. Also works in Pale Moon.
Recommended settings: everything except css and images globally blocked by default, if websites don't load properly, unlock first party content and, if needed, other content sources one by one. Be sure to also enable blocking of hyperlink auditing and local storage deletion in the settings and activate the hosts files for blocking trackers and malware.
In this repository you will find a list of global uMatrix rules which blocks known trackers, ad networks and social media globally and allows known CDNs, APIs, and video playback websites, but blocks their cookies. Their tracking capabilities can be neutralized by using Decentraleyes. Google is also allowed globally because blocking it would break ReCaptcha on many websites. If you wish to use any of the blocked websites, you can disable strict blocking by creating local rules.
Alternatives:
RequestPolicy Continued − a content source manager without diversification by types of content. It was useful before uMatrix got ported to Firefox, but has lost its uses since.
Policeman − a powerful content control manager that has most of the functionality of uMatrix, but without the matrix interface.
NoScript
While much less powerful at granular content control than uMatrix, it has some additional capabilities of protection against XSS, cross-zone DNS attacks and clickjacking, as well as a website boundaries control module that acts like a sandbox for websites. Can be used in conjunction with uMatrix to take advantage of these additional security features. In case of such use, it is recommended to allow scripts globally in NoScript and use uMatrix for script control.
HTTPS Everywhere
An addon by the EFF that redirects http websites to their https versions where supported. It also contains an SSL observatory that verifies the integrity of https certificates within the browser.
Pale Moon alternative: Encrypted Web
Alternatives:
Smart HTTPS − unlike HTTPS Everywhere that uses a whitelist, this addon attempts to connect to every website via https and reverts back to http if the website doesn't load correctly. Despite the information mentioned in the header, this addon can be used together with HTTPS Everywhere, but it may break the functionality of websites and is therefore not recommended.
SSleuth
This addon inspects the security of https certificates and provides a quick and easy way to see if your connection is truly secure by providing a rating. Also allows more detailed inspection of the used protocols.
Pale Moon alternative: CipherFox − not as intuitive as SSleuth and requires basic knowledge of crypto to understand, but performs the same function.
Note: it is possible to install an older version of SSleuth on Pale Moon, but that is not recommended, because the aforementioned version does not identify the protocols correctly and will only cause confusion.
Alternatives:
Calomel SSL Validation − does the same thing as SSleuth, but with a less intuitive interface.
Decentraleyes
Decentraleyes provides local alternatives to libraries that are usually hosted on CDNs that may track you. An easy install and forget extension that protects your privacy and speeds up browsing.
Pale Moon version
CanvasBlocker
Blocks browser fingerprinting that uses the HTML5 canvas API by spoofing or blocking the readouts.
Pale Moon alternative: no addon required, set canvas.poisondata to true in about:config.
Self-Destructing Cookies
Deletes cookies that were set by websites which are no longer used. Has two whitelists which can keep cookies from selected websites for the session or forever.
Pale moon alternatives: Cookies Exterminator, Crush Those Cookies
Cookies Manager+
An advanced cookie manager that allows users to find, view, edit and change the parameters of cookies. Also works in Pale Moon.
Flagfox
An addon that shows the flag of the country where the website is hosted in the address bar. Important for recognizing websites hosted in US, UK and Fourteen Eyes Countries. Also works in Pale Moon.
FlashHider
FlashHider hides the presence of Flash in your browser from websites that are not whitelisted in its settings. FlashHider does not replace a content blocker, because it doesn't block flash from running, but only hides its presence. It is useful to avoid being fingerprinted by the flash version installed and to force websites to use HTML5, if supported. Obviously, only required for those who have Flash installed. Also works in Pale Moon.
FoxyProxy Standard
The most advanced and feature rich proxy manager extension. Supports multiple http, https and socks proxies with advanced rules. Also works in Pale Moon.
Alternatives: there are many, many simpler proxy managers on AMO, many of which try to fetch lists automatically or are not vendor neutral, but unless the addon is made by your VPN provider, they are not recommended for use due to both lesser functionality and often privacy concerns.
Smart Referer
Spoofs the referrer when visiting links that lead to third party websites to prevent them from knowing where you came from. Also works in Pale Moon.
Alternatives:
RefControl − while RefControl does seem to have a more ergonomic interface, the way it handles spoofing often breaks websites with content hosted on third party servers, such as videos and requires those to be fixed manually.
Waterfox built-in network.http.referer.XOriginPolicy preference − has the same problems as RefControl and does not include a whitelist, which makes fixing broken websites impossible.
Random Agent Spoofer
An addon that allows users to spoof the useragent of their browser including additional options that can be detected via JavaScript. Comes with a ton of additional features and options, many of which save users the trouble of tweaking about:config options.
In Pale Moon v0.9.5.5 can be installed using the Moon Tester Tool.
Note: rotating the profiles too often may cause the useragent and the JavaScript parameters to not match, it is therefore recommended to limit the amount of rotations to higher time frames.
Warning: websites that use JavaScript will still be able to determine your real useragent via headers if additional parameters are not spoofed, which means that spoofing your useragent globally is only going to make it easier for them to fingerprint you. Luckily, Random Agent Spoofer covers this by spoofing all the other stuff too.
Warning 2: spoofing the useragent to a different browser engine or OS may cause websites to display incorrectly.
Alternatives:
User-Agent Switcher, Blender, et cetera − due to the two warnings mentioned above, these addons are not recommended because they spoof the useragent globally.
UAControl − spoofs the useragent on a per-site basis, but doesn't have the ability to spoof JavaScript detection.
Modify Headers − adds the ability to modify headers manually. Theoretically capable of doing what Random Agent Spoofer does, but much less convenient.
Pure URL
Pure URL cleans junk fields from links that can be used to track you. Examples of such fields include utm_source, utm_medium, utm_term, utm_content, utm_campaign, but the list is open and easily customizable.
Can be installed in Pale Moon using the Moon Tester Tool.
Keefox
The most feature rich addon that helps integrate the KeePass password manager with Waterfox. Capable of generating passwords on the go, saving entered passwords and automatically logging into websites. It is extremely important to create unique and strong passwords for every website in order to stay secure and protect your privacy and KeePass seems to be the best solution for this problem.
Pale Moon alternatives:
v1.4.8.1 works in Pale Moon, sadly, it is much poorer in terms of features than the newer versions and can not exist in parallel with the newer version installed in Waterfox.
PassIFox works in Pale Moon and can coexist with Keefox, but it is very simple and doesn't have nearly as many features.
Another alternative method of using KeePass in Pale Moon involves installing an addon that makes the title bar display the URL of the website and a KeePass plugin that matches the URL field of the saved entries for autofill.
Alternatives:
LastPass, Blur − addons that store the passwords databases on their servers. Even considering the databases are encrypted, storing your passwords on a third party server is not a good idea, because it provides additional attack vectors for attackers and may allow government agencies to subpoena these services to decrypt your passwords and compromise your security.
Honorable mentions
Extensions in these category may be helpful, but have limited use cases and are therefore not recommended for everyday use.
Priv8 − provides sandboxes for tabs opened via the extension interface. May be useful when using multiple accounts of a service, but does not improve privacy when content policy is properly configured globally (using uMatrix, for example). Especially considering that recent versions of Waterfox already support similar functionality using Tab Containers.
Test Pilot Containers − the Containers feature of Mozilla's test pilot experiments can increase the privacy of browsing by allowing tabs to run in containers with separate cookies and even enforce certain websites to always run in the container, which can be a great policy for using websites such as Facebook and Twitter, which track you across the web. It is going to be a great feature in the future, but currently the Test Pilot sends too much data to Mozilla to be recommended for privacy purposes.
BetterPrivacy − deletes Flash LSOs on a periodic basis. Even if you have Flash enabled, it is highly recommended that you disable LSOs globally via the flash player settings, 99.9% of flash applications are going to work just fine with LSOs disabled, making this extension unnecessary.
Privacy Settings − an addon that can quickly toggle some of the privacy settings mentioned in the corresponding section. Does not bring anything new to the table if you are already tweaking settings by hand, but can be useful for beginners.
Userscripts
Anti-adblock killer Reek
This userscript helps combat websites that employ techniques that prevent them from functioning when an ad blocking extension is detected. Meant to be used together with the corresponding ad blocking list.