Securing Firefox
Contents |
Introduction
Chaining a socks with proxychains/proxifier means forfeiting the protection of Torbutton, which leaves you open to browser fingerprinting.
Set everything up as you would at the point of entering card details (enable javascript & allow noscript), then run a test at http://ip-check.info (just cancel the pop-up).
You might get a nasty surprise at some of the info your browser is leaking. Admittedly some of it is a bit alarmist (they're trying to sell a product after all), but some are of genuine concern - particularly if you're trying to card the same site a few times.
I tend to use one browser (regular firefox) for only chaining proxies, and have found the following adjustments helpful. Please feel free to add to the list. http://check2ip.com is also a useful check for mismatches
about:config
- geo.enabled = false
- geo.wifi.uri = [leave blank]
- network.http.accept.default = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- network.http.use-cache = false
- network.http.keep-alive.timeout = 600
- network.http.max-persistent-connections-per-proxy = 16
- network.proxy.socks_remote_dns = true
- network.cookie.lifetimePolicy = 2
- network.http.sendRefererHeader = 0
- network.http.sendSecureXSiteReferrer = false
- network.protocol-handler.external = false [set the default and all the subsettings to false]
- network.protocol-handler.warn-external = true [set the default and all the subsettings to true]
- network.http.pipelining = true
- network.http.pipelining.maxrequests = 8
- network.http.proxy.keep-alive = true
- network.http.proxy.pipelining = true
- network.prefetch-next = false
- browser.cache.disk.enable = false
- browser.cache.offline.enable = false
- browser.sessionstore.privacy_level = 2
- browser.sessionhistory.max_entries = 2
- browser.display.use_document_fonts = 0
- intl.charsetmenu.browser.cache = ISO-8859-9, windows-1252, windows-1251, ISO-8859-1, UTF-8
- dom.storage.enabled = false
- extensions.blocklist.enabled = false
Other Settings
- Disable all plugins [tools -> addons -> plugins]
- Disable all live bookmarks [bookmarks -> bookmarks toolbar -> R/click latest headlines -> delete]
- Disable all updates [tools -> options -> advanced -> update]
- Enable 'do not track' feature [tools -> options -> privacy]
- Enable private browsing, configure to remember nothing & disable 3rd party cookies. [tools -> options -> privacy]
Useful add-ons
- BetterPrivacy
- Close n forget
- Ghostery
- Https-Everywhere
- Modify Headers
- NoScript
- RefControl
- User Agent Switcher
Reference
Internal Link: Carding Setup (Firefox)