Firefox

From Organic Design wiki
Revision as of 21:07, 3 October 2019 by Nad (talk | contribs) (Secure browsing)

Mozilla Firefox is a graphical web browser developed by the Mozilla Corporation, and a large community of external contributors. Firefox, officially abbreviated as Fx or fx and popularly abbreviated FF, started as a fork of the Navigator browser component of the Mozilla Application Suite. Firefox has replaced the Mozilla Suite as the flagship product of the Mozilla project, under the direction of the Mozilla Foundation.

Mozilla's conditions for use of their trademarked names require that distro's using their products clear any patches with them first, but in Debians view this compromised their own strict security measures so rather than this they opted to change the branding of the products. Debian's fork of Firefox is Iceweasel.

Firefox is our choice of web-browser here at Organic Design, and this article lists the extensions and configurations we like to include with it.

Note however, that browsers are inherently risky by the fact that any site you may visit can contain malicious code, and you are also trusting all your installed extensions. For this reason it's a very good idea to install FireJail which gives you super easy sandboxing capability. See below for more detail.


Addons

Secure browsing

It's becoming more and more important to ensure that you make your browsing data available to those providing your connection. This is not only important for when you're browsing through public Wifi connections or at hotels etc, but you can't trust any of the ISPs with your data nowadays either. There are plenty of freely available VPN options such as Express VPN and Hide.Me, but another simple way if you work with remote servers and regularly use Secure Shell is to use one of your servers as a local proxy server to browse through.

For example connecting to your remote server using Secure Shell with the following command. This means that all that can be seen by your connectivity provider is a secure shell tunnel. Here, PORT is the local port number you'd like to open to browse through, and USER@HOST is your remote server details.

ssh -fnNTCD PORT USER@HOST

This will open a local connection on PORT that you then configure your browser to use for it's network connection using the SOCKS5 proxy protocol. See the SSH article for more details on what the options means and some additional server options you may like to use.

Firejail

Browsing the web is getting more and more dangerous as hacks get more sophisticated, browsers get more complicated and our personal information gets more important and valuable. We prefer to run our browsers in a "sandbox" which means that only a small part of the system is visible to them. It's very similar to running the browser in a virtual box where they're the only application installed. We use FireJail which is based on Linux namespaces. FireJail comes with hundreds of presets for known applications, so launching a well-known application like Firefox inside FireJail is simply a matter of preceding the application name with firejail, e.g.

firejail firefox

Of course, we don't want to type that every time we want to launch a browser though, so you need to locate your launchers and precede the command in the Exec field with firejail. To find your launchers, search for all files with "firefox" in their name and having the "desktop" extension:

find / -name "*firefox*.desktop"

You'll be able to to see that the browser now has limited access to the system, if you opening a file and navigating around the directory tree, you should see that most directories are empty and your home directory contains only Downloads and Desktop. Also you can check what applications are being run within Firejail at any time:

firejail --list or firejail --tree

Finally, you may want to whitelist some specific file locations if you're used to opening or saving local files from locations other than the desktp or the Downloads folder. For example, I like my browser to have full access to my Pictures folder. To do this add the following option to you firejail command before the name of the program you wish to launch.

firejail --whitelist=~/Pictures firefox

Disable page prefetching

Firefox downloads webpages from links it thinks you may click. This may make the experience seem faster but really it just bogs down Firefox and your netbook, and for SSD users is an important "feature" to disable to improve the drive's lifespan. Type about:config in the address bar, then set network.prefetch-next to false. The DNS cache times may be too short if your on a really slow connection too.

Language

Install the en_GB languages and if en_US keeps re-establishing itself as the default, you can forcefully remove the en_US* files from /usr/lib/xulrunner-*/dictionaries/.

Firebug tutorials

Note.svg Note: Firefox Developer Edition is now used instead of the Firebug extension.

Firebug is a must-have extension for web-developers, here's a list of useful documentation and tutorials on the Firebug extension.

Developing custom addons

Addons in Firefox are written in JavaScript. Getting initially up and running writing your own addons is surprisingly easy, just start with the docs here and go through their guide to install the SDK and use the cfx utility to test your addon in a separate Firefox instance and then to package it up as an xpi for installation. The SDK is divided into high-level and low-level APIs where the former have stable interfaces and the latter are for more low-level control but their interfaces may undergo change.

See also